Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/dGKl2Gn3XmkbJH_sYOiFfxUW9rY.roa
File: dGKl2Gn3XmkbJH_sYOiFfxUW9rY.roa (raw, json)
Hash identifier: dQ6FQimPpXsulm6ljRQytk1G/eMI08yWrU4wOOPrSxU=
Subject key identifier: 74:62:A5:D8:69:F7:5E:69:1B:24:7F:EC:60:E8:85:7F:15:16:F6:B6
Certificate issuer: /CN=6f4232c19d0a7f7ed769c4715421e6cc18bdb640
Certificate serial: 018CC3B68C910F6AC52F24022B81E2A71626
Authority key identifier: 6F:42:32:C1:9D:0A:7F:7E:D7:69:C4:71:54:21:E6:CC:18:BD:B6:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b0IywZ0Kf37XacRxVCHmzBi9tkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/dGKl2Gn3XmkbJH_sYOiFfxUW9rY.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.38.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/b0IywZ0Kf37XacRxVCHmzBi9tkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/b0IywZ0Kf37XacRxVCHmzBi9tkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/b0IywZ0Kf37XacRxVCHmzBi9tkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8c:91:0f:6a:c5:2f:24:02:2b:81:e2:a7:16:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f4232c19d0a7f7ed769c4715421e6cc18bdb640
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7462a5d869f75e691b247fec60e8857f1516f6b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d3:e2:0c:a5:91:da:69:aa:13:b9:b6:f8:02:
03:a7:e6:29:f8:37:ad:8a:b1:12:47:37:35:ae:ce:
e1:a8:a8:fe:89:47:e0:c2:9d:d4:6f:57:97:7e:a5:
67:24:63:48:87:bb:1b:ea:e8:e5:84:6c:ca:b7:eb:
7d:29:74:09:45:ff:ec:d6:19:a6:ee:12:f8:ad:76:
24:e7:7d:9a:5f:aa:5b:7b:53:ca:6a:26:82:3c:b3:
2e:26:84:b2:f2:a3:94:de:cf:16:fd:95:97:05:bf:
0d:4f:2c:e6:2d:63:16:70:6d:17:72:3f:59:5f:be:
b7:75:1d:67:34:e9:cc:95:a3:c9:f1:9b:bc:ac:53:
9b:a8:45:58:c0:e9:bb:75:34:67:50:5c:81:99:03:
74:ff:33:20:4e:9e:04:f6:94:f1:5a:65:b9:25:b4:
7d:56:12:25:2e:3e:1e:a8:6e:5a:82:29:bb:14:e3:
62:23:47:21:20:c7:34:de:3f:5b:e8:9b:11:ae:fd:
34:e0:8c:f0:cc:94:5a:95:b1:68:15:e2:eb:49:12:
af:75:f8:80:3d:14:ba:31:73:3b:63:0b:e7:22:06:
d0:f7:c7:3e:22:ba:40:13:bb:31:af:44:55:45:18:
fb:9e:d6:92:e7:3e:4c:2b:cf:fb:6c:91:8d:8d:79:
2b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:62:A5:D8:69:F7:5E:69:1B:24:7F:EC:60:E8:85:7F:15:16:F6:B6
X509v3 Authority Key Identifier:
keyid:6F:42:32:C1:9D:0A:7F:7E:D7:69:C4:71:54:21:E6:CC:18:BD:B6:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0IywZ0Kf37XacRxVCHmzBi9tkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/dGKl2Gn3XmkbJH_sYOiFfxUW9rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/b0IywZ0Kf37XacRxVCHmzBi9tkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.134.0/24
