Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ccbd44-63b3-4105-b39d-1a5559fdd4df/1/LRar0FDfUkJZRjaiGpB_smjzDFk.roa
File: LRar0FDfUkJZRjaiGpB_smjzDFk.roa (raw, json)
Hash identifier: HvLAVJBU/sQ3W3mLHk4q8CvfZe7e9nOzavEgcqxiGPg=
Subject key identifier: 2D:16:AB:D0:50:DF:52:42:59:46:36:A2:1A:90:7F:B2:68:F3:0C:59
Certificate issuer: /CN=a60ad4b15e5c1cfec0afb1f818a76a08f186386d
Certificate serial: 018CC9BC570F47BFCBD01FB35498FD02AC04
Authority key identifier: A6:0A:D4:B1:5E:5C:1C:FE:C0:AF:B1:F8:18:A7:6A:08:F1:86:38:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgrUsV5cHP7Ar7H4GKdqCPGGOG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/ccbd44-63b3-4105-b39d-1a5559fdd4df/1/LRar0FDfUkJZRjaiGpB_smjzDFk.roa
Signing time: Tue 02 Jan 2024 10:33:32 +0000
ROA not before: Tue 02 Jan 2024 10:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29684
IP address blocks: 185.84.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/ccbd44-63b3-4105-b39d-1a5559fdd4df/1/pgrUsV5cHP7Ar7H4GKdqCPGGOG0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/ccbd44-63b3-4105-b39d-1a5559fdd4df/1/pgrUsV5cHP7Ar7H4GKdqCPGGOG0.mft
rsync://rpki.ripe.net/repository/DEFAULT/pgrUsV5cHP7Ar7H4GKdqCPGGOG0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:57:0f:47:bf:cb:d0:1f:b3:54:98:fd:02:ac:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a60ad4b15e5c1cfec0afb1f818a76a08f186386d
Validity
Not Before: Jan 2 10:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2d16abd050df5242594636a21a907fb268f30c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e1:a4:a6:47:ce:3f:e8:d0:e3:ba:13:12:28:
44:41:53:5b:de:7a:67:a7:4c:15:20:d8:90:6b:a2:
98:a2:42:d2:00:84:c3:30:e7:e7:91:c9:af:bc:73:
18:9d:36:51:f5:53:4d:b4:67:41:38:7f:3b:62:de:
a3:26:5e:48:de:c2:12:9a:ca:21:b7:a1:54:0c:1e:
e8:e5:43:e4:6a:fd:e5:fc:c1:f5:d7:33:6d:f4:72:
61:74:51:74:bb:32:e1:7c:12:d0:3c:d6:fd:80:cf:
3a:ea:a6:f3:b8:a6:e8:df:46:b9:c8:96:0e:32:cd:
a0:d0:23:70:e4:9e:72:21:04:70:11:2d:ab:c6:30:
71:71:2d:08:42:7d:28:ea:d1:b3:42:d3:60:d2:17:
dc:ca:2f:92:a0:b6:65:a5:2f:da:71:32:18:b1:fa:
f8:b4:aa:6f:f4:1c:3a:02:21:85:e8:36:62:93:0b:
04:0d:1c:6f:81:50:50:c4:93:4b:77:15:50:0a:8d:
02:d5:e7:b8:24:20:63:76:16:af:07:23:5f:33:0c:
f7:22:ea:47:8c:8f:54:1b:d9:b4:18:e8:0d:00:9a:
8a:4b:45:b8:17:8c:97:f2:54:0c:90:f6:97:32:fe:
97:7c:35:85:a9:13:a7:0a:b6:d1:c8:4b:b3:86:a1:
ab:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:16:AB:D0:50:DF:52:42:59:46:36:A2:1A:90:7F:B2:68:F3:0C:59
X509v3 Authority Key Identifier:
keyid:A6:0A:D4:B1:5E:5C:1C:FE:C0:AF:B1:F8:18:A7:6A:08:F1:86:38:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgrUsV5cHP7Ar7H4GKdqCPGGOG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ccbd44-63b3-4105-b39d-1a5559fdd4df/1/LRar0FDfUkJZRjaiGpB_smjzDFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ccbd44-63b3-4105-b39d-1a5559fdd4df/1/pgrUsV5cHP7Ar7H4GKdqCPGGOG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.165.0/24
