Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/77f2aa-cc0c-4f15-8b39-addcd8552026/1/in1yhgF-cCERXcu2NtwiBt_jW4s.roa
File: in1yhgF-cCERXcu2NtwiBt_jW4s.roa (raw, json)
Hash identifier: GMjBFvLWdmCaksTRyAmJKx/Zh0CbDg/GYjnYc/8Tcbs=
Subject key identifier: 8A:7D:72:86:01:7E:70:21:11:5D:CB:B6:36:DC:22:06:DF:E3:5B:8B
Certificate issuer: /CN=d8300936fb500a7456440aba8b3b8ad53c9f0140
Certificate serial: 018CCA991472D4393F3482F541999C506239
Authority key identifier: D8:30:09:36:FB:50:0A:74:56:44:0A:BA:8B:3B:8A:D5:3C:9F:01:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DAJNvtQCnRWRAq6izuK1TyfAUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/77f2aa-cc0c-4f15-8b39-addcd8552026/1/in1yhgF-cCERXcu2NtwiBt_jW4s.roa
Signing time: Tue 02 Jan 2024 14:34:38 +0000
ROA not before: Tue 02 Jan 2024 14:34:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206922
IP address blocks: 185.171.246.0/24 maxlen: 24
185.171.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/77f2aa-cc0c-4f15-8b39-addcd8552026/1/2DAJNvtQCnRWRAq6izuK1TyfAUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/77f2aa-cc0c-4f15-8b39-addcd8552026/1/2DAJNvtQCnRWRAq6izuK1TyfAUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2DAJNvtQCnRWRAq6izuK1TyfAUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:14:72:d4:39:3f:34:82:f5:41:99:9c:50:62:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8300936fb500a7456440aba8b3b8ad53c9f0140
Validity
Not Before: Jan 2 14:34:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a7d7286017e7021115dcbb636dc2206dfe35b8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:93:2d:5c:ea:9b:f7:c4:58:e3:5f:ab:9a:ed:
99:5e:97:dd:ba:aa:bb:cd:27:ef:bc:b9:82:8b:0b:
76:b4:11:16:01:b9:45:2c:8c:43:9c:03:03:89:20:
e1:56:8b:fb:8c:29:08:8a:3f:b9:9c:fe:c1:7d:a4:
3d:b5:5e:84:38:24:58:6f:db:66:23:5e:8b:d0:b0:
fe:ad:92:73:e6:2e:db:cf:43:1b:b0:97:59:08:70:
00:a4:04:9d:78:ab:c8:66:11:9b:9a:28:59:bf:79:
42:ed:cb:bb:a0:b8:51:df:d5:c9:4e:93:a9:da:c7:
87:34:94:8d:ef:4c:64:8f:86:1f:8b:29:89:ab:c5:
16:10:f0:58:38:89:28:61:aa:a3:67:ef:da:1c:19:
2b:c0:bd:5d:53:26:80:fa:11:0b:37:8e:1b:05:a5:
45:ee:82:a1:6b:36:40:ad:33:50:48:1a:42:ca:12:
cb:1c:31:08:a3:19:c1:73:c3:da:37:3a:f5:3b:05:
3f:f1:36:b7:e9:0c:1d:07:e4:ba:d1:1a:58:07:be:
96:42:5d:9e:c5:15:60:74:96:7c:87:95:5d:7b:be:
40:e4:c1:17:87:c5:9c:fd:e6:b6:ec:3a:0d:91:49:
70:1a:52:b9:e8:26:c2:d9:3f:ae:17:93:dc:27:93:
ff:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:7D:72:86:01:7E:70:21:11:5D:CB:B6:36:DC:22:06:DF:E3:5B:8B
X509v3 Authority Key Identifier:
keyid:D8:30:09:36:FB:50:0A:74:56:44:0A:BA:8B:3B:8A:D5:3C:9F:01:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DAJNvtQCnRWRAq6izuK1TyfAUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/77f2aa-cc0c-4f15-8b39-addcd8552026/1/in1yhgF-cCERXcu2NtwiBt_jW4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/77f2aa-cc0c-4f15-8b39-addcd8552026/1/2DAJNvtQCnRWRAq6izuK1TyfAUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.246.0/23
Signature Algorithm: sha256WithRSAEncryption
35:da:7d:19:df:84:03:71:08:cc:7c:92:01:a1:3e:ce:15:d7:
00:d5:51:92:8e:40:1d:80:0d:99:ec:b9:f6:07:08:89:f3:98:
36:e9:6f:0d:44:77:5f:11:22:94:3a:6d:83:5a:f5:b1:a9:be:
22:26:82:dc:72:60:91:fb:0b:6c:ad:99:9d:50:24:5e:f1:e8:
75:61:ee:04:79:0f:e8:95:3c:97:58:98:6e:83:ce:ea:f4:1f:
f0:22:b0:f8:04:50:b0:30:23:8c:dc:3a:0c:1d:e7:7e:a2:e5:
e9:fd:38:80:ca:12:20:52:1b:01:b8:2a:10:ea:65:49:70:f8:
b6:a5:22:44:00:14:c1:47:8f:e5:65:c9:dd:40:b8:c9:f5:ac:
8e:e7:5b:7d:40:ed:07:9f:64:13:93:02:41:08:ce:77:1b:17:
81:db:cc:4e:86:81:1f:2c:b4:d9:35:04:20:70:2d:e2:ac:fe:
04:43:8c:98:91:17:3b:db:72:04:38:45:01:21:75:b6:a0:dc:
fd:ee:10:c8:18:02:87:16:58:9f:3c:d0:e9:aa:fc:80:3f:a7:
18:f8:95:ab:6b:91:b8:d5:51:97:9d:24:54:8c:45:d6:56:3e:
16:af:db:1a:04:82:59:f0:ba:1e:80:55:b7:09:f4:ca:3e:f0:
d6:f6:00:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmRRy1Dk/NIL1QZmcUGI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzAwOTM2ZmI1MDBhNzQ1NjQ0MGFiYThiM2I4YWQ1M2M5
ZjAxNDAwHhcNMjQwMTAyMTQzNDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTdkNzI4NjAxN2U3MDIxMTE1ZGNiYjYzNmRjMjIwNmRmZTM1YjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZMtXOqb98RY41+rmu2ZXpfduqq7
zSfvvLmCiwt2tBEWAblFLIxDnAMDiSDhVov7jCkIij+5nP7BfaQ9tV6EOCRYb9tm
I16L0LD+rZJz5i7bz0MbsJdZCHAApASdeKvIZhGbmihZv3lC7cu7oLhR39XJTpOp
2seHNJSN70xkj4YfiymJq8UWEPBYOIkoYaqjZ+/aHBkrwL1dUyaA+hELN44bBaVF
7oKhazZArTNQSBpCyhLLHDEIoxnBc8PaNzr1OwU/8Ta36QwdB+S60RpYB76WQl2e
xRVgdJZ8h5Vde75A5MEXh8Wc/ea27DoNkUlwGlK56CbC2T+uF5PcJ5P/AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIp9coYBfnAhEV3LtjbcIgbf41uLMB8GA1UdIwQY
MBaAFNgwCTb7UAp0VkQKuos7itU8nwFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRBSk52dFFDblJXUkFxNml6dUsxVHlmQVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83N2YyYWEtY2MwYy00ZjE1LThiMzkt
YWRkY2Q4NTUyMDI2LzEvaW4xeWhnRi1jQ0VSWGN1Mk50d2lCdF9qVzRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83N2YyYWEtY2MwYy00ZjE1LThiMzktYWRkY2Q4NTUyMDI2
LzEvMkRBSk52dFFDblJXUkFxNml6dUsxVHlmQVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuav2MA0G
CSqGSIb3DQEBCwUAA4IBAQA12n0Z34QDcQjMfJIBoT7OFdcA1VGSjkAdgA2Z7Ln2
BwiJ85g26W8NRHdfESKUOm2DWvWxqb4iJoLccmCR+wtsrZmdUCRe8eh1Ye4EeQ/o
lTyXWJhug87q9B/wIrD4BFCwMCOM3DoMHed+ouXp/TiAyhIgUhsBuCoQ6mVJcPi2
pSJEABTBR4/lZcndQLjJ9ayO51t9QO0Hn2QTkwJBCM53GxeB28xOhoEfLLTZNQQg
cC3irP4EQ4yYkRc723IEOEUBIXW2oNz97hDIGAKHFