Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/pkIzYnZYAiZpDMw3QyybuXcIIBo.roa
File: pkIzYnZYAiZpDMw3QyybuXcIIBo.roa (raw, json)
Hash identifier: BzTN7uVULbMEnTQvzwIvdvdyzYqjcs5qf9dxIJA1CKY=
Subject key identifier: A6:42:33:62:76:58:02:26:69:0C:CC:37:43:2C:9B:B9:77:08:20:1A
Certificate issuer: /CN=845d042f65e1b1303a44e43e0e02748a75837b44
Certificate serial: 019030E816452EE57C75C57F46071B2EF2AB
Authority key identifier: 84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/pkIzYnZYAiZpDMw3QyybuXcIIBo.roa
Signing time: Wed 19 Jun 2024 14:30:34 +0000
ROA not before: Wed 19 Jun 2024 14:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12459
IP address blocks: 185.54.161.0/24 maxlen: 24
185.119.89.0/24 maxlen: 24
185.119.90.0/24 maxlen: 24
2a0c:bf80:5a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 02:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:30:e8:16:45:2e:e5:7c:75:c5:7f:46:07:1b:2e:f2:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845d042f65e1b1303a44e43e0e02748a75837b44
Validity
Not Before: Jun 19 14:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a642336276580226690ccc37432c9bb97708201a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c2:95:53:d8:de:ae:74:e9:e4:a0:06:3c:f2:
4f:7a:b5:30:0e:c6:1c:b0:8c:81:52:28:52:c2:cf:
a9:4f:80:ef:06:49:03:dd:d5:79:f2:14:ab:5a:e8:
90:f1:fe:88:d6:09:05:9b:93:a9:46:b3:95:be:68:
1a:d2:44:f6:72:10:d9:46:3b:c3:60:22:e9:82:a1:
11:e2:68:67:e3:de:ef:e8:ea:be:fc:54:e3:73:c8:
3e:e6:c5:fa:6b:af:db:05:79:6a:27:91:e8:82:e5:
6c:87:c4:ff:ff:01:39:04:0e:4d:75:ab:84:7a:2e:
2c:8b:fa:23:cd:e1:21:12:3d:3f:b9:50:bf:55:b7:
97:4f:cb:eb:e1:f1:b9:65:d2:e4:6b:8b:8c:ba:0f:
2a:e3:e7:98:50:79:7c:34:a8:f8:32:d0:5a:c9:65:
0c:c4:66:77:f3:e6:a3:b2:7d:80:a8:24:17:98:66:
8a:c8:56:c8:ca:66:d2:96:b7:76:66:0a:e9:52:8c:
5b:43:86:87:ee:d1:23:52:4a:5c:27:00:46:d7:85:
2a:b8:7e:0f:65:bd:e8:db:fd:f2:d9:38:d7:86:d7:
c1:1b:d5:a9:02:46:dd:7a:3f:01:a0:38:31:75:7d:
cd:82:7b:ec:fa:2d:5f:17:41:ef:30:ad:fd:6f:ce:
bf:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:42:33:62:76:58:02:26:69:0C:CC:37:43:2C:9B:B9:77:08:20:1A
X509v3 Authority Key Identifier:
keyid:84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/pkIzYnZYAiZpDMw3QyybuXcIIBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.161.0/24
185.119.89.0-185.119.90.255
IPv6:
2a0c:bf80:5a::/48
Signature Algorithm: sha256WithRSAEncryption
