Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/1etTTR5Zupa-rEaJi22kBmuZ3M8.roa
File: 1etTTR5Zupa-rEaJi22kBmuZ3M8.roa (raw, json)
Hash identifier: SSaLAojgRGt43M1dfAkdoFdEtO+ZG6jzZq4/+c9t34o=
Subject key identifier: D5:EB:53:4D:1E:59:BA:96:BE:AC:46:89:8B:6D:A4:06:6B:99:DC:CF
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018CC5007243BA76666C09BEB1E1165F71AA
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/1etTTR5Zupa-rEaJi22kBmuZ3M8.roa
Signing time: Mon 01 Jan 2024 12:29:49 +0000
ROA not before: Mon 01 Jan 2024 12:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202131
IP address blocks: 185.52.172.0/23 maxlen: 32
2a04:c740::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 08:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:72:43:ba:76:66:6c:09:be:b1:e1:16:5f:71:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 1 12:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5eb534d1e59ba96beac46898b6da4066b99dccf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e9:c9:cd:e4:d1:da:b7:1c:0c:a1:ff:4e:72:
25:a2:20:37:f8:0a:57:0c:c7:0d:3a:93:45:13:6c:
29:98:56:72:64:f4:4c:78:f9:32:6d:5b:68:04:b0:
97:be:b5:71:91:0b:17:c4:77:3b:f9:14:5d:73:04:
85:37:5c:3a:26:17:1a:6a:24:0b:7c:e4:c6:13:8b:
c9:dc:33:c2:ec:81:12:b3:96:0b:ad:84:be:59:dc:
98:c1:68:32:08:8c:16:63:6d:50:7e:d7:dd:f0:72:
b0:ba:a2:5b:34:f4:97:05:d7:a5:27:5f:36:d9:61:
c2:80:09:89:b6:82:83:8a:22:db:25:c4:96:00:b6:
23:8e:35:44:10:3e:c2:e6:b0:82:54:60:a2:37:56:
83:d2:23:f4:6f:94:c8:eb:07:b4:06:68:28:e7:b9:
22:9c:d3:c0:eb:1a:ea:ae:e5:43:1f:c5:86:58:94:
74:8d:be:9a:06:e6:ee:48:a5:a8:e0:a8:00:92:ca:
f0:ec:38:d1:4a:80:d2:21:82:56:ce:8e:ac:cd:30:
cb:6e:f8:95:61:81:18:fe:46:be:94:cc:25:37:be:
d4:05:a4:1a:64:31:f0:d3:ef:fa:d5:ee:27:ae:d8:
36:07:e7:57:92:a5:1e:f7:90:fc:92:03:40:d0:35:
4f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:EB:53:4D:1E:59:BA:96:BE:AC:46:89:8B:6D:A4:06:6B:99:DC:CF
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/1etTTR5Zupa-rEaJi22kBmuZ3M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.172.0/23
IPv6:
2a04:c740::/29
Signature Algorithm: sha256WithRSAEncryption
11:d3:a3:aa:59:58:a6:60:46:1e:ea:f0:d7:a3:d1:9d:80:fe:
b6:53:51:73:19:6f:fc:a7:d4:57:db:d9:ab:09:12:56:b0:34:
ea:f0:0c:2e:dd:ec:3b:96:df:d7:a2:81:41:1a:b4:75:74:b0:
eb:34:b1:27:38:3a:2a:ad:9f:7f:86:9a:ed:c6:61:bc:33:02:
8e:6f:57:dd:ee:e2:61:9a:0c:13:e1:54:db:bb:06:d3:47:ad:
61:c3:b2:e5:2d:be:3d:26:ad:d6:76:54:24:70:27:c6:f7:8c:
82:09:65:28:db:3b:c5:f7:f8:82:88:e2:8d:35:90:6f:fe:9a:
82:7e:7e:fa:c9:0c:9a:2b:10:05:c8:09:2c:3e:ae:80:27:28:
9c:f8:da:c5:fe:1a:15:6b:b6:76:df:88:ef:0d:76:f5:37:2c:
37:2b:11:2d:82:66:e6:11:ab:e9:44:fb:a4:40:d6:b3:7c:d8:
b1:8a:81:d8:98:9f:23:1d:94:25:6a:48:2a:27:e8:15:ea:4b:
4e:0b:75:37:a0:ff:fe:ae:58:9e:2e:8b:52:c8:94:01:4a:82:
f8:56:91:56:56:99:f5:3e:d2:60:df:0c:02:d0:c2:59:cc:da:
49:06:b4:92:0c:d4:8d:67:5a:ef:47:2b:c9:b4:91:5e:c7:b4:
42:56:8c:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAHJDunZmbAm+seEWX3GqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQwMTAxMTIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWViNTM0ZDFlNTliYTk2YmVhYzQ2ODk4YjZkYTQwNjZiOTlkY2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjunJzeTR2rccDKH/TnIloiA3+ApX
DMcNOpNFE2wpmFZyZPRMePkybVtoBLCXvrVxkQsXxHc7+RRdcwSFN1w6JhcaaiQL
fOTGE4vJ3DPC7IESs5YLrYS+WdyYwWgyCIwWY21Qftfd8HKwuqJbNPSXBdelJ182
2WHCgAmJtoKDiiLbJcSWALYjjjVEED7C5rCCVGCiN1aD0iP0b5TI6we0Bmgo57ki
nNPA6xrqruVDH8WGWJR0jb6aBubuSKWo4KgAksrw7DjRSoDSIYJWzo6szTDLbviV
YYEY/ka+lMwlN77UBaQaZDHw0+/61e4nrtg2B+dXkqUe95D8kgNA0DVPowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNXrU00eWbqWvqxGiYttpAZrmdzPMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvMWV0VFRSNVp1cGEtckVhSmkyMmtCbXVaM004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuTSsMA0E
AgACMAcDBQMqBMdAMA0GCSqGSIb3DQEBCwUAA4IBAQAR06OqWVimYEYe6vDXo9Gd
gP62U1FzGW/8p9RX29mrCRJWsDTq8Awu3ew7lt/XooFBGrR1dLDrNLEnODoqrZ9/
hprtxmG8MwKOb1fd7uJhmgwT4VTbuwbTR61hw7LlLb49Jq3WdlQkcCfG94yCCWUo
2zvF9/iCiOKNNZBv/pqCfn76yQyaKxAFyAksPq6AJyic+NrF/hoVa7Z234jvDXb1
Nyw3KxEtgmbmEavpRPukQNazfNixioHYmJ8jHZQlakgqJ+gV6ktOC3U3oP/+rlie
LotSyJQBSoL4VpFWVpn1PtJg3wwC0MJZzNpJBrSSDNSNZ1rvRyvJtJFex7RCVozQ
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:40:24 2024 by rpki-client on console-ams.rpki-client.org