Signature Algorithm: sha256WithRSAEncryption
97:ae:2c:ad:5b:e6:09:e8:e4:19:6e:0e:54:56:0b:6b:62:cd:
0f:95:52:3c:e3:01:6e:ac:65:b0:8d:80:a3:2d:7b:e3:34:2a:
1c:4a:5f:37:07:ab:6e:1f:b5:41:13:f1:e3:30:b1:b3:ff:dc:
8f:bf:e9:4c:03:14:fe:b5:d6:0b:c0:ff:bb:9d:7b:95:af:1a:
55:04:35:ef:b8:05:06:bc:7e:86:b9:73:ac:00:33:8d:ae:23:
95:53:8a:2c:e6:6e:22:c3:75:22:85:4d:ac:ad:d1:a9:cf:25:
a4:04:ed:47:21:ad:af:30:d8:b9:0f:04:9b:fd:ac:b4:d0:84:
f3:92:98:0f:6b:32:90:67:e3:d3:d8:13:1b:63:02:0f:09:d8:
9e:df:d5:02:d4:60:ae:f9:11:5d:62:15:90:e9:cf:51:be:e0:
08:c3:11:fe:38:f5:36:9c:cc:63:37:a9:29:83:e5:12:f3:e6:
c6:df:18:a1:97:5e:ac:fb:29:43:ad:2b:80:32:c1:53:c5:3a:
c9:6d:b0:1f:c8:ee:22:d4:ad:65:e3:d3:3d:ab:f3:83:fc:80:
7c:59:97:d6:d3:9e:ea:c6:c6:ae:11:ae:48:bd:eb:c3:70:83:
1b:e1:b3:c3:6e:75:50:d1:c3:85:a9:b4:b2:14:87:c4:4e:56:
c1:a1:74:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtoyRD2rFLyQCK4HipxYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNDIzMmMxOWQwYTdmN2VkNzY5YzQ3MTU0MjFlNmNjMThi
ZGI2NDAwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDYyYTVkODY5Zjc1ZTY5MWIyNDdmZWM2MGU4ODU3ZjE1MTZmNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdPiDKWR2mmqE7m2+AIDp+Yp+Det
irESRzc1rs7hqKj+iUfgwp3Ub1eXfqVnJGNIh7sb6ujlhGzKt+t9KXQJRf/s1hmm
7hL4rXYk532aX6pbe1PKaiaCPLMuJoSy8qOU3s8W/ZWXBb8NTyzmLWMWcG0Xcj9Z
X763dR1nNOnMlaPJ8Zu8rFObqEVYwOm7dTRnUFyBmQN0/zMgTp4E9pTxWmW5JbR9
VhIlLj4eqG5agim7FONiI0chIMc03j9b6JsRrv004IzwzJRalbFoFeLrSRKvdfiA
PRS6MXM7YwvnIgbQ98c+IrpAE7sxr0RVRRj7ntaS5z5MK8/7bJGNjXkruwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHRipdhp915pGyR/7GDohX8VFva2MB8GA1UdIwQY
MBaAFG9CMsGdCn9+12nEcVQh5swYvbZAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjBJeXdaMEtmMzdYYWNSeFZDSG16Qmk5dGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mMWQ3MDMtZmY5YS00NGIxLThlNjUt
NjZjYTU3Zjc0ZTBkLzEvZEdLbDJHbjNYbWtiSkhfc1lPaUZmeFVXOXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mMWQ3MDMtZmY5YS00NGIxLThlNjUtNjZjYTU3Zjc0ZTBk
LzEvYjBJeXdaMEtmMzdYYWNSeFZDSG16Qmk5dGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSaGMA0G
CSqGSIb3DQEBCwUAA4IBAQCXriytW+YJ6OQZbg5UVgtrYs0PlVI84wFurGWwjYCj
LXvjNCocSl83B6tuH7VBE/HjMLGz/9yPv+lMAxT+tdYLwP+7nXuVrxpVBDXvuAUG
vH6GuXOsADONriOVU4os5m4iw3UihU2srdGpzyWkBO1HIa2vMNi5DwSb/ay00ITz
kpgPazKQZ+PT2BMbYwIPCdie39UC1GCu+RFdYhWQ6c9RvuAIwxH+OPU2nMxjN6kp
g+US8+bG3xihl16s+ylDrSuAMsFTxTrJbbAfyO4i1K1l49M9q/OD/IB8WZfW057q
xsauEa5IvevDcIMb4bPDbnVQ0cOFqbSyFIfETlbBoXQk
-----END CERTIFICATE-----
Generated at Thu May 2 17:36:47 2024 by rpki-client on console-ams.rpki-client.org