Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/96zdqnwD9UASKpZ_TzcuOUnxmgA.roa
File: 96zdqnwD9UASKpZ_TzcuOUnxmgA.roa (raw, json)
Hash identifier: Sm63cL2djPu9C7UzCQyXfynVDOyGZtZRKNfOahp3GWQ=
Subject key identifier: F7:AC:DD:AA:7C:03:F5:40:12:2A:96:7F:4F:37:2E:39:49:F1:9A:00
Certificate issuer: /CN=d0e31a149c2e6ae9acc729cf7ac1706de3de739b
Certificate serial: 018CC726EB1F4A9EFB14D0D92DB2C5505973
Authority key identifier: D0:E3:1A:14:9C:2E:6A:E9:AC:C7:29:CF:7A:C1:70:6D:E3:DE:73:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OMaFJwuaumsxynPesFwbePec5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/96zdqnwD9UASKpZ_TzcuOUnxmgA.roa
Signing time: Mon 01 Jan 2024 22:31:05 +0000
ROA not before: Mon 01 Jan 2024 22:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207330
IP address blocks: 185.144.112.0/24 maxlen: 24
2a12:a3c6::/31 maxlen: 31
2a12:a3c2::/31 maxlen: 31
2a12:a3c0::/31 maxlen: 31
2a12:a3c4::/31 maxlen: 31
2a12:a3c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/0OMaFJwuaumsxynPesFwbePec5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/0OMaFJwuaumsxynPesFwbePec5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/0OMaFJwuaumsxynPesFwbePec5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 16:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:eb:1f:4a:9e:fb:14:d0:d9:2d:b2:c5:50:59:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0e31a149c2e6ae9acc729cf7ac1706de3de739b
Validity
Not Before: Jan 1 22:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7acddaa7c03f540122a967f4f372e3949f19a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:27:6d:ac:e4:f1:25:d6:ab:c1:8e:66:07:9d:
e6:af:49:ba:65:af:fc:b3:24:d0:a3:59:13:ee:71:
0d:f7:49:76:08:a6:92:4b:05:80:0f:78:75:fd:5a:
f3:da:97:0c:76:46:ef:4e:4f:6d:94:91:99:48:d2:
40:5b:3e:62:07:2a:e8:7b:3a:26:19:91:50:54:43:
a7:27:05:c8:2d:07:dd:c4:6a:1f:5d:51:1c:19:03:
0a:53:b2:94:a3:de:47:04:93:68:24:4b:dc:bd:92:
b2:18:f2:50:69:46:41:14:d5:98:cf:2f:40:49:a3:
b2:3c:09:b6:13:d4:43:3a:5d:d9:bb:76:a5:cc:50:
ed:68:df:33:c2:b7:c9:cd:c1:fa:13:33:db:06:14:
1b:84:80:5a:b6:b0:f2:af:fc:69:36:3e:c1:5c:56:
87:2a:94:06:3a:89:cd:ec:61:22:3a:db:e9:80:59:
e0:21:ad:c9:63:bb:1a:34:ec:0a:f7:10:d2:fe:da:
b9:ab:8c:ac:cd:c7:df:60:55:a0:6f:f1:1c:25:18:
24:90:60:1b:bf:f1:51:8f:f5:66:81:70:19:9f:fe:
73:21:16:4a:10:d5:de:a7:c8:f0:c7:2d:d4:b2:3e:
b8:8d:ba:d4:1b:67:57:2c:e8:9c:35:86:4a:f1:b5:
fc:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AC:DD:AA:7C:03:F5:40:12:2A:96:7F:4F:37:2E:39:49:F1:9A:00
X509v3 Authority Key Identifier:
keyid:D0:E3:1A:14:9C:2E:6A:E9:AC:C7:29:CF:7A:C1:70:6D:E3:DE:73:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OMaFJwuaumsxynPesFwbePec5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/96zdqnwD9UASKpZ_TzcuOUnxmgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d46e2b-de4d-4b6f-8dd7-69629c501943/1/0OMaFJwuaumsxynPesFwbePec5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.112.0/24
