Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/sZ7ydOc1rMUiIqv7uTSK9Jbz0ws.roa
File: sZ7ydOc1rMUiIqv7uTSK9Jbz0ws.roa (raw, json)
Hash identifier: iTSBTC5qUSDXYP5KMhU/XTzQw5KXGCcxDbx4YHTg6W4=
Subject key identifier: B1:9E:F2:74:E7:35:AC:C5:22:22:AB:FB:B9:34:8A:F4:96:F3:D3:0B
Certificate issuer: /CN=b48f41afdc609568fb2338fdb20b2d0c422b723b
Certificate serial: 018CC26D6B415FB6DA6C191D488A53F843BD
Authority key identifier: B4:8F:41:AF:DC:60:95:68:FB:23:38:FD:B2:0B:2D:0C:42:2B:72:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tI9Br9xglWj7Izj9sgstDEIrcjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/sZ7ydOc1rMUiIqv7uTSK9Jbz0ws.roa
Signing time: Mon 01 Jan 2024 00:29:59 +0000
ROA not before: Mon 01 Jan 2024 00:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 185.90.152.0/23 maxlen: 23
2a05:e100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/tI9Br9xglWj7Izj9sgstDEIrcjs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/tI9Br9xglWj7Izj9sgstDEIrcjs.mft
rsync://rpki.ripe.net/repository/DEFAULT/tI9Br9xglWj7Izj9sgstDEIrcjs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6b:41:5f:b6:da:6c:19:1d:48:8a:53:f8:43:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b48f41afdc609568fb2338fdb20b2d0c422b723b
Validity
Not Before: Jan 1 00:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b19ef274e735acc52222abfbb9348af496f3d30b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:9a:2e:af:73:d2:bc:e4:d3:f2:40:3d:68:4e:
e7:3c:9b:52:89:5b:f9:ac:b4:78:89:c6:82:dd:db:
e3:3d:02:d5:87:22:19:cc:5a:e4:1c:06:97:a1:82:
e9:ee:0a:fb:6e:a1:4c:73:2e:a7:65:64:b9:dd:7a:
8e:b5:5f:9c:8a:f5:06:d8:8e:43:fb:8c:a3:35:6c:
9f:a4:0b:4c:99:b4:c2:50:d7:ea:0f:80:9f:69:4b:
c4:ab:0d:7a:9b:80:5d:bc:31:e8:97:f8:ee:b0:e0:
fc:f8:36:8b:8d:de:e0:f0:ed:66:c9:8f:d8:f2:08:
d1:20:e4:55:27:fb:dc:7a:22:f7:86:a2:17:35:8f:
ec:94:f4:74:ff:97:c9:0c:3e:a8:e3:36:e9:02:15:
73:76:25:12:50:e5:a4:74:13:98:55:13:e0:ee:5e:
20:88:41:b1:22:a1:7e:99:03:3b:b1:fd:e8:84:9d:
e5:c3:48:36:86:9d:6d:aa:df:cc:28:69:ae:df:02:
09:ba:51:d1:62:d0:23:7b:a8:2e:d9:50:e2:33:4f:
a8:8d:bb:d2:68:76:a5:33:6c:72:6a:33:23:f3:33:
57:24:e4:2f:c3:83:c0:33:8f:34:e1:cf:e6:57:35:
8e:ab:2a:3d:54:11:e3:5d:6f:5f:89:84:33:1b:c6:
1d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:9E:F2:74:E7:35:AC:C5:22:22:AB:FB:B9:34:8A:F4:96:F3:D3:0B
X509v3 Authority Key Identifier:
keyid:B4:8F:41:AF:DC:60:95:68:FB:23:38:FD:B2:0B:2D:0C:42:2B:72:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tI9Br9xglWj7Izj9sgstDEIrcjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/sZ7ydOc1rMUiIqv7uTSK9Jbz0ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/tI9Br9xglWj7Izj9sgstDEIrcjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.152.0/23
