Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dnuAnJDPUA8_caeAfRl-aziFYpA.roa
File: dnuAnJDPUA8_caeAfRl-aziFYpA.roa (raw, json)
Hash identifier: L7P7bgIgNQZTw2/T8dQuEGbfrwJeWtPx1JNd7b8J/Zs=
Subject key identifier: 76:7B:80:9C:90:CF:50:0F:3F:71:A7:80:7D:19:7E:6B:38:85:62:90
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018CC8012A7A24E1BBC40BD84964AB8D8F09
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dnuAnJDPUA8_caeAfRl-aziFYpA.roa
Signing time: Tue 02 Jan 2024 02:29:28 +0000
ROA not before: Tue 02 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42979
IP address blocks: 85.254.1.0/24 maxlen: 24
85.254.3.0/24 maxlen: 24
2a02:610:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:2a:7a:24:e1:bb:c4:0b:d8:49:64:ab:8d:8f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 2 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=767b809c90cf500f3f71a7807d197e6b38856290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:cf:7d:57:0f:5f:6c:00:e7:d3:50:de:9b:da:
e7:95:4d:3a:a8:a8:bb:53:ea:aa:23:c4:2b:31:ee:
48:bb:65:df:b4:49:37:ab:2c:fd:ce:48:63:21:9f:
70:0e:bb:33:41:1f:03:39:12:a8:42:9f:04:1e:de:
e5:83:91:e5:a4:5b:e7:40:07:22:a7:2a:a5:80:be:
17:f9:dc:07:8c:6e:8a:2d:56:6c:4e:25:83:29:fc:
69:b6:4c:a5:0b:99:10:c8:9e:bc:c8:92:c2:23:3c:
ff:78:3c:37:a8:a0:47:4a:aa:74:b9:58:96:ff:c4:
dc:ca:53:49:9a:b3:f6:1f:2a:00:0a:dd:68:d9:70:
1e:52:44:85:d0:0b:ac:1a:11:4d:ac:aa:76:f7:38:
53:fb:6e:f9:82:92:10:de:7b:c0:f2:0b:b0:c2:19:
b3:d7:5e:42:eb:cc:f7:83:53:05:44:be:2d:3a:a2:
36:5e:b6:82:2c:fb:5b:73:3f:ef:99:82:9b:53:9f:
26:d7:0e:08:dc:46:ac:30:a9:cc:e1:9a:da:04:2c:
d7:6c:95:8d:c3:d2:01:d3:26:8c:fd:b8:cb:9d:ee:
18:6d:5a:e8:f3:2c:06:6b:df:48:d0:90:36:71:8f:
ca:c9:85:e6:3d:bc:45:30:a3:0d:2b:c5:e0:43:2c:
68:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:7B:80:9C:90:CF:50:0F:3F:71:A7:80:7D:19:7E:6B:38:85:62:90
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/dnuAnJDPUA8_caeAfRl-aziFYpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.1.0/24
85.254.3.0/24
IPv6:
2a02:610:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
5f:88:9a:70:17:97:1b:91:f6:eb:c1:35:0b:ab:20:75:8e:7b:
13:ea:44:b8:54:c3:de:72:49:e1:6d:50:5a:29:16:1c:82:33:
0c:d2:29:57:65:e7:5d:e6:b3:9f:2d:39:4f:ad:83:c0:bb:ac:
cf:f9:6c:0c:1b:ee:4d:68:09:8e:11:0f:52:cb:4c:7a:83:3e:
13:a3:77:02:99:4c:e6:e4:77:4e:a9:c0:d0:2d:37:59:44:06:
6a:33:e8:c7:f2:06:ee:9f:e9:34:87:5d:14:aa:e0:76:53:0e:
80:e5:d4:81:69:26:b4:63:ae:87:b6:a2:3f:52:46:2e:6a:e2:
41:14:0e:be:0d:57:2f:84:4e:4b:e1:1c:83:f6:42:16:4a:2a:
73:4f:03:f2:5b:0d:37:bb:8b:7c:21:03:13:c1:84:87:65:a0:
9d:06:51:fc:22:ff:91:4c:0e:d6:ef:14:b7:0b:7d:5b:da:68:
b4:a5:ff:2f:22:8b:41:7f:2a:46:17:92:d7:b5:2d:70:43:9c:
ff:39:5e:37:c6:b0:79:e5:f9:16:a0:09:b8:6f:c5:05:a6:e3:
92:f8:0d:71:f4:d1:8d:96:21:c2:78:65:2b:83:b2:b0:5a:ff:
56:97:d6:bf:e6:a9:0e:c9:20:61:48:04:19:06:13:74:93:a4:
a8:a1:e1:ef
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIASp6JOG7xAvYSWSrjY8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMTAyMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjdiODA5YzkwY2Y1MDBmM2Y3MWE3ODA3ZDE5N2U2YjM4ODU2MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh899Vw9fbADn01Dem9rnlU06qKi7
U+qqI8QrMe5Iu2XftEk3qyz9zkhjIZ9wDrszQR8DORKoQp8EHt7lg5HlpFvnQAci
pyqlgL4X+dwHjG6KLVZsTiWDKfxptkylC5kQyJ68yJLCIzz/eDw3qKBHSqp0uViW
/8TcylNJmrP2HyoACt1o2XAeUkSF0AusGhFNrKp29zhT+275gpIQ3nvA8guwwhmz
115C68z3g1MFRL4tOqI2XraCLPtbcz/vmYKbU58m1w4I3EasMKnM4ZraBCzXbJWN
w9IB0yaM/bjLne4YbVro8ywGa99I0JA2cY/KyYXmPbxFMKMNK8XgQyxo2wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHZ7gJyQz1APP3GngH0Zfms4hWKQMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZG51QW5KRFBVQThfY2FlQWZSbC1hemlGWXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAVf4BAwQA
Vf4DMA8EAgACMAkDBwAqAgYQ//8wDQYJKoZIhvcNAQELBQADggEBAF+ImnAXlxuR
9uvBNQurIHWOexPqRLhUw95ySeFtUFopFhyCMwzSKVdl513ms58tOU+tg8C7rM/5
bAwb7k1oCY4RD1LLTHqDPhOjdwKZTObkd06pwNAtN1lEBmoz6MfyBu6f6TSHXRSq
4HZTDoDl1IFpJrRjroe2oj9SRi5q4kEUDr4NVy+ETkvhHIP2QhZKKnNPA/JbDTe7
i3whAxPBhIdloJ0GUfwi/5FMDtbvFLcLfVvaaLSl/y8ii0F/KkYXkte1LXBDnP85
XjfGsHnl+RagCbhvxQWm45L4DXH00Y2WIcJ4ZSuDsrBa/1aX1r/mqQ7JIGFIBBkG
E3STpKih4e8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:32 2024 by rpki-client on console-fra.rpki-client.org