Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/cvDID1mO_KxMrtTZLFOrQTErt2E.roa
File: cvDID1mO_KxMrtTZLFOrQTErt2E.roa (raw, json)
Hash identifier: 5JxGHoYAF2joL086jFjqukXRzHhVkrhemlQSKi+EDuM=
Subject key identifier: 72:F0:C8:0F:59:8E:FC:AC:4C:AE:D4:D9:2C:53:AB:41:31:2B:B7:61
Certificate issuer: /CN=213e1d50d52288bee80eea435577018712409bbe
Certificate serial: 01922DE7A4DBA8592CBA92BE9C9149C1DBBC
Authority key identifier: 21:3E:1D:50:D5:22:88:BE:E8:0E:EA:43:55:77:01:87:12:40:9B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/cvDID1mO_KxMrtTZLFOrQTErt2E.roa
Signing time: Thu 26 Sep 2024 10:36:48 +0000
ROA not before: Thu 26 Sep 2024 10:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 185.195.252.0/24 maxlen: 24
193.22.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.mft
rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:e7:a4:db:a8:59:2c:ba:92:be:9c:91:49:c1:db:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=213e1d50d52288bee80eea435577018712409bbe
Validity
Not Before: Sep 26 10:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72f0c80f598efcac4caed4d92c53ab41312bb761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e7:5f:97:a9:e5:14:a8:47:2e:f8:31:cd:7d:
df:e2:1d:8a:53:e0:5b:f1:5c:8c:51:db:37:f0:f5:
e4:73:9d:cb:08:62:e0:9d:2a:ca:78:e6:9b:f2:57:
1c:95:ad:0a:4b:02:60:65:64:95:ae:1e:9b:8c:4b:
a3:f5:7a:0f:db:41:0e:c3:5c:70:bc:18:28:ee:f6:
fd:b8:3d:fc:1d:f3:37:95:d6:ef:24:14:5f:0c:2d:
0f:05:b3:0d:c0:65:d2:fc:96:bd:eb:97:94:17:59:
a5:a5:95:1d:24:db:fc:b4:82:c5:8e:76:27:1b:93:
cb:89:d6:eb:73:72:cd:82:bf:67:66:e4:e7:64:8f:
df:50:13:53:1a:60:ea:c3:71:b4:09:b5:eb:d3:8f:
33:80:88:dc:8b:db:e5:7f:ca:eb:f3:e8:21:c8:ab:
3b:d0:16:39:40:ec:95:4f:5d:13:44:9b:8e:44:14:
bf:0c:fa:21:1b:58:65:fb:c7:23:73:13:69:28:1f:
21:49:d5:40:bd:3f:a4:15:de:f0:ff:2f:50:6f:7e:
df:da:fc:92:5c:a4:16:64:cc:07:8e:61:0d:48:e1:
44:90:3c:96:58:d3:b6:ad:fc:55:f8:eb:a9:8e:55:
d3:2c:1f:2d:08:52:3e:b6:53:e5:17:77:90:d7:b4:
78:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F0:C8:0F:59:8E:FC:AC:4C:AE:D4:D9:2C:53:AB:41:31:2B:B7:61
X509v3 Authority Key Identifier:
keyid:21:3E:1D:50:D5:22:88:BE:E8:0E:EA:43:55:77:01:87:12:40:9B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/cvDID1mO_KxMrtTZLFOrQTErt2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.252.0/24
193.22.12.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:e2:04:f8:1b:93:a4:76:9b:39:6a:9f:84:50:70:fb:64:8f:
