Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/c8cc63-5305-4636-b336-e7176786f74a/1/0KZgYqB-Yr0-9zyU53HmKHPYyxU.roa
File: 0KZgYqB-Yr0-9zyU53HmKHPYyxU.roa (raw, json)
Hash identifier: 6SE+uTLp+jr94ku/PSDCxUIEd/uyyLg3rvj/8o7rIGo=
Subject key identifier: D0:A6:60:62:A0:7E:62:BD:3E:F7:3C:94:E7:71:E6:28:73:D8:CB:15
Certificate issuer: /CN=17e69ddc29a05b2c45ee3cc5a2340b2e4c6dad5d
Certificate serial: 018CC8DF256C3DF044BFB1AFA36BF5873190
Authority key identifier: 17:E6:9D:DC:29:A0:5B:2C:45:EE:3C:C5:A2:34:0B:2E:4C:6D:AD:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F-ad3CmgWyxF7jzFojQLLkxtrV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/c8cc63-5305-4636-b336-e7176786f74a/1/0KZgYqB-Yr0-9zyU53HmKHPYyxU.roa
Signing time: Tue 02 Jan 2024 06:31:56 +0000
ROA not before: Tue 02 Jan 2024 06:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197890
IP address blocks: 185.94.252.0/24 maxlen: 24
185.94.253.0/24 maxlen: 24
2a06:4580::/29 maxlen: 29
2a03:e300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/c8cc63-5305-4636-b336-e7176786f74a/1/F-ad3CmgWyxF7jzFojQLLkxtrV0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/c8cc63-5305-4636-b336-e7176786f74a/1/F-ad3CmgWyxF7jzFojQLLkxtrV0.mft
rsync://rpki.ripe.net/repository/DEFAULT/F-ad3CmgWyxF7jzFojQLLkxtrV0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:25:6c:3d:f0:44:bf:b1:af:a3:6b:f5:87:31:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17e69ddc29a05b2c45ee3cc5a2340b2e4c6dad5d
Validity
Not Before: Jan 2 06:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0a66062a07e62bd3ef73c94e771e62873d8cb15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f9:bd:14:8a:ba:c2:e4:d2:44:f6:83:62:47:
97:48:a2:6f:21:a4:e8:70:cc:93:b0:64:3b:a6:b0:
ee:3e:4a:b4:db:71:5d:e8:ad:69:a3:6f:39:a6:40:
1f:35:89:b3:32:c0:9e:4d:ca:1e:70:06:1e:cf:e6:
2c:bd:06:33:a3:1b:a0:4f:ef:48:e0:7b:fb:35:94:
8f:6c:ac:3c:04:55:5d:59:69:62:34:e4:e8:b2:23:
ce:bd:39:ea:0c:67:39:a4:5f:b6:d4:bc:0b:93:ac:
31:b8:6f:00:22:99:28:8b:a1:5f:b8:31:0b:80:1b:
99:be:c5:30:c4:90:c0:52:1d:9a:2f:2b:d8:e0:49:
92:09:4a:cf:cd:58:c8:d6:27:13:90:5a:3a:f3:5c:
e9:05:32:0e:a3:0c:28:2f:9d:57:82:da:63:2d:b0:
8b:80:e3:11:45:74:0f:10:ed:ad:76:14:a0:8a:80:
0a:3e:46:26:50:41:38:3b:62:37:52:64:be:0b:f7:
e0:d0:10:1b:e2:17:0c:bb:16:1c:fe:6a:5f:71:7a:
48:64:b5:5b:17:99:83:0a:0d:f2:a4:dd:30:8f:f3:
5e:53:8c:11:aa:dd:c6:8c:5f:23:32:67:30:4a:94:
1e:74:a5:6b:3d:f3:28:a2:98:73:23:f3:88:c5:96:
64:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A6:60:62:A0:7E:62:BD:3E:F7:3C:94:E7:71:E6:28:73:D8:CB:15
X509v3 Authority Key Identifier:
keyid:17:E6:9D:DC:29:A0:5B:2C:45:EE:3C:C5:A2:34:0B:2E:4C:6D:AD:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F-ad3CmgWyxF7jzFojQLLkxtrV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/c8cc63-5305-4636-b336-e7176786f74a/1/0KZgYqB-Yr0-9zyU53HmKHPYyxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/c8cc63-5305-4636-b336-e7176786f74a/1/F-ad3CmgWyxF7jzFojQLLkxtrV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.252.0/23
