Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/50ZlfNXQIWGYz585joKHwvQvF88.roa
File: 50ZlfNXQIWGYz585joKHwvQvF88.roa (raw, json)
Hash identifier: 7EIculqnk0n31qVPGM9NIxWSraKrQWRGQIfuyfBNaaw=
Subject key identifier: E7:46:65:7C:D5:D0:21:61:98:CF:9F:39:8E:82:87:C2:F4:2F:17:CF
Certificate issuer: /CN=a15e3f974b5f974656ccf4d45596caad1b9096d4
Certificate serial: 018CC2DAD42734DD6073D0EBB8B27A88944A
Authority key identifier: A1:5E:3F:97:4B:5F:97:46:56:CC:F4:D4:55:96:CA:AD:1B:90:96:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/50ZlfNXQIWGYz585joKHwvQvF88.roa
Signing time: Mon 01 Jan 2024 02:29:30 +0000
ROA not before: Mon 01 Jan 2024 02:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34549
IP address blocks: 185.220.149.0/24 maxlen: 24
2a0b:f841::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d4:27:34:dd:60:73:d0:eb:b8:b2:7a:88:94:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a15e3f974b5f974656ccf4d45596caad1b9096d4
Validity
Not Before: Jan 1 02:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e746657cd5d0216198cf9f398e8287c2f42f17cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ec:a2:d3:f2:3a:34:bf:38:4d:15:67:6e:01:
44:97:35:8b:9a:3c:63:8a:be:d3:b4:86:aa:5a:c8:
8e:3d:96:36:bf:15:ec:af:e9:6d:80:73:ff:a4:97:
11:23:41:cb:02:5a:d5:8b:65:9f:a8:9c:83:8e:a7:
f8:bc:b2:33:3a:27:35:94:1f:0f:1e:c6:98:a0:e6:
97:3e:30:57:6c:a4:77:d2:b8:64:05:4f:54:b2:bd:
ce:df:9d:e0:c8:0e:1b:a3:4a:da:9f:e1:65:de:cc:
d6:a4:4e:2f:3b:00:e2:b3:86:6b:50:65:41:c3:ce:
53:21:a8:3d:12:d9:d3:47:24:9c:fb:89:62:f0:23:
ec:a6:de:6a:6a:56:13:c2:91:11:99:50:cd:11:cc:
a5:c3:2b:31:ea:b5:bd:ee:ec:c6:f8:71:99:c1:7b:
15:44:23:bb:1f:2c:89:8d:56:03:66:c0:c1:3e:2f:
d8:0d:91:f2:57:ac:88:a3:e5:1c:f2:0a:15:fa:e0:
0f:39:02:a8:7d:26:c3:11:ad:c2:b3:8f:8c:ec:c5:
c6:e3:c1:da:53:d4:71:8c:b3:88:0c:e1:c9:39:98:
bb:36:d8:7f:88:e5:c9:1d:64:59:a8:6c:c7:b2:a8:
7c:92:79:5e:c9:01:1f:42:16:d8:d6:8d:95:28:f6:
18:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:46:65:7C:D5:D0:21:61:98:CF:9F:39:8E:82:87:C2:F4:2F:17:CF
X509v3 Authority Key Identifier:
keyid:A1:5E:3F:97:4B:5F:97:46:56:CC:F4:D4:55:96:CA:AD:1B:90:96:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/50ZlfNXQIWGYz585joKHwvQvF88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d6a422-3612-45af-83ab-d24b68966e0e/1/oV4_l0tfl0ZWzPTUVZbKrRuQltQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.149.0/24
IPv6:
2a0b:f841::/32
Signature Algorithm: sha256WithRSAEncryption
17:4a:aa:3a:c6:a3:39:04:ee:af:01:f9:73:c6:d9:c1:3d:1f:
