Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/RdS9LHEu2uL12xuOKShNje_2z_A.roa
File: RdS9LHEu2uL12xuOKShNje_2z_A.roa (raw, json)
Hash identifier: PgQQa/aCAiqJ0axDFIDGuve5ww1OQOjw8/Y8OptF5Wc=
Subject key identifier: 45:D4:BD:2C:71:2E:DA:E2:F5:DB:1B:8E:29:28:4D:8D:EF:F6:CF:F0
Certificate issuer: /CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Certificate serial: 018CCA9A0F1881927173FCA41810B8696546
Authority key identifier: 21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/RdS9LHEu2uL12xuOKShNje_2z_A.roa
Signing time: Tue 02 Jan 2024 14:35:43 +0000
ROA not before: Tue 02 Jan 2024 14:35:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201641
IP address blocks: 194.15.212.0/24 maxlen: 24
185.102.100.0/22 maxlen: 24
2a10:a600:c0db::/48 maxlen: 48
2a10:a600:c0da::/48 maxlen: 48
2001:67c:6e8::/48 maxlen: 48
2a10:a600::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:0f:18:81:92:71:73:fc:a4:18:10:b8:69:65:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Validity
Not Before: Jan 2 14:35:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45d4bd2c712edae2f5db1b8e29284d8deff6cff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:70:e9:de:d8:8a:0c:bd:1a:b4:43:cf:95:b5:
44:39:fb:c9:94:74:cb:4b:92:4f:4b:f6:c2:d4:da:
f2:48:e4:3f:30:1c:d5:ed:d7:79:6d:00:af:5f:2d:
3d:c8:04:c8:3a:8c:06:17:6f:cc:81:01:a0:8d:d9:
1b:49:3a:65:25:95:ea:c3:90:a6:44:d2:ac:cd:e0:
b5:d4:8d:f0:00:d5:8c:a0:0f:11:a6:09:9c:6d:05:
8c:ea:87:9a:7a:cd:f0:53:a4:0f:b1:88:11:bc:b7:
20:75:71:40:51:bc:09:91:4f:54:00:2c:1f:da:b5:
e3:b7:f1:3f:44:45:f5:4a:82:ba:67:ce:fc:65:43:
d1:35:10:84:e4:fb:07:3a:65:3a:23:70:39:c1:a5:
ac:2b:53:7c:76:d1:97:67:82:d9:b3:25:ba:c6:3f:
87:b3:3e:bb:4f:29:11:02:6c:19:31:2b:e6:85:20:
06:82:55:ca:c6:ec:c6:2e:ab:bc:f1:9d:6c:2a:41:
04:1a:65:c1:bd:bc:f7:c5:f0:ee:e3:d5:0c:75:27:
d1:62:12:8a:e4:6b:fe:d3:02:19:eb:0e:26:f0:71:
68:0c:a9:eb:3e:0d:86:56:fb:55:ab:5d:2c:a8:40:
eb:e4:d4:5a:d6:7b:e3:50:4a:3f:38:97:3b:d0:69:
60:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D4:BD:2C:71:2E:DA:E2:F5:DB:1B:8E:29:28:4D:8D:EF:F6:CF:F0
X509v3 Authority Key Identifier:
keyid:21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/RdS9LHEu2uL12xuOKShNje_2z_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.100.0/22
194.15.212.0/24
IPv6:
2001:67c:6e8::/48
2a10:a600::/32
Signature Algorithm: sha256WithRSAEncryption
