Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/1-wtoDPK2N3_qZ8U2m7dQW4AYvec.roa
File: 1-wtoDPK2N3_qZ8U2m7dQW4AYvec.roa (raw, json)
Hash identifier: dTmbVrICEHy/u8fc0nKk49+6LJG2UUEzB5dBWTFSEAo=
Subject key identifier: FB:0B:68:0C:F2:B6:37:7F:EA:67:C5:36:9B:B7:50:5B:80:18:BD:E7
Certificate issuer: /CN=db9b939d7bca13b6d8ccf4d8e78676f3807a0ece
Certificate serial: 018CCA2AA56BE8508DB34AC0F95E45720223
Authority key identifier: DB:9B:93:9D:7B:CA:13:B6:D8:CC:F4:D8:E7:86:76:F3:80:7A:0E:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25uTnXvKE7bYzPTY54Z284B6Ds4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/1-wtoDPK2N3_qZ8U2m7dQW4AYvec.roa
Signing time: Tue 02 Jan 2024 12:34:01 +0000
ROA not before: Tue 02 Jan 2024 12:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34447
IP address blocks: 185.97.94.0/24 maxlen: 24
185.97.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/25uTnXvKE7bYzPTY54Z284B6Ds4.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/25uTnXvKE7bYzPTY54Z284B6Ds4.mft
rsync://rpki.ripe.net/repository/DEFAULT/25uTnXvKE7bYzPTY54Z284B6Ds4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 13:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a5:6b:e8:50:8d:b3:4a:c0:f9:5e:45:72:02:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9b939d7bca13b6d8ccf4d8e78676f3807a0ece
Validity
Not Before: Jan 2 12:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb0b680cf2b6377fea67c5369bb7505b8018bde7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4e:6e:82:56:a5:fa:57:e9:46:1f:92:16:0f:
f0:76:51:a8:33:25:b0:67:82:b8:47:7f:fa:39:c1:
5a:c2:a7:e3:08:93:e5:df:1f:45:44:5c:23:59:08:
6b:c6:c4:ca:4f:0c:b8:b1:27:26:ab:c6:b7:a8:b8:
ec:84:de:8e:e9:90:29:4f:dc:f8:9a:9f:bf:b6:ed:
3b:48:b6:5e:a0:4a:0d:39:ce:23:7f:3e:88:c4:4d:
de:12:ef:04:2f:d1:64:b0:6b:d3:44:f1:e9:38:a6:
d8:d4:58:fa:6d:7d:4b:a8:c5:cc:50:ad:da:8b:1b:
9b:00:66:2c:cf:e6:01:06:04:9d:9f:b4:7a:90:b4:
23:ad:3b:15:ca:91:cb:b9:43:4e:6c:be:d8:1b:f5:
1f:52:e7:b2:d3:c8:19:54:6f:0f:44:90:2d:19:8c:
49:e6:e0:ae:a4:a2:67:d9:69:7c:b1:0c:53:f6:25:
7d:ac:ed:85:40:74:f7:23:e6:27:5f:3f:f7:4e:d8:
bf:f4:9a:e2:f2:8f:70:f0:4b:e7:a5:da:a6:7f:dc:
04:63:dc:38:2c:3e:7e:20:ea:dc:41:2c:49:55:fc:
80:5d:12:1a:76:01:5f:7f:eb:a6:cf:af:1e:61:d9:
34:d9:62:ea:1a:4c:6f:e4:b0:e2:34:88:e3:df:37:
47:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:0B:68:0C:F2:B6:37:7F:EA:67:C5:36:9B:B7:50:5B:80:18:BD:E7
X509v3 Authority Key Identifier:
keyid:DB:9B:93:9D:7B:CA:13:B6:D8:CC:F4:D8:E7:86:76:F3:80:7A:0E:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25uTnXvKE7bYzPTY54Z284B6Ds4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/1-wtoDPK2N3_qZ8U2m7dQW4AYvec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/25uTnXvKE7bYzPTY54Z284B6Ds4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.92.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:a9:57:d5:ef:ff:15:a3:dd:e7:c6:ea:4d:c3:eb:e9:2d:50:
