Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/153ff7-d4b2-407f-a216-9f6aa4cf0799/1/0uPcW7iKdBzyIjJJqDBuGrEPoRQ.roa
File: 0uPcW7iKdBzyIjJJqDBuGrEPoRQ.roa (raw, json)
Hash identifier: rYSmdZGMC01yUDQwwC/0Sd+9g9zimFWnAanv3V668GA=
Subject key identifier: D2:E3:DC:5B:B8:8A:74:1C:F2:22:32:49:A8:30:6E:1A:B1:0F:A1:14
Certificate issuer: /CN=dab80ea0f9965f6880329b12fec27a9390fc1cb7
Certificate serial: 018CC49305879627634E02DA98A5834815AD
Authority key identifier: DA:B8:0E:A0:F9:96:5F:68:80:32:9B:12:FE:C2:7A:93:90:FC:1C:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2rgOoPmWX2iAMpsS_sJ6k5D8HLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/153ff7-d4b2-407f-a216-9f6aa4cf0799/1/0uPcW7iKdBzyIjJJqDBuGrEPoRQ.roa
Signing time: Mon 01 Jan 2024 10:30:18 +0000
ROA not before: Mon 01 Jan 2024 10:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13101
IP address blocks: 185.230.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/153ff7-d4b2-407f-a216-9f6aa4cf0799/1/2rgOoPmWX2iAMpsS_sJ6k5D8HLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/153ff7-d4b2-407f-a216-9f6aa4cf0799/1/2rgOoPmWX2iAMpsS_sJ6k5D8HLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/2rgOoPmWX2iAMpsS_sJ6k5D8HLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:05:87:96:27:63:4e:02:da:98:a5:83:48:15:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dab80ea0f9965f6880329b12fec27a9390fc1cb7
Validity
Not Before: Jan 1 10:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2e3dc5bb88a741cf2223249a8306e1ab10fa114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:cd:b7:39:e8:f3:9c:dd:8e:18:8d:1d:90:b2:
e4:15:5b:94:49:c7:ae:47:84:2e:1c:25:e8:cb:ac:
a7:bf:1f:49:37:74:5d:0d:69:b3:f1:ac:f8:2b:55:
94:0a:0b:b3:1b:f2:55:26:2e:43:50:ac:3b:e1:26:
5b:f0:12:15:6d:85:4d:5a:69:09:82:e9:61:07:78:
97:e2:13:3c:3b:b5:f0:e5:0d:1f:a6:94:5a:fb:33:
d5:53:48:84:b0:8d:91:f3:b0:eb:9f:81:b0:aa:91:
2f:76:22:f5:65:ad:81:8e:05:9f:76:54:f8:28:df:
a0:0d:e8:db:33:57:a7:9a:53:09:b5:32:49:32:62:
3a:e3:d1:72:e2:66:10:27:79:af:1c:a9:71:bd:0d:
20:71:48:c4:40:21:b7:d5:c4:ff:dd:8c:09:04:ec:
09:d6:ad:a3:ee:ee:cc:91:fc:70:5b:19:57:ba:85:
aa:c0:31:d5:94:13:01:7a:1f:2e:63:9c:6c:d1:b9:
e8:1c:fe:f1:d3:be:9c:0b:62:4e:d7:09:d7:f7:b5:
ac:45:df:fc:73:84:f1:b5:7e:41:ca:72:1f:09:10:
11:e0:41:98:06:48:47:02:b5:49:bd:fb:3e:7b:81:
3b:9c:a3:c7:9e:77:d2:5b:d4:15:16:f8:35:e0:7f:
c1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E3:DC:5B:B8:8A:74:1C:F2:22:32:49:A8:30:6E:1A:B1:0F:A1:14
X509v3 Authority Key Identifier:
keyid:DA:B8:0E:A0:F9:96:5F:68:80:32:9B:12:FE:C2:7A:93:90:FC:1C:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2rgOoPmWX2iAMpsS_sJ6k5D8HLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/153ff7-d4b2-407f-a216-9f6aa4cf0799/1/0uPcW7iKdBzyIjJJqDBuGrEPoRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/153ff7-d4b2-407f-a216-9f6aa4cf0799/1/2rgOoPmWX2iAMpsS_sJ6k5D8HLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.196.0/24
