Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/DnXZnG6dbV8hX1ypgelURh4VOU0.roa
File: DnXZnG6dbV8hX1ypgelURh4VOU0.roa (raw, json)
Hash identifier: q0eVpiT5VIpCxan+ZryeRWbPQ27Kvtez3YL4EVVcKLo=
Subject key identifier: 0E:75:D9:9C:6E:9D:6D:5F:21:5F:5C:A9:81:E9:54:46:1E:15:39:4D
Certificate issuer: /CN=8afc31f36c97777f906b93e83ae657f00aeb3099
Certificate serial: 018CC492FB4B5FE05D1881FBD9312CB1A934
Authority key identifier: 8A:FC:31:F3:6C:97:77:7F:90:6B:93:E8:3A:E6:57:F0:0A:EB:30:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ivwx82yXd3-Qa5PoOuZX8ArrMJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/DnXZnG6dbV8hX1ypgelURh4VOU0.roa
Signing time: Mon 01 Jan 2024 10:30:16 +0000
ROA not before: Mon 01 Jan 2024 10:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47232
IP address blocks: 185.214.192.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/ivwx82yXd3-Qa5PoOuZX8ArrMJk.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/ivwx82yXd3-Qa5PoOuZX8ArrMJk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ivwx82yXd3-Qa5PoOuZX8ArrMJk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:fb:4b:5f:e0:5d:18:81:fb:d9:31:2c:b1:a9:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8afc31f36c97777f906b93e83ae657f00aeb3099
Validity
Not Before: Jan 1 10:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e75d99c6e9d6d5f215f5ca981e954461e15394d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:84:1c:a8:33:1f:0c:ac:17:ad:35:39:d7:95:
46:0b:fe:c7:7b:9d:ba:5a:de:f2:b6:57:2f:24:a1:
0b:b4:9e:02:7d:72:fe:89:aa:12:52:a6:18:8c:a3:
9c:f7:4b:8a:59:98:f8:20:0b:03:eb:d9:fb:a9:08:
d7:b7:fc:32:24:28:7a:6c:88:eb:c3:7b:b4:77:e3:
7f:09:65:30:95:39:2c:06:dc:e8:21:82:27:fe:df:
23:68:b1:61:f6:a4:06:26:74:7a:a5:ca:b2:bc:4d:
56:dc:56:82:05:d6:81:54:48:d0:6e:d2:84:c0:00:
7e:31:de:da:fa:ec:f1:2e:d7:b4:9b:47:53:ca:70:
f3:03:1b:33:11:80:ad:ab:41:e5:68:cb:3e:cc:e9:
3f:4b:23:cb:d2:1d:e8:21:03:6f:06:3c:68:cc:9b:
44:2c:bb:6a:6f:99:f5:fa:68:a6:32:a2:84:f7:88:
dc:76:45:79:7a:ad:43:81:59:68:3c:9d:e3:e4:22:
cb:01:8c:93:ed:ce:0b:c7:32:bc:eb:97:ad:a1:a1:
86:c9:4e:9e:32:cf:17:12:7b:a3:ed:f8:af:18:b5:
44:46:2b:1c:7b:70:fe:69:dc:5e:3a:63:6c:c8:1a:
7a:92:3b:a2:4f:dc:dc:18:1d:47:2e:82:93:07:f6:
88:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:75:D9:9C:6E:9D:6D:5F:21:5F:5C:A9:81:E9:54:46:1E:15:39:4D
X509v3 Authority Key Identifier:
keyid:8A:FC:31:F3:6C:97:77:7F:90:6B:93:E8:3A:E6:57:F0:0A:EB:30:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ivwx82yXd3-Qa5PoOuZX8ArrMJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/DnXZnG6dbV8hX1ypgelURh4VOU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d9a004-b953-4c73-81e4-0711694000a0/1/ivwx82yXd3-Qa5PoOuZX8ArrMJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.192.0/22