7d:0a:2a:87:f0:34:de:57:82:4e:4a:82:d2:d6:8c:c3:94:1f:
1c:aa:05:2f:39:b2:c1:db:48:6f:9f:84:5e:85:a0:db:4e:65:
8b:b7:d7:13:fb:ed:cb:5d:c0:a3:f5:93:10:30:b2:60:f0:05:
45:39:07:95:36:02:cc:7b:4b:44:8c:bf:c2:76:74:25:ee:fa:
36:f6:84:b8:b4:f3:cf:8d:99:a5:3d:15:62:3f:3d:07:df:45:
74:58:e8:17:a3:b0:70:a4:5e:6e:85:9f:4b:ef:99:95:ac:8d:
9f:98:81:4a:85:14:54:89:b0:51:9f:94:00:35:48:23:18:62:
8a:92:cb:35:ea:30:1f:6d:09:03:78:dc:f7:d1:12:41:f2:bc:
2f:a2:b3:6b:be:cd:33:b0:d6:65:ec:a6:e8:1c:18:93:94:fd:
46:ce:c6:94:25:88:a5:86:04:24:53:01:cf:fc:11:84:86:d4:
a6:4d:d9:7d:a7:c3:61:59:b6:22:9d:97:3e:3b:4e:ba:d1:ab:
11:43:21:12:9c:1a:8b:59:ba:1f:dc:fa:40:f9:f5:43:71:71:
ef:67:84:42:3b:6e:dd:3e:18:cb:3e:28:b5:35:4c:b6:88:47:
ca:d7:93:ee:11:9a:99:b8:7b:aa:d6:0c:d4:5f:c9:d3:fd:ee:
47:72:8e:4e
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZAw6BZFLuV8dcV/RgcbLvKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWQwNDJmNjVlMWIxMzAzYTQ0ZTQzZTBlMDI3NDhhNzU4
MzdiNDQwHhcNMjQwNjE5MTQzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjQyMzM2Mjc2NTgwMjI2NjkwY2NjMzc0MzJjOWJiOTc3MDgyMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8KVU9jernTp5KAGPPJPerUwDsYc
sIyBUihSws+pT4DvBkkD3dV58hSrWuiQ8f6I1gkFm5OpRrOVvmga0kT2chDZRjvD
YCLpgqER4mhn497v6Oq+/FTjc8g+5sX6a6/bBXlqJ5HoguVsh8T//wE5BA5NdauE
ei4si/ojzeEhEj0/uVC/VbeXT8vr4fG5ZdLka4uMug8q4+eYUHl8NKj4MtBayWUM
xGZ38+ajsn2AqCQXmGaKyFbIymbSlrd2ZgrpUoxbQ4aH7tEjUkpcJwBG14UquH4P
Zb3o2/3y2TjXhtfBG9WpAkbdej8BoDgxdX3Ngnvs+i1fF0HvMK39b86/uQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFKZCM2J2WAImaQzMN0Msm7l3CCAaMB8GA1UdIwQY
MBaAFIRdBC9l4bEwOkTkPg4CdIp1g3tEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgt
ZDhjMzUxZDkzZWM2LzEvcGtJelluWllBaVpwRE13M1F5eWJ1WGNJSUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgtZDhjMzUxZDkzZWM2
LzEvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAuTahMAwD
BAC5d1kDBAC5d1owDwQCAAIwCQMHACoMv4AAWjANBgkqhkiG9w0BAQsFAAOCAQEA
fQoqh/A03leCTkqC0taMw5QfHKoFLzmywdtIb5+EXoWg205li7fXE/vty13Ao/WT
EDCyYPAFRTkHlTYCzHtLRIy/wnZ0Je76NvaEuLTzz42ZpT0VYj89B99FdFjoF6Ow
cKReboWfS++ZlayNn5iBSoUUVImwUZ+UADVIIxhiipLLNeowH20JA3jc99ESQfK8
L6Kza77NM7DWZeym6BwYk5T9Rs7GlCWIpYYEJFMBz/wRhIbUpk3ZfafDYVm2Ip2X
PjtOutGrEUMhEpwai1m6H9z6QPn1Q3Fx72eEQjtu3T4Yyz4otTVMtohHyteT7hGa
mbh7qtYM1F/J0/3uR3KOTg==
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:09:28 2024 by rpki-client on console-fra.rpki-client.org