Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/aNT6wimkshbqVB1V5Q1pXcWrHPA.roa
File: aNT6wimkshbqVB1V5Q1pXcWrHPA.roa (raw, json)
Hash identifier: ZtCk0Ml1mg37SovzS8O5xFvW8o5qnap7odDixLSgaeo=
Subject key identifier: 68:D4:FA:C2:29:A4:B2:16:EA:54:1D:55:E5:0D:69:5D:C5:AB:1C:F0
Certificate issuer: /CN=2f54875dbe30be4f7fc44a0468b51b178edf64e6
Certificate serial: 018CCA2A87FCDB2C229F9FC535C18CDF40D2
Authority key identifier: 2F:54:87:5D:BE:30:BE:4F:7F:C4:4A:04:68:B5:1B:17:8E:DF:64:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1SHXb4wvk9_xEoEaLUbF47fZOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/aNT6wimkshbqVB1V5Q1pXcWrHPA.roa
Signing time: Tue 02 Jan 2024 12:33:54 +0000
ROA not before: Tue 02 Jan 2024 12:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210104
IP address blocks: 85.115.212.0/22 maxlen: 22
93.177.88.0/22 maxlen: 22
185.215.75.0/24 maxlen: 24
185.215.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/L1SHXb4wvk9_xEoEaLUbF47fZOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/L1SHXb4wvk9_xEoEaLUbF47fZOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/L1SHXb4wvk9_xEoEaLUbF47fZOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:87:fc:db:2c:22:9f:9f:c5:35:c1:8c:df:40:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f54875dbe30be4f7fc44a0468b51b178edf64e6
Validity
Not Before: Jan 2 12:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68d4fac229a4b216ea541d55e50d695dc5ab1cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3f:fe:41:e3:2c:52:4a:e6:48:46:69:7e:39:
ec:ba:50:ec:c2:44:07:64:4a:e8:5d:0c:75:98:38:
29:2a:c0:87:bc:f0:38:72:5c:97:28:33:36:fd:e2:
b7:ad:be:30:4a:90:6a:6d:35:7f:af:39:bb:08:1c:
07:a8:2c:a0:b4:77:cf:fc:33:de:33:d7:f3:ac:21:
ef:e0:b6:d2:74:06:af:33:37:5c:fe:b0:39:14:5f:
cd:70:08:70:ce:15:e3:6b:6a:45:eb:de:c2:b6:31:
6a:85:fc:ad:68:08:bd:18:bc:df:35:20:43:3a:e2:
10:5a:91:b7:b0:75:69:ba:ab:5c:3b:2c:f9:d2:3a:
3c:54:79:71:fc:8f:d3:e0:54:33:45:c2:ae:dd:42:
44:63:d5:af:5e:f4:7b:0a:02:53:c8:83:0b:20:71:
3e:02:38:c2:ab:59:52:19:16:f9:d6:f1:6b:b1:70:
b3:66:75:d7:54:e7:73:4b:02:b8:2a:f5:35:e0:87:
b7:42:bd:4b:3b:b3:cb:ab:c4:f0:3d:90:b9:c6:5a:
1a:a9:ce:a2:41:78:a4:e3:7d:0c:c5:55:c8:ed:26:
3c:38:4e:be:13:99:1b:51:1d:ec:75:26:7d:92:69:
f1:6a:93:9b:5c:4d:79:b2:67:dd:95:71:3f:1a:4c:
4f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D4:FA:C2:29:A4:B2:16:EA:54:1D:55:E5:0D:69:5D:C5:AB:1C:F0
X509v3 Authority Key Identifier:
keyid:2F:54:87:5D:BE:30:BE:4F:7F:C4:4A:04:68:B5:1B:17:8E:DF:64:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1SHXb4wvk9_xEoEaLUbF47fZOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/aNT6wimkshbqVB1V5Q1pXcWrHPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/L1SHXb4wvk9_xEoEaLUbF47fZOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.212.0/22