Signature Algorithm: sha256WithRSAEncryption
91:2d:98:6f:d4:be:3e:ee:85:c8:f7:d0:d5:bc:81:f5:38:ce:
1c:c8:ab:07:23:31:32:99:72:90:d1:45:23:4b:96:08:50:07:
33:07:e7:c8:28:f6:92:fa:04:2f:b5:2d:53:b7:67:8a:bd:12:
8e:09:08:1b:c3:60:c4:b6:c6:65:44:a9:23:6d:c5:02:5e:fe:
c6:86:6b:d0:02:8e:bd:a2:ac:8a:bb:b1:ef:19:64:d1:8a:fe:
fd:93:a0:61:aa:96:87:c5:e0:6f:2d:66:a4:3f:7f:6e:d7:07:
ec:bf:29:dd:9c:e2:1c:79:57:f7:be:2f:14:b6:16:ea:65:c8:
29:19:b8:9b:b6:5e:83:60:d4:43:ae:c6:9e:0c:da:11:01:b7:
04:c7:08:4e:5e:6c:31:34:8f:ff:77:67:3d:7d:c5:63:bf:b4:
9b:5e:c6:90:8e:fb:d5:70:db:62:32:a1:dd:41:fb:92:b8:77:
62:a9:65:39:b1:0e:e0:02:ee:06:8a:1c:15:77:93:e4:34:d1:
8c:06:40:b4:f1:2f:8f:87:62:0b:e7:b4:92:51:89:39:50:68:
35:9f:50:14:31:e5:34:06:af:79:c0:e1:cb:d4:0d:7f:6e:f2:
ad:ec:06:5b:89:3e:98:10:2f:ae:8f:05:12:82:b1:5a:98:81:
3d:6b:1c:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkwWHlidjTgLamKWDSBWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYjgwZWEwZjk5NjVmNjg4MDMyOWIxMmZlYzI3YTkzOTBm
YzFjYjcwHhcNMjQwMTAxMTAzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmUzZGM1YmI4OGE3NDFjZjIyMjMyNDlhODMwNmUxYWIxMGZhMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM23OejznN2OGI0dkLLkFVuUSceu
R4QuHCXoy6ynvx9JN3RdDWmz8az4K1WUCguzG/JVJi5DUKw74SZb8BIVbYVNWmkJ
gulhB3iX4hM8O7Xw5Q0fppRa+zPVU0iEsI2R87Drn4GwqpEvdiL1Za2BjgWfdlT4
KN+gDejbM1enmlMJtTJJMmI649Fy4mYQJ3mvHKlxvQ0gcUjEQCG31cT/3YwJBOwJ
1q2j7u7MkfxwWxlXuoWqwDHVlBMBeh8uY5xs0bnoHP7x076cC2JO1wnX97WsRd/8
c4TxtX5BynIfCRAR4EGYBkhHArVJvfs+e4E7nKPHnnfSW9QVFvg14H/B5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNLj3Fu4inQc8iIySagwbhqxD6EUMB8GA1UdIwQY
MBaAFNq4DqD5ll9ogDKbEv7CepOQ/By3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnJnT29QbVdYMmlBTXBzU19zSjZrNUQ4SExjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8xNTNmZjctZDRiMi00MDdmLWEyMTYt
OWY2YWE0Y2YwNzk5LzEvMHVQY1c3aUtkQnp5SWpKSnFEQnVHckVQb1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8xNTNmZjctZDRiMi00MDdmLWEyMTYtOWY2YWE0Y2YwNzk5
LzEvMnJnT29QbVdYMmlBTXBzU19zSjZrNUQ4SExjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuebEMA0G
CSqGSIb3DQEBCwUAA4IBAQCRLZhv1L4+7oXI99DVvIH1OM4cyKsHIzEymXKQ0UUj
S5YIUAczB+fIKPaS+gQvtS1Tt2eKvRKOCQgbw2DEtsZlRKkjbcUCXv7GhmvQAo69
oqyKu7HvGWTRiv79k6BhqpaHxeBvLWakP39u1wfsvyndnOIceVf3vi8UthbqZcgp
Gbibtl6DYNRDrsaeDNoRAbcExwhOXmwxNI//d2c9fcVjv7SbXsaQjvvVcNtiMqHd
QfuSuHdiqWU5sQ7gAu4GihwVd5PkNNGMBkC08S+Ph2IL57SSUYk5UGg1n1AUMeU0
Bq95wOHL1A1/bvKt7AZbiT6YEC+ujwUSgrFamIE9axzi
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:49:06 2024 by rpki-client on console-ams.rpki-client.org