Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/dWXks-iVKQhZGtBRvhsz0JSVGd0.roa
File: dWXks-iVKQhZGtBRvhsz0JSVGd0.roa (raw, json)
Hash identifier: QQKloMOLky2UspNBUl1TMFLpudrPajaV7ImRSs6cw18=
Subject key identifier: 75:65:E4:B3:E8:95:29:08:59:1A:D0:51:BE:1B:33:D0:94:95:19:DD
Certificate issuer: /CN=2a0cc46301c8b1fd4639293018fba53653a265b2
Certificate serial: 018CC56E21F5CD7F4B340551D3B0BFC3B34C
Authority key identifier: 2A:0C:C4:63:01:C8:B1:FD:46:39:29:30:18:FB:A5:36:53:A2:65:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/dWXks-iVKQhZGtBRvhsz0JSVGd0.roa
Signing time: Mon 01 Jan 2024 14:29:38 +0000
ROA not before: Mon 01 Jan 2024 14:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.105.0/24 maxlen: 24
2001:7f8:bf::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/KgzEYwHIsf1GOSkwGPulNlOiZbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/KgzEYwHIsf1GOSkwGPulNlOiZbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:21:f5:cd:7f:4b:34:05:51:d3:b0:bf:c3:b3:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a0cc46301c8b1fd4639293018fba53653a265b2
Validity
Not Before: Jan 1 14:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7565e4b3e8952908591ad051be1b33d0949519dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:78:ad:43:0d:24:e7:b4:5f:41:a7:a3:c6:17:
1f:39:2f:e3:9c:18:21:19:9b:ef:42:91:03:f9:3e:
77:47:73:ba:2a:83:79:f0:89:30:b4:99:07:83:72:
9a:b0:2f:0b:94:36:1b:d9:32:71:b9:63:eb:a6:5d:
d0:b1:c0:07:e8:08:d7:f7:fb:a9:9d:64:7e:27:a2:
dc:14:79:f2:c6:80:cf:b7:1d:e3:aa:a9:72:02:e2:
a6:3c:b0:00:73:7d:a0:b9:31:ee:3f:e2:e3:4c:9f:
1a:d0:c9:94:6a:3b:68:b9:bb:48:0c:1e:e6:a0:80:
92:57:64:96:fa:2d:9e:86:c6:a1:5a:7a:07:03:7d:
1c:12:ee:a2:ca:ee:ea:df:35:61:1b:15:31:a7:5e:
56:fe:f3:a4:09:2a:db:ec:21:f2:b9:62:3c:99:4e:
41:68:28:c9:45:2a:4c:75:07:99:b4:f3:e8:2c:4f:
fa:90:0d:7f:4f:0b:34:2e:00:30:b2:64:01:ec:13:
66:ce:9a:b4:2f:75:d3:a1:e2:db:bf:31:a3:c5:28:
52:42:c3:1c:bb:81:74:98:f3:19:4f:a7:1e:f9:de:
f0:f1:d9:f0:26:99:99:20:e9:14:3c:7b:dc:57:b5:
fb:e8:c2:b8:bc:97:2f:b5:03:77:63:3d:c6:c4:df:
5d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:65:E4:B3:E8:95:29:08:59:1A:D0:51:BE:1B:33:D0:94:95:19:DD
X509v3 Authority Key Identifier:
keyid:2A:0C:C4:63:01:C8:B1:FD:46:39:29:30:18:FB:A5:36:53:A2:65:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgzEYwHIsf1GOSkwGPulNlOiZbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/dWXks-iVKQhZGtBRvhsz0JSVGd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2862d1-2cc9-4565-86c2-2bb5597a2435/1/KgzEYwHIsf1GOSkwGPulNlOiZbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.105.0/24
IPv6:
