Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/6c3702-1178-4cbd-8eba-c0384fe1b007/1/dOesoiDPOkIF8xWVN9656AuYppI.roa
File: dOesoiDPOkIF8xWVN9656AuYppI.roa (raw, json)
Hash identifier: BLadEWP/JWLgMVOi5C+FO6KqcVROGqz2z8FQNyLphBk=
Subject key identifier: 74:E7:AC:A2:20:CF:3A:42:05:F3:15:95:37:DE:B9:E8:0B:98:A6:92
Certificate issuer: /CN=f31ffb54cac7f5b5768569e4197d41d7446bf1fc
Certificate serial: 019396E1A3546E2B4F602845AAEF6E456FF2
Authority key identifier: F3:1F:FB:54:CA:C7:F5:B5:76:85:69:E4:19:7D:41:D7:44:6B:F1:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8x_7VMrH9bV2hWnkGX1B10Rr8fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/6c3702-1178-4cbd-8eba-c0384fe1b007/1/dOesoiDPOkIF8xWVN9656AuYppI.roa
Signing time: Thu 05 Dec 2024 12:53:09 +0000
ROA not before: Thu 05 Dec 2024 12:53:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29237
IP address blocks: 185.96.228.0/24 maxlen: 24
185.96.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/6c3702-1178-4cbd-8eba-c0384fe1b007/1/8x_7VMrH9bV2hWnkGX1B10Rr8fw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/6c3702-1178-4cbd-8eba-c0384fe1b007/1/8x_7VMrH9bV2hWnkGX1B10Rr8fw.mft
rsync://rpki.ripe.net/repository/DEFAULT/8x_7VMrH9bV2hWnkGX1B10Rr8fw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:e1:a3:54:6e:2b:4f:60:28:45:aa:ef:6e:45:6f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f31ffb54cac7f5b5768569e4197d41d7446bf1fc
Validity
Not Before: Dec 5 12:53:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74e7aca220cf3a4205f3159537deb9e80b98a692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:99:e6:76:bf:e6:9c:59:6c:72:32:00:c4:87:
0c:b2:44:97:1c:f0:7f:a1:c0:81:2f:93:de:27:91:
c2:2e:9b:8c:7d:71:52:d9:80:3a:d4:b9:3d:b9:9f:
b8:7c:58:07:a8:f3:15:4b:2d:21:e0:9d:0a:33:a0:
14:50:83:d3:09:92:b5:7d:a8:cd:44:3c:de:97:a0:
a0:ee:f1:c6:5a:8c:d4:fe:2a:73:e5:6b:8b:03:05:
7d:02:9a:d2:41:5e:bd:76:c7:67:ea:9d:d9:5a:37:
f4:5a:49:dc:22:27:64:dd:04:f7:b8:44:31:29:06:
67:03:69:8e:50:ae:f0:df:cc:d2:da:83:cb:b8:7c:
b3:01:bc:36:33:47:e8:4f:b5:48:f0:57:a9:13:bb:
d8:83:d8:6c:1a:95:c9:c1:a6:36:14:15:77:5c:d8:
00:e5:c4:53:b0:fd:30:7b:e6:a9:46:ef:33:c7:32:
26:c3:f3:74:71:1f:d1:64:5a:9f:64:58:55:12:7a:
45:45:57:e9:86:a3:b8:c5:ce:40:ca:d7:be:ff:b2:
0a:58:79:8a:1a:06:01:e5:84:ee:11:3d:33:5c:17:
3e:3d:1a:26:9a:ce:8f:a9:00:e7:31:d6:f9:10:d3:
34:b0:25:41:f6:c3:06:16:c2:25:08:b5:a2:94:93:
7a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E7:AC:A2:20:CF:3A:42:05:F3:15:95:37:DE:B9:E8:0B:98:A6:92
X509v3 Authority Key Identifier:
keyid:F3:1F:FB:54:CA:C7:F5:B5:76:85:69:E4:19:7D:41:D7:44:6B:F1:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8x_7VMrH9bV2hWnkGX1B10Rr8fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6c3702-1178-4cbd-8eba-c0384fe1b007/1/dOesoiDPOkIF8xWVN9656AuYppI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6c3702-1178-4cbd-8eba-c0384fe1b007/1/8x_7VMrH9bV2hWnkGX1B10Rr8fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.228.0/23
