Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/OrXEzF07F83yOXH0_XsIijPi6cE.roa
File: OrXEzF07F83yOXH0_XsIijPi6cE.roa (raw, json)
Hash identifier: /9iknE1ZNGzsOiY7oHUfm62dqBiW3ajB4hGDuIYqwgI=
Subject key identifier: 3A:B5:C4:CC:5D:3B:17:CD:F2:39:71:F4:FD:7B:08:8A:33:E2:E9:C1
Certificate issuer: /CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Certificate serial: 018CC94D9F72B60B089419B910F2B9FC781D
Authority key identifier: 30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/OrXEzF07F83yOXH0_XsIijPi6cE.roa
Signing time: Tue 02 Jan 2024 08:32:36 +0000
ROA not before: Tue 02 Jan 2024 08:32:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200699
IP address blocks: 185.56.81.0/24 maxlen: 24
2a06:e80:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:9f:72:b6:0b:08:94:19:b9:10:f2:b9:fc:78:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Validity
Not Before: Jan 2 08:32:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ab5c4cc5d3b17cdf23971f4fd7b088a33e2e9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:50:22:f9:a2:a7:ff:48:c0:b1:4d:a3:d1:56:
24:7d:cc:94:61:8e:2a:a2:ad:b4:26:7e:52:00:66:
06:47:db:f7:8f:06:6a:9a:c0:e3:3e:dd:19:65:6c:
7c:36:e9:d8:ff:8f:69:25:64:f8:84:bb:c1:2e:90:
68:04:d3:98:95:80:1e:5e:10:cb:0e:7e:81:e1:a3:
3f:f5:8a:a9:0f:95:d5:96:b7:9c:4a:74:9b:f3:0c:
bd:81:5c:d2:9e:5c:1f:82:10:1f:92:6d:d4:28:52:
0e:c6:35:8c:19:d0:96:fb:52:71:98:6f:f1:7f:98:
1c:7d:f7:ae:e4:40:b7:75:be:ab:99:c1:ce:b2:aa:
05:e7:c5:6d:83:81:f7:59:d6:e7:24:63:0e:55:2b:
2d:36:7c:0c:22:00:5d:d5:5f:7c:9a:48:f9:97:f6:
fe:aa:bd:36:6e:db:f2:14:55:eb:2e:75:ce:36:68:
8c:c5:3e:7f:21:3c:c0:21:4f:c7:94:56:18:c4:2a:
34:cb:a4:c6:55:ab:76:d6:d1:13:f1:90:6a:94:ac:
ec:df:28:32:d1:fa:27:e9:42:7e:cc:d9:8b:07:66:
92:0b:55:2c:80:aa:6a:0f:76:e6:a3:76:8a:69:00:
1c:cd:fd:2b:a5:5d:3f:54:09:d5:1b:91:cf:47:b9:
68:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:B5:C4:CC:5D:3B:17:CD:F2:39:71:F4:FD:7B:08:8A:33:E2:E9:C1
X509v3 Authority Key Identifier:
keyid:30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/OrXEzF07F83yOXH0_XsIijPi6cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.81.0/24
IPv6:
2a06:e80:1000::/36
Signature Algorithm: sha256WithRSAEncryption
92:9c:07:39:4e:11:1c:33:57:f7:0f:8d:e8:dd:3f:30:17:67:
db:e6:17:31:09:18:f1:b4:1d:41:36:4e:85:d7:32:d0:56:b1:
f2:a6:81:ac:d8:e5:5c:bc:a3:8f:78:1e:7e:91:b3:d5:2a:90:
41:bc:2b:b6:27:3a:80:b3:04:e0:16:64:59:f8:13:f6:aa:5d:
a2:be:45:fb:ea:32:b3:5a:df:a7:74:7a:9e:a8:fa:54:43:b9:
1c:4d:d1:c4:26:31:24:7f:7e:73:85:0b:51:f8:94:80:26:88:
cc:2b:32:86:b0:f2:26:e1:79:9b:92:e1:e2:bf:ec:8f:b6:f6:
3e:b8:84:b4:44:d3:12:1d:b8:f0:31:3e:ec:38:83:f0:41:b2:
83:a1:dd:70:80:af:64:7c:62:53:f5:cd:4e:e0:4d:17:5d:3c:
a7:a7:ef:23:37:58:ea:be:0b:92:2d:5b:c9:d9:23:91:de:3c:
b8:56:19:b1:37:31:65:16:54:b3:f3:78:79:f0:5e:0e:61:a5:
0a:b8:31:52:29:8d:9f:37:54:85:62:a5:6f:f9:30:14:c7:40:
54:59:30:48:bf:49:2e:f9:37:13:3f:48:43:45:74:fb:a3:26:
c6:b7:c0:bd:4d:58:d5:55:7a:f2:3a:1c:db:f5:02:77:48:97:
2e:4d:7b:91
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzJTZ9ytgsIlBm5EPK5/HgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmMwODY2ZGMyNTIwOGU2YzA3ZDRhMjFkN2Q4MDUwYjUw
OGQ2YTIwHhcNMjQwMTAyMDgzMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI1YzRjYzVkM2IxN2NkZjIzOTcxZjRmZDdiMDg4YTMzZTJlOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlAi+aKn/0jAsU2j0VYkfcyUYY4q
oq20Jn5SAGYGR9v3jwZqmsDjPt0ZZWx8NunY/49pJWT4hLvBLpBoBNOYlYAeXhDL
Dn6B4aM/9YqpD5XVlrecSnSb8wy9gVzSnlwfghAfkm3UKFIOxjWMGdCW+1JxmG/x
f5gcffeu5EC3db6rmcHOsqoF58Vtg4H3WdbnJGMOVSstNnwMIgBd1V98mkj5l/b+
qr02btvyFFXrLnXONmiMxT5/ITzAIU/HlFYYxCo0y6TGVat21tET8ZBqlKzs3ygy
0fon6UJ+zNmLB2aSC1UsgKpqD3bmo3aKaQAczf0rpV0/VAnVG5HPR7locQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDq1xMxdOxfN8jlx9P17CIoz4unBMB8GA1UdIwQY
MBaAFDBsCGbcJSCObAfUoh19gFC1CNaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUt
MTBlZGI1NDFlNmZmLzEvT3JYRXpGMDdGODN5T1hIMF9Yc0lpalBpNmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUtMTBlZGI1NDFlNmZm
LzEvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuThRMA4E
AgACMAgDBgQqBg6AEDANBgkqhkiG9w0BAQsFAAOCAQEAkpwHOU4RHDNX9w+N6N0/
MBdn2+YXMQkY8bQdQTZOhdcy0Fax8qaBrNjlXLyjj3gefpGz1SqQQbwrtic6gLME
4BZkWfgT9qpdor5F++oys1rfp3R6nqj6VEO5HE3RxCYxJH9+c4ULUfiUgCaIzCsy
hrDyJuF5m5Lh4r/sj7b2PriEtETTEh248DE+7DiD8EGyg6HdcICvZHxiU/XNTuBN
F108p6fvIzdY6r4Lki1bydkjkd48uFYZsTcxZRZUs/N4efBeDmGlCrgxUimNnzdU
hWKlb/kwFMdAVFkwSL9JLvk3Ez9IQ0V0+6MmxrfAvU1Y1VV68joc2/UCd0iXLk17
kQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:13:52 2024 by rpki-client on console-ams.rpki-client.org