Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/lAQHDq5zTPDbs3M3K7RFYu5ggL8.roa
File: lAQHDq5zTPDbs3M3K7RFYu5ggL8.roa (raw, json)
Hash identifier: Zyep0SbAikhAjCLzDwVcvS0XsfMvxpI8q8ST3VPj8/g=
Subject key identifier: 94:04:07:0E:AE:73:4C:F0:DB:B3:73:37:2B:B4:45:62:EE:60:80:BF
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 018D5E4B747734B04CAAA9690D929C0884C5
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/lAQHDq5zTPDbs3M3K7RFYu5ggL8.roa
Signing time: Wed 31 Jan 2024 06:53:39 +0000
ROA not before: Wed 31 Jan 2024 06:53:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397630
IP address blocks: 185.221.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:4b:74:77:34:b0:4c:aa:a9:69:0d:92:9c:08:84:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 31 06:53:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9404070eae734cf0dbb373372bb44562ee6080bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6b:f3:69:31:8c:03:b8:c5:4e:5b:90:44:d7:
9d:4a:91:96:86:6e:46:19:6b:aa:4d:44:e5:41:32:
2a:7a:58:7a:15:58:82:67:d0:36:1b:7a:39:1e:47:
98:3f:85:71:c2:a5:16:29:c6:d3:7d:f1:c5:98:c7:
f3:f9:f9:4e:e3:ed:b2:da:72:cf:2c:36:ac:57:27:
96:2f:70:44:b7:e0:d7:d7:c4:88:49:18:86:f7:3e:
a6:ee:11:b5:22:8c:67:70:32:05:4e:7a:90:c8:d4:
db:15:3b:8b:4d:cb:15:3b:e8:26:7c:ef:ca:7e:13:
91:35:51:f8:1d:9a:51:42:08:05:a3:35:18:6a:42:
49:60:aa:dd:8c:1d:ea:fd:f7:34:c1:42:ee:cb:71:
d6:ee:50:5f:5c:31:e1:9b:9d:80:e3:45:2e:16:af:
0c:db:ce:c2:08:e3:66:ae:6d:72:87:e7:35:ab:af:
13:e8:f9:3e:5e:7b:6c:44:03:20:7c:ee:df:89:1d:
ce:29:1d:fe:2f:20:a9:da:30:27:90:24:8a:e0:2c:
5c:d3:98:32:a0:a5:e8:ea:80:ed:25:4a:d5:8d:9e:
64:c2:1a:05:9e:58:ed:96:c9:49:e2:bc:5c:4e:65:
35:43:fc:0c:fd:7d:12:8b:58:30:42:5c:26:eb:81:
0e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:04:07:0E:AE:73:4C:F0:DB:B3:73:37:2B:B4:45:62:EE:60:80:BF
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/lAQHDq5zTPDbs3M3K7RFYu5ggL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.25.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:cb:5c:d7:3d:27:19:0d:71:68:ed:09:64:d8:aa:94:87:09:
a4:e3:d0:05:5b:cb:28:db:44:ec:f3:db:15:32:bc:6b:68:f5:
93:c1:a5:a0:d2:7b:4c:8a:44:f5:b5:14:5c:c3:8d:27:52:5e:
be:98:8e:dc:c2:2f:a8:23:00:e5:3e:5c:15:ea:23:80:48:49:
f2:92:fd:2e:f6:e5:b6:cb:0f:ff:48:33:76:97:25:50:0f:76:
c6:d8:08:52:97:c6:79:ca:dc:a3:0d:3a:b9:43:6a:57:a1:e9:
64:46:4e:98:24:bc:b8:ea:c8:8b:62:37:4a:dd:c7:e2:fe:c6:
74:89:b4:c5:74:f5:df:52:41:84:6a:c3:6b:4f:8e:04:63:6d:
c8:af:62:ce:7d:3d:a9:24:f1:49:fd:d8:7f:cc:18:39:d3:0a:
fe:03:1c:b5:b2:24:e7:80:88:c8:d3:ee:2e:04:2c:14:42:53:
90:b9:53:d0:6d:c5:8a:0f:b4:10:e5:e8:89:27:2b:21:00:3a:
d7:e8:c7:93:be:5d:80:70:77:de:9d:2b:e6:c6:13:a4:d0:84:
a8:9b:d5:ab:37:8f:d9:4e:35:89:07:e2:d2:ba:0c:64:db:93:
e7:1e:bb:b3:8f:8a:ff:42:c6:90:5f:2d:eb:dc:dd:eb:34:a4:
7e:66:2c:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1eS3R3NLBMqqlpDZKcCITFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjQwMTMxMDY1MzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA0MDcwZWFlNzM0Y2YwZGJiMzczMzcyYmI0NDU2MmVlNjA4MGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGvzaTGMA7jFTluQRNedSpGWhm5G
GWuqTUTlQTIqelh6FViCZ9A2G3o5HkeYP4VxwqUWKcbTffHFmMfz+flO4+2y2nLP
LDasVyeWL3BEt+DX18SISRiG9z6m7hG1IoxncDIFTnqQyNTbFTuLTcsVO+gmfO/K
fhORNVH4HZpRQggFozUYakJJYKrdjB3q/fc0wULuy3HW7lBfXDHhm52A40UuFq8M
287CCONmrm1yh+c1q68T6Pk+XntsRAMgfO7fiR3OKR3+LyCp2jAnkCSK4Cxc05gy
oKXo6oDtJUrVjZ5kwhoFnljtlslJ4rxcTmU1Q/wM/X0Si1gwQlwm64EOlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQEBw6uc0zw27NzNyu0RWLuYIC/MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvbEFRSERxNXpUUERiczNNM0s3UkZZdTVnZ0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud0ZMA0G
CSqGSIb3DQEBCwUAA4IBAQAry1zXPScZDXFo7Qlk2KqUhwmk49AFW8so20Ts89sV
MrxraPWTwaWg0ntMikT1tRRcw40nUl6+mI7cwi+oIwDlPlwV6iOASEnykv0u9uW2
yw//SDN2lyVQD3bG2AhSl8Z5ytyjDTq5Q2pXoelkRk6YJLy46siLYjdK3cfi/sZ0
ibTFdPXfUkGEasNrT44EY23Ir2LOfT2pJPFJ/dh/zBg50wr+Axy1siTngIjI0+4u
BCwUQlOQuVPQbcWKD7QQ5eiJJyshADrX6MeTvl2AcHfenSvmxhOk0ISom9WrN4/Z
TjWJB+LSugxk25PnHruzj4r/QsaQXy3r3N3rNKR+Ziww
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:22:13 2024 by rpki-client on console-ams.rpki-client.org