8b:02:c2:a3:13:af:dc:1d:00:86:13:fe:28:dc:c3:b7:c0:97:
8d:be:eb:68:eb:c0:a5:6e:99:90:65:60:c4:d5:97:75:aa:2d:
d1:5a:43:e8:2b:57:63:46:15:38:2c:8b:55:6d:25:92:c4:33:
af:41:81:d0:da:31:5c:b2:75:cf:81:5d:b1:26:85:3e:fd:dd:
0f:89:e1:92:a9:47:b8:7d:77:f5:10:67:41:52:8b:5d:e8:7d:
2f:2a:d4:56:5d:c1:93:1a:65:3f:92:58:ee:e6:f9:b2:be:d8:
96:30:63:61:e6:a0:0f:87:fd:08:a6:9c:27:86:ca:8b:c3:35:
3f:77:d3:28:31:89:c6:8b:cc:ca:03:4f:67:92:53:10:fd:fb:
13:4e:f6:41:6a:7e:a5:35:aa:1d:a2:22:a4:40:93:e2:66:96:
be:10:ef:14:3e:65:4d:1e:f5:f9:71:5a:09:04:48:b9:6d:b9:
cd:a9:e9:65:13:7b:a7:26:00:8b:c5:97:b6:b8:d5:4b:0f:29:
15:84:55:57:07:f3:f9:f5:3b:89:e8:26:c7:e5:04:fd:53:b5:
e2:b9:de:fd:dd:be:25:f7:7f:c4:d2:16:7c:3b:4f:26:1d:fd:
18:7b:6f:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2tQnNN1gc9DruLJ6iJRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNWUzZjk3NGI1Zjk3NDY1NmNjZjRkNDU1OTZjYWFkMWI5
MDk2ZDQwHhcNMjQwMTAxMDIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzQ2NjU3Y2Q1ZDAyMTYxOThjZjlmMzk4ZTgyODdjMmY0MmYxN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueyi0/I6NL84TRVnbgFElzWLmjxj
ir7TtIaqWsiOPZY2vxXsr+ltgHP/pJcRI0HLAlrVi2WfqJyDjqf4vLIzOic1lB8P
HsaYoOaXPjBXbKR30rhkBU9Usr3O353gyA4bo0ran+Fl3szWpE4vOwDis4ZrUGVB
w85TIag9EtnTRySc+4li8CPspt5qalYTwpERmVDNEcylwysx6rW97uzG+HGZwXsV
RCO7HyyJjVYDZsDBPi/YDZHyV6yIo+Uc8goV+uAPOQKofSbDEa3Cs4+M7MXG48Ha
U9RxjLOIDOHJOZi7Nth/iOXJHWRZqGzHsqh8knleyQEfQhbY1o2VKPYYVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOdGZXzV0CFhmM+fOY6Ch8L0LxfPMB8GA1UdIwQY
MBaAFKFeP5dLX5dGVsz01FWWyq0bkJbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1Y0X2wwdGZsMFpXelBUVVZaYktyUnVRbHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kNmE0MjItMzYxMi00NWFmLTgzYWIt
ZDI0YjY4OTY2ZTBlLzEvNTBabGZOWFFJV0dZejU4NWpvS0h3dlF2Rjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kNmE0MjItMzYxMi00NWFmLTgzYWItZDI0YjY4OTY2ZTBl
LzEvb1Y0X2wwdGZsMFpXelBUVVZaYktyUnVRbHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudyVMA0E
AgACMAcDBQAqC/hBMA0GCSqGSIb3DQEBCwUAA4IBAQAXSqo6xqM5BO6vAflzxtnB
PR+LAsKjE6/cHQCGE/4o3MO3wJeNvuto68ClbpmQZWDE1Zd1qi3RWkPoK1djRhU4
LItVbSWSxDOvQYHQ2jFcsnXPgV2xJoU+/d0PieGSqUe4fXf1EGdBUotd6H0vKtRW
XcGTGmU/klju5vmyvtiWMGNh5qAPh/0IppwnhsqLwzU/d9MoMYnGi8zKA09nklMQ
/fsTTvZBan6lNaodoiKkQJPiZpa+EO8UPmVNHvX5cVoJBEi5bbnNqellE3unJgCL
xZe2uNVLDykVhFVXB/P59TuJ6CbH5QT9U7Xiud793b4l93/E0hZ8O08mHf0Ye29/
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:44:42 2024 by rpki-client on console-ams.rpki-client.org