93.177.88.0/22
185.215.74.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:9e:69:a3:c3:ac:cc:5c:95:24:dc:a4:84:84:31:88:ad:ed:
c5:c3:61:00:90:94:02:fc:1f:61:55:af:f6:6c:a9:50:f7:2d:
a7:60:b3:ed:ab:c3:fd:8e:8d:f9:f4:ef:36:fc:7f:8f:1a:22:
50:64:e9:7c:a3:d5:79:59:f3:ee:3e:f8:75:18:c5:fb:7a:9d:
a7:55:c4:7c:4d:a6:de:8b:a9:fd:2c:22:92:5a:d8:ea:6c:e1:
67:b7:3c:d3:fc:b3:20:55:17:0f:aa:6f:f3:dd:26:96:ae:e9:
7e:26:75:a3:9a:50:03:8f:62:82:c8:97:1b:be:0e:9a:cb:c5:
7f:67:12:32:3c:47:57:b4:f0:91:68:1e:94:19:db:d6:d0:b5:
a3:fd:fd:70:0b:94:42:58:6f:3b:b6:e1:11:d3:5f:e5:7a:5a:
c7:20:64:2b:d8:0b:df:12:52:e9:ef:95:43:f3:bf:7d:c7:db:
17:e8:1c:01:11:d3:fb:3e:f2:ec:09:f0:0f:7a:2a:df:e2:03:
0f:df:3a:74:80:1d:35:89:ab:ea:10:dd:42:04:2a:fb:29:87:
8a:e3:5d:a8:c4:df:01:4d:7f:d6:0a:4f:37:94:8a:fa:6f:36:
ce:e2:55:f7:81:95:09:c9:1c:77:97:67:f5:9b:82:3a:1c:da:
bc:7d:ce:51
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKof82ywin5/FNcGM30DSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNTQ4NzVkYmUzMGJlNGY3ZmM0NGEwNDY4YjUxYjE3OGVk
ZjY0ZTYwHhcNMjQwMTAyMTIzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQ0ZmFjMjI5YTRiMjE2ZWE1NDFkNTVlNTBkNjk1ZGM1YWIxY2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz/+QeMsUkrmSEZpfjnsulDswkQH
ZEroXQx1mDgpKsCHvPA4clyXKDM2/eK3rb4wSpBqbTV/rzm7CBwHqCygtHfP/DPe
M9fzrCHv4LbSdAavMzdc/rA5FF/NcAhwzhXja2pF697CtjFqhfytaAi9GLzfNSBD
OuIQWpG3sHVpuqtcOyz50jo8VHlx/I/T4FQzRcKu3UJEY9WvXvR7CgJTyIMLIHE+
AjjCq1lSGRb51vFrsXCzZnXXVOdzSwK4KvU14Ie3Qr1LO7PLq8TwPZC5xloaqc6i
QXik430MxVXI7SY8OE6+E5kbUR3sdSZ9kmnxapObXE15smfdlXE/GkxPCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGjU+sIppLIW6lQdVeUNaV3FqxzwMB8GA1UdIwQY
MBaAFC9Uh12+ML5Pf8RKBGi1GxeO32TmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDFTSFhiNHd2azlfeEVvRWFMVWJGNDdmWk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kYTUzYjktZGNhNS00OTVkLTg3NjMt
YmZlYTYxYjc3MGI2LzEvYU5UNndpbWtzaGJxVkIxVjVRMXBYY1dySFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kYTUzYjktZGNhNS00OTVkLTg3NjMtYmZlYTYxYjc3MGI2
LzEvTDFTSFhiNHd2azlfeEVvRWFMVWJGNDdmWk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVXPUAwQC
XbFYAwQBuddKMA0GCSqGSIb3DQEBCwUAA4IBAQBKnmmjw6zMXJUk3KSEhDGIre3F
w2EAkJQC/B9hVa/2bKlQ9y2nYLPtq8P9jo359O82/H+PGiJQZOl8o9V5WfPuPvh1
GMX7ep2nVcR8Tabei6n9LCKSWtjqbOFntzzT/LMgVRcPqm/z3SaWrul+JnWjmlAD
j2KCyJcbvg6ay8V/ZxIyPEdXtPCRaB6UGdvW0LWj/f1wC5RCWG87tuER01/lelrH
IGQr2AvfElLp75VD8799x9sX6BwBEdP7PvLsCfAPeirf4gMP3zp0gB01iavqEN1C
BCr7KYeK412oxN8BTX/WCk83lIr6bzbO4lX3gZUJyRx3l2f1m4I6HNq8fc5R
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:19:36 2024 by rpki-client on console-ams.rpki-client.org