Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/0d006d-ab7a-41c9-97f3-995c369da672/1/uZlahCMaC8cwLCm05kPj-SfmKdQ.roa
File: uZlahCMaC8cwLCm05kPj-SfmKdQ.roa (raw, json)
Hash identifier: wWvfLCQJUaXCEyn5kp86QLSu2tL7sX6GeTM8FzbJ0uE=
Subject key identifier: B9:99:5A:84:23:1A:0B:C7:30:2C:29:B4:E6:43:E3:F9:27:E6:29:D4
Certificate issuer: /CN=b24cf9f6d034f46760f4f59b1739de127b8adff3
Certificate serial: 018CC6B78374654EB1068DFBF69F4285E9D1
Authority key identifier: B2:4C:F9:F6:D0:34:F4:67:60:F4:F5:9B:17:39:DE:12:7B:8A:DF:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/skz59tA09Gdg9PWbFzneEnuK3_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/0d006d-ab7a-41c9-97f3-995c369da672/1/uZlahCMaC8cwLCm05kPj-SfmKdQ.roa
Signing time: Mon 01 Jan 2024 20:29:24 +0000
ROA not before: Mon 01 Jan 2024 20:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13896
IP address blocks: 185.155.146.0/23 maxlen: 23
185.155.144.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/0d006d-ab7a-41c9-97f3-995c369da672/1/skz59tA09Gdg9PWbFzneEnuK3_M.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/0d006d-ab7a-41c9-97f3-995c369da672/1/skz59tA09Gdg9PWbFzneEnuK3_M.mft
rsync://rpki.ripe.net/repository/DEFAULT/skz59tA09Gdg9PWbFzneEnuK3_M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:83:74:65:4e:b1:06:8d:fb:f6:9f:42:85:e9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b24cf9f6d034f46760f4f59b1739de127b8adff3
Validity
Not Before: Jan 1 20:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9995a84231a0bc7302c29b4e643e3f927e629d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0e:f2:fc:e1:16:09:de:c9:78:3a:78:8a:a0:
3d:0a:f3:0b:da:4a:c8:e9:a5:a1:55:86:ee:af:2b:
e2:76:b7:8e:a4:1a:cd:b2:9c:72:c8:30:cc:4e:33:
5e:e7:37:e2:67:4f:93:8d:8c:cc:5b:14:04:13:f2:
7b:33:38:e3:5f:13:ef:27:88:ad:89:55:32:c7:b6:
0f:92:3c:d2:95:ca:82:ee:b9:3c:20:a5:cf:de:7e:
be:9d:01:af:a7:ea:6a:5f:63:4d:b1:57:45:8b:f1:
79:f0:ca:db:63:de:7e:b1:dd:f1:00:c6:08:8e:eb:
2a:05:d4:2a:d0:f5:d4:5f:bb:3b:05:3c:b6:d8:4f:
12:b3:c8:c5:1e:e1:b3:46:05:70:36:41:25:18:6e:
0c:bf:d3:58:95:dd:76:be:25:69:32:bb:e1:67:78:
67:8d:00:7d:f5:8c:32:7f:cb:18:d8:f3:38:b0:8e:
da:63:81:f2:f1:ff:d0:09:c4:e5:cf:ce:82:d0:7e:
0c:9a:61:8d:ad:6a:23:e0:8a:69:ce:d0:c7:5a:75:
fd:c8:34:a5:0a:14:d5:59:d9:2a:74:57:3e:16:c1:
2d:5d:48:94:a8:07:b1:43:34:bb:39:b3:a3:36:36:
e3:33:4f:0a:9d:30:bd:c7:83:65:17:8e:d9:0f:d9:
f3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:99:5A:84:23:1A:0B:C7:30:2C:29:B4:E6:43:E3:F9:27:E6:29:D4
X509v3 Authority Key Identifier:
keyid:B2:4C:F9:F6:D0:34:F4:67:60:F4:F5:9B:17:39:DE:12:7B:8A:DF:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/skz59tA09Gdg9PWbFzneEnuK3_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0d006d-ab7a-41c9-97f3-995c369da672/1/uZlahCMaC8cwLCm05kPj-SfmKdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/0d006d-ab7a-41c9-97f3-995c369da672/1/skz59tA09Gdg9PWbFzneEnuK3_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.144.0/22
