Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/085c35-28ac-4241-b951-20a900bc776a/1/RkdU9GCGBDr2eVANEpwczZxOmE4.roa
File: RkdU9GCGBDr2eVANEpwczZxOmE4.roa (raw, json)
Hash identifier: 6ZdgJCTd5FxZ990U5ame1n9/OlAr8GHJE2fUnPV/F/E=
Subject key identifier: 46:47:54:F4:60:86:04:3A:F6:79:50:0D:12:9C:1C:CD:9C:4E:98:4E
Certificate issuer: /CN=a4f523d948387d8c5fcdf752e0a1cc408cfe8395
Certificate serial: 018CC9BB9C32724C3CB6B390A767779C5E1F
Authority key identifier: A4:F5:23:D9:48:38:7D:8C:5F:CD:F7:52:E0:A1:CC:40:8C:FE:83:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPUj2Ug4fYxfzfdS4KHMQIz-g5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/085c35-28ac-4241-b951-20a900bc776a/1/RkdU9GCGBDr2eVANEpwczZxOmE4.roa
Signing time: Tue 02 Jan 2024 10:32:44 +0000
ROA not before: Tue 02 Jan 2024 10:32:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24806
IP address blocks: 185.33.144.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/085c35-28ac-4241-b951-20a900bc776a/1/pPUj2Ug4fYxfzfdS4KHMQIz-g5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/085c35-28ac-4241-b951-20a900bc776a/1/pPUj2Ug4fYxfzfdS4KHMQIz-g5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPUj2Ug4fYxfzfdS4KHMQIz-g5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:9c:32:72:4c:3c:b6:b3:90:a7:67:77:9c:5e:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f523d948387d8c5fcdf752e0a1cc408cfe8395
Validity
Not Before: Jan 2 10:32:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=464754f46086043af679500d129c1ccd9c4e984e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:98:e8:79:68:ea:14:e8:64:8e:0b:f6:80:c9:
43:85:a9:e9:db:17:15:df:c0:10:9c:87:0d:f4:0f:
e3:b9:ef:26:21:40:c6:96:1b:85:ca:12:dc:93:dc:
e0:db:20:21:e1:ac:c7:14:26:28:3c:7b:a2:23:56:
25:0e:6f:f5:07:13:1e:bd:52:ef:f3:31:e1:2b:94:
30:e0:82:20:08:01:25:f1:39:72:ec:99:a5:17:f9:
da:7f:14:8e:fb:14:a8:90:0e:03:61:80:8a:84:19:
0c:6b:70:41:5a:ac:ca:d2:15:0e:a4:1e:55:99:ad:
95:c6:9f:48:93:e2:87:86:b2:5b:1b:ae:e4:65:fc:
5a:0a:ae:91:b3:0d:d3:9d:4b:3f:59:df:f8:3e:dd:
c3:0c:2c:2e:64:6f:a1:08:0f:8e:26:46:8d:cc:f3:
66:4e:1c:7d:ad:48:70:53:5c:2e:eb:aa:cc:94:e0:
74:55:38:6b:bc:de:4d:a5:c8:18:5c:98:43:a7:08:
61:3c:99:d6:3e:5b:ca:98:5a:0f:1e:5c:5b:88:54:
45:37:24:f0:09:c6:ec:d6:d2:30:c0:12:b7:de:45:
c7:aa:7f:c7:b7:7f:d5:1a:0f:4c:28:67:63:3f:eb:
50:31:e6:47:1c:f3:2d:4e:fd:a7:4a:df:f4:97:a1:
93:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:47:54:F4:60:86:04:3A:F6:79:50:0D:12:9C:1C:CD:9C:4E:98:4E
X509v3 Authority Key Identifier:
keyid:A4:F5:23:D9:48:38:7D:8C:5F:CD:F7:52:E0:A1:CC:40:8C:FE:83:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPUj2Ug4fYxfzfdS4KHMQIz-g5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/085c35-28ac-4241-b951-20a900bc776a/1/RkdU9GCGBDr2eVANEpwczZxOmE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/085c35-28ac-4241-b951-20a900bc776a/1/pPUj2Ug4fYxfzfdS4KHMQIz-g5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.144.0/22
