Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/RdYACH918hiqllBVVSEUUdDpsBk.roa
File: RdYACH918hiqllBVVSEUUdDpsBk.roa (raw, json)
Hash identifier: RrQ4UhinZBStd2v39uEHx21w7yvA+SW9lT3vqaOo7bk=
Subject key identifier: 45:D6:00:08:7F:75:F2:18:AA:96:50:55:55:21:14:51:D0:E9:B0:19
Certificate issuer: /CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Certificate serial: 018CC42524F18DB3820D93568FADA590A033
Authority key identifier: C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/RdYACH918hiqllBVVSEUUdDpsBk.roa
Signing time: Mon 01 Jan 2024 08:30:17 +0000
ROA not before: Mon 01 Jan 2024 08:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202987
IP address blocks: 185.127.125.0/24 maxlen: 24
185.127.124.0/24 maxlen: 24
185.127.127.0/24 maxlen: 24
185.127.126.0/24 maxlen: 24
193.27.233.0/24 maxlen: 24
193.27.232.0/24 maxlen: 24
193.27.234.0/24 maxlen: 24
193.27.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 01:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:24:f1:8d:b3:82:0d:93:56:8f:ad:a5:90:a0:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Validity
Not Before: Jan 1 08:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45d600087f75f218aa96505555211451d0e9b019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e2:a9:2b:dd:68:d7:d5:d8:36:81:39:ee:c8:
b6:8b:28:eb:7b:c1:c4:55:ca:76:0a:a2:9c:ed:19:
da:44:9b:ae:c3:89:31:93:f5:65:44:5a:e6:0c:62:
28:81:e1:09:87:fe:7c:14:5d:09:8b:c1:b9:f8:90:
12:56:41:44:be:ed:23:1a:22:aa:77:66:b5:15:01:
18:98:51:6c:3e:a8:10:fe:74:e3:ee:5f:ad:4c:e2:
69:0d:fe:bd:cb:33:2f:bf:e1:cb:d1:2f:a8:36:d7:
90:b6:1d:70:ad:a5:f2:4d:70:67:e3:76:2d:68:30:
1f:2c:50:07:28:65:da:84:c7:eb:62:5c:e4:a0:8a:
64:e0:d4:72:53:b6:d0:7f:30:d4:39:23:e5:8f:d0:
93:ba:b3:90:39:3d:0e:b1:9b:da:94:9b:cf:6e:e0:
3d:5c:da:85:41:52:27:0f:8b:19:56:99:2d:eb:f5:
1d:df:e1:e5:6f:ea:cd:25:e8:fd:f2:ad:3c:d5:35:
eb:c4:9e:be:4a:5b:0e:93:a1:f6:eb:50:c2:4d:aa:
d9:5a:11:5a:71:1e:78:f7:62:68:86:96:9f:ad:8e:
69:09:8d:b9:3f:19:db:4c:90:5a:60:f1:45:2b:53:
88:10:4d:b6:ef:0a:22:20:2c:54:eb:1e:0e:d4:b7:
cf:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D6:00:08:7F:75:F2:18:AA:96:50:55:55:21:14:51:D0:E9:B0:19
X509v3 Authority Key Identifier:
keyid:C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/RdYACH918hiqllBVVSEUUdDpsBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.124.0/22
193.27.232.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:40:5a:62:c4:c3:85:e4:50:c1:b0:50:54:b0:a3:e3:53:dd:
5c:47:9d:df:f5:04:c8:46:20:9b:63:a7:33:a4:f8:94:49:79:
08:d5:ab:80:6e:b4:f4:a7:13:52:c9:84:34:bc:7c:0f:13:65:
40:7a:01:68:6d:2d:75:14:15:ad:79:4b:a0:ab:d4:1c:aa:ed:
21:4f:30:e5:eb:2f:22:85:8e:40:8f:5b:d9:f6:0a:9e:8e:53:
14:f6:dd:b9:64:9e:56:55:80:43:2c:85:76:d1:4c:00:1a:42:
f5:a5:d9:2b:1b:38:7b:42:18:39:c9:25:a1:e9:4d:73:f7:ff:
4d:cb:24:3e:7d:a2:de:29:76:da:90:57:fc:9a:86:90:74:8b:
70:79:10:49:46:6f:d9:9b:fb:64:93:8e:d9:87:00:3b:d0:67:
fb:77:9c:11:34:23:63:9b:3b:5c:9b:b8:14:7f:bb:bc:d9:a6:
a6:f0:b6:39:8a:b2:04:fe:2d:c7:7b:54:8c:42:7f:f1:1c:98:
f2:52:e8:73:61:46:45:18:8f:9d:34:97:90:f1:5a:9b:53:ed:
6d:9e:72:24:13:08:c1:9b:51:8d:d7:bf:3e:27:78:ed:d2:67:
bd:5c:a9:86:b0:ef:1d:ec:55:a9:d3:59:52:3c:10:5b:da:e3:
34:94:44:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJSTxjbOCDZNWj62lkKAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDI4NWRmNWIwMzllMGYwNGUyZGZlY2UyOGE1YThmYmVj
NmU5MzgwHhcNMjQwMTAxMDgzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQ2MDAwODdmNzVmMjE4YWE5NjUwNTU1NTIxMTQ1MWQwZTliMDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveKpK91o19XYNoE57si2iyjre8HE
Vcp2CqKc7RnaRJuuw4kxk/VlRFrmDGIogeEJh/58FF0Ji8G5+JASVkFEvu0jGiKq
d2a1FQEYmFFsPqgQ/nTj7l+tTOJpDf69yzMvv+HL0S+oNteQth1wraXyTXBn43Yt
aDAfLFAHKGXahMfrYlzkoIpk4NRyU7bQfzDUOSPlj9CTurOQOT0OsZvalJvPbuA9
XNqFQVInD4sZVpkt6/Ud3+Hlb+rNJej98q081TXrxJ6+SlsOk6H261DCTarZWhFa
cR5492JohpafrY5pCY25PxnbTJBaYPFFK1OIEE227woiICxU6x4O1LfPywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEXWAAh/dfIYqpZQVVUhFFHQ6bAZMB8GA1UdIwQY
MBaAFMEChd9bA54PBOLf7OKKWo++xuk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUt
NTJhZmM3N2NhMThmLzEvUmRZQUNIOTE4aGlxbGxCVlZTRVVVZERwc0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUtNTJhZmM3N2NhMThm
LzEvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuX98AwQC
wRvoMA0GCSqGSIb3DQEBCwUAA4IBAQAsQFpixMOF5FDBsFBUsKPjU91cR53f9QTI
RiCbY6czpPiUSXkI1auAbrT0pxNSyYQ0vHwPE2VAegFobS11FBWteUugq9Qcqu0h
TzDl6y8ihY5Aj1vZ9gqejlMU9t25ZJ5WVYBDLIV20UwAGkL1pdkrGzh7Qhg5ySWh
6U1z9/9NyyQ+faLeKXbakFf8moaQdItweRBJRm/Zm/tkk47ZhwA70Gf7d5wRNCNj
mztcm7gUf7u82aam8LY5irIE/i3He1SMQn/xHJjyUuhzYUZFGI+dNJeQ8VqbU+1t
nnIkEwjBm1GN178+J3jt0me9XKmGsO8d7FWp01lSPBBb2uM0lEQM
-----END CERTIFICATE-----
Generated at Mon Jun 17 07:44:47 2024 by rpki-client on console-fra.rpki-client.org