Signature Algorithm: sha256WithRSAEncryption
22:cb:c7:a9:6e:84:1b:05:55:6a:d3:76:49:e9:34:d9:3d:14:
7b:3a:88:31:86:e4:be:cf:13:b2:6a:dc:b9:9a:4c:f5:c3:9f:
f2:f1:f5:88:64:0b:45:01:15:70:8c:5f:79:bc:11:4c:a0:e6:
ff:f8:4c:aa:06:57:d3:dc:d8:44:8f:1e:5c:da:c4:9b:de:75:
40:f7:8c:ed:31:1c:be:bc:77:3a:3b:b4:91:06:dd:4e:ae:ec:
03:90:d4:95:08:24:a3:85:68:c3:0f:86:18:c9:00:4b:f5:24:
dc:94:16:a3:f2:42:0f:4c:6a:00:3e:4d:55:cb:b2:f2:ec:7b:
4d:db:00:40:a3:c6:17:0f:3c:96:0e:3a:ec:4e:8e:e6:1c:f9:
e2:86:02:49:6d:d8:f5:87:6d:14:26:60:9d:aa:69:70:72:ef:
39:bd:7a:ba:4d:11:52:97:cd:fc:29:33:d6:3a:4f:e5:83:e1:
58:4c:18:ad:cf:52:ab:4f:31:5d:b0:79:30:be:99:e7:a4:83:
7f:26:e8:22:a1:40:ee:d0:87:17:af:c5:c9:d6:39:02:d4:94:
62:b4:72:ab:d7:c9:ef:03:aa:d9:d7:9e:93:75:f6:2b:b2:01:
ec:b1:10:c2:e7:eb:d3:e9:33:28:4f:e5:ef:92:eb:b9:62:66:
05:7a:aa:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvFcPR7/L0B+zVJj9AqwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MGFkNGIxNWU1YzFjZmVjMGFmYjFmODE4YTc2YTA4ZjE4
NjM4NmQwHhcNMjQwMTAyMTAzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDE2YWJkMDUwZGY1MjQyNTk0NjM2YTIxYTkwN2ZiMjY4ZjMwYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOGkpkfOP+jQ47oTEihEQVNb3npn
p0wVINiQa6KYokLSAITDMOfnkcmvvHMYnTZR9VNNtGdBOH87Yt6jJl5I3sISmsoh
t6FUDB7o5UPkav3l/MH11zNt9HJhdFF0uzLhfBLQPNb9gM866qbzuKbo30a5yJYO
Ms2g0CNw5J5yIQRwES2rxjBxcS0IQn0o6tGzQtNg0hfcyi+SoLZlpS/acTIYsfr4
tKpv9Bw6AiGF6DZikwsEDRxvgVBQxJNLdxVQCo0C1ee4JCBjdhavByNfMwz3IupH
jI9UG9m0GOgNAJqKS0W4F4yX8lQMkPaXMv6XfDWFqROnCrbRyEuzhqGrEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0Wq9BQ31JCWUY2ohqQf7Jo8wxZMB8GA1UdIwQY
MBaAFKYK1LFeXBz+wK+x+BinagjxhjhtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdyVXNWNWNIUDdBcjdINEdLZHFDUEdHT0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jY2JkNDQtNjNiMy00MTA1LWIzOWQt
MWE1NTU5ZmRkNGRmLzEvTFJhcjBGRGZVa0paUmphaUdwQl9zbWp6REZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jY2JkNDQtNjNiMy00MTA1LWIzOWQtMWE1NTU5ZmRkNGRm
LzEvcGdyVXNWNWNIUDdBcjdINEdLZHFDUEdHT0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVSlMA0G
CSqGSIb3DQEBCwUAA4IBAQAiy8epboQbBVVq03ZJ6TTZPRR7OogxhuS+zxOyaty5
mkz1w5/y8fWIZAtFARVwjF95vBFMoOb/+EyqBlfT3NhEjx5c2sSb3nVA94ztMRy+
vHc6O7SRBt1OruwDkNSVCCSjhWjDD4YYyQBL9STclBaj8kIPTGoAPk1Vy7Ly7HtN
2wBAo8YXDzyWDjrsTo7mHPnihgJJbdj1h20UJmCdqmlwcu85vXq6TRFSl838KTPW
Ok/lg+FYTBitz1KrTzFdsHkwvpnnpIN/JugioUDu0IcXr8XJ1jkC1JRitHKr18nv
A6rZ156TdfYrsgHssRDC5+vT6TMoT+Xvkuu5YmYFeqrY
-----END CERTIFICATE-----
Generated at Tue May 7 12:49:12 2024 by rpki-client on console-fra.rpki-client.org