Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/lWJawHwf4N6VpF4GJ3NfmUsBiak.roa
File: lWJawHwf4N6VpF4GJ3NfmUsBiak.roa (raw, json)
Hash identifier: krphBGcSOFqCIWGmwuB1hmb/J0VgkPsToimwUMuY6pI=
Subject key identifier: 95:62:5A:C0:7C:1F:E0:DE:95:A4:5E:06:27:73:5F:99:4B:01:89:A9
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0191E5F33C182EAEFB9B8BA0F4B71ED3BF79
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/lWJawHwf4N6VpF4GJ3NfmUsBiak.roa
Signing time: Thu 12 Sep 2024 11:16:48 +0000
ROA not before: Thu 12 Sep 2024 11:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206119
IP address blocks: 185.169.182.0/24 maxlen: 24
185.174.20.0/24 maxlen: 24
185.174.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:f3:3c:18:2e:ae:fb:9b:8b:a0:f4:b7:1e:d3:bf:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Sep 12 11:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95625ac07c1fe0de95a45e0627735f994b0189a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ca:b7:14:b7:90:4c:fc:34:8b:57:40:27:49:
45:44:c1:69:fb:c8:a9:50:24:97:74:4d:d7:06:39:
1f:d5:53:09:f0:66:a5:f1:23:e1:cd:b5:67:2c:65:
60:43:1b:e2:e9:e8:13:ef:dc:51:aa:a1:4b:a1:92:
1d:14:dc:17:58:32:8e:93:88:25:9d:ab:d4:00:ef:
89:fb:2d:08:a3:d9:a8:74:e7:5f:9a:3f:ec:92:67:
bb:b9:2f:82:64:49:38:c2:3e:6c:cd:c6:c5:f8:03:
25:70:4e:9e:20:a5:7b:e4:c8:3a:03:92:80:e9:04:
be:a7:cd:3a:39:93:8e:75:8d:c9:88:6d:dc:36:d8:
16:e4:2b:0f:3f:f7:32:64:84:fb:22:83:0f:8a:59:
00:b3:af:f9:92:c1:b2:de:0f:a2:ee:5b:43:e1:f2:
0c:47:ec:4a:34:29:40:5a:8f:a4:5e:f6:5a:96:0f:
9c:65:b0:f3:5e:7d:2a:c1:ae:65:68:a6:c4:fc:46:
6a:16:d4:53:cc:62:b7:e5:cc:52:ed:e6:fe:52:23:
67:0c:7d:96:6f:d5:ba:ab:12:24:dc:4d:21:5f:cb:
46:ef:9b:2a:92:fa:7a:60:a0:b4:95:26:c2:0f:de:
ad:a7:7a:6a:86:8d:1d:f0:28:30:bc:e3:29:21:39:
66:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:62:5A:C0:7C:1F:E0:DE:95:A4:5E:06:27:73:5F:99:4B:01:89:A9
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/lWJawHwf4N6VpF4GJ3NfmUsBiak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.182.0/24
185.174.20.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:3c:f3:3c:0a:86:4a:4a:69:c4:d2:13:a8:73:89:29:34:ca:
7e:13:e2:b1:61:e7:94:01:01:8f:55:77:1a:80:a2:c4:0b:de:
56:7a:87:f4:d0:7b:77:1e:06:29:9e:06:c0:30:95:01:ad:d7:
c8:d2:a2:e9:61:75:a1:1c:ce:01:f0:b5:d7:37:15:1f:ac:ff:
4c:29:3f:4a:4c:75:2b:6b:8c:00:93:52:15:93:9f:91:63:48:
25:e9:af:06:97:88:cf:ac:e3:48:3e:9a:53:ee:90:0c:9d:4a:
9a:10:3f:5a:bd:3d:ca:74:90:a7:4f:84:8e:41:14:a7:10:5f:
34:78:5a:99:fd:cf:44:cf:20:a1:96:9d:12:46:3b:59:3f:37:
c8:fa:d2:40:af:94:59:47:66:80:6f:9b:e9:2d:64:8f:3f:49:
87:fd:77:72:2b:29:4c:cf:3a:8a:40:27:0b:1e:d4:c9:27:ec:
92:74:51:c3:11:7d:9d:95:f4:23:de:56:f6:6a:af:e7:b4:d4:
c9:12:d6:52:58:7c:d9:ff:00:f8:d0:f7:1e:64:86:61:b0:e9:
d8:63:ef:c8:84:c4:3b:66:0a:69:63:cc:86:7a:ed:76:1b:d1:
22:e2:ff:cc:58:29:2a:db:9b:7d:d4:98:a7:cb:1f:fe:f8:8b:
5d:17:4f:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHl8zwYLq77m4ug9Lce0795MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjQwOTEyMTExNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTYyNWFjMDdjMWZlMGRlOTVhNDVlMDYyNzczNWY5OTRiMDE4OWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Mq3FLeQTPw0i1dAJ0lFRMFp+8ip
UCSXdE3XBjkf1VMJ8Gal8SPhzbVnLGVgQxvi6egT79xRqqFLoZIdFNwXWDKOk4gl
navUAO+J+y0Io9modOdfmj/skme7uS+CZEk4wj5szcbF+AMlcE6eIKV75Mg6A5KA
6QS+p806OZOOdY3JiG3cNtgW5CsPP/cyZIT7IoMPilkAs6/5ksGy3g+i7ltD4fIM
R+xKNClAWo+kXvZalg+cZbDzXn0qwa5laKbE/EZqFtRTzGK35cxS7eb+UiNnDH2W
b9W6qxIk3E0hX8tG75sqkvp6YKC0lSbCD96tp3pqho0d8CgwvOMpITlmyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJViWsB8H+DelaReBidzX5lLAYmpMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvbFdKYXdId2Y0TjZWcEY0R0ozTmZtVXNCaWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuam2AwQB
ua4UMA0GCSqGSIb3DQEBCwUAA4IBAQBePPM8CoZKSmnE0hOoc4kpNMp+E+KxYeeU
AQGPVXcagKLEC95Weof00Ht3HgYpngbAMJUBrdfI0qLpYXWhHM4B8LXXNxUfrP9M
KT9KTHUra4wAk1IVk5+RY0gl6a8Gl4jPrONIPppT7pAMnUqaED9avT3KdJCnT4SO
QRSnEF80eFqZ/c9EzyChlp0SRjtZPzfI+tJAr5RZR2aAb5vpLWSPP0mH/XdyKylM
zzqKQCcLHtTJJ+ySdFHDEX2dlfQj3lb2aq/ntNTJEtZSWHzZ/wD40PceZIZhsOnY
Y+/IhMQ7ZgppY8yGeu12G9Ei4v/MWCkq25t91Jinyx/++ItdF09Y
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:16:58 2024 by rpki-client on console-ams.rpki-client.org