Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/iunF3EfDLS-7di3NPxJd9ZdH04Y.roa
File: iunF3EfDLS-7di3NPxJd9ZdH04Y.roa (raw, json)
Hash identifier: FmWV3hGBb6NnH91Prx/r2HeBbyV+yFqwxvLATibPORM=
Subject key identifier: 8A:E9:C5:DC:47:C3:2D:2F:BB:76:2D:CD:3F:12:5D:F5:97:47:D3:86
Certificate issuer: /CN=dbc950098436281cee542a1e74546551e1e55283
Certificate serial: 018CC6B9438B8D988E94D4AA58F799119988
Authority key identifier: DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/iunF3EfDLS-7di3NPxJd9ZdH04Y.roa
Signing time: Mon 01 Jan 2024 20:31:19 +0000
ROA not before: Mon 01 Jan 2024 20:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34762
IP address blocks: 185.116.72.0/22 maxlen: 24
2a0d:5040::/32 maxlen: 32
2a0d:5041::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:43:8b:8d:98:8e:94:d4:aa:58:f7:99:11:99:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc950098436281cee542a1e74546551e1e55283
Validity
Not Before: Jan 1 20:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ae9c5dc47c32d2fbb762dcd3f125df59747d386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:87:3c:5c:3f:c6:46:89:ff:1b:9f:03:75:b0:
c8:b0:f2:f7:89:7c:e7:d1:35:38:de:2d:b9:2b:29:
e4:2d:54:ee:85:22:87:ae:36:42:42:72:6a:57:58:
d6:08:dd:29:4e:0c:37:ce:d1:32:f5:6a:ce:28:6a:
a2:ec:07:85:da:3f:16:3e:65:d4:ff:2a:1e:12:45:
2e:55:43:22:59:00:62:23:be:9d:94:60:9e:e1:5b:
5b:f3:b0:99:a5:fc:78:a6:80:37:9b:b0:42:e1:95:
fc:12:e0:f1:9e:04:f2:83:c9:9e:72:a5:d2:0e:e7:
83:ca:4f:11:33:48:c8:40:f6:80:9a:d8:a0:34:5b:
6e:7c:eb:5a:9d:a1:af:6a:14:5d:79:e2:73:b4:26:
87:ba:dc:68:a0:0c:e5:d6:f0:19:9b:68:8f:fc:18:
6c:3a:e8:de:00:c9:e6:4b:a1:04:a1:d1:75:58:bb:
b0:e4:92:28:88:35:dd:32:ef:e1:3b:1e:c7:71:a8:
fb:8d:d5:ec:d6:2a:07:ad:60:ce:5b:bf:d4:a3:99:
37:a4:cc:e9:9b:be:cf:ce:70:b8:31:f2:1b:15:cc:
60:ed:76:f8:89:08:2b:2e:5b:3c:a9:ae:11:c2:34:
f2:97:68:26:d3:a8:5b:ba:68:1b:4d:b4:05:d6:ec:
0b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E9:C5:DC:47:C3:2D:2F:BB:76:2D:CD:3F:12:5D:F5:97:47:D3:86
X509v3 Authority Key Identifier:
keyid:DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/iunF3EfDLS-7di3NPxJd9ZdH04Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.72.0/22
IPv6:
2a0d:5040::/31
Signature Algorithm: sha256WithRSAEncryption
91:5e:cb:4a:5b:c0:46:c8:55:c3:32:80:ac:bd:e5:80:e9:1c:
08:1b:bd:6a:e7:c1:33:70:df:f9:ba:9d:da:66:1f:17:1c:15:
5c:b0:a3:e4:55:4c:a6:ea:1f:d9:77:b7:0d:1b:16:17:87:27:
70:6e:f3:e1:e9:98:5a:54:fb:d2:a6:2d:22:bc:7f:c0:04:c0:
bf:80:90:f3:33:7c:68:bf:8b:e8:64:d7:98:0a:d0:20:e4:48:
0a:70:e4:f7:28:d2:2b:1c:6c:7e:fe:dd:02:cc:60:dc:cd:0a:
01:d2:09:4e:30:d5:7b:f2:e0:0f:51:89:72:e5:35:cc:74:0b:
33:cf:2e:18:34:96:7e:07:a3:72:55:6f:cf:6f:b1:b2:53:b7:
1d:80:f2:ae:44:4c:42:7e:08:95:d3:cc:aa:bb:5d:29:25:93:
d5:9b:ff:5c:d6:1f:03:a3:78:e9:13:2e:fe:37:8b:00:93:82:
99:fc:46:39:9d:d7:78:f0:12:50:4e:4d:6a:48:55:49:2f:00:
e9:1b:ed:f7:51:0e:f7:3b:8e:3f:eb:4d:02:95:e0:35:41:b7:
5a:54:d0:66:ba:01:d5:f1:23:dd:32:e4:0e:70:4a:ce:8a:fb:
0a:b8:0d:7d:00:15:af:e2:25:95:e5:aa:fb:65:ce:24:3e:dd:
65:e3:3b:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuUOLjZiOlNSqWPeZEZmIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzk1MDA5ODQzNjI4MWNlZTU0MmExZTc0NTQ2NTUxZTFl
NTUyODMwHhcNMjQwMTAxMjAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWU5YzVkYzQ3YzMyZDJmYmI3NjJkY2QzZjEyNWRmNTk3NDdkMzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4c8XD/GRon/G58DdbDIsPL3iXzn
0TU43i25KynkLVTuhSKHrjZCQnJqV1jWCN0pTgw3ztEy9WrOKGqi7AeF2j8WPmXU
/yoeEkUuVUMiWQBiI76dlGCe4Vtb87CZpfx4poA3m7BC4ZX8EuDxngTyg8mecqXS
DueDyk8RM0jIQPaAmtigNFtufOtanaGvahRdeeJztCaHutxooAzl1vAZm2iP/Bhs
OujeAMnmS6EEodF1WLuw5JIoiDXdMu/hOx7Hcaj7jdXs1ioHrWDOW7/Uo5k3pMzp
m77PznC4MfIbFcxg7Xb4iQgrLls8qa4RwjTyl2gm06hbumgbTbQF1uwLYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIrpxdxHwy0vu3YtzT8SXfWXR9OGMB8GA1UdIwQY
MBaAFNvJUAmENigc7lQqHnRUZVHh5VKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDkt
ZjQ3ZTE2OTI2NmMyLzEvaXVuRjNFZkRMUy03ZGkzTlB4SmQ5WmRIMDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDktZjQ3ZTE2OTI2NmMy
LzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXRIMA0E
AgACMAcDBQEqDVBAMA0GCSqGSIb3DQEBCwUAA4IBAQCRXstKW8BGyFXDMoCsveWA
6RwIG71q58EzcN/5up3aZh8XHBVcsKPkVUym6h/Zd7cNGxYXhydwbvPh6ZhaVPvS
pi0ivH/ABMC/gJDzM3xov4voZNeYCtAg5EgKcOT3KNIrHGx+/t0CzGDczQoB0glO
MNV78uAPUYly5TXMdAszzy4YNJZ+B6NyVW/Pb7GyU7cdgPKuRExCfgiV08yqu10p
JZPVm/9c1h8Do3jpEy7+N4sAk4KZ/EY5ndd48BJQTk1qSFVJLwDpG+33UQ73O44/
600CleA1QbdaVNBmugHV8SPdMuQOcErOivsKuA19ABWv4iWV5ar7Zc4kPt1l4zvL
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:12:23 2024 by rpki-client on console-fra.rpki-client.org