Signature Algorithm: sha256WithRSAEncryption
98:dd:c2:e3:52:78:ae:74:bf:48:df:5b:aa:b3:5a:dd:62:41:
81:02:60:ba:09:f1:2d:d4:9b:cb:d2:2f:be:7a:ea:56:53:78:
ae:dd:40:2d:4e:6c:a0:6d:30:32:1b:96:43:72:83:93:44:c4:
58:07:a6:68:f6:34:40:d2:33:37:aa:14:4d:af:b7:f4:cf:6c:
4c:d1:98:a9:d7:70:66:1c:33:83:73:88:89:3c:a5:23:7d:43:
35:a2:ae:d1:fd:76:74:a1:aa:1c:ad:6a:ca:58:17:a6:90:4d:
c1:a4:7d:4e:0f:cd:9c:73:c6:50:e9:15:d4:b2:08:94:85:7c:
20:ca:96:3b:f5:78:f1:0f:70:8c:28:23:3d:5d:f2:c3:93:ea:
bc:37:e9:6c:6a:0d:f5:ab:10:eb:d9:93:e9:3b:da:96:ec:fd:
f5:92:52:ec:df:42:15:54:f1:da:12:fc:ca:f9:68:38:97:ed:
b3:8b:0e:e3:eb:72:46:a3:61:45:fa:43:4e:5d:c4:c5:72:23:
b2:ff:58:da:4a:fb:5c:16:0c:0e:4d:b8:28:99:1b:d8:5f:4f:
89:67:92:cd:bb:f4:ab:11:3c:7a:10:ee:a6:ae:e1:af:0b:66:
86:c3:33:0f:a0:87:82:ea:0c:77:a7:08:17:cb:74:84:05:d1:
c4:1d:15:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt4N0ZU6xBo379p9ChenRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyNGNmOWY2ZDAzNGY0Njc2MGY0ZjU5YjE3MzlkZTEyN2I4
YWRmZjMwHhcNMjQwMTAxMjAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTk5NWE4NDIzMWEwYmM3MzAyYzI5YjRlNjQzZTNmOTI3ZTYyOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA7y/OEWCd7JeDp4iqA9CvML2krI
6aWhVYburyvidreOpBrNspxyyDDMTjNe5zfiZ0+TjYzMWxQEE/J7MzjjXxPvJ4it
iVUyx7YPkjzSlcqC7rk8IKXP3n6+nQGvp+pqX2NNsVdFi/F58MrbY95+sd3xAMYI
jusqBdQq0PXUX7s7BTy22E8Ss8jFHuGzRgVwNkElGG4Mv9NYld12viVpMrvhZ3hn
jQB99Ywyf8sY2PM4sI7aY4Hy8f/QCcTlz86C0H4MmmGNrWoj4IppztDHWnX9yDSl
ChTVWdkqdFc+FsEtXUiUqAexQzS7ObOjNjbjM08KnTC9x4NlF47ZD9nz3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLmZWoQjGgvHMCwptOZD4/kn5inUMB8GA1UdIwQY
MBaAFLJM+fbQNPRnYPT1mxc53hJ7it/zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2t6NTl0QTA5R2RnOVBXYkZ6bmVFbnVLM19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wZDAwNmQtYWI3YS00MWM5LTk3ZjMt
OTk1YzM2OWRhNjcyLzEvdVpsYWhDTWFDOGN3TENtMDVrUGotU2ZtS2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8wZDAwNmQtYWI3YS00MWM5LTk3ZjMtOTk1YzM2OWRhNjcy
LzEvc2t6NTl0QTA5R2RnOVBXYkZ6bmVFbnVLM19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZuQMA0G
CSqGSIb3DQEBCwUAA4IBAQCY3cLjUniudL9I31uqs1rdYkGBAmC6CfEt1JvL0i++
eupWU3iu3UAtTmygbTAyG5ZDcoOTRMRYB6Zo9jRA0jM3qhRNr7f0z2xM0Zip13Bm
HDODc4iJPKUjfUM1oq7R/XZ0oaocrWrKWBemkE3BpH1OD82cc8ZQ6RXUsgiUhXwg
ypY79XjxD3CMKCM9XfLDk+q8N+lsag31qxDr2ZPpO9qW7P31klLs30IVVPHaEvzK
+Wg4l+2ziw7j63JGo2FF+kNOXcTFciOy/1jaSvtcFgwOTbgomRvYX0+JZ5LNu/Sr
ETx6EO6mruGvC2aGwzMPoIeC6gx3pwgXy3SEBdHEHRV/
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:40:11 2024 by rpki-client on console-fra.rpki-client.org