Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/LTsZ3cUOy7gYrX2ZWPv9FzIK9vw.roa
File: LTsZ3cUOy7gYrX2ZWPv9FzIK9vw.roa (raw, json)
Hash identifier: VQG3BP5T1VleBbcp1r2pJaFsq+fk3acFoV8wx2w1k2A=
Subject key identifier: 2D:3B:19:DD:C5:0E:CB:B8:18:AD:7D:99:58:FB:FD:17:32:0A:F6:FC
Certificate issuer: /CN=ff4f06bff3a5b85151b65705b4308e9afb1fd8f7
Certificate serial: 018CC94E6125FA9B51F2DC0EC397DB421B4F
Authority key identifier: FF:4F:06:BF:F3:A5:B8:51:51:B6:57:05:B4:30:8E:9A:FB:1F:D8:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_08Gv_OluFFRtlcFtDCOmvsf2Pc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/LTsZ3cUOy7gYrX2ZWPv9FzIK9vw.roa
Signing time: Tue 02 Jan 2024 08:33:26 +0000
ROA not before: Tue 02 Jan 2024 08:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206819
IP address blocks: 185.175.100.0/22 maxlen: 32
2a0b:e500::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/_08Gv_OluFFRtlcFtDCOmvsf2Pc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/_08Gv_OluFFRtlcFtDCOmvsf2Pc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_08Gv_OluFFRtlcFtDCOmvsf2Pc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:61:25:fa:9b:51:f2:dc:0e:c3:97:db:42:1b:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4f06bff3a5b85151b65705b4308e9afb1fd8f7
Validity
Not Before: Jan 2 08:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d3b19ddc50ecbb818ad7d9958fbfd17320af6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:de:9a:14:06:8a:da:c9:0d:bb:6a:ba:53:d9:
a1:dd:c1:36:39:5f:4f:26:15:f6:e6:eb:10:8c:07:
31:3b:50:4b:12:98:b0:2a:c6:33:23:ea:fc:37:b9:
36:c1:4e:1c:01:0f:3e:39:03:e7:50:75:78:07:92:
b2:fd:69:f1:a5:27:b1:0b:81:ed:25:6e:ff:a6:cb:
e8:52:be:8c:72:b2:8e:e6:e1:f8:2c:f0:2a:79:39:
40:b2:62:cf:51:41:e3:fb:68:e1:4c:56:3c:a8:b7:
25:da:b7:78:01:b3:31:6a:42:73:1b:a1:a2:ac:19:
3f:eb:d9:a9:71:89:dd:ee:be:a5:c3:b0:e5:81:cf:
35:4b:82:70:fd:e3:0a:d7:c8:57:b9:ef:20:ea:af:
fe:15:c2:50:e5:64:05:10:5b:b8:7d:c9:01:8a:9d:
85:8f:66:1c:f3:c3:9e:bb:e2:b1:86:28:01:fc:1d:
9f:79:46:0e:e3:19:49:3a:70:7d:a7:3f:0d:83:bc:
49:4b:04:15:9c:f6:9e:9b:4b:bf:a0:0c:91:b1:1d:
49:37:cc:8d:8a:5b:1c:d7:82:c3:2e:b6:73:9b:31:
85:b4:3e:fe:14:70:8c:57:f5:6b:d6:46:b0:0d:e8:
e9:e6:fd:e3:61:7d:78:1d:fe:9b:8a:ad:aa:86:d2:
93:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3B:19:DD:C5:0E:CB:B8:18:AD:7D:99:58:FB:FD:17:32:0A:F6:FC
X509v3 Authority Key Identifier:
keyid:FF:4F:06:BF:F3:A5:B8:51:51:B6:57:05:B4:30:8E:9A:FB:1F:D8:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_08Gv_OluFFRtlcFtDCOmvsf2Pc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/LTsZ3cUOy7gYrX2ZWPv9FzIK9vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/_08Gv_OluFFRtlcFtDCOmvsf2Pc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.100.0/22
