Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/470cb8-eb6a-4934-9d47-968d0c7f22bb/1/FdDdw4td7MhPMzta3Jae2yNJuWA.roa
File: FdDdw4td7MhPMzta3Jae2yNJuWA.roa (raw, json)
Hash identifier: XuECmG4dQvLnDpfZmUGFunVtyYqqu2JvGPd8QCxo7Xw=
Subject key identifier: 15:D0:DD:C3:8B:5D:EC:C8:4F:33:3B:5A:DC:96:9E:DB:23:49:B9:60
Certificate issuer: /CN=72e5b57bb398d5e1839a3fe4254df70d712ce14a
Certificate serial: 019250AD522A86C3F03E251020E676E37FD9
Authority key identifier: 72:E5:B5:7B:B3:98:D5:E1:83:9A:3F:E4:25:4D:F7:0D:71:2C:E1:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cuW1e7OY1eGDmj_kJU33DXEs4Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/470cb8-eb6a-4934-9d47-968d0c7f22bb/1/FdDdw4td7MhPMzta3Jae2yNJuWA.roa
Signing time: Thu 03 Oct 2024 04:39:48 +0000
ROA not before: Thu 03 Oct 2024 04:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211686
IP address blocks: 185.15.199.0/24 maxlen: 24
185.95.1.0/24 maxlen: 24
194.213.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/470cb8-eb6a-4934-9d47-968d0c7f22bb/1/cuW1e7OY1eGDmj_kJU33DXEs4Uo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/470cb8-eb6a-4934-9d47-968d0c7f22bb/1/cuW1e7OY1eGDmj_kJU33DXEs4Uo.mft
rsync://rpki.ripe.net/repository/DEFAULT/cuW1e7OY1eGDmj_kJU33DXEs4Uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:50:ad:52:2a:86:c3:f0:3e:25:10:20:e6:76:e3:7f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e5b57bb398d5e1839a3fe4254df70d712ce14a
Validity
Not Before: Oct 3 04:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15d0ddc38b5decc84f333b5adc969edb2349b960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ad:1f:54:37:3c:fe:dc:73:78:36:8a:43:e0:
12:89:a5:4a:77:8c:98:8d:74:78:01:8b:9d:d5:87:
75:3d:a5:e6:a0:c1:23:a9:af:2a:42:c7:8f:12:e6:
58:83:35:f9:bf:cb:97:2c:8e:59:51:5f:4f:ed:c1:
12:ab:1e:43:c3:e6:db:15:2c:cd:50:53:6c:84:83:
76:41:72:ce:85:d2:9e:51:4a:47:18:87:06:65:0e:
89:4c:7c:88:a1:c6:fa:cf:4c:cc:36:62:3d:e0:0f:
7b:60:c8:1c:b4:97:64:31:22:95:02:18:f3:42:05:
38:c6:ae:42:93:d3:89:ce:18:67:94:f6:b5:f5:91:
93:9d:33:5d:df:51:1a:e3:d9:92:23:fe:dd:20:e2:
10:a6:c0:b7:d2:e3:16:6e:14:63:86:8f:5b:59:8b:
35:fc:81:45:dd:ab:48:52:e6:af:63:0d:2c:e4:fb:
2e:89:01:81:2c:b8:e4:79:f2:67:a9:bb:34:82:47:
3b:f7:de:df:44:b6:51:d6:93:dd:3a:3f:fb:9d:1f:
41:58:e6:2c:4b:08:5b:b2:f0:3f:31:de:cf:79:9c:
22:f4:69:bf:2e:65:e9:2b:12:af:79:fb:d4:8f:c4:
88:b0:f1:c5:20:98:d5:fe:de:bf:1d:54:78:c4:a4:
f1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:D0:DD:C3:8B:5D:EC:C8:4F:33:3B:5A:DC:96:9E:DB:23:49:B9:60
X509v3 Authority Key Identifier:
keyid:72:E5:B5:7B:B3:98:D5:E1:83:9A:3F:E4:25:4D:F7:0D:71:2C:E1:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cuW1e7OY1eGDmj_kJU33DXEs4Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/470cb8-eb6a-4934-9d47-968d0c7f22bb/1/FdDdw4td7MhPMzta3Jae2yNJuWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/470cb8-eb6a-4934-9d47-968d0c7f22bb/1/cuW1e7OY1eGDmj_kJU33DXEs4Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.199.0/24
