Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/p6EiL6tuy0bstxyT0v-ieLT25EI.roa
File: p6EiL6tuy0bstxyT0v-ieLT25EI.roa (raw, json)
Hash identifier: MxCsnwT6iNlDzjA56vqzOit12WoaWQ2fvp4Mlh/PwGk=
Subject key identifier: A7:A1:22:2F:AB:6E:CB:46:EC:B7:1C:93:D2:FF:A2:78:B4:F6:E4:42
Certificate issuer: /CN=1ff5268752cbb524bcfe4b5a4976ff0f85d389af
Certificate serial: 018CC6B7911B269EE73918D5B6001B501C07
Authority key identifier: 1F:F5:26:87:52:CB:B5:24:BC:FE:4B:5A:49:76:FF:0F:85:D3:89:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H_Umh1LLtSS8_ktaSXb_D4XTia8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/p6EiL6tuy0bstxyT0v-ieLT25EI.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49784
IP address blocks: 185.12.216.0/22 maxlen: 24
2a03:8940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/H_Umh1LLtSS8_ktaSXb_D4XTia8.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/H_Umh1LLtSS8_ktaSXb_D4XTia8.mft
rsync://rpki.ripe.net/repository/DEFAULT/H_Umh1LLtSS8_ktaSXb_D4XTia8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:91:1b:26:9e:e7:39:18:d5:b6:00:1b:50:1c:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ff5268752cbb524bcfe4b5a4976ff0f85d389af
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7a1222fab6ecb46ecb71c93d2ffa278b4f6e442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:5f:24:e2:17:9e:b2:f9:3f:a8:da:35:98:e0:
21:24:6e:e5:ad:5d:9d:f7:b8:d9:94:d6:7f:44:94:
50:06:24:f6:4a:f4:60:55:d3:ed:db:54:41:02:27:
08:d0:ca:b2:79:a7:8f:23:af:33:5c:09:30:02:b5:
a5:a8:65:08:2f:de:cb:5e:20:fb:f9:89:5f:12:4c:
72:9d:fb:d3:0f:8f:bf:a8:ab:c0:24:6d:e0:eb:5d:
e5:7d:e3:31:55:cf:d4:4d:30:82:f5:42:a7:27:0c:
4b:78:a8:06:5a:c6:88:c2:b9:9e:8c:55:d2:2c:ef:
a8:08:ef:3a:bb:82:47:30:3b:28:ab:ea:88:5f:00:
61:8e:2f:99:70:ee:12:78:bb:66:d8:3b:93:3d:92:
af:d0:b7:ac:0d:f2:07:b2:ff:81:10:bc:08:66:b8:
1f:62:12:14:b8:a5:42:0e:1a:8f:2e:e4:5a:01:f9:
c4:4b:4f:8f:ec:25:d2:2f:3f:1b:df:c0:b1:fd:6a:
94:92:99:8b:a7:6e:a5:61:a0:cd:6f:b2:0f:09:ae:
e6:62:9c:1a:85:7f:05:bb:e2:19:1c:e0:f8:77:18:
50:ed:4e:68:e6:7f:6f:5f:5d:d4:08:86:3f:34:b6:
d3:9a:9e:77:da:da:09:b7:00:9a:93:34:49:88:e7:
0e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:A1:22:2F:AB:6E:CB:46:EC:B7:1C:93:D2:FF:A2:78:B4:F6:E4:42
X509v3 Authority Key Identifier:
keyid:1F:F5:26:87:52:CB:B5:24:BC:FE:4B:5A:49:76:FF:0F:85:D3:89:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H_Umh1LLtSS8_ktaSXb_D4XTia8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/p6EiL6tuy0bstxyT0v-ieLT25EI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/4c2734-1139-4a3f-8f84-974488bcb723/1/H_Umh1LLtSS8_ktaSXb_D4XTia8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.216.0/22