IPv6:
2a0b:e500::/31
Signature Algorithm: sha256WithRSAEncryption
69:8a:25:05:a8:fe:56:2c:0e:c1:43:5d:ea:6d:39:9c:04:83:
90:7b:29:f7:06:8e:52:f7:3b:12:a2:48:69:f5:d2:12:62:14:
22:8b:96:28:ee:b2:31:5d:40:20:f7:63:fc:d2:1a:84:f8:fd:
43:05:ef:c6:34:b7:dc:a5:04:76:0a:5d:34:4b:f0:16:eb:d4:
4a:46:ed:23:7c:85:47:64:a2:79:a3:49:19:47:74:4a:31:9f:
e2:9c:63:5c:2b:6e:44:8f:8e:4d:7f:25:42:d5:35:c9:e0:85:
30:1e:82:35:66:d2:23:84:c3:d9:3f:5e:11:32:56:bc:de:dc:
8a:02:ad:4d:b2:9e:4a:6e:3e:b5:e4:3e:83:51:63:88:1c:88:
97:db:3f:f9:68:f2:05:d0:17:51:30:80:09:c9:6d:34:cb:9c:
70:68:1b:c7:fe:bd:ce:1f:7d:9f:2d:c7:e1:1b:d3:4e:d3:14:
85:2e:8b:cc:c7:17:2c:cf:0a:41:50:94:db:db:df:4d:93:10:
bd:9b:48:b8:ba:f3:de:3f:03:44:36:31:7d:98:7d:43:ee:cf:
4a:f9:ba:df:3d:6c:9e:64:18:09:1e:f3:84:5a:df:18:9b:20:
3f:13:11:4d:5a:2a:91:a6:96:0a:bd:bb:e7:39:bd:ac:cd:d4:
6e:fc:9b:21
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTmEl+ptR8twOw5fbQhtPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNGYwNmJmZjNhNWI4NTE1MWI2NTcwNWI0MzA4ZTlhZmIx
ZmQ4ZjcwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDNiMTlkZGM1MGVjYmI4MThhZDdkOTk1OGZiZmQxNzMyMGFmNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd6aFAaK2skNu2q6U9mh3cE2OV9P
JhX25usQjAcxO1BLEpiwKsYzI+r8N7k2wU4cAQ8+OQPnUHV4B5Ky/WnxpSexC4Ht
JW7/psvoUr6McrKO5uH4LPAqeTlAsmLPUUHj+2jhTFY8qLcl2rd4AbMxakJzG6Gi
rBk/69mpcYnd7r6lw7Dlgc81S4Jw/eMK18hXue8g6q/+FcJQ5WQFEFu4fckBip2F
j2Yc88Oeu+KxhigB/B2feUYO4xlJOnB9pz8Ng7xJSwQVnPaem0u/oAyRsR1JN8yN
ilsc14LDLrZzmzGFtD7+FHCMV/Vr1kawDejp5v3jYX14Hf6biq2qhtKTdwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC07Gd3FDsu4GK19mVj7/RcyCvb8MB8GA1UdIwQY
MBaAFP9PBr/zpbhRUbZXBbQwjpr7H9j3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzA4R3ZfT2x1RkZSdGxjRnREQ09tdnNmMlBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yZmI4YmQtZTFhMC00NTRjLThiY2Et
MjVlZmZkZDc5NmRjLzEvTFRzWjNjVU95N2dZclgyWldQdjlGeklLOXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yZmI4YmQtZTFhMC00NTRjLThiY2EtMjVlZmZkZDc5NmRj
LzEvXzA4R3ZfT2x1RkZSdGxjRnREQ09tdnNmMlBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua9kMA0E
AgACMAcDBQEqC+UAMA0GCSqGSIb3DQEBCwUAA4IBAQBpiiUFqP5WLA7BQ13qbTmc
BIOQeyn3Bo5S9zsSokhp9dISYhQii5Yo7rIxXUAg92P80hqE+P1DBe/GNLfcpQR2
Cl00S/AW69RKRu0jfIVHZKJ5o0kZR3RKMZ/inGNcK25Ej45NfyVC1TXJ4IUwHoI1
ZtIjhMPZP14RMla83tyKAq1Nsp5Kbj615D6DUWOIHIiX2z/5aPIF0BdRMIAJyW00
y5xwaBvH/r3OH32fLcfhG9NO0xSFLovMxxcszwpBUJTb299NkxC9m0i4uvPePwNE
NjF9mH1D7s9K+brfPWyeZBgJHvOEWt8YmyA/ExFNWiqRppYKvbvnOb2szdRu/Jsh
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:13:59 2024 by rpki-client on console-ams.rpki-client.org