2001:7f8:bf::/48
Signature Algorithm: sha256WithRSAEncryption
33:77:07:3b:c5:21:95:54:38:d8:76:6b:60:38:54:c3:fd:0f:
59:23:fe:70:cc:e4:a6:b2:d2:90:53:87:8b:63:39:5f:44:fb:
4d:e5:35:66:ee:60:5b:ae:4c:d3:79:c2:f9:18:88:26:7c:ea:
92:9a:cc:f9:3d:c5:f5:9f:d4:dd:61:2f:be:e6:d9:7d:1b:ab:
12:1f:07:9a:cd:1a:7e:6a:d9:60:b4:0a:a6:cd:4c:d3:b7:51:
71:11:a2:ce:04:b1:ec:c5:de:c8:9a:ed:0f:91:f7:71:43:f5:
de:64:86:6c:4e:d7:a1:74:0d:4a:dc:27:6e:a6:87:b2:dc:ef:
c8:b4:96:f1:70:e7:b8:63:60:d1:70:2c:98:13:74:c7:ae:a9:
78:97:60:be:a7:c3:ef:92:e7:11:c5:81:e7:1e:e5:80:a7:2e:
cf:80:f0:97:bc:d9:14:b7:00:4a:9d:e8:79:58:5d:7a:aa:3f:
8c:3a:3a:41:25:83:a4:5f:bd:b8:dd:35:3e:a6:1b:3b:2d:37:
2f:bf:11:24:a1:89:eb:19:9c:c7:9f:2a:7d:b3:1e:b0:0c:11:
aa:27:7b:6d:c5:ae:80:32:b4:53:e2:1a:4f:89:e5:31:b6:88:
5a:fc:a6:9f:40:67:da:70:ff:52:be:fb:ff:9f:4b:6a:e5:90:
b2:6f:2d:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFbiH1zX9LNAVR07C/w7NMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMGNjNDYzMDFjOGIxZmQ0NjM5MjkzMDE4ZmJhNTM2NTNh
MjY1YjIwHhcNMjQwMTAxMTQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTY1ZTRiM2U4OTUyOTA4NTkxYWQwNTFiZTFiMzNkMDk0OTUxOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXitQw0k57RfQaejxhcfOS/jnBgh
GZvvQpED+T53R3O6KoN58IkwtJkHg3KasC8LlDYb2TJxuWPrpl3QscAH6AjX9/up
nWR+J6LcFHnyxoDPtx3jqqlyAuKmPLAAc32guTHuP+LjTJ8a0MmUajtoubtIDB7m
oICSV2SW+i2ehsahWnoHA30cEu6iyu7q3zVhGxUxp15W/vOkCSrb7CHyuWI8mU5B
aCjJRSpMdQeZtPPoLE/6kA1/Tws0LgAwsmQB7BNmzpq0L3XToeLbvzGjxShSQsMc
u4F0mPMZT6ce+d7w8dnwJpmZIOkUPHvcV7X76MK4vJcvtQN3Yz3GxN9dswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHVl5LPolSkIWRrQUb4bM9CUlRndMB8GA1UdIwQY
MBaAFCoMxGMByLH9RjkpMBj7pTZTomWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2d6RVl3SElzZjFHT1Nrd0dQdWxObE9pWmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yODYyZDEtMmNjOS00NTY1LTg2YzIt
MmJiNTU5N2EyNDM1LzEvZFdYa3MtaVZLUWhaR3RCUnZoc3owSlNWR2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yODYyZDEtMmNjOS00NTY1LTg2YzItMmJiNTU5N2EyNDM1
LzEvS2d6RVl3SElzZjFHT1Nrd0dQdWxObE9pWmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQFpMA8E
AgACMAkDBwAgAQf4AL8wDQYJKoZIhvcNAQELBQADggEBADN3BzvFIZVUONh2a2A4
VMP9D1kj/nDM5Kay0pBTh4tjOV9E+03lNWbuYFuuTNN5wvkYiCZ86pKazPk9xfWf
1N1hL77m2X0bqxIfB5rNGn5q2WC0CqbNTNO3UXERos4EsezF3sia7Q+R93FD9d5k
hmxO16F0DUrcJ26mh7Lc78i0lvFw57hjYNFwLJgTdMeuqXiXYL6nw++S5xHFgece
5YCnLs+A8Je82RS3AEqd6HlYXXqqP4w6OkElg6RfvbjdNT6mGzstNy+/ESShiesZ
nMefKn2zHrAMEaone23FroAytFPiGk+J5TG2iFr8pp9AZ9pw/1K++/+fS2rlkLJv
Lc0=
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:48:02 2024 by rpki-client on console-ams.rpki-client.org