Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/099aeb-c713-42f8-91d6-38447855d669/1/1-2wi3eAdAgV2HdbOuqsXnFmpc7Q.roa
File: 1-2wi3eAdAgV2HdbOuqsXnFmpc7Q.roa (raw, json)
Hash identifier: vYDBw5OZVflt4DFmKQKl6NMfi67TRtxvgvVvi+dTA1Q=
Subject key identifier: FB:6C:22:DD:E0:1D:02:05:76:1D:D6:CE:BA:AB:17:9C:59:A9:73:B4
Certificate issuer: /CN=64f47c98440f103825c8ea5074298b18cc113e20
Certificate serial: 018CC50051581F089ADE95E2B4AD52AA624B
Authority key identifier: 64:F4:7C:98:44:0F:10:38:25:C8:EA:50:74:29:8B:18:CC:11:3E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPR8mEQPEDglyOpQdCmLGMwRPiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/099aeb-c713-42f8-91d6-38447855d669/1/1-2wi3eAdAgV2HdbOuqsXnFmpc7Q.roa
Signing time: Mon 01 Jan 2024 12:29:41 +0000
ROA not before: Mon 01 Jan 2024 12:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201639
IP address blocks: 185.3.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/099aeb-c713-42f8-91d6-38447855d669/1/ZPR8mEQPEDglyOpQdCmLGMwRPiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/099aeb-c713-42f8-91d6-38447855d669/1/ZPR8mEQPEDglyOpQdCmLGMwRPiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZPR8mEQPEDglyOpQdCmLGMwRPiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:51:58:1f:08:9a:de:95:e2:b4:ad:52:aa:62:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64f47c98440f103825c8ea5074298b18cc113e20
Validity
Not Before: Jan 1 12:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb6c22dde01d0205761dd6cebaab179c59a973b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:47:25:45:b8:41:15:0b:d0:44:7a:de:83:42:
0e:aa:15:14:4a:24:01:88:ab:94:be:8b:51:0e:8b:
54:ef:af:d2:d9:80:a8:41:b5:ed:cb:0f:0f:07:65:
d5:43:f4:4d:16:0c:d3:75:b7:6a:74:10:a0:ab:9e:
73:8f:c7:0e:6c:1b:7f:7e:13:09:df:3c:d8:48:e8:
c6:29:83:75:9d:59:80:aa:b7:3c:fd:53:16:8b:e6:
98:8c:28:78:85:00:0d:f8:4e:e8:67:6e:cf:90:bb:
ed:a7:22:79:5b:be:3e:e1:11:20:69:3e:e1:73:07:
ad:d5:56:5e:7c:3d:bf:40:1d:32:36:5c:98:b9:be:
ed:4a:40:1f:00:f7:ed:8e:ac:42:a5:98:b2:98:53:
de:b5:e3:cd:fc:fe:57:20:90:4f:96:ea:af:15:88:
80:51:d7:22:8b:ef:b1:6a:05:12:98:7a:2a:c0:b5:
cd:ab:f6:9e:95:16:65:61:b0:bc:0c:a5:3d:94:7e:
2c:e9:ad:e0:1c:9d:fd:57:38:fe:41:46:a5:94:f5:
bb:0a:1d:81:cf:0d:c6:53:44:1f:e7:8e:64:3c:c6:
ef:c5:e6:02:6b:49:67:09:53:43:33:8b:95:60:d3:
10:2d:2d:7c:86:ef:d2:c7:4f:71:15:0a:4c:25:fd:
30:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:6C:22:DD:E0:1D:02:05:76:1D:D6:CE:BA:AB:17:9C:59:A9:73:B4
X509v3 Authority Key Identifier:
keyid:64:F4:7C:98:44:0F:10:38:25:C8:EA:50:74:29:8B:18:CC:11:3E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPR8mEQPEDglyOpQdCmLGMwRPiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/099aeb-c713-42f8-91d6-38447855d669/1/1-2wi3eAdAgV2HdbOuqsXnFmpc7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/099aeb-c713-42f8-91d6-38447855d669/1/ZPR8mEQPEDglyOpQdCmLGMwRPiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.188.0/24