IPv6:
2a05:e100::/48
Signature Algorithm: sha256WithRSAEncryption
a7:28:d9:bd:60:c7:7b:a0:99:d8:e0:4e:e0:c1:f3:e9:08:e3:
95:8e:89:18:0a:83:b1:71:b8:9d:a2:46:7a:b6:1d:ba:dd:91:
68:52:d5:ec:07:4f:bf:1c:b1:4f:e1:42:4b:dd:30:76:d3:6c:
f2:49:6a:01:87:35:89:65:69:7f:59:62:0f:db:f5:94:c9:d4:
3d:7c:1c:4b:31:43:06:72:99:71:95:75:cb:b6:29:df:f9:79:
b3:cd:93:b0:4f:64:05:ef:97:02:ad:53:1f:ac:90:ef:07:c6:
e2:c8:3b:36:84:cf:e2:e6:19:16:68:3d:ba:08:4a:16:f2:c2:
05:69:ea:bf:c6:45:1c:71:71:93:b1:59:2a:83:7b:39:dc:30:
c5:5f:7f:e5:fc:bd:5d:a5:b0:dd:a9:b7:66:8f:83:a1:e1:dd:
98:86:32:1a:22:4e:39:1c:a2:6b:06:30:22:c1:2e:03:9d:1e:
06:ee:0e:aa:9a:03:6a:a6:52:f9:13:ed:e7:64:39:01:68:5f:
a0:2c:1e:3c:f5:27:79:df:6a:e2:d6:d2:f1:b9:42:a6:e3:51:
fd:2a:2c:cf:e2:dc:67:5d:23:9e:39:a2:b0:be:2e:64:04:85:
b7:a0:34:82:e2:36:c4:d5:99:f6:66:38:4a:aa:1e:7e:6b:2c:
b9:b0:f3:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbWtBX7babBkdSIpT+EO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OGY0MWFmZGM2MDk1NjhmYjIzMzhmZGIyMGIyZDBjNDIy
YjcyM2IwHhcNMjQwMTAxMDAyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTllZjI3NGU3MzVhY2M1MjIyMmFiZmJiOTM0OGFmNDk2ZjNkMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5our3PSvOTT8kA9aE7nPJtSiVv5
rLR4icaC3dvjPQLVhyIZzFrkHAaXoYLp7gr7bqFMcy6nZWS53XqOtV+civUG2I5D
+4yjNWyfpAtMmbTCUNfqD4CfaUvEqw16m4BdvDHol/jusOD8+DaLjd7g8O1myY/Y
8gjRIORVJ/vceiL3hqIXNY/slPR0/5fJDD6o4zbpAhVzdiUSUOWkdBOYVRPg7l4g
iEGxIqF+mQM7sf3ohJ3lw0g2hp1tqt/MKGmu3wIJulHRYtAje6gu2VDiM0+ojbvS
aHalM2xyajMj8zNXJOQvw4PAM4804c/mVzWOqyo9VBHjXW9fiYQzG8Yd5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLGe8nTnNazFIiKr+7k0ivSW89MLMB8GA1UdIwQY
MBaAFLSPQa/cYJVo+yM4/bILLQxCK3I7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEk5QnI5eGdsV2o3SXpqOXNnc3RERUlyY2pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80ODU3NjktNTgzNS00N2Y0LWE5ZmYt
OGVjNjhlNzg4NmUyLzEvc1o3eWRPYzFyTVVpSXF2N3VUU0s5SmJ6MHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80ODU3NjktNTgzNS00N2Y0LWE5ZmYtOGVjNjhlNzg4NmUy
LzEvdEk5QnI5eGdsV2o3SXpqOXNnc3RERUlyY2pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuVqYMA8E
AgACMAkDBwAqBeEAAAAwDQYJKoZIhvcNAQELBQADggEBAKco2b1gx3ugmdjgTuDB
8+kI45WOiRgKg7FxuJ2iRnq2HbrdkWhS1ewHT78csU/hQkvdMHbTbPJJagGHNYll
aX9ZYg/b9ZTJ1D18HEsxQwZymXGVdcu2Kd/5ebPNk7BPZAXvlwKtUx+skO8HxuLI
OzaEz+LmGRZoPboIShbywgVp6r/GRRxxcZOxWSqDezncMMVff+X8vV2lsN2pt2aP
g6Hh3ZiGMhoiTjkcomsGMCLBLgOdHgbuDqqaA2qmUvkT7edkOQFoX6AsHjz1J3nf
auLW0vG5QqbjUf0qLM/i3GddI545orC+LmQEhbegNILiNsTVmfZmOEqqHn5rLLmw
8wI=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:32:28 2024 by rpki-client on console-ams.rpki-client.org