Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/O36tYrZ1iU9ZCt09PlbqvnHo3z0.roa
File: O36tYrZ1iU9ZCt09PlbqvnHo3z0.roa (raw, json)
Hash identifier: J9crKWYSU/hjTamw9LNJM3qmQWBw5HfUqUSfcdmls00=
Subject key identifier: 3B:7E:AD:62:B6:75:89:4F:59:0A:DD:3D:3E:56:EA:BE:71:E8:DF:3D
Certificate issuer: /CN=525b705a91dbc30ed10eb7222b7797b834e01863
Certificate serial: 018CC5002D2D83A0C8A717A6F0C1F51CA714
Authority key identifier: 52:5B:70:5A:91:DB:C3:0E:D1:0E:B7:22:2B:77:97:B8:34:E0:18:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UltwWpHbww7RDrciK3eXuDTgGGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/O36tYrZ1iU9ZCt09PlbqvnHo3z0.roa
Signing time: Mon 01 Jan 2024 12:29:32 +0000
ROA not before: Mon 01 Jan 2024 12:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208521
IP address blocks: 185.236.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/UltwWpHbww7RDrciK3eXuDTgGGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/UltwWpHbww7RDrciK3eXuDTgGGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/UltwWpHbww7RDrciK3eXuDTgGGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jul 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:2d:2d:83:a0:c8:a7:17:a6:f0:c1:f5:1c:a7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=525b705a91dbc30ed10eb7222b7797b834e01863
Validity
Not Before: Jan 1 12:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b7ead62b675894f590add3d3e56eabe71e8df3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1e:0f:7f:f9:f8:a7:74:ce:0c:89:00:19:78:
16:6e:75:be:84:00:05:a9:2b:b0:30:8a:39:b6:e5:
16:7b:3e:4a:a3:31:79:93:ed:66:c3:77:51:f0:2d:
7f:3e:63:1f:18:70:df:7e:d2:78:e6:a1:19:40:15:
15:0f:0e:1e:9d:e8:5c:37:65:28:f0:6e:b8:d2:e4:
44:92:e8:1a:b1:7d:fd:fe:0e:ed:aa:0e:c1:1b:05:
6e:ba:69:22:f4:e0:06:0c:24:69:f5:d5:c7:ec:6b:
bc:00:f0:6b:ab:e7:75:8f:41:87:e1:b0:fb:a1:f4:
1a:8c:3e:1d:0a:75:e4:a0:35:9c:1e:8a:6b:fd:1a:
05:7a:8d:8b:3b:27:ee:a2:0b:6e:93:cc:44:d5:52:
54:ed:6c:78:e9:b6:20:aa:1b:12:d4:23:8c:5d:1b:
70:7a:18:ba:eb:16:6e:0a:04:82:77:0b:46:e7:4e:
a5:cb:bd:72:dd:8e:81:ab:d9:a7:82:f0:b5:c8:f5:
73:3d:b0:8c:f6:ab:b0:cb:0a:b7:f5:e6:0c:66:41:
56:2e:be:31:43:78:bc:a8:f3:b2:80:ce:25:7b:03:
63:02:25:94:07:48:c8:43:4c:dc:52:4e:01:d5:12:
8d:8c:cd:4a:9a:c9:2e:d3:8e:1f:aa:5b:d9:f5:56:
77:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:7E:AD:62:B6:75:89:4F:59:0A:DD:3D:3E:56:EA:BE:71:E8:DF:3D
X509v3 Authority Key Identifier:
keyid:52:5B:70:5A:91:DB:C3:0E:D1:0E:B7:22:2B:77:97:B8:34:E0:18:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UltwWpHbww7RDrciK3eXuDTgGGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/O36tYrZ1iU9ZCt09PlbqvnHo3z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f462dc-9e59-4e8d-9c6d-f46887df9863/1/UltwWpHbww7RDrciK3eXuDTgGGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.241.0/24
