Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0_y0l3xmg-HvXwSNy-vPKteJVwE.roa
File: 0_y0l3xmg-HvXwSNy-vPKteJVwE.roa (raw, json)
Hash identifier: GB5NUDQXKAs4j1nKHbP3D0MnPYPoFllZbqJ59s8+8lM=
Subject key identifier: D3:FC:B4:97:7C:66:83:E1:EF:5F:04:8D:CB:EB:CF:2A:D7:89:57:01
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E1EACE4E063E9FEA70D7C83757529566F
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0_y0l3xmg-HvXwSNy-vPKteJVwE.roa
Signing time: Fri 08 Mar 2024 15:27:10 +0000
ROA not before: Fri 08 Mar 2024 15:27:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64494
IP address blocks: 185.46.175.0/24 maxlen: 24
185.161.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1e:ac:e4:e0:63:e9:fe:a7:0d:7c:83:75:75:29:56:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 8 15:27:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3fcb4977c6683e1ef5f048dcbebcf2ad7895701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:47:aa:2e:93:29:73:3d:59:44:9c:63:4d:31:
e6:af:c3:7b:81:77:29:ad:6c:af:49:2d:b6:1f:d3:
bd:d2:a1:da:24:45:a8:74:c0:95:8a:cc:62:9d:8e:
d9:24:b0:8f:8a:d8:9a:d1:b1:83:a8:8c:ac:b1:39:
06:5f:40:55:57:d3:b2:75:51:ee:85:53:97:99:9c:
2e:5b:d6:ad:f8:a7:4c:96:4b:b6:b3:33:a6:af:79:
cf:e5:85:dd:28:70:c6:e3:2d:5f:92:7e:4b:f7:77:
b0:17:9c:a8:92:af:69:2d:86:c1:35:e8:e0:bf:e3:
d5:99:87:2b:b4:6f:d5:0d:e2:33:ac:5c:e7:a8:c7:
6d:05:8b:9d:ec:51:83:34:d2:00:a0:6b:6e:d5:4f:
48:de:a0:e7:f1:f4:43:bb:41:62:a4:25:a6:b4:75:
1c:4c:98:55:27:4e:b0:94:37:89:88:2a:9b:66:5b:
39:42:bd:44:41:bf:3f:b3:1e:61:2d:36:88:7d:7d:
1c:09:9d:27:06:38:01:7b:54:e1:89:84:e5:bb:aa:
88:34:f2:52:a6:c5:e0:e3:d5:d7:63:e5:41:e3:d3:
d2:73:3b:e5:1d:09:9e:fb:35:d7:98:2e:f8:af:47:
f5:3d:96:23:df:ea:ba:24:3c:9e:e0:5d:6e:65:96:
bc:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:FC:B4:97:7C:66:83:E1:EF:5F:04:8D:CB:EB:CF:2A:D7:89:57:01
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/0_y0l3xmg-HvXwSNy-vPKteJVwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.175.0/24
185.161.79.0/24
Signature Algorithm: sha256WithRSAEncryption
50:1a:ae:5c:8a:c2:2e:4c:49:a5:2e:9b:d2:a2:bc:85:d1:92:
b6:5a:d2:38:ee:5f:3c:ee:6f:d6:ee:13:8f:c9:de:28:26:4b:
cc:fd:99:93:05:3d:f4:70:2b:d4:a5:b7:87:2f:5a:bd:ae:5c:
05:a4:76:de:e3:62:04:53:19:7a:87:56:a4:85:23:4d:17:ef:
1d:23:fd:61:88:6a:29:18:c2:86:57:01:36:46:87:bd:7e:23:
de:0e:4c:d5:91:a5:03:42:4e:0a:d3:fe:21:02:ee:43:58:77:
ad:b8:fc:4b:dd:fb:a7:95:7c:33:5e:b7:dc:6a:7a:e7:db:05:
2a:5b:45:9f:62:5f:e7:3b:dc:6c:6d:6a:90:50:69:6f:7c:be:
8d:28:a5:f2:a4:f0:e6:f3:c5:74:51:94:64:88:07:cb:81:a0:
16:a4:68:60:8a:27:23:79:35:8e:88:85:ab:b9:87:12:86:d2:
35:aa:67:dd:d7:2f:17:d5:b6:33:c2:e5:d1:43:ae:45:92:f6:
cb:e8:2a:4b:52:99:15:c7:54:fb:ea:dc:ea:fe:d5:17:90:bb:
60:cf:08:cf:2b:7e:af:fd:ca:f8:be:d2:98:08:3a:90:c4:ad:
e4:f0:18:18:e1:5a:df:2e:3e:8a:a1:b4:55:48:09:8f:ca:55:
5c:f8:0a:d9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4erOTgY+n+pw18g3V1KVZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzA4MTUyNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2ZjYjQ5NzdjNjY4M2UxZWY1ZjA0OGRjYmViY2YyYWQ3ODk1NzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0eqLpMpcz1ZRJxjTTHmr8N7gXcp
rWyvSS22H9O90qHaJEWodMCVisxinY7ZJLCPitia0bGDqIyssTkGX0BVV9OydVHu
hVOXmZwuW9at+KdMlku2szOmr3nP5YXdKHDG4y1fkn5L93ewF5yokq9pLYbBNejg
v+PVmYcrtG/VDeIzrFznqMdtBYud7FGDNNIAoGtu1U9I3qDn8fRDu0FipCWmtHUc
TJhVJ06wlDeJiCqbZls5Qr1EQb8/sx5hLTaIfX0cCZ0nBjgBe1ThiYTlu6qINPJS
psXg49XXY+VB49PSczvlHQme+zXXmC74r0f1PZYj3+q6JDye4F1uZZa8bwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNP8tJd8ZoPh718EjcvrzyrXiVcBMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvMF95MGwzeG1nLUh2WHdTTnktdlBLdGVKVndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuS6vAwQA
uaFPMA0GCSqGSIb3DQEBCwUAA4IBAQBQGq5cisIuTEmlLpvSoryF0ZK2WtI47l88
7m/W7hOPyd4oJkvM/ZmTBT30cCvUpbeHL1q9rlwFpHbe42IEUxl6h1akhSNNF+8d
I/1hiGopGMKGVwE2Roe9fiPeDkzVkaUDQk4K0/4hAu5DWHetuPxL3funlXwzXrfc
anrn2wUqW0WfYl/nO9xsbWqQUGlvfL6NKKXypPDm88V0UZRkiAfLgaAWpGhgiicj
eTWOiIWruYcShtI1qmfd1y8X1bYzwuXRQ65FkvbL6CpLUpkVx1T76tzq/tUXkLtg
zwjPK36v/cr4vtKYCDqQxK3k8BgY4VrfLj6KobRVSAmPylVc+ArZ
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:27:19 2024 by rpki-client on console-fra.rpki-client.org