Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/1-D7-sTusvL-hz3suWWvOO97umyU.roa
File: 1-D7-sTusvL-hz3suWWvOO97umyU.roa (raw, json)
Hash identifier: wri5bvncySMA2whpAhv6UqIQT1ZOPuWLWQicPy2M6r8=
Subject key identifier: F8:3E:FE:B1:3B:AC:BC:BF:A1:CF:7B:2E:59:6B:CE:3B:DE:EE:9B:25
Certificate issuer: /CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Certificate serial: 018CC3B710231FA9EB1693C5E32DEA705181
Authority key identifier: 9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/1-D7-sTusvL-hz3suWWvOO97umyU.roa
Signing time: Mon 01 Jan 2024 06:30:03 +0000
ROA not before: Mon 01 Jan 2024 06:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213035
IP address blocks: 185.126.34.0/24 maxlen: 24
185.28.37.0/24 maxlen: 24
185.28.39.0/24 maxlen: 24
2a10:1440:1::/48 maxlen: 48
2a10:1440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/m5fCLQsziopFqhNFsJF7oNyXM5A.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/m5fCLQsziopFqhNFsJF7oNyXM5A.mft
rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:10:23:1f:a9:eb:16:93:c5:e3:2d:ea:70:51:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Validity
Not Before: Jan 1 06:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f83efeb13bacbcbfa1cf7b2e596bce3bdeee9b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:16:cb:8d:fe:02:b5:82:57:13:3a:40:0c:93:
a4:f8:06:41:2d:d5:d0:0c:cb:55:17:ad:83:70:0f:
77:48:73:cf:1e:54:dd:e1:58:4f:b1:da:f5:47:3d:
8c:47:49:1b:80:10:36:e6:62:32:ec:77:b5:87:7b:
4c:e8:fb:fb:ce:55:7f:56:c8:7f:2d:77:82:f3:7b:
f5:2a:29:83:46:81:a6:45:b9:8c:22:ea:e4:cb:85:
7c:95:c2:02:97:0f:14:3e:b5:f7:06:1c:4c:68:97:
32:3b:38:c8:b8:9e:29:2b:00:41:1a:59:82:4e:10:
45:c4:aa:e2:c0:be:0c:ab:dc:57:e9:ae:fa:06:8c:
d2:61:d4:70:46:5d:6a:77:ad:70:b2:8e:e3:9f:7a:
26:ee:12:ae:e2:47:95:73:a1:23:fb:7f:fc:d5:bb:
4e:6d:5f:78:1d:9a:ee:ec:4e:24:71:2a:09:92:9b:
55:b5:d3:91:10:41:39:93:21:0c:95:c0:3b:6f:d0:
98:09:b9:c2:9a:cd:b1:4d:bf:a8:23:87:79:a1:24:
66:97:3f:e9:6e:63:a2:01:cc:00:cb:22:26:67:7d:
97:ab:33:a8:d3:70:72:fa:64:ac:9a:7e:b3:c9:df:
a6:ad:d1:d5:50:06:46:d6:21:e6:e7:32:d2:e5:68:
bc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:3E:FE:B1:3B:AC:BC:BF:A1:CF:7B:2E:59:6B:CE:3B:DE:EE:9B:25
X509v3 Authority Key Identifier:
keyid:9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/1-D7-sTusvL-hz3suWWvOO97umyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/m5fCLQsziopFqhNFsJF7oNyXM5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.37.0/24
185.28.39.0/24
185.126.34.0/24
IPv6:
2a10:1440::/29