IPv6:
2a03:8940::/32
Signature Algorithm: sha256WithRSAEncryption
30:96:2d:6e:57:4b:63:9f:3b:b0:ec:90:d6:4d:6a:99:4c:71:
51:e2:f6:e7:02:1c:1a:cc:b4:fb:48:51:49:bd:1c:0e:13:d8:
b3:42:6a:b2:b4:fe:63:59:09:a8:43:ec:22:20:d0:b1:38:a4:
24:27:55:58:fc:97:4b:37:23:c9:e6:1a:87:11:af:49:87:09:
39:36:29:1e:b8:22:72:b9:e1:2c:78:7c:b6:2d:45:94:86:5c:
a9:8b:d5:0d:83:41:93:69:b7:15:c8:ae:70:d2:34:35:17:d3:
75:dd:71:18:21:d6:51:5d:60:34:4e:8d:c1:64:3a:81:39:5a:
b4:34:34:49:fe:46:e0:0d:42:7d:4f:55:65:c2:3d:37:db:91:
df:77:77:7a:3f:1b:b1:dd:37:06:50:da:5e:da:05:fe:fb:a3:
0c:1a:89:96:89:05:0c:9c:01:5a:91:61:9e:fa:e2:b9:bd:b9:
fc:34:f5:50:ab:ce:05:9e:38:ea:ee:02:4d:79:28:1e:34:d2:
85:be:8e:50:2e:55:07:a8:75:2e:f4:88:10:72:3b:9e:8e:2f:
9a:43:44:5c:5c:c2:f8:0e:87:72:05:89:7d:c0:82:c7:f3:43:
c2:73:4d:6e:45:4b:45:5b:e2:20:6e:6c:10:6f:92:9e:96:ae:
a7:89:e1:27
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGt5EbJp7nORjVtgAbUBwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZjUyNjg3NTJjYmI1MjRiY2ZlNGI1YTQ5NzZmZjBmODVk
Mzg5YWYwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2ExMjIyZmFiNmVjYjQ2ZWNiNzFjOTNkMmZmYTI3OGI0ZjZlNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgV8k4heesvk/qNo1mOAhJG7lrV2d
97jZlNZ/RJRQBiT2SvRgVdPt21RBAicI0MqyeaePI68zXAkwArWlqGUIL97LXiD7
+YlfEkxynfvTD4+/qKvAJG3g613lfeMxVc/UTTCC9UKnJwxLeKgGWsaIwrmejFXS
LO+oCO86u4JHMDsoq+qIXwBhji+ZcO4SeLtm2DuTPZKv0LesDfIHsv+BELwIZrgf
YhIUuKVCDhqPLuRaAfnES0+P7CXSLz8b38Cx/WqUkpmLp26lYaDNb7IPCa7mYpwa
hX8Fu+IZHOD4dxhQ7U5o5n9vX13UCIY/NLbTmp532toJtwCakzRJiOcOJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKehIi+rbstG7Lcck9L/oni09uRCMB8GA1UdIwQY
MBaAFB/1JodSy7UkvP5LWkl2/w+F04mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSF9VbWgxTEx0U1M4X2t0YVNYYl9ENFhUaWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy80YzI3MzQtMTEzOS00YTNmLThmODQt
OTc0NDg4YmNiNzIzLzEvcDZFaUw2dHV5MGJzdHh5VDB2LWllTFQyNUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy80YzI3MzQtMTEzOS00YTNmLThmODQtOTc0NDg4YmNiNzIz
LzEvSF9VbWgxTEx0U1M4X2t0YVNYYl9ENFhUaWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQzYMA0E
AgACMAcDBQAqA4lAMA0GCSqGSIb3DQEBCwUAA4IBAQAwli1uV0tjnzuw7JDWTWqZ
THFR4vbnAhwazLT7SFFJvRwOE9izQmqytP5jWQmoQ+wiINCxOKQkJ1VY/JdLNyPJ
5hqHEa9Jhwk5NikeuCJyueEseHy2LUWUhlypi9UNg0GTabcVyK5w0jQ1F9N13XEY
IdZRXWA0To3BZDqBOVq0NDRJ/kbgDUJ9T1Vlwj0325Hfd3d6Pxux3TcGUNpe2gX+
+6MMGomWiQUMnAFakWGe+uK5vbn8NPVQq84Fnjjq7gJNeSgeNNKFvo5QLlUHqHUu
9IgQcjueji+aQ0RcXML4DodyBYl9wILH80PCc01uRUtFW+IgbmwQb5Kelq6nieEn
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:38 2024 by rpki-client on console-ams.rpki-client.org