Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0QYQvmVhgY8fHxwpDhjjkHqTUsc.roa
File: 0QYQvmVhgY8fHxwpDhjjkHqTUsc.roa (raw, json)
Hash identifier: a/Etd4yVGnVihCDZXW5D/KOysk3eFfb2eIjBlzz70hg=
Subject key identifier: D1:06:10:BE:65:61:81:8F:1F:1F:1C:29:0E:18:E3:90:7A:93:52:C7
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 018CC3B6D2957CD5678D566533EBF570351D
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0QYQvmVhgY8fHxwpDhjjkHqTUsc.roa
Signing time: Mon 01 Jan 2024 06:29:47 +0000
ROA not before: Mon 01 Jan 2024 06:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25938
IP address blocks: 213.86.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d2:95:7c:d5:67:8d:56:65:33:eb:f5:70:35:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 1 06:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d10610be6561818f1f1f1c290e18e3907a9352c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:83:d6:d4:c0:b4:d1:99:e7:c9:80:7b:ce:54:
a4:d5:63:f2:1d:ff:05:62:b3:92:c3:12:d3:28:87:
d2:87:2f:af:62:c9:aa:7b:6c:0f:93:81:68:fe:33:
93:d3:2a:0f:03:ec:ed:d5:09:33:1f:f3:25:23:17:
16:21:cd:ce:2b:78:dd:f4:3e:5b:9e:df:79:b9:ce:
ef:94:dd:67:94:7a:25:6f:a7:b1:02:1a:fe:51:c0:
35:6d:d1:b6:ef:c4:2e:5c:8c:2b:b7:c3:b6:88:22:
8a:19:cd:97:4d:d0:00:50:e3:68:bc:77:b4:8f:cc:
db:5f:8c:ed:89:e0:8d:91:0b:39:d3:e0:76:cf:81:
84:2b:d3:37:db:87:38:f1:ae:ca:e6:b4:8d:30:ea:
83:75:d2:3b:df:c3:b8:68:69:9d:1e:8e:b2:c1:03:
b9:6d:3b:1b:e9:e9:3c:38:9d:12:a7:27:ce:c9:3b:
73:52:a3:19:ac:31:1e:39:30:80:c4:2b:d5:2e:b6:
1b:54:35:e3:63:bc:0a:96:66:cc:f0:de:ed:13:8c:
e1:13:94:2c:76:53:47:77:87:87:e2:a5:04:54:a0:
96:dd:32:6f:e5:c9:0e:9d:18:93:a4:f7:4c:a3:7f:
4b:99:31:0b:07:17:5b:55:c5:d4:c6:13:3f:d2:a3:
f9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:06:10:BE:65:61:81:8F:1F:1F:1C:29:0E:18:E3:90:7A:93:52:C7
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/0QYQvmVhgY8fHxwpDhjjkHqTUsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.86.85.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:fa:ff:7e:97:87:58:87:07:8f:48:64:d8:8e:f1:e5:98:72:
57:32:21:2d:49:08:a9:13:b0:24:52:ca:92:38:64:b3:c4:6e:
c2:58:46:29:36:68:2c:f9:d5:ba:af:22:4e:b3:3f:c8:87:29:
cf:34:e8:c2:3e:9c:29:2c:ce:cf:f1:7c:94:47:ab:6c:ec:70:
e0:5b:23:21:99:2d:c2:8c:ab:01:e3:57:91:15:a4:35:48:6b:
c5:db:a3:3d:ba:a4:49:e1:b6:cb:51:46:f2:a0:0b:20:8b:c7:
0e:33:09:3b:ab:f3:a8:82:f3:6a:42:89:ed:2f:e0:f7:e8:dc:
5d:94:3a:ca:2c:e5:a4:c6:21:59:c3:78:ed:84:7c:e4:49:58:
29:31:9b:69:48:e6:27:8d:56:81:de:fd:c6:4d:b9:c6:66:c7:
cc:49:b6:38:75:94:a6:ca:62:cc:9c:be:f9:da:16:61:4a:5a:
ef:90:a2:9f:28:fc:6a:27:26:31:a7:d7:bd:14:8e:a5:b9:f9:
6c:2b:14:46:a1:ff:df:c7:b3:94:55:9b:e4:ce:74:85:e8:ec:
32:dd:fc:9a:39:65:b4:89:5c:2a:f2:f1:77:a6:6b:ab:cf:1a:
fc:71:9e:26:f7:78:15:25:7a:f3:12:08:24:08:99:8d:15:da:
2a:10:3f:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDttKVfNVnjVZlM+v1cDUdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjQwMTAxMDYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA2MTBiZTY1NjE4MThmMWYxZjFjMjkwZTE4ZTM5MDdhOTM1MmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4PW1MC00ZnnyYB7zlSk1WPyHf8F
YrOSwxLTKIfShy+vYsmqe2wPk4Fo/jOT0yoPA+zt1QkzH/MlIxcWIc3OK3jd9D5b
nt95uc7vlN1nlHolb6exAhr+UcA1bdG278QuXIwrt8O2iCKKGc2XTdAAUONovHe0
j8zbX4ztieCNkQs50+B2z4GEK9M324c48a7K5rSNMOqDddI738O4aGmdHo6ywQO5
bTsb6ek8OJ0SpyfOyTtzUqMZrDEeOTCAxCvVLrYbVDXjY7wKlmbM8N7tE4zhE5Qs
dlNHd4eH4qUEVKCW3TJv5ckOnRiTpPdMo39LmTELBxdbVcXUxhM/0qP5KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEGEL5lYYGPHx8cKQ4Y45B6k1LHMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvMFFZUXZtVmhnWThmSHh3cERoamprSHFUVXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1VZVMA0G
CSqGSIb3DQEBCwUAA4IBAQBL+v9+l4dYhwePSGTYjvHlmHJXMiEtSQipE7AkUsqS
OGSzxG7CWEYpNmgs+dW6ryJOsz/IhynPNOjCPpwpLM7P8XyUR6ts7HDgWyMhmS3C
jKsB41eRFaQ1SGvF26M9uqRJ4bbLUUbyoAsgi8cOMwk7q/OogvNqQontL+D36Nxd
lDrKLOWkxiFZw3jthHzkSVgpMZtpSOYnjVaB3v3GTbnGZsfMSbY4dZSmymLMnL75
2hZhSlrvkKKfKPxqJyYxp9e9FI6luflsKxRGof/fx7OUVZvkznSF6Owy3fyaOWW0
iVwq8vF3pmurzxr8cZ4m93gVJXrzEggkCJmNFdoqED81
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:53:36 2024 by rpki-client on console-ams.rpki-client.org