Signature Algorithm: sha256WithRSAEncryption
9f:d9:80:73:08:dc:d8:3c:0a:9c:a5:03:8b:bb:73:9c:35:82:
3b:ab:e9:f3:18:37:de:3d:0d:fc:74:81:60:16:64:b1:29:bc:
33:17:2f:70:7a:11:e0:12:fd:d7:71:d5:36:f6:82:95:77:9c:
03:d2:7e:a6:24:8c:91:05:c2:2f:3b:6b:d2:a0:aa:a7:68:c8:
7a:9f:a5:ce:7f:5a:47:3f:78:fc:33:5d:8c:b5:ce:3d:90:29:
39:de:62:6e:d0:6a:9d:58:ed:ea:5f:aa:44:fd:05:4b:a8:5b:
26:ef:ed:d3:b2:c4:9f:38:92:1b:21:19:4d:33:8c:0e:5e:da:
e3:67:3a:3a:28:47:aa:90:2c:68:fd:3b:ee:72:5e:43:13:83:
52:2d:77:c0:63:72:c4:fb:62:a6:8b:e2:d9:48:85:c0:e1:dd:
e2:b4:67:cf:b4:4a:e5:52:ec:48:9e:b0:50:c2:5a:84:f1:99:
78:ac:a1:d0:70:c7:ba:92:02:a6:0f:25:e5:12:76:51:09:65:
d3:28:62:5f:53:f6:81:ff:83:a6:03:c2:f5:19:07:4f:97:56:
fa:cc:b7:27:ea:ab:eb:26:5f:fb:fa:49:1f:93:71:c5:fb:ff:
12:ab:d3:98:2f:8f:b0:ba:2e:26:28:a4:1a:79:6d:d7:77:d0:
8a:0b:20:18
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDtxAjH6nrFpPF4y3qcFGBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOTdjMjJkMGIzMzhhOGE0NWFhMTM0NWIwOTE3YmEwZGM5
NzMzOTAwHhcNMjQwMTAxMDYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODNlZmViMTNiYWNiY2JmYTFjZjdiMmU1OTZiY2UzYmRlZWU5YjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxbLjf4CtYJXEzpADJOk+AZBLdXQ
DMtVF62DcA93SHPPHlTd4VhPsdr1Rz2MR0kbgBA25mIy7He1h3tM6Pv7zlV/Vsh/
LXeC83v1KimDRoGmRbmMIurky4V8lcIClw8UPrX3BhxMaJcyOzjIuJ4pKwBBGlmC
ThBFxKriwL4Mq9xX6a76BozSYdRwRl1qd61wso7jn3om7hKu4keVc6Ej+3/81btO
bV94HZru7E4kcSoJkptVtdOREEE5kyEMlcA7b9CYCbnCms2xTb+oI4d5oSRmlz/p
bmOiAcwAyyImZ32XqzOo03By+mSsmn6zyd+mrdHVUAZG1iHm5zLS5Wi88wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPg+/rE7rLy/oc97Lllrzjve7pslMB8GA1UdIwQY
MBaAFJuXwi0LM4qKRaoTRbCRe6DclzOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMt
YWU5OTllZDdjNWQ0LzEvMS1ENy1zVHVzdkwtaHozc3VXV3ZPTzk3dW15VS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGMvZTIyNThkLThiYzUtNDRlZC04MDczLWFlOTk5ZWQ3YzVk
NC8xL201ZkNMUXN6aW9wRnFoTkZzSkY3b055WE01QS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEALkcJQME
ALkcJwMEALl+IjANBAIAAjAHAwUDKhAUQDANBgkqhkiG9w0BAQsFAAOCAQEAn9mA
cwjc2DwKnKUDi7tznDWCO6vp8xg33j0N/HSBYBZksSm8MxcvcHoR4BL913HVNvaC
lXecA9J+piSMkQXCLztr0qCqp2jIep+lzn9aRz94/DNdjLXOPZApOd5ibtBqnVjt
6l+qRP0FS6hbJu/t07LEnziSGyEZTTOMDl7a42c6OihHqpAsaP077nJeQxODUi13
wGNyxPtipovi2UiFwOHd4rRnz7RK5VLsSJ6wUMJahPGZeKyh0HDHupICpg8l5RJ2
UQll0yhiX1P2gf+DpgPC9RkHT5dW+sy3J+qr6yZf+/pJH5Nxxfv/EqvTmC+PsLou
JiikGnlt13fQigsgGA==
-----END CERTIFICATE-----
Generated at Sat Apr 27 20:24:40 2024 by rpki-client on console-ams.rpki-client.org