Signature Algorithm: sha256WithRSAEncryption
25:04:91:5a:a6:d1:60:c1:10:c6:b3:db:d3:5f:18:70:08:5b:
bf:49:a0:35:76:6d:2a:c7:f7:4f:e7:ce:db:26:84:08:1e:42:
45:fc:d8:0b:b4:d1:cd:81:b4:09:02:a7:24:2b:24:77:5a:27:
da:d1:04:06:1e:1d:2d:e8:bf:48:73:6f:57:7f:d6:35:e3:e9:
b2:71:cc:a9:4a:81:25:78:1e:0c:c1:f0:61:a8:37:1f:23:2a:
5f:c8:b5:6d:eb:51:87:91:a2:b9:6c:74:84:2c:fb:97:e9:47:
89:19:3c:1a:e8:07:d3:56:39:67:92:6a:fb:f1:98:ff:84:4c:
2d:5f:39:cd:49:3c:4e:a6:a4:f4:21:20:5d:61:fa:b2:54:2a:
59:0c:d3:c6:e0:8a:23:0b:9a:ab:c7:73:c8:5c:b4:e7:93:9a:
18:fe:79:2c:8d:64:23:34:0d:49:fd:40:71:a1:7b:a6:ba:0a:
17:30:ea:ae:0a:18:b9:26:73:62:79:f6:0e:2a:5b:73:bf:ee:
51:15:e4:11:a0:9b:5d:8c:f2:82:1b:85:64:a2:da:9b:a2:9e:
9c:bd:dc:d0:bc:17:c0:53:eb:97:97:e8:77:1a:bd:57:7f:da:
85:c1:c5:4d:0f:a9:f0:de:9c:1f:0d:2d:1e:c8:ac:4d:3e:99:
ad:5a:65:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkvtLX+BdGIH72TEssak0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZmMzMWYzNmM5Nzc3N2Y5MDZiOTNlODNhZTY1N2YwMGFl
YjMwOTkwHhcNMjQwMTAxMTAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTc1ZDk5YzZlOWQ2ZDVmMjE1ZjVjYTk4MWU5NTQ0NjFlMTUzOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24QcqDMfDKwXrTU515VGC/7He526
Wt7ytlcvJKELtJ4CfXL+iaoSUqYYjKOc90uKWZj4IAsD69n7qQjXt/wyJCh6bIjr
w3u0d+N/CWUwlTksBtzoIYIn/t8jaLFh9qQGJnR6pcqyvE1W3FaCBdaBVEjQbtKE
wAB+Md7a+uzxLte0m0dTynDzAxszEYCtq0HlaMs+zOk/SyPL0h3oIQNvBjxozJtE
LLtqb5n1+mimMqKE94jcdkV5eq1DgVloPJ3j5CLLAYyT7c4LxzK865etoaGGyU6e
Ms8XEnuj7fivGLVERisce3D+adxeOmNsyBp6kjuiT9zcGB1HLoKTB/aI0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA512ZxunW1fIV9cqYHpVEYeFTlNMB8GA1UdIwQY
MBaAFIr8MfNsl3d/kGuT6DrmV/AK6zCZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXZ3eDgyeVhkMy1RYTVQb091Wlg4QXJyTUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kOWEwMDQtYjk1My00YzczLTgxZTQt
MDcxMTY5NDAwMGEwLzEvRG5YWm5HNmRiVjhoWDF5cGdlbFVSaDRWT1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kOWEwMDQtYjk1My00YzczLTgxZTQtMDcxMTY5NDAwMGEw
LzEvaXZ3eDgyeVhkMy1RYTVQb091Wlg4QXJyTUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudbAMA0G
CSqGSIb3DQEBCwUAA4IBAQAlBJFaptFgwRDGs9vTXxhwCFu/SaA1dm0qx/dP587b
JoQIHkJF/NgLtNHNgbQJAqckKyR3Wifa0QQGHh0t6L9Ic29Xf9Y14+myccypSoEl
eB4MwfBhqDcfIypfyLVt61GHkaK5bHSELPuX6UeJGTwa6AfTVjlnkmr78Zj/hEwt
XznNSTxOpqT0ISBdYfqyVCpZDNPG4IojC5qrx3PIXLTnk5oY/nksjWQjNA1J/UBx
oXumugoXMOquChi5JnNiefYOKltzv+5RFeQRoJtdjPKCG4Vkotqbop6cvdzQvBfA
U+uXl+h3Gr1Xf9qFwcVND6nw3pwfDS0eyKxNPpmtWmWV
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:51:26 2024 by rpki-client on console-fra.rpki-client.org