IPv6:
2a12:a3c0::/29
Signature Algorithm: sha256WithRSAEncryption
15:ff:b1:bd:4c:4e:13:04:35:36:cc:44:a8:0d:a7:78:62:c8:
e7:ca:0b:91:42:fb:c8:b1:84:13:97:97:9c:4c:cf:5f:cb:1f:
1c:7c:53:22:cd:29:4b:1d:45:b7:37:70:2d:50:84:16:6b:7d:
7c:4a:22:a3:35:af:d5:64:6a:ba:ea:7a:9d:9f:56:10:2d:36:
4b:39:6e:f4:2f:a9:ba:71:99:96:cd:41:fa:6a:45:9e:c9:0d:
11:b0:9f:48:23:b5:f8:4d:27:5d:7a:2f:27:b9:2a:17:17:b7:
18:df:e2:a9:03:85:2c:ac:bd:80:10:3d:35:52:25:b3:b6:9a:
63:6c:45:84:98:37:7d:cb:14:3a:9d:f2:7c:5c:d9:1a:f9:55:
dd:dd:76:0f:b0:af:20:c8:39:b1:13:14:4c:ed:13:b8:70:22:
94:96:6c:99:81:0f:59:13:20:79:46:99:d8:08:30:0d:f7:fc:
c4:e8:b1:cb:23:6e:11:10:87:21:09:7d:06:7f:97:2d:14:76:
ef:09:09:6e:35:d1:41:59:8d:8d:9a:1b:0f:1e:b0:b9:f5:a7:
f6:b2:25:64:7b:70:25:16:d6:2a:36:d6:16:9f:ab:4d:ee:02:
9f:5c:77:be:1e:cf:21:be:7e:50:88:55:d3:fe:dd:73:c7:ee:
4e:42:1a:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJusfSp77FNDZLbLFUFlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZTMxYTE0OWMyZTZhZTlhY2M3MjljZjdhYzE3MDZkZTNk
ZTczOWIwHhcNMjQwMTAxMjIzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2FjZGRhYTdjMDNmNTQwMTIyYTk2N2Y0ZjM3MmUzOTQ5ZjE5YTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjidtrOTxJdarwY5mB53mr0m6Za/8
syTQo1kT7nEN90l2CKaSSwWAD3h1/Vrz2pcMdkbvTk9tlJGZSNJAWz5iByroezom
GZFQVEOnJwXILQfdxGofXVEcGQMKU7KUo95HBJNoJEvcvZKyGPJQaUZBFNWYzy9A
SaOyPAm2E9RDOl3Zu3alzFDtaN8zwrfJzcH6EzPbBhQbhIBatrDyr/xpNj7BXFaH
KpQGOonN7GEiOtvpgFngIa3JY7saNOwK9xDS/tq5q4yszcffYFWgb/EcJRgkkGAb
v/FRj/VmgXAZn/5zIRZKENXep8jwxy3Usj64jbrUG2dXLOicNYZK8bX8TQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPes3ap8A/VAEiqWf083LjlJ8ZoAMB8GA1UdIwQY
MBaAFNDjGhScLmrprMcpz3rBcG3j3nObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME9NYUZKd3VhdW1zeHluUGVzRndiZVBlYzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kNDZlMmItZGU0ZC00YjZmLThkZDct
Njk2MjljNTAxOTQzLzEvOTZ6ZHFud0Q5VUFTS3BaX1R6Y3VPVW54bWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kNDZlMmItZGU0ZC00YjZmLThkZDctNjk2MjljNTAxOTQz
LzEvME9NYUZKd3VhdW1zeHluUGVzRndiZVBlYzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZBwMA0E
AgACMAcDBQMqEqPAMA0GCSqGSIb3DQEBCwUAA4IBAQAV/7G9TE4TBDU2zESoDad4
YsjnyguRQvvIsYQTl5ecTM9fyx8cfFMizSlLHUW3N3AtUIQWa318SiKjNa/VZGq6
6nqdn1YQLTZLOW70L6m6cZmWzUH6akWeyQ0RsJ9II7X4TSddei8nuSoXF7cY3+Kp
A4UsrL2AED01UiWztppjbEWEmDd9yxQ6nfJ8XNka+VXd3XYPsK8gyDmxExRM7RO4
cCKUlmyZgQ9ZEyB5RpnYCDAN9/zE6LHLI24REIchCX0Gf5ctFHbvCQluNdFBWY2N
mhsPHrC59af2siVke3AlFtYqNtYWn6tN7gKfXHe+Hs8hvn5QiFXT/t1zx+5OQhrN
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:09:06 2024 by rpki-client on console-ams.rpki-client.org