Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/djSLTfK9PO0enMJn0z3yCe4XjO4.roa
File: djSLTfK9PO0enMJn0z3yCe4XjO4.roa (raw, json)
Hash identifier: p0jlIszfQYUDPXSbxFePnle5k85Oo9hQkK8F7tn92tY=
Subject key identifier: 76:34:8B:4D:F2:BD:3C:ED:1E:9C:C2:67:D3:3D:F2:09:EE:17:8C:EE
Certificate issuer: /CN=23aee94d0fff6c6c752a6942ffa962ae37c7e6b6
Certificate serial: 018CC72573A9D5EDCB4989205A76C113C7A7
Authority key identifier: 23:AE:E9:4D:0F:FF:6C:6C:75:2A:69:42:FF:A9:62:AE:37:C7:E6:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I67pTQ__bGx1KmlC_6lirjfH5rY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/djSLTfK9PO0enMJn0z3yCe4XjO4.roa
Signing time: Mon 01 Jan 2024 22:29:29 +0000
ROA not before: Mon 01 Jan 2024 22:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31037
IP address blocks: 185.101.16.0/24 maxlen: 24
185.101.16.0/22 maxlen: 22
185.101.17.0/24 maxlen: 24
185.101.19.0/24 maxlen: 24
185.101.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/I67pTQ__bGx1KmlC_6lirjfH5rY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/I67pTQ__bGx1KmlC_6lirjfH5rY.mft
rsync://rpki.ripe.net/repository/DEFAULT/I67pTQ__bGx1KmlC_6lirjfH5rY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:73:a9:d5:ed:cb:49:89:20:5a:76:c1:13:c7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23aee94d0fff6c6c752a6942ffa962ae37c7e6b6
Validity
Not Before: Jan 1 22:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76348b4df2bd3ced1e9cc267d33df209ee178cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8d:39:32:82:2d:85:c4:45:a5:2e:b3:3e:7a:
26:fc:4d:f4:18:41:46:e6:85:80:e1:37:b7:32:86:
fa:07:d5:1b:98:63:7b:61:7b:e2:69:15:f2:c3:fc:
15:d7:5c:16:f5:3f:35:49:87:2e:6d:b2:bb:2b:a1:
ad:7e:4a:d5:83:71:f9:40:ce:26:f1:cb:63:88:e9:
8f:39:43:b2:18:be:f4:e9:a6:c1:ae:35:6e:c5:17:
50:83:97:8a:f3:36:43:19:04:5a:7f:94:47:f0:02:
04:2d:7c:e2:7a:d2:82:1a:c0:72:18:9f:ba:14:e7:
97:15:72:40:97:02:99:93:79:4e:0a:6c:0c:9d:18:
47:17:5b:e5:ab:1a:a0:bf:e3:71:89:2d:eb:9e:b9:
d2:bb:16:b3:44:55:26:31:b3:c3:30:5d:fe:cc:6f:
de:0f:db:8e:4e:cd:d6:e8:21:c3:e9:29:fe:0a:fa:
4f:0f:4e:bd:4c:aa:da:9f:d3:52:be:dc:13:d0:e0:
12:42:0a:8c:fc:82:fa:e0:55:ef:c1:da:6d:46:82:
39:ae:04:3d:45:0e:63:98:22:7e:d7:62:d0:83:8a:
38:24:ec:a2:a5:b7:40:85:58:db:94:13:f3:de:c0:
93:28:09:ac:43:75:e0:d5:d2:53:26:44:a8:e1:ba:
8e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:34:8B:4D:F2:BD:3C:ED:1E:9C:C2:67:D3:3D:F2:09:EE:17:8C:EE
X509v3 Authority Key Identifier:
keyid:23:AE:E9:4D:0F:FF:6C:6C:75:2A:69:42:FF:A9:62:AE:37:C7:E6:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I67pTQ__bGx1KmlC_6lirjfH5rY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/djSLTfK9PO0enMJn0z3yCe4XjO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d70262-f87c-4126-af85-a31853e6997a/1/I67pTQ__bGx1KmlC_6lirjfH5rY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.16.0/22
