Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/Glr0pxpXKUvkQiBq0__UGqpEZNQ.roa
File: Glr0pxpXKUvkQiBq0__UGqpEZNQ.roa (raw, json)
Hash identifier: 3I1JzdFBx95hXYXMbZglQbQ7A9UO7sJL3pCjLgGLHwk=
Subject key identifier: 1A:5A:F4:A7:1A:57:29:4B:E4:42:20:6A:D3:FF:D4:1A:AA:44:64:D4
Certificate issuer: /CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Certificate serial: 018CC2DB5944966F48B2F4CC6DB1A00913FA
Authority key identifier: D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/Glr0pxpXKUvkQiBq0__UGqpEZNQ.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.86.0/24 maxlen: 32
2001:7f8:af::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 01:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:59:44:96:6f:48:b2:f4:cc:6d:b1:a0:09:13:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a5af4a71a57294be442206ad3ffd41aaa4464d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:98:b0:ec:a2:1f:5d:8c:c8:a1:3e:b8:ce:a1:
e9:9d:87:6f:1e:e9:9c:23:6f:f7:d9:ab:b3:1a:0a:
00:73:f6:92:3b:18:87:75:a0:ed:11:5d:8a:44:95:
07:61:f8:11:bf:64:ed:1f:65:a0:ee:5e:68:00:98:
6d:ce:ed:06:ab:65:7b:48:c3:3b:2c:67:d1:2b:76:
7b:fa:ef:13:28:20:26:cd:35:80:5a:00:62:45:dd:
9a:ea:a3:12:47:01:a0:d0:41:47:ea:7a:d1:01:82:
e5:4b:d6:7f:29:12:9c:e9:b4:5e:bd:f3:93:e7:a8:
e0:b4:c6:42:f6:71:0c:ff:01:be:f6:33:7a:18:99:
03:6e:c7:dc:51:14:27:27:ef:6a:f4:fd:f3:25:7a:
03:d2:b6:17:c0:9e:23:0c:16:bd:5b:a5:74:6d:38:
76:8b:fc:33:c2:d8:08:d5:51:4c:df:ad:6d:27:57:
4a:e9:da:28:9b:78:91:58:f8:98:1e:be:b1:a0:d6:
5c:ee:2d:36:25:28:59:f5:b5:0d:fb:5b:3d:83:4d:
a8:15:16:99:50:f2:02:7c:07:ef:67:ff:4c:3a:55:
c0:20:83:88:cf:7a:84:6d:c4:b8:b3:aa:fd:b4:a9:
e1:a0:b2:d8:a0:5c:53:6e:f8:dc:a0:c8:2b:8d:ba:
50:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:5A:F4:A7:1A:57:29:4B:E4:42:20:6A:D3:FF:D4:1A:AA:44:64:D4
X509v3 Authority Key Identifier:
keyid:D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/Glr0pxpXKUvkQiBq0__UGqpEZNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.86.0/24
IPv6:
2001:7f8:af::/48
Signature Algorithm: sha256WithRSAEncryption
13:47:b0:88:bc:3a:ac:41:b9:48:59:d8:89:77:d9:ed:82:01:
7c:d0:39:fd:27:80:cd:97:37:3a:73:c6:ad:7f:71:49:e0:c7:
62:7e:6b:67:8d:2d:6b:de:40:6b:e6:1b:d0:0a:84:75:46:fc:
ab:ce:58:8a:49:bc:89:69:35:83:d0:d1:05:9b:8e:2e:3f:89:
75:79:50:66:be:ad:2b:eb:2b:d2:5f:2b:e5:95:92:43:07:ea:
39:08:1d:35:05:1c:b5:18:d1:11:63:c9:c1:c5:78:28:e4:ce:
d8:5e:31:68:54:5b:56:8d:fb:16:b4:83:e2:ea:d0:bf:aa:40:
77:73:3f:5e:50:94:1d:cc:05:67:ae:c1:ec:58:6e:b3:03:8c:
88:12:12:66:f4:e4:9f:4f:4d:46:c4:09:cc:8c:d2:a6:95:6e:
51:a0:79:98:e7:f6:2d:6d:55:0b:e9:ad:b6:ee:db:89:61:fe:
0b:40:47:8c:48:68:ed:2a:54:92:6b:82:9c:89:30:60:13:81:
00:2a:53:ec:70:b7:4e:d5:42:36:ea:1d:1b:74:8e:4a:72:bd:
fd:e9:6b:f0:96:f4:bf:77:49:51:ef:2a:1f:ca:4a:89:9e:73:
14:ca:ea:6e:19:c2:79:d1:d1:99:b3:aa:69:57:8f:0f:40:0e:
45:83:1d:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC21lElm9IsvTMbbGgCRP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMGQ1YjMwYjQ2YzdiOTdiMmRiYzQ1ODljZWEzNjIyYWQ3
NTYxNTYwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTVhZjRhNzFhNTcyOTRiZTQ0MjIwNmFkM2ZmZDQxYWFhNDQ2NGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZiw7KIfXYzIoT64zqHpnYdvHumc
I2/32auzGgoAc/aSOxiHdaDtEV2KRJUHYfgRv2TtH2Wg7l5oAJhtzu0Gq2V7SMM7
LGfRK3Z7+u8TKCAmzTWAWgBiRd2a6qMSRwGg0EFH6nrRAYLlS9Z/KRKc6bRevfOT
56jgtMZC9nEM/wG+9jN6GJkDbsfcURQnJ+9q9P3zJXoD0rYXwJ4jDBa9W6V0bTh2
i/wzwtgI1VFM361tJ1dK6doom3iRWPiYHr6xoNZc7i02JShZ9bUN+1s9g02oFRaZ
UPICfAfvZ/9MOlXAIIOIz3qEbcS4s6r9tKnhoLLYoFxTbvjcoMgrjbpQBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBpa9KcaVylL5EIgatP/1BqqRGTUMB8GA1UdIwQY
MBaAFNENWzC0bHuXstvEWJzqNiKtdWFWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUt
M2U0MGQwMTc0MGIyLzEvR2xyMHB4cFhLVXZrUWlCcTBfX1VHcXBFWk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS83MjU2ZWMtYzM0Ni00YjI5LWI3ZjUtM2U0MGQwMTc0MGIy
LzEvMFExYk1MUnNlNWV5MjhSWW5PbzJJcTExWVZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQFWMA8E
AgACMAkDBwAgAQf4AK8wDQYJKoZIhvcNAQELBQADggEBABNHsIi8OqxBuUhZ2Il3
2e2CAXzQOf0ngM2XNzpzxq1/cUngx2J+a2eNLWveQGvmG9AKhHVG/KvOWIpJvIlp
NYPQ0QWbji4/iXV5UGa+rSvrK9JfK+WVkkMH6jkIHTUFHLUY0RFjycHFeCjkzthe
MWhUW1aN+xa0g+Lq0L+qQHdzP15QlB3MBWeuwexYbrMDjIgSEmb05J9PTUbECcyM
0qaVblGgeZjn9i1tVQvprbbu24lh/gtAR4xIaO0qVJJrgpyJMGATgQAqU+xwt07V
QjbqHRt0jkpyvf3pa/CW9L93SVHvKh/KSomecxTK6m4ZwnnR0ZmzqmlXjw9ADkWD
HZM=
-----END CERTIFICATE-----
Generated at Sat Apr 27 10:53:13 2024 by rpki-client on console-ams.rpki-client.org