Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/USu0kyiMDKckkaitq_nFnDF8p-k.roa
File: USu0kyiMDKckkaitq_nFnDF8p-k.roa (raw, json)
Hash identifier: IpVblkGSLoBRSOZDa3aDN/5P/w3mh26A3KxvnU3Y1Vk=
Subject key identifier: 51:2B:B4:93:28:8C:0C:A7:24:91:A8:AD:AB:F9:C5:9C:31:7C:A7:E9
Certificate issuer: /CN=833e0e480411b9c88e916def90fc3a901026394a
Certificate serial: 018CC56DFEBB09FDEDAAD86BCEB292CF3E1E
Authority key identifier: 83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/USu0kyiMDKckkaitq_nFnDF8p-k.roa
Signing time: Mon 01 Jan 2024 14:29:29 +0000
ROA not before: Mon 01 Jan 2024 14:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.7.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:fe:bb:09:fd:ed:aa:d8:6b:ce:b2:92:cf:3e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e0e480411b9c88e916def90fc3a901026394a
Validity
Not Before: Jan 1 14:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=512bb493288c0ca72491a8adabf9c59c317ca7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7a:bf:aa:33:cb:cf:89:8e:c7:a7:4a:0f:b6:
8b:60:a5:2a:65:7d:2b:07:d1:76:98:b5:f4:07:27:
a6:53:ef:f1:2f:fa:e2:f9:da:88:56:f7:a6:e6:4e:
f1:95:a4:92:e4:0a:fb:d7:da:26:ef:8b:75:c2:a5:
2c:ce:5a:1e:03:56:42:19:85:90:a5:73:d5:9c:8a:
89:68:88:8f:40:bf:62:98:3a:89:39:5e:ca:a5:65:
96:79:20:15:13:45:26:9e:ad:6a:6d:13:0d:01:74:
24:35:3c:76:b4:16:0e:bc:94:f5:ac:31:2d:25:9d:
4c:3a:88:79:d2:98:73:39:c0:91:07:af:9a:1e:32:
ec:e1:9f:c6:25:d3:05:ce:72:4e:e3:90:57:d8:1d:
fe:76:e1:ab:47:a2:3c:b9:fd:37:18:eb:32:c8:da:
2a:61:ef:83:09:39:e5:d6:58:58:86:71:16:1a:ee:
9f:e2:15:9e:c2:b2:2f:71:0b:4f:a3:ff:8c:f8:1c:
89:be:d9:11:41:d9:a4:e6:ee:48:9b:5c:c9:99:eb:
22:6f:65:98:7c:27:94:19:9d:0f:a5:40:d6:52:be:
5a:3d:b6:df:b3:67:39:9d:e6:d0:05:9c:1e:5d:23:
a1:2c:a6:08:a3:ed:5e:a1:91:35:84:a2:7d:12:3a:
2a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:2B:B4:93:28:8C:0C:A7:24:91:A8:AD:AB:F9:C5:9C:31:7C:A7:E9
X509v3 Authority Key Identifier:
keyid:83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/USu0kyiMDKckkaitq_nFnDF8p-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.73.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:8d:9d:f9:8b:57:ae:e3:e9:c8:a1:99:ae:b4:8b:55:b9:fd:
a7:93:8c:37:49:f6:66:86:74:55:1c:91:8a:88:58:df:13:01:
3b:bf:cf:e2:12:c8:e7:02:b6:11:26:af:31:e8:bc:35:6d:55:
82:bb:0e:18:02:9a:f4:d5:40:ba:2f:73:d6:be:85:c8:50:9f:
98:1b:c5:6d:a9:68:c8:28:47:fa:3a:74:30:74:80:8f:99:0b:
32:5d:dc:bd:56:97:99:22:ca:73:fa:f5:e5:bd:ea:7b:5c:97:
69:2a:60:0e:a9:d1:1b:31:a0:52:f1:cc:76:71:c5:0f:d4:d8:
b0:41:9a:c4:59:e7:3f:78:99:71:33:c3:38:a7:1e:80:66:64:
20:ed:42:ec:00:c1:c4:e9:e5:36:a2:53:c6:f6:7a:5d:f4:e2:
a2:d4:3b:60:10:e1:13:fc:47:7a:d1:7d:a0:9c:b4:32:c3:08:
df:7a:e8:cc:1c:dc:4a:9d:b8:ff:ad:f8:4f:59:c3:de:39:25:
55:d9:7a:d1:1c:18:14:b6:54:a8:33:f3:3d:50:85:9d:9e:32:
7e:1c:80:50:56:de:c4:61:58:64:76:d8:96:19:75:f5:e8:59:
af:0d:53:bf:c1:91:4c:3c:60:ac:2c:c4:1f:d5:78:c6:31:98:
09:c3:3f:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbf67Cf3tqthrzrKSzz4eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UwZTQ4MDQxMWI5Yzg4ZTkxNmRlZjkwZmMzYTkwMTAy
NjM5NGEwHhcNMjQwMTAxMTQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJiYjQ5MzI4OGMwY2E3MjQ5MWE4YWRhYmY5YzU5YzMxN2NhN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXq/qjPLz4mOx6dKD7aLYKUqZX0r
B9F2mLX0ByemU+/xL/ri+dqIVvem5k7xlaSS5Ar719om74t1wqUszloeA1ZCGYWQ
pXPVnIqJaIiPQL9imDqJOV7KpWWWeSAVE0Umnq1qbRMNAXQkNTx2tBYOvJT1rDEt
JZ1MOoh50phzOcCRB6+aHjLs4Z/GJdMFznJO45BX2B3+duGrR6I8uf03GOsyyNoq
Ye+DCTnl1lhYhnEWGu6f4hWewrIvcQtPo/+M+ByJvtkRQdmk5u5Im1zJmesib2WY
fCeUGZ0PpUDWUr5aPbbfs2c5nebQBZweXSOhLKYIo+1eoZE1hKJ9EjoqZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFErtJMojAynJJGorav5xZwxfKfpMB8GA1UdIwQY
MBaAFIM+DkgEEbnIjpFt75D8OpAQJjlKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0T1NBUVJ1Y2lPa1czdmtQdzZrQkFtT1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hNzgyY2MtMWUwOS00NDgwLWE2ZGMt
NmMyMGViYWYzMGE5LzEvVVN1MGt5aU1ES2Nra2FpdHFfbkZuREY4cC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hNzgyY2MtMWUwOS00NDgwLWE2ZGMtNmMyMGViYWYzMGE5
LzEvZ3o0T1NBUVJ1Y2lPa1czdmtQdzZrQkFtT1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQdJMA0G
CSqGSIb3DQEBCwUAA4IBAQCwjZ35i1eu4+nIoZmutItVuf2nk4w3SfZmhnRVHJGK
iFjfEwE7v8/iEsjnArYRJq8x6Lw1bVWCuw4YApr01UC6L3PWvoXIUJ+YG8VtqWjI
KEf6OnQwdICPmQsyXdy9VpeZIspz+vXlvep7XJdpKmAOqdEbMaBS8cx2ccUP1Niw
QZrEWec/eJlxM8M4px6AZmQg7ULsAMHE6eU2olPG9npd9OKi1DtgEOET/Ed60X2g
nLQywwjfeujMHNxKnbj/rfhPWcPeOSVV2XrRHBgUtlSoM/M9UIWdnjJ+HIBQVt7E
YVhkdtiWGXX16FmvDVO/wZFMPGCsLMQf1XjGMZgJwz+u
-----END CERTIFICATE-----
Generated at Thu May 2 06:27:27 2024 by rpki-client on console-fra.rpki-client.org