Signature Algorithm: sha256WithRSAEncryption
54:2c:57:65:36:7d:4e:95:04:7a:45:da:7c:f5:49:9a:fd:7f:
da:2c:e2:e2:da:63:19:bb:c2:0a:cd:b2:8d:91:05:72:74:1f:
4f:fd:0f:5d:92:ea:d6:d5:7b:da:7e:fd:6f:0b:a5:ea:27:04:
5a:62:ec:1e:b9:ee:e3:dc:bb:7e:fd:bf:e3:35:81:ca:87:c2:
a1:4e:60:fc:82:81:55:b8:62:85:d1:80:77:3a:72:30:cc:84:
05:6d:65:ec:e3:41:83:d8:c6:cd:4f:0a:bf:6d:42:fe:e1:69:
f3:c4:94:1e:81:6c:fa:4e:c1:78:35:73:7f:a3:d0:f5:c0:84:
91:92:80:cb:19:7c:48:7a:0b:58:46:db:ae:22:11:cd:16:67:
64:84:77:ef:e2:6b:42:1b:fd:d4:fc:d2:d5:08:82:23:04:38:
05:7a:48:0d:92:24:ae:80:82:5d:d1:44:d1:ae:b5:65:e9:21:
b7:5e:76:da:5e:a0:c3:55:c4:76:ce:63:85:6c:1c:21:d7:03:
51:a8:ae:9e:a2:75:4e:fe:8e:46:0f:f5:28:25:c5:27:c6:71:
58:2c:bb:a5:56:19:e6:f0:32:f8:77:c6:a0:b9:f3:8f:67:6c:
5a:6d:4f:ba:dd:67:4f:59:52:cc:c5:16:19:41:d8:73:99:b4:
27:4e:e5:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAC0tg6DIpxem8MH1HKcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNWI3MDVhOTFkYmMzMGVkMTBlYjcyMjJiNzc5N2I4MzRl
MDE4NjMwHhcNMjQwMTAxMTIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjdlYWQ2MmI2NzU4OTRmNTkwYWRkM2QzZTU2ZWFiZTcxZThkZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjx4Pf/n4p3TODIkAGXgWbnW+hAAF
qSuwMIo5tuUWez5KozF5k+1mw3dR8C1/PmMfGHDfftJ45qEZQBUVDw4enehcN2Uo
8G640uREkugasX39/g7tqg7BGwVuumki9OAGDCRp9dXH7Gu8APBrq+d1j0GH4bD7
ofQajD4dCnXkoDWcHopr/RoFeo2LOyfuogtuk8xE1VJU7Wx46bYgqhsS1COMXRtw
ehi66xZuCgSCdwtG506ly71y3Y6Bq9mngvC1yPVzPbCM9quwywq39eYMZkFWLr4x
Q3i8qPOygM4lewNjAiWUB0jIQ0zcUk4B1RKNjM1Kmsku044fqlvZ9VZ3owIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDt+rWK2dYlPWQrdPT5W6r5x6N89MB8GA1UdIwQY
MBaAFFJbcFqR28MO0Q63Iit3l7g04BhjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWx0d1dwSGJ3dzdSRHJjaUszZVh1RFRnR0dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNDYyZGMtOWU1OS00ZThkLTljNmQt
ZjQ2ODg3ZGY5ODYzLzEvTzM2dFlyWjFpVTlaQ3QwOVBsYnF2bkhvM3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNDYyZGMtOWU1OS00ZThkLTljNmQtZjQ2ODg3ZGY5ODYz
LzEvVWx0d1dwSGJ3dzdSRHJjaUszZVh1RFRnR0dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuezxMA0G
CSqGSIb3DQEBCwUAA4IBAQBULFdlNn1OlQR6Rdp89Uma/X/aLOLi2mMZu8IKzbKN
kQVydB9P/Q9dkurW1Xvafv1vC6XqJwRaYuweue7j3Lt+/b/jNYHKh8KhTmD8goFV
uGKF0YB3OnIwzIQFbWXs40GD2MbNTwq/bUL+4WnzxJQegWz6TsF4NXN/o9D1wISR
koDLGXxIegtYRtuuIhHNFmdkhHfv4mtCG/3U/NLVCIIjBDgFekgNkiSugIJd0UTR
rrVl6SG3XnbaXqDDVcR2zmOFbBwh1wNRqK6eonVO/o5GD/UoJcUnxnFYLLulVhnm
8DL4d8agufOPZ2xabU+63WdPWVLMxRYZQdhzmbQnTuWA
-----END CERTIFICATE-----
Generated at Wed Jul 3 18:05:47 2024 by rpki-client on console-fra.rpki-client.org