72:64:d4:a7:6c:eb:46:50:9d:55:cd:01:63:f9:e2:43:68:a7:
a6:9c:52:03:0b:47:cc:bf:7c:4d:94:24:a4:0e:50:76:f8:0b:
0f:c7:15:fa:91:01:80:f5:c1:1b:1d:58:15:dc:70:71:ea:13:
51:f4:a1:d1:46:be:c3:bd:3d:01:55:43:55:7b:e9:3a:bb:59:
eb:d4:28:2c:9b:33:47:09:9f:92:76:44:b1:97:60:3a:52:be:
90:9d:01:be:1f:72:c0:56:25:9f:8c:ef:d7:af:d3:88:22:cc:
df:d0:52:63:92:2f:c1:e8:04:34:2f:b1:f3:58:d9:e1:81:b5:
5d:cd:8b:c7:4d:c7:8f:6d:d9:bb:f2:fc:b3:8b:ed:d8:3b:4a:
a0:26:79:2f:43:b9:98:b2:56:18:7e:eb:5e:3a:16:e5:1d:c7:
a3:0f:99:72:d4:48:d8:26:b9:e2:a0:ed:c6:9a:a0:7d:d0:68:
ad:1d:3f:a8:b7:4f:62:aa:3a:e4:2c:7f:9f:53:ef:e5:bd:d9:
70:59:51:fa:31:db:03:fd:fc:d5:ae:31:69:90:a2:69:7b:e6:
16:b7:70:1b:5c:0d:70:ab:43:c3:40:aa:f5:32:bc:e6:c9:c7:
91:41:f7:11
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKKqVr6FCNs0rA+V5FcgIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWI5MzlkN2JjYTEzYjZkOGNjZjRkOGU3ODY3NmYzODA3
YTBlY2UwHhcNMjQwMTAyMTIzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjBiNjgwY2YyYjYzNzdmZWE2N2M1MzY5YmI3NTA1YjgwMThiZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt05uglal+lfpRh+SFg/wdlGoMyWw
Z4K4R3/6OcFawqfjCJPl3x9FRFwjWQhrxsTKTwy4sScmq8a3qLjshN6O6ZApT9z4
mp+/tu07SLZeoEoNOc4jfz6IxE3eEu8EL9FksGvTRPHpOKbY1Fj6bX1LqMXMUK3a
ixubAGYsz+YBBgSdn7R6kLQjrTsVypHLuUNObL7YG/UfUuey08gZVG8PRJAtGYxJ
5uCupKJn2Wl8sQxT9iV9rO2FQHT3I+YnXz/3Tti/9Jri8o9w8Evnpdqmf9wEY9w4
LD5+IOrcQSxJVfyAXRIadgFff+umz68eYdk02WLqGkxv5LDiNIjj3zdH8QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPsLaAzytjd/6mfFNpu3UFuAGL3nMB8GA1UdIwQY
MBaAFNubk517yhO22Mz02OeGdvOAeg7OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjV1VG5YdktFN2JZelBUWTU0WjI4NEI2RHM0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS85MzgzMzAtY2NkOC00ZTdhLTgyMWMt
YTY5YzViYzdlZDU3LzEvMS13dG9EUEsyTjNfcVo4VTJtN2RRVzRBWXZlYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjkvOTM4MzMwLWNjZDgtNGU3YS04MjFjLWE2OWM1YmM3ZWQ1
Ny8xLzI1dVRuWHZLRTdiWXpQVFk1NFoyODRCNkRzNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlhXDAN
BgkqhkiG9w0BAQsFAAOCAQEAHKlX1e//FaPd58bqTcPr6S1QcmTUp2zrRlCdVc0B
Y/niQ2inppxSAwtHzL98TZQkpA5QdvgLD8cV+pEBgPXBGx1YFdxwceoTUfSh0Ua+
w709AVVDVXvpOrtZ69QoLJszRwmfknZEsZdgOlK+kJ0Bvh9ywFYln4zv16/TiCLM
39BSY5IvwegENC+x81jZ4YG1Xc2Lx03Hj23Zu/L8s4vt2DtKoCZ5L0O5mLJWGH7r
XjoW5R3How+ZctRI2Ca54qDtxpqgfdBorR0/qLdPYqo65Cx/n1Pv5b3ZcFlR+jHb
A/381a4xaZCiaXvmFrdwG1wNcKtDw0Cq9TK85snHkUH3EQ==
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:55:24 2024 by rpki-client on console-fra.rpki-client.org