Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/X4V0Zv2xp9HF7MmEhDbI1WbQAlE.roa
File: X4V0Zv2xp9HF7MmEhDbI1WbQAlE.roa (raw, json)
Hash identifier: 3jh3GsvhZZIDHId39IgTU5btttok0JbtJrzZI5bnkf8=
Subject key identifier: 5F:85:74:66:FD:B1:A7:D1:C5:EC:C9:84:84:36:C8:D5:66:D0:02:51
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 018F533423C4238845A1614C5C7033C4D787
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/X4V0Zv2xp9HF7MmEhDbI1WbQAlE.roa
Signing time: Tue 07 May 2024 13:17:56 +0000
ROA not before: Tue 07 May 2024 13:17:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 185.148.243.0/24 maxlen: 24
185.174.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:34:23:c4:23:88:45:a1:61:4c:5c:70:33:c4:d7:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: May 7 13:17:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f857466fdb1a7d1c5ecc9848436c8d566d00251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:98:87:29:af:5c:cb:e2:9a:b5:56:5a:ca:78:
84:ad:3e:b8:91:b3:f1:b9:37:64:97:89:7b:b7:a9:
6f:00:eb:71:27:75:53:2b:8a:54:70:68:4b:1e:a3:
59:68:56:d5:25:28:d5:72:8a:2e:43:a0:1d:ca:ba:
a1:4b:e8:a8:9d:fc:e7:1e:f0:e4:9d:e3:5c:0f:b9:
fb:77:b4:90:0c:52:bd:87:d9:5d:de:2d:28:5c:14:
23:e3:e5:88:3d:d6:db:9b:b1:dd:46:04:09:cf:03:
b5:6d:bf:ce:49:8d:f8:87:0d:b3:57:ee:21:1b:b6:
5a:d4:9c:c9:71:ad:cb:6b:0a:5f:30:f3:64:2c:05:
e2:7e:79:39:3c:a8:1b:a4:2a:06:16:43:d5:8d:d6:
5b:36:de:32:75:1c:fc:bb:e9:96:4b:44:f8:c5:17:
09:a5:60:0d:df:2c:7c:34:55:02:de:d9:70:dd:11:
ea:79:0f:e4:2f:fe:8a:3d:4e:8f:3f:8b:10:63:05:
69:44:15:8e:d0:18:c0:24:66:5e:ba:41:cb:70:4e:
08:e5:01:c0:dd:67:8f:0b:a4:b5:90:9e:cb:28:1c:
16:9c:23:3f:d8:eb:a5:90:3b:af:f5:e5:6c:e1:e0:
a8:42:35:69:ae:0e:ef:20:92:53:c3:9d:de:14:11:
3e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:85:74:66:FD:B1:A7:D1:C5:EC:C9:84:84:36:C8:D5:66:D0:02:51
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/X4V0Zv2xp9HF7MmEhDbI1WbQAlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.243.0/24
185.174.20.0/24
Signature Algorithm: sha256WithRSAEncryption
86:d6:4c:cc:ba:76:e8:52:94:83:a2:a4:b3:b3:e3:d5:63:19:
7a:03:7c:c3:a1:83:6e:5b:b3:bf:8a:df:14:a1:93:36:dc:dc:
16:7d:72:31:09:5f:38:77:ab:f2:a6:61:21:30:4c:8b:89:62:
e9:92:b1:d0:8d:d8:89:c9:89:71:e7:bf:07:95:75:c9:ad:c3:
9f:be:91:89:34:2a:9e:29:bc:9e:a1:32:cb:b5:f6:30:82:15:
57:03:0c:e5:62:23:12:61:94:53:53:fb:6c:8e:75:33:77:15:
ae:4b:a8:8a:29:4a:ee:83:b2:53:45:4e:ed:37:6e:bf:0f:f0:
f9:0b:17:de:fb:88:82:f1:e2:1b:d1:8f:f8:5f:9d:0c:d8:33:
e9:f9:11:4f:f6:de:46:ab:78:38:64:c2:f1:68:31:a3:80:49:
de:f6:1c:da:24:c6:de:5c:6a:02:7d:7c:8e:69:b6:df:4f:1d:
36:4b:e6:20:90:02:1c:3f:5e:a7:3a:2f:fc:37:cc:90:37:98:
da:ca:c0:09:88:88:02:31:ff:c1:91:bc:4b:eb:88:6d:5d:1a:
49:c6:4f:3d:1b:2f:41:75:54:3d:0f:70:97:05:55:7f:3d:58:
36:28:39:33:d9:f8:53:d4:0e:f0:59:68:87:ac:6c:6e:fd:b7:
7d:8b:93:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9TNCPEI4hFoWFMXHAzxNeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwNTA3MTMxNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjg1NzQ2NmZkYjFhN2QxYzVlY2M5ODQ4NDM2YzhkNTY2ZDAwMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpiHKa9cy+KatVZayniErT64kbPx
uTdkl4l7t6lvAOtxJ3VTK4pUcGhLHqNZaFbVJSjVcoouQ6AdyrqhS+ionfznHvDk
neNcD7n7d7SQDFK9h9ld3i0oXBQj4+WIPdbbm7HdRgQJzwO1bb/OSY34hw2zV+4h
G7Za1JzJca3LawpfMPNkLAXifnk5PKgbpCoGFkPVjdZbNt4ydRz8u+mWS0T4xRcJ
pWAN3yx8NFUC3tlw3RHqeQ/kL/6KPU6PP4sQYwVpRBWO0BjAJGZeukHLcE4I5QHA
3WePC6S1kJ7LKBwWnCM/2OulkDuv9eVs4eCoQjVprg7vIJJTw53eFBE+JQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF+FdGb9safRxezJhIQ2yNVm0AJRMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvWDRWMFp2MnhwOUhGN01tRWhEYkkxV2JRQWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZTzAwQA
ua4UMA0GCSqGSIb3DQEBCwUAA4IBAQCG1kzMunboUpSDoqSzs+PVYxl6A3zDoYNu
W7O/it8UoZM23NwWfXIxCV84d6vypmEhMEyLiWLpkrHQjdiJyYlx578HlXXJrcOf
vpGJNCqeKbyeoTLLtfYwghVXAwzlYiMSYZRTU/tsjnUzdxWuS6iKKUrug7JTRU7t
N26/D/D5Cxfe+4iC8eIb0Y/4X50M2DPp+RFP9t5Gq3g4ZMLxaDGjgEne9hzaJMbe
XGoCfXyOabbfTx02S+YgkAIcP16nOi/8N8yQN5jaysAJiIgCMf/BkbxL64htXRpJ
xk89Gy9BdVQ9D3CXBVV/PVg2KDkz2fhT1A7wWWiHrGxu/bd9i5Pa
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:28:08 2024 by rpki-client on console-ams.rpki-client.org