Signature Algorithm: sha256WithRSAEncryption
46:8c:37:f5:e0:a3:f4:84:1f:0b:d4:a2:06:d7:cb:b5:44:4f:
c8:fb:35:90:fc:87:c2:a0:f8:b4:54:02:15:c8:d7:a3:a1:c2:
b6:46:08:82:c3:8b:d5:ca:06:f8:b7:76:a4:bf:db:96:2a:5f:
04:d4:da:7b:f9:2d:53:b2:f0:de:c3:56:12:b2:fa:b1:55:fd:
8a:9d:83:0e:a4:e3:70:9c:62:15:4a:f7:a0:f6:5a:64:08:70:
fd:78:e7:81:97:d9:c1:58:48:e4:f1:84:a0:41:6f:d3:4f:76:
e8:d6:bf:ac:65:a8:19:81:e2:e8:5f:ce:99:98:9f:32:c8:34:
93:00:b8:bf:6b:64:74:a9:cf:22:f0:3f:0f:f9:73:c7:69:10:
2d:9d:9b:ff:8c:78:0d:74:b3:02:fe:69:cb:1b:ea:3c:e0:32:
cc:01:9d:97:f0:67:0e:5f:5e:56:10:ae:34:63:1a:2c:56:57:
4c:eb:07:44:8f:f4:d5:9f:38:0f:a2:85:72:c8:5b:75:26:a3:
ef:07:2f:25:24:6f:f5:21:ca:06:06:4e:b6:29:93:e8:d5:cb:
9a:48:aa:5e:ac:13:6f:24:1f:aa:ff:94:70:a8:00:34:9b:dd:
cc:3e:f4:00:7c:8d:25:fe:64:91:78:f5:65:ad:9f:10:37:47:
1d:c4:7a:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu5wyckw8trOQp2d3nF4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjUyM2Q5NDgzODdkOGM1ZmNkZjc1MmUwYTFjYzQwOGNm
ZTgzOTUwHhcNMjQwMTAyMTAzMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjQ3NTRmNDYwODYwNDNhZjY3OTUwMGQxMjljMWNjZDljNGU5ODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pjoeWjqFOhkjgv2gMlDhanp2xcV
38AQnIcN9A/jue8mIUDGlhuFyhLck9zg2yAh4azHFCYoPHuiI1YlDm/1BxMevVLv
8zHhK5Qw4IIgCAEl8Tly7JmlF/nafxSO+xSokA4DYYCKhBkMa3BBWqzK0hUOpB5V
ma2Vxp9Ik+KHhrJbG67kZfxaCq6Rsw3TnUs/Wd/4Pt3DDCwuZG+hCA+OJkaNzPNm
Thx9rUhwU1wu66rMlOB0VThrvN5NpcgYXJhDpwhhPJnWPlvKmFoPHlxbiFRFNyTw
Ccbs1tIwwBK33kXHqn/Ht3/VGg9MKGdjP+tQMeZHHPMtTv2nSt/0l6GT9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEZHVPRghgQ69nlQDRKcHM2cTphOMB8GA1UdIwQY
MBaAFKT1I9lIOH2MX833UuChzECM/oOVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBVajJVZzRmWXhmemZkUzRLSE1RSXotZzVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wODVjMzUtMjhhYy00MjQxLWI5NTEt
MjBhOTAwYmM3NzZhLzEvUmtkVTlHQ0dCRHIyZVZBTkVwd2N6WnhPbUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wODVjMzUtMjhhYy00MjQxLWI5NTEtMjBhOTAwYmM3NzZh
LzEvcFBVajJVZzRmWXhmemZkUzRLSE1RSXotZzVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSGQMA0G
CSqGSIb3DQEBCwUAA4IBAQBGjDf14KP0hB8L1KIG18u1RE/I+zWQ/IfCoPi0VAIV
yNejocK2RgiCw4vVygb4t3akv9uWKl8E1Np7+S1TsvDew1YSsvqxVf2KnYMOpONw
nGIVSveg9lpkCHD9eOeBl9nBWEjk8YSgQW/TT3bo1r+sZagZgeLoX86ZmJ8yyDST
ALi/a2R0qc8i8D8P+XPHaRAtnZv/jHgNdLMC/mnLG+o84DLMAZ2X8GcOX15WEK40
YxosVldM6wdEj/TVnzgPooVyyFt1JqPvBy8lJG/1IcoGBk62KZPo1cuaSKperBNv
JB+q/5RwqAA0m93MPvQAfI0l/mSRePVlrZ8QN0cdxHrc
-----END CERTIFICATE-----
Generated at Sat Sep 28 21:05:32 2024 by rpki-client on console-ams.rpki-client.org