Signature Algorithm: sha256WithRSAEncryption
88:10:17:f1:e5:21:dc:64:f7:8c:f7:b6:47:65:36:b9:55:5d:
bb:48:02:26:10:bc:57:99:a4:a0:81:5c:f1:e8:b2:d6:c7:e0:
f5:24:be:f1:d6:9c:87:04:8d:37:c9:d9:a2:4f:a9:96:75:ea:
79:5d:1e:72:3c:10:34:0e:1b:63:ea:2f:95:d7:ba:db:5f:66:
44:38:74:82:fb:51:14:a9:a6:cd:b6:4f:6b:ba:da:41:c6:c1:
86:b4:af:57:8f:2a:68:23:38:12:3f:62:84:9d:f1:c1:b3:0f:
dc:00:c8:c8:68:44:c0:14:38:0b:e6:e6:b8:e9:07:1d:c5:ad:
22:a8:85:d4:6c:d0:4e:2e:f4:4c:b2:3e:9a:e0:6a:9b:9b:5e:
4a:65:fe:2a:aa:81:41:a7:08:05:fb:2e:13:d4:9a:82:c4:94:
a0:07:14:7b:83:bc:b2:7e:65:a5:24:6e:72:86:be:a4:38:d7:
78:0b:a0:bc:9a:f3:3a:26:cd:0d:83:8f:aa:a3:0c:dc:c8:d1:
ee:1f:2e:fd:56:a9:9b:42:43:71:fa:98:ad:90:c5:13:59:c1:
1b:81:a8:92:81:1a:5c:97:1b:56:7d:93:a0:70:62:2a:a9:20:
16:85:08:a0:14:dc:1d:95:5f:d2:6b:dc:b7:61:d5:72:aa:82:
57:e8:de:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJXOp1e3LSYkgWnbBE8enMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYWVlOTRkMGZmZjZjNmM3NTJhNjk0MmZmYTk2MmFlMzdj
N2U2YjYwHhcNMjQwMTAxMjIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjM0OGI0ZGYyYmQzY2VkMWU5Y2MyNjdkMzNkZjIwOWVlMTc4Y2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk405MoIthcRFpS6zPnom/E30GEFG
5oWA4Te3Mob6B9UbmGN7YXviaRXyw/wV11wW9T81SYcubbK7K6GtfkrVg3H5QM4m
8ctjiOmPOUOyGL706abBrjVuxRdQg5eK8zZDGQRaf5RH8AIELXzietKCGsByGJ+6
FOeXFXJAlwKZk3lOCmwMnRhHF1vlqxqgv+NxiS3rnrnSuxazRFUmMbPDMF3+zG/e
D9uOTs3W6CHD6Sn+CvpPD069TKran9NSvtwT0OASQgqM/IL64FXvwdptRoI5rgQ9
RQ5jmCJ+12LQg4o4JOyipbdAhVjblBPz3sCTKAmsQ3Xg1dJTJkSo4bqO+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHY0i03yvTztHpzCZ9M98gnuF4zuMB8GA1UdIwQY
MBaAFCOu6U0P/2xsdSppQv+pYq43x+a2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTY3cFRRX19iR3gxS21sQ182bGlyamZINXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9kNzAyNjItZjg3Yy00MTI2LWFmODUt
YTMxODUzZTY5OTdhLzEvZGpTTFRmSzlQTzBlbk1KbjB6M3lDZTRYak80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9kNzAyNjItZjg3Yy00MTI2LWFmODUtYTMxODUzZTY5OTdh
LzEvSTY3cFRRX19iR3gxS21sQ182bGlyamZINXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWUQMA0G
CSqGSIb3DQEBCwUAA4IBAQCIEBfx5SHcZPeM97ZHZTa5VV27SAImELxXmaSggVzx
6LLWx+D1JL7x1pyHBI03ydmiT6mWdep5XR5yPBA0Dhtj6i+V17rbX2ZEOHSC+1EU
qabNtk9rutpBxsGGtK9XjypoIzgSP2KEnfHBsw/cAMjIaETAFDgL5ua46Qcdxa0i
qIXUbNBOLvRMsj6a4Gqbm15KZf4qqoFBpwgF+y4T1JqCxJSgBxR7g7yyfmWlJG5y
hr6kONd4C6C8mvM6Js0Ng4+qowzcyNHuHy79VqmbQkNx+pitkMUTWcEbgaiSgRpc
lxtWfZOgcGIqqSAWhQigFNwdlV/Sa9y3YdVyqoJX6N7X
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:39:10 2024 by rpki-client on console-ams.rpki-client.org