Signature Algorithm: sha256WithRSAEncryption
04:b1:04:82:40:c1:57:53:29:53:4f:90:e1:3f:6d:b3:84:cc:
6e:98:f1:96:0e:5b:e6:32:7f:5b:17:7a:0c:08:b9:28:e8:3b:
3b:01:71:a8:1e:37:b4:a8:9b:d4:db:52:13:9b:fd:6c:12:02:
84:f0:40:30:39:1d:45:e6:cb:24:fe:88:55:6f:e4:0e:f4:52:
d7:ca:9a:78:b0:db:a3:1a:a9:4e:40:87:87:20:7c:5d:17:28:
0f:fc:8e:10:6e:2f:78:e1:22:98:49:5d:45:68:03:db:a1:9c:
f5:bb:31:cd:be:d0:bd:29:ca:ef:06:a6:fd:9c:53:f1:d5:09:
78:b9:7f:ec:38:ec:a0:98:bb:06:cd:05:f1:18:d4:e4:fc:c8:
62:ee:11:13:cb:0e:e0:47:4f:63:f5:ad:37:08:49:86:51:8a:
91:55:b1:0d:cd:c0:a0:f6:54:ab:df:e1:48:ba:53:0f:e3:5b:
93:20:47:ed:3a:00:ef:20:bb:c3:ed:fb:a5:bc:54:5b:91:e3:
98:0e:28:85:f2:59:1e:af:1b:47:06:e4:2a:8e:76:aa:aa:13:
0a:14:de:fa:6c:20:ab:f7:4c:c3:ea:ed:2e:2e:ed:c6:ec:d8:
7f:24:6a:72:66:e0:e9:c0:fd:93:5f:5c:fc:c2:f6:49:d6:f9:
d9:0a:8d:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOW4aNUbitPYChFqu9uRW/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMWZmYjU0Y2FjN2Y1YjU3Njg1NjllNDE5N2Q0MWQ3NDQ2
YmYxZmMwHhcNMjQxMjA1MTI1MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGU3YWNhMjIwY2YzYTQyMDVmMzE1OTUzN2RlYjllODBiOThhNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5nmdr/mnFlscjIAxIcMskSXHPB/
ocCBL5PeJ5HCLpuMfXFS2YA61Lk9uZ+4fFgHqPMVSy0h4J0KM6AUUIPTCZK1fajN
RDzel6Cg7vHGWozU/ipz5WuLAwV9AprSQV69dsdn6p3ZWjf0WkncIidk3QT3uEQx
KQZnA2mOUK7w38zS2oPLuHyzAbw2M0foT7VI8FepE7vYg9hsGpXJwaY2FBV3XNgA
5cRTsP0we+apRu8zxzImw/N0cR/RZFqfZFhVEnpFRVfphqO4xc5Ayte+/7IKWHmK
GgYB5YTuET0zXBc+PRomms6PqQDnMdb5ENM0sCVB9sMGFsIlCLWilJN6pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHTnrKIgzzpCBfMVlTfeuegLmKaSMB8GA1UdIwQY
MBaAFPMf+1TKx/W1doVp5Bl9QddEa/H8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHhfN1ZNckg5YlYyaFdua0dYMUIxMFJyOGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82YzM3MDItMTE3OC00Y2JkLThlYmEt
YzAzODRmZTFiMDA3LzEvZE9lc29pRFBPa0lGOHhXVk45NjU2QXVZcHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS82YzM3MDItMTE3OC00Y2JkLThlYmEtYzAzODRmZTFiMDA3
LzEvOHhfN1ZNckg5YlYyaFdua0dYMUIxMFJyOGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWDkMA0G
CSqGSIb3DQEBCwUAA4IBAQAEsQSCQMFXUylTT5DhP22zhMxumPGWDlvmMn9bF3oM
CLko6Ds7AXGoHje0qJvU21ITm/1sEgKE8EAwOR1F5ssk/ohVb+QO9FLXypp4sNuj
GqlOQIeHIHxdFygP/I4Qbi944SKYSV1FaAPboZz1uzHNvtC9KcrvBqb9nFPx1Ql4
uX/sOOygmLsGzQXxGNTk/Mhi7hETyw7gR09j9a03CEmGUYqRVbENzcCg9lSr3+FI
ulMP41uTIEftOgDvILvD7fulvFRbkeOYDiiF8lkerxtHBuQqjnaqqhMKFN76bCCr
90zD6u0uLu3G7Nh/JGpyZuDpwP2TX1z8wvZJ1vnZCo1m
-----END CERTIFICATE-----
Generated at Sat Dec 28 02:58:34 2024 by rpki-client on console-fra.rpki-client.org