99:6e:87:f8:76:e9:02:11:93:1b:41:16:8c:75:53:78:d9:aa:
79:6d:c6:9b:6a:7d:82:b9:b5:c9:c6:1c:10:b8:07:1d:cf:5d:
82:9a:40:bc:ed:09:c1:1f:57:12:a3:55:be:ea:a2:8b:d4:a2:
df:fc:23:59:d7:1a:79:f4:51:c8:72:e1:d1:1d:e7:26:14:0b:
35:43:ee:49:88:60:17:42:25:48:2f:10:6f:c4:5f:e6:f5:5f:
6e:29:e9:43:e1:2e:1b:52:c8:fd:a3:3a:7e:d9:99:bf:29:fe:
1f:36:b5:8a:63:8b:d9:7d:46:0b:32:bf:99:71:13:8c:bf:d2:
64:5b:3d:6b:0f:1a:0a:7a:09:1e:fa:3b:c2:bd:82:1f:64:d6:
5b:57:f4:a2:2b:26:af:1e:de:5e:4a:e6:87:80:21:8e:a2:bb:
03:74:f0:bf:e0:bd:2a:8b:59:bf:7a:9f:0b:30:4d:30:33:29:
de:a6:a9:b7:eb:e8:3b:96:84:57:a4:c4:04:93:04:5a:6a:a6:
06:d1:3e:88:52:dc:49:1b:5b:90:64:21:81:87:c7:48:a1:0f:
8f:ee:85:34:1b:62:07:8e:29:e1:9c:96:94:50:75:7b:1b:51:
f0:ae:1d:cd:bc:74:e2:43:6f:31:34:f9:75:fe:0a:9b:ac:fb:
f3:67:65:55
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzKmg8YgZJxc/ykGBC4aWVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYWEyOGRlMjFiYzkxZjM5ZGJmMmQwMTJmZDU1MmQyMmQw
ZjVhYWEwHhcNMjQwMTAyMTQzNTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQ0YmQyYzcxMmVkYWUyZjVkYjFiOGUyOTI4NGQ4ZGVmZjZjZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknDp3tiKDL0atEPPlbVEOfvJlHTL
S5JPS/bC1NrySOQ/MBzV7dd5bQCvXy09yATIOowGF2/MgQGgjdkbSTplJZXqw5Cm
RNKszeC11I3wANWMoA8RpgmcbQWM6oeaes3wU6QPsYgRvLcgdXFAUbwJkU9UACwf
2rXjt/E/REX1SoK6Z878ZUPRNRCE5PsHOmU6I3A5waWsK1N8dtGXZ4LZsyW6xj+H
sz67TykRAmwZMSvmhSAGglXKxuzGLqu88Z1sKkEEGmXBvbz3xfDu49UMdSfRYhKK
5Gv+0wIZ6w4m8HFoDKnrPg2GVvtVq10sqEDr5NRa1nvjUEo/OJc70GlgJwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEXUvSxxLtri9dsbjikoTY3v9s/wMB8GA1UdIwQY
MBaAFCGqKN4hvJHznb8tAS/VUtItD1qqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAt
Zjk5NzNjNTc2YjAzLzEvUmRTOUxIRXUydUwxMnh1T0tTaE5qZV8yel9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAtZjk5NzNjNTc2YjAz
LzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuWZkAwQA
wg/UMBYEAgACMBADBwAgAQZ8BugDBQAqEKYAMA0GCSqGSIb3DQEBCwUAA4IBAQCZ
bof4dukCEZMbQRaMdVN42ap5bcaban2CubXJxhwQuAcdz12CmkC87QnBH1cSo1W+
6qKL1KLf/CNZ1xp59FHIcuHRHecmFAs1Q+5JiGAXQiVILxBvxF/m9V9uKelD4S4b
Usj9ozp+2Zm/Kf4fNrWKY4vZfUYLMr+ZcROMv9JkWz1rDxoKegke+jvCvYIfZNZb
V/SiKyavHt5eSuaHgCGOorsDdPC/4L0qi1m/ep8LME0wMynepqm36+g7loRXpMQE
kwRaaqYG0T6IUtxJG1uQZCGBh8dIoQ+P7oU0G2IHjinhnJaUUHV7G1Hwrh3NvHTi
Q28xNPl1/gqbrPvzZ2VV
-----END CERTIFICATE-----
Generated at Sun Jun 23 19:05:05 2024 by rpki-client on console-fra.rpki-client.org