185.95.1.0/24
194.213.25.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:8d:fc:0d:5c:56:16:8a:cb:76:59:25:9c:9d:67:88:f5:e7:
9c:f3:c0:e3:44:b5:1f:6e:ca:60:b6:08:7d:47:9c:9c:91:d7:
1d:f0:b1:98:12:64:c0:87:e3:50:7f:c9:bb:5b:ea:71:e2:4b:
78:3d:7c:18:15:34:27:4b:81:0a:f4:9e:69:ef:50:a9:1b:92:
b5:ba:85:63:a9:c1:70:07:7a:c9:42:ae:67:c8:4e:bd:d8:57:
29:23:b8:63:d9:32:5b:39:44:d0:c3:cd:4b:2d:2b:af:ea:3c:
80:02:c5:9a:e7:6f:ea:99:09:f8:06:1a:a8:4d:c3:c8:8f:49:
de:1f:8c:e8:17:37:8b:e0:00:94:f2:51:bf:de:c0:97:a9:53:
88:8f:60:bb:5f:af:82:47:d7:f5:dc:c8:e5:24:47:c7:99:50:
fc:01:55:f9:2f:20:b8:88:82:8d:a3:69:62:49:52:20:14:c8:
bc:0c:50:ae:dd:2a:5c:f0:d0:ae:fb:37:7a:53:0d:36:1a:13:
f4:1b:cd:f2:cc:2c:27:7a:a4:92:51:ac:96:77:3d:30:ba:f8:
c4:6a:e0:81:ea:6d:3d:b5:85:72:a0:aa:fd:f8:f5:e5:30:f6:
b6:96:d1:77:df:af:59:3d:fb:8d:b1:18:fd:a0:f2:52:37:c4:
35:36:7b:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJQrVIqhsPwPiUQIOZ243/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTViNTdiYjM5OGQ1ZTE4MzlhM2ZlNDI1NGRmNzBkNzEy
Y2UxNGEwHhcNMjQxMDAzMDQzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWQwZGRjMzhiNWRlY2M4NGYzMzNiNWFkYzk2OWVkYjIzNDliOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1q0fVDc8/txzeDaKQ+ASiaVKd4yY
jXR4AYud1Yd1PaXmoMEjqa8qQsePEuZYgzX5v8uXLI5ZUV9P7cESqx5Dw+bbFSzN
UFNshIN2QXLOhdKeUUpHGIcGZQ6JTHyIocb6z0zMNmI94A97YMgctJdkMSKVAhjz
QgU4xq5Ck9OJzhhnlPa19ZGTnTNd31Ea49mSI/7dIOIQpsC30uMWbhRjho9bWYs1
/IFF3atIUuavYw0s5PsuiQGBLLjkefJnqbs0gkc7997fRLZR1pPdOj/7nR9BWOYs
SwhbsvA/Md7PeZwi9Gm/LmXpKxKvefvUj8SIsPHFIJjV/t6/HVR4xKTx6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBXQ3cOLXezITzM7WtyWntsjSblgMB8GA1UdIwQY
MBaAFHLltXuzmNXhg5o/5CVN9w1xLOFKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VXMWU3T1kxZUdEbWpfa0pVMzNEWEVzNFVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS80NzBjYjgtZWI2YS00OTM0LTlkNDct
OTY4ZDBjN2YyMmJiLzEvRmREZHc0dGQ3TWhQTXp0YTNKYWUyeU5KdVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS80NzBjYjgtZWI2YS00OTM0LTlkNDctOTY4ZDBjN2YyMmJi
LzEvY3VXMWU3T1kxZUdEbWpfa0pVMzNEWEVzNFVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuQ/HAwQA
uV8BAwQAwtUZMA0GCSqGSIb3DQEBCwUAA4IBAQBLjfwNXFYWist2WSWcnWeI9eec
88DjRLUfbspgtgh9R5yckdcd8LGYEmTAh+NQf8m7W+px4kt4PXwYFTQnS4EK9J5p
71CpG5K1uoVjqcFwB3rJQq5nyE692FcpI7hj2TJbOUTQw81LLSuv6jyAAsWa52/q
mQn4BhqoTcPIj0neH4zoFzeL4ACU8lG/3sCXqVOIj2C7X6+CR9f13MjlJEfHmVD8
AVX5LyC4iIKNo2liSVIgFMi8DFCu3Spc8NCu+zd6Uw02GhP0G83yzCwneqSSUayW
dz0wuvjEauCB6m09tYVyoKr9+PXlMPa2ltF3369ZPfuNsRj9oPJSN8Q1NnsI
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:54:06 2024 by rpki-client on console-fra.rpki-client.org