Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/rpON3Pp6zjdR-HvWBoi84aZ8MDE.roa
File: rpON3Pp6zjdR-HvWBoi84aZ8MDE.roa (raw, json)
Hash identifier: 1+PdmQZgdMB/q2FKa/0BG2GddxgShp8xj8GkcWXGN68=
Subject key identifier: AE:93:8D:DC:FA:7A:CE:37:51:F8:7B:D6:06:88:BC:E1:A6:7C:30:31
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 018CC424D66C2CCDEC504FB868FBBFD9D412
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/rpON3Pp6zjdR-HvWBoi84aZ8MDE.roa
Signing time: Mon 01 Jan 2024 08:29:57 +0000
ROA not before: Mon 01 Jan 2024 08:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59799
IP address blocks: 185.71.24.0/22 maxlen: 24
2a01:b280::/36 maxlen: 36
2a0a:fd80:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:d6:6c:2c:cd:ec:50:4f:b8:68:fb:bf:d9:d4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 08:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae938ddcfa7ace3751f87bd60688bce1a67c3031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e5:89:bb:c2:d2:de:5b:f7:82:82:38:7e:6f:
51:58:94:a8:ff:c1:c5:95:44:e1:2a:0d:27:db:d4:
46:ed:bd:ba:a0:d9:91:6d:ab:5a:78:86:1e:ff:fe:
16:0b:2d:24:fc:9c:e9:ad:e2:3c:c1:98:48:c4:d7:
92:84:f0:8b:23:aa:48:de:ab:4d:bb:6a:f3:7c:36:
7e:dd:0e:3e:11:68:d9:fb:ae:fd:5f:5a:6a:f6:80:
fb:d5:14:1f:c4:3b:51:eb:84:93:3a:a1:db:4e:68:
ef:67:7a:6b:96:34:f6:03:2f:fc:fd:b7:04:d9:ce:
0c:73:d0:e9:7f:b1:5e:76:45:c1:1a:b5:48:54:fb:
e6:b8:73:24:f2:f6:6f:9d:a0:fa:1c:39:e5:06:cb:
ff:79:1c:40:75:3c:d0:1c:ea:29:b3:10:77:4e:63:
e6:23:de:be:3c:c1:a4:76:36:60:da:8f:e3:fc:fa:
27:9f:d5:a7:64:f1:59:0c:01:12:ce:32:3d:7c:63:
57:b0:20:f8:5e:32:62:10:93:ce:1e:03:30:84:b2:
29:81:ad:04:f7:81:9b:fc:71:8a:9b:4f:33:92:f6:
43:08:aa:84:e0:a6:5a:cc:27:0e:ea:a5:c1:76:e7:
33:b7:80:c5:8e:50:18:c1:17:f8:ec:12:e5:3d:fb:
c0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:93:8D:DC:FA:7A:CE:37:51:F8:7B:D6:06:88:BC:E1:A6:7C:30:31
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/rpON3Pp6zjdR-HvWBoi84aZ8MDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.24.0/22
IPv6:
2a01:b280::/36
2a0a:fd80:5000::/36
Signature Algorithm: sha256WithRSAEncryption
64:e4:16:65:8a:44:65:82:53:c5:a5:6a:01:67:4f:b4:7f:05:
49:3f:55:0a:02:f7:0e:0d:93:1b:ac:50:19:91:17:31:2f:45:
b6:d7:9e:71:83:12:3e:fd:0f:54:a7:bb:85:50:52:e5:4c:fa:
de:fc:62:bc:a6:7c:55:f0:e5:34:42:b5:3d:b4:63:6b:fe:3c:
ed:bc:e3:00:21:ce:ab:64:bf:30:3e:a6:d1:27:d4:10:c2:63:
03:72:49:d0:05:b7:42:cf:63:5b:1a:0b:93:4c:d9:72:e3:f0:
b2:68:23:ab:e1:29:9e:ea:01:db:f5:c1:13:84:be:a0:43:40:
47:ba:63:ed:75:bd:61:5c:ec:9e:af:0f:dc:28:a4:a7:16:74:
4f:e5:79:6c:f8:74:a9:49:59:92:33:25:73:a4:ce:75:20:00:
95:49:4f:06:42:47:79:0e:b3:1d:cc:50:a6:b1:74:74:23:98:
81:a3:78:20:15:0f:ce:c6:7d:be:a9:6d:a1:41:e9:b1:89:0a:
48:e7:a2:fe:42:d2:26:52:5d:b2:d6:89:61:d8:17:95:b1:06:
6a:6d:59:38:66:f8:50:59:b9:20:70:95:70:6b:6a:ed:c0:69:
9a:d4:61:08:3c:ba:32:e2:54:88:91:01:0d:de:d0:26:67:55:
49:72:78:7a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJNZsLM3sUE+4aPu/2dQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjQwMTAxMDgyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTkzOGRkY2ZhN2FjZTM3NTFmODdiZDYwNjg4YmNlMWE2N2MzMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+WJu8LS3lv3goI4fm9RWJSo/8HF
lUThKg0n29RG7b26oNmRbataeIYe//4WCy0k/JzpreI8wZhIxNeShPCLI6pI3qtN
u2rzfDZ+3Q4+EWjZ+679X1pq9oD71RQfxDtR64STOqHbTmjvZ3prljT2Ay/8/bcE
2c4Mc9Dpf7FedkXBGrVIVPvmuHMk8vZvnaD6HDnlBsv/eRxAdTzQHOopsxB3TmPm
I96+PMGkdjZg2o/j/Ponn9WnZPFZDAESzjI9fGNXsCD4XjJiEJPOHgMwhLIpga0E
94Gb/HGKm08zkvZDCKqE4KZazCcO6qXBduczt4DFjlAYwRf47BLlPfvAQwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK6Tjdz6es43Ufh71gaIvOGmfDAxMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvcnBPTjNQcDZ6amRSLUh2V0JvaTg0YVo4TURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGItYzI1Nzc5MmRhZGM0
LzEveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuUcYMBYE
AgACMBADBgQqAbKAAAMGBCoK/YBQMA0GCSqGSIb3DQEBCwUAA4IBAQBk5BZlikRl
glPFpWoBZ0+0fwVJP1UKAvcODZMbrFAZkRcxL0W2155xgxI+/Q9Up7uFUFLlTPre
/GK8pnxV8OU0QrU9tGNr/jztvOMAIc6rZL8wPqbRJ9QQwmMDcknQBbdCz2NbGguT
TNly4/CyaCOr4Sme6gHb9cEThL6gQ0BHumPtdb1hXOyerw/cKKSnFnRP5Xls+HSp
SVmSMyVzpM51IACVSU8GQkd5DrMdzFCmsXR0I5iBo3ggFQ/Oxn2+qW2hQemxiQpI
56L+QtImUl2y1olh2BeVsQZqbVk4ZvhQWbkgcJVwa2rtwGma1GEIPLoy4lSIkQEN
3tAmZ1VJcnh6
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:33:57 2024 by rpki-client on console-ams.rpki-client.org