IPv6:
2a03:e300::/32
2a06:4580::/29
Signature Algorithm: sha256WithRSAEncryption
58:64:65:1c:84:d2:4f:8b:7a:d9:23:c5:48:c2:ff:dd:22:5d:
29:c2:00:4c:46:46:bf:2e:f0:67:6d:4c:7c:58:bd:ce:f6:89:
96:58:86:12:39:6c:fc:3e:1a:59:96:17:81:6d:8a:20:b3:17:
bb:ef:82:63:34:16:34:1a:ea:53:1c:b8:32:18:a9:ce:d2:e5:
ac:69:d1:2f:28:d8:04:4c:f6:29:48:65:2d:68:dc:3a:52:18:
6d:11:f8:c1:bc:1b:8f:f9:28:72:c5:06:ef:82:07:da:01:04:
76:4e:7d:7e:fc:9a:c5:24:02:2a:e0:92:a3:d6:a7:76:37:56:
3d:f5:34:01:10:10:2c:03:2b:d4:8e:a2:2b:6b:df:29:b7:09:
35:5d:a9:97:eb:7c:bd:4e:ba:8f:30:cf:ae:66:9a:15:7c:7f:
2e:1e:95:35:ff:4b:93:76:ad:53:c7:81:fb:e7:b6:e4:e9:4f:
b0:a2:63:8a:58:12:aa:3b:5a:99:2a:cc:e6:e9:76:58:dd:fa:
af:04:70:cf:b4:86:48:28:6f:d0:e5:4d:1d:3d:be:31:87:f8:
98:4e:70:59:2b:93:96:95:7d:dc:30:14:fd:ae:88:61:77:89:
66:f2:a3:3c:c8:4d:ff:0f:03:40:7f:e6:6a:ea:76:da:7b:47:
2a:52:76:12
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzI3yVsPfBEv7Gvo2v1hzGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZTY5ZGRjMjlhMDViMmM0NWVlM2NjNWEyMzQwYjJlNGM2
ZGFkNWQwHhcNMjQwMTAyMDYzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE2NjA2MmEwN2U2MmJkM2VmNzNjOTRlNzcxZTYyODczZDhjYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPm9FIq6wuTSRPaDYkeXSKJvIaTo
cMyTsGQ7prDuPkq023Fd6K1po285pkAfNYmzMsCeTcoecAYez+YsvQYzoxugT+9I
4Hv7NZSPbKw8BFVdWWliNOTosiPOvTnqDGc5pF+21LwLk6wxuG8AIpkoi6FfuDEL
gBuZvsUwxJDAUh2aLyvY4EmSCUrPzVjI1icTkFo681zpBTIOowwoL51XgtpjLbCL
gOMRRXQPEO2tdhSgioAKPkYmUEE4O2I3UmS+C/fg0BAb4hcMuxYc/mpfcXpIZLVb
F5mDCg3ypN0wj/NeU4wRqt3GjF8jMmcwSpQedKVrPfMoophzI/OIxZZkfwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNCmYGKgfmK9Pvc8lOdx5ihz2MsVMB8GA1UdIwQY
MBaAFBfmndwpoFssRe48xaI0Cy5Mba1dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRi1hZDNDbWdXeXhGN2p6Rm9qUUxMa3h0clYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9jOGNjNjMtNTMwNS00NjM2LWIzMzYt
ZTcxNzY3ODZmNzRhLzEvMEtaZ1lxQi1ZcjAtOXp5VTUzSG1LSFBZeXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9jOGNjNjMtNTMwNS00NjM2LWIzMzYtZTcxNzY3ODZmNzRh
LzEvRi1hZDNDbWdXeXhGN2p6Rm9qUUxMa3h0clYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQBuV78MBQE
AgACMA4DBQAqA+MAAwUDKgZFgDANBgkqhkiG9w0BAQsFAAOCAQEAWGRlHITST4t6
2SPFSML/3SJdKcIATEZGvy7wZ21MfFi9zvaJlliGEjls/D4aWZYXgW2KILMXu++C
YzQWNBrqUxy4MhipztLlrGnRLyjYBEz2KUhlLWjcOlIYbRH4wbwbj/kocsUG74IH
2gEEdk59fvyaxSQCKuCSo9andjdWPfU0ARAQLAMr1I6iK2vfKbcJNV2pl+t8vU66
jzDPrmaaFXx/Lh6VNf9Lk3atU8eB++e25OlPsKJjilgSqjtamSrM5ul2WN36rwRw
z7SGSChv0OVNHT2+MYf4mE5wWSuTlpV93DAU/a6IYXeJZvKjPMhN/w8DQH/maup2
2ntHKlJ2Eg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:05 2024 by rpki-client on console-ams.rpki-client.org