a7:42:0b:e5:6e:1b:f2:0d:8f:9c:5a:7f:b5:51:23:90:b2:3d:
7f:96:b3:be:6a:35:cc:cf:03:ab:36:c1:24:95:04:b4:08:2f:
3a:7e:5e:34:64:f6:05:2b:63:f6:29:26:3f:c6:87:2c:f2:ab:
a2:95:c8:9e:92:2d:12:bc:c2:8a:87:51:da:e5:5e:3b:b4:bb:
90:a1:0d:76:6e:4e:f1:6e:b5:c9:c4:28:ca:76:ac:e7:9d:76:
2e:85:03:7c:79:65:5c:87:0e:88:7e:38:9e:05:bc:ed:0a:3a:
ba:c4:b8:52:2c:ca:a4:5f:78:a9:0a:1e:9e:61:ad:f3:4f:d0:
7a:41:7d:fd:6d:c5:2d:90:b6:9c:4e:a8:cd:c8:3b:0f:2f:ee:
67:45:72:15:ac:d4:1b:6c:a2:35:d5:0f:7a:88:4d:dd:5f:69:
5f:28:39:12:82:42:0d:e9:dd:88:0e:74:e3:c0:d1:ac:3e:26:
8d:21:59:31:3b:cb:5d:86:5f:b1:a1:4e:79:19:dd:48:0a:e0:
5b:ea:af:fd:74:6f:9b:a6:c1:8c:8c:61:12:37:55:b8:43:1d:
95:83:af:49:42:76:9b:a8:3a:8f:98:63:45:a0:fc:fa:90:f5:
b9:56:4c:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIt56TbqFksupK+nJFJwdu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxM2UxZDUwZDUyMjg4YmVlODBlZWE0MzU1NzcwMTg3MTI0
MDliYmUwHhcNMjQwOTI2MTAzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmYwYzgwZjU5OGVmY2FjNGNhZWQ0ZDkyYzUzYWI0MTMxMmJiNzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+dfl6nlFKhHLvgxzX3f4h2KU+Bb
8VyMUds38PXkc53LCGLgnSrKeOab8lccla0KSwJgZWSVrh6bjEuj9XoP20EOw1xw
vBgo7vb9uD38HfM3ldbvJBRfDC0PBbMNwGXS/Ja965eUF1mlpZUdJNv8tILFjnYn
G5PLidbrc3LNgr9nZuTnZI/fUBNTGmDqw3G0CbXr048zgIjci9vlf8rr8+ghyKs7
0BY5QOyVT10TRJuORBS/DPohG1hl+8cjcxNpKB8hSdVAvT+kFd7w/y9Qb37f2vyS
XKQWZMwHjmENSOFEkDyWWNO2rfxV+OupjlXTLB8tCFI+tlPlF3eQ17R4iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHLwyA9ZjvysTK7U2SxTq0ExK7dhMB8GA1UdIwQY
MBaAFCE+HVDVIoi+6A7qQ1V3AYcSQJu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVQ0ZFVOVWlpTDdvRHVwRFZYY0JoeEpBbTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yYTFjZTktZmI0Yy00MWVlLTlmZjYt
MzE2ZWYyNjFmNGE1LzEvY3ZESUQxbU9fS3hNcnRUWkxGT3JRVEVydDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yYTFjZTktZmI0Yy00MWVlLTlmZjYtMzE2ZWYyNjFmNGE1
LzEvSVQ0ZFVOVWlpTDdvRHVwRFZYY0JoeEpBbTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucP8AwQA
wRYMMA0GCSqGSIb3DQEBCwUAA4IBAQCh4gT4G5Okdps5ap+EUHD7ZI+nQgvlbhvy
DY+cWn+1USOQsj1/lrO+ajXMzwOrNsEklQS0CC86fl40ZPYFK2P2KSY/xocs8qui
lcieki0SvMKKh1Ha5V47tLuQoQ12bk7xbrXJxCjKdqznnXYuhQN8eWVchw6Ifjie
BbztCjq6xLhSLMqkX3ipCh6eYa3zT9B6QX39bcUtkLacTqjNyDsPL+5nRXIVrNQb
bKI11Q96iE3dX2lfKDkSgkIN6d2IDnTjwNGsPiaNIVkxO8tdhl+xoU55Gd1ICuBb
6q/9dG+bpsGMjGESN1W4Qx2Vg69JQnabqDqPmGNFoPz6kPW5Vkxp
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:36:57 2024 by rpki-client on console-ams.rpki-client.org