Signature Algorithm: sha256WithRSAEncryption
73:a9:3f:7f:e1:e7:ed:47:a5:17:f0:bb:31:ef:f1:dc:cb:d0:
f4:c8:85:43:df:1f:2c:e6:28:f3:7b:ef:10:7c:1b:9c:b7:6a:
84:d0:4b:dc:d9:a3:7d:64:ab:c4:7e:58:f3:3c:5d:42:24:33:
89:34:26:38:15:05:2e:a0:bb:01:3c:79:7f:66:17:42:2e:df:
b4:a4:f8:2d:12:be:ba:99:64:9b:ef:72:80:56:ef:6b:c8:91:
27:98:7f:88:69:e3:11:be:4d:5c:0d:0d:4d:6c:77:d1:01:b6:
15:7d:0b:f5:97:a4:6e:69:fb:b2:74:c3:62:b3:09:d9:54:98:
88:5b:87:2f:ee:6c:dc:e6:1f:ae:87:8e:ab:3a:6e:cc:bf:3b:
47:02:91:7e:5f:c4:c5:ff:0c:91:76:5c:55:44:52:f0:99:60:
54:29:1a:77:d3:06:3c:b5:9b:88:cd:21:12:df:dc:4b:dc:2a:
b1:ba:25:6a:c2:97:19:7d:bd:6a:98:0e:13:9b:8c:88:4a:a8:
33:54:c6:d8:18:c3:61:c9:12:de:14:3f:82:09:53:f3:50:ef:
fe:ec:d6:0a:ca:ea:b3:25:db:ad:bc:9e:80:cb:92:c1:53:85:
09:7e:05:53:e5:20:e0:6d:d8:0e:39:34:63:0a:7a:d5:f4:1d:
22:3d:88:c4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFAFFYHwia3pXitK1SqmJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZjQ3Yzk4NDQwZjEwMzgyNWM4ZWE1MDc0Mjk4YjE4Y2Mx
MTNlMjAwHhcNMjQwMTAxMTIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjZjMjJkZGUwMWQwMjA1NzYxZGQ2Y2ViYWFiMTc5YzU5YTk3M2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEclRbhBFQvQRHreg0IOqhUUSiQB
iKuUvotRDotU76/S2YCoQbXtyw8PB2XVQ/RNFgzTdbdqdBCgq55zj8cObBt/fhMJ
3zzYSOjGKYN1nVmAqrc8/VMWi+aYjCh4hQAN+E7oZ27PkLvtpyJ5W74+4REgaT7h
cwet1VZefD2/QB0yNlyYub7tSkAfAPftjqxCpZiymFPetePN/P5XIJBPluqvFYiA
Udcii++xagUSmHoqwLXNq/aelRZlYbC8DKU9lH4s6a3gHJ39Vzj+QUallPW7Ch2B
zw3GU0Qf545kPMbvxeYCa0lnCVNDM4uVYNMQLS18hu/Sx09xFQpMJf0w5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPtsIt3gHQIFdh3WzrqrF5xZqXO0MB8GA1UdIwQY
MBaAFGT0fJhEDxA4JcjqUHQpixjMET4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBSOG1FUVBFRGdseU9wUWRDbUxHTXdSUGlBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTlhZWItYzcxMy00MmY4LTkxZDYt
Mzg0NDc4NTVkNjY5LzEvMS0yd2kzZUFkQWdWMkhkYk91cXNYbkZtcGM3US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvMDk5YWViLWM3MTMtNDJmOC05MWQ2LTM4NDQ3ODU1ZDY2
OS8xL1pQUjhtRVFQRURnbHlPcFFkQ21MR013UlBpQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkDvDAN
BgkqhkiG9w0BAQsFAAOCAQEAc6k/f+Hn7UelF/C7Me/x3MvQ9MiFQ98fLOYo83vv
EHwbnLdqhNBL3NmjfWSrxH5Y8zxdQiQziTQmOBUFLqC7ATx5f2YXQi7ftKT4LRK+
uplkm+9ygFbva8iRJ5h/iGnjEb5NXA0NTWx30QG2FX0L9Zekbmn7snTDYrMJ2VSY
iFuHL+5s3OYfroeOqzpuzL87RwKRfl/Exf8MkXZcVURS8JlgVCkad9MGPLWbiM0h
Et/cS9wqsbolasKXGX29apgOE5uMiEqoM1TG2BjDYckS3hQ/gglT81Dv/uzWCsrq
syXbrbyegMuSwVOFCX4FU+Ug4G3YDjk0Ywp61fQdIj2IxA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:49 2024 by rpki-client on console-fra.rpki-client.org