Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/S1hMqZR1-HUYMZuOOHyUfP0OV6A.roa
File: S1hMqZR1-HUYMZuOOHyUfP0OV6A.roa (raw, json)
Hash identifier: 1HC99XxYA7H5lUUogQ/BzYiQTZG6IYtoIweVSSvgjY8=
Subject key identifier: 4B:58:4C:A9:94:75:F8:75:18:31:9B:8E:38:7C:94:7C:FD:0E:57:A0
Certificate issuer: /CN=833e0e480411b9c88e916def90fc3a901026394a
Certificate serial: 018CC56DFEE409088247F595EB37B28D2999
Authority key identifier: 83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/S1hMqZR1-HUYMZuOOHyUfP0OV6A.roa
Signing time: Mon 01 Jan 2024 14:29:29 +0000
ROA not before: Mon 01 Jan 2024 14:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.7.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 17:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fe:e4:09:08:82:47:f5:95:eb:37:b2:8d:29:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e0e480411b9c88e916def90fc3a901026394a
Validity
Not Before: Jan 1 14:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b584ca99475f87518319b8e387c947cfd0e57a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:af:44:60:29:65:2d:2b:d8:45:32:57:fa:89:
97:b8:6d:f7:1b:b2:54:58:1a:2b:8f:e0:2c:02:64:
62:24:4d:27:01:bd:ab:ce:be:83:93:67:5c:1b:5e:
c8:a6:b3:c5:0a:9f:72:a7:64:63:78:1d:89:16:38:
ff:37:c9:3e:07:b5:53:75:13:56:91:d3:39:53:e6:
b4:da:b3:80:fa:43:ad:44:6c:ec:fa:d1:f6:e0:87:
06:f5:dc:86:c0:47:33:2e:8a:ec:02:74:48:8c:bd:
d5:c9:8c:46:17:36:ca:78:58:51:af:e1:bf:e3:89:
21:6d:65:58:24:5c:de:f3:a9:64:89:32:f2:a6:ca:
99:7a:c2:66:4b:e8:28:5b:c9:dc:68:e1:c8:dc:2d:
0c:e9:71:22:60:8c:0b:cb:26:d2:29:51:f7:e1:da:
d9:bc:60:bb:c2:21:b9:de:11:cc:1e:31:0a:34:f5:
7c:83:78:7c:a4:79:cc:dd:46:0c:5f:e1:37:ea:4e:
91:24:e9:bb:22:c1:54:36:5f:ca:e4:2f:8a:5a:b6:
03:3c:23:12:07:fe:3c:45:18:c9:b8:4b:36:76:fa:
ee:9e:f5:87:03:b2:cb:d1:b9:be:21:d8:54:08:5c:
ab:67:1a:10:c0:c2:3b:d3:38:d3:d6:e6:50:03:65:
94:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:58:4C:A9:94:75:F8:75:18:31:9B:8E:38:7C:94:7C:FD:0E:57:A0
X509v3 Authority Key Identifier:
keyid:83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/S1hMqZR1-HUYMZuOOHyUfP0OV6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.73.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ef:8f:20:38:ec:9f:99:90:a3:de:6f:93:60:d7:93:13:01:
86:99:c6:e2:2f:f1:1c:ae:ad:a1:66:53:0b:8c:39:6c:2e:57:
14:4b:d9:a9:ed:7c:34:63:b8:13:d0:38:21:b5:23:38:34:f2:
16:8f:9e:8e:65:69:7c:62:0a:02:72:9e:b1:42:97:1a:36:5b:
b9:18:78:4f:12:e0:e0:b6:a8:a8:b0:1c:6c:30:b7:32:f5:d8:
70:76:d2:96:a2:86:56:2d:1f:16:68:bc:0c:ca:45:02:8e:a6:
8a:df:78:46:b4:08:ac:a6:ac:40:fb:db:0c:3d:4f:09:b0:7b:
25:07:a0:a5:92:79:4a:59:ca:2e:4b:dd:e1:b8:dc:2e:85:ac:
de:c5:61:87:a1:6a:2f:8f:d2:ad:78:b4:81:75:20:5f:e3:96:
d5:c2:e8:28:b2:4c:b2:a0:65:e3:ee:e0:0d:5c:87:eb:21:62:
c8:1d:f4:7a:9a:86:2d:fc:58:46:f2:8d:50:05:b8:7e:12:60:
16:44:72:60:e7:84:88:c8:2c:07:61:ac:6b:61:f6:96:fa:5a:
3c:9f:34:29:f1:50:2e:10:56:f8:2d:cc:71:eb:ea:47:6f:dc:
64:f9:05:f2:d3:c2:5e:45:e5:5b:d5:c2:2e:7c:1d:42:9c:81:
f1:b0:f0:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbf7kCQiCR/WV6zeyjSmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UwZTQ4MDQxMWI5Yzg4ZTkxNmRlZjkwZmMzYTkwMTAy
NjM5NGEwHhcNMjQwMTAxMTQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjU4NGNhOTk0NzVmODc1MTgzMTliOGUzODdjOTQ3Y2ZkMGU1N2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuK9EYCllLSvYRTJX+omXuG33G7JU
WBorj+AsAmRiJE0nAb2rzr6Dk2dcG17IprPFCp9yp2RjeB2JFjj/N8k+B7VTdRNW
kdM5U+a02rOA+kOtRGzs+tH24IcG9dyGwEczLorsAnRIjL3VyYxGFzbKeFhRr+G/
44khbWVYJFze86lkiTLypsqZesJmS+goW8ncaOHI3C0M6XEiYIwLyybSKVH34drZ
vGC7wiG53hHMHjEKNPV8g3h8pHnM3UYMX+E36k6RJOm7IsFUNl/K5C+KWrYDPCMS
B/48RRjJuEs2dvrunvWHA7LL0bm+IdhUCFyrZxoQwMI70zjT1uZQA2WUhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtYTKmUdfh1GDGbjjh8lHz9DlegMB8GA1UdIwQY
MBaAFIM+DkgEEbnIjpFt75D8OpAQJjlKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0T1NBUVJ1Y2lPa1czdmtQdzZrQkFtT1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hNzgyY2MtMWUwOS00NDgwLWE2ZGMt
NmMyMGViYWYzMGE5LzEvUzFoTXFaUjEtSFVZTVp1T09IeVVmUDBPVjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hNzgyY2MtMWUwOS00NDgwLWE2ZGMtNmMyMGViYWYzMGE5
LzEvZ3o0T1NBUVJ1Y2lPa1czdmtQdzZrQkFtT1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQdJMA0G
CSqGSIb3DQEBCwUAA4IBAQBA748gOOyfmZCj3m+TYNeTEwGGmcbiL/Ecrq2hZlML
jDlsLlcUS9mp7Xw0Y7gT0DghtSM4NPIWj56OZWl8YgoCcp6xQpcaNlu5GHhPEuDg
tqiosBxsMLcy9dhwdtKWooZWLR8WaLwMykUCjqaK33hGtAispqxA+9sMPU8JsHsl
B6ClknlKWcouS93huNwuhazexWGHoWovj9KteLSBdSBf45bVwugoskyyoGXj7uAN
XIfrIWLIHfR6moYt/FhG8o1QBbh+EmAWRHJg54SIyCwHYaxrYfaW+lo8nzQp8VAu
EFb4Lcxx6+pHb9xk+QXy08JeReVb1cIufB1CnIHxsPDS
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:16:27 2024 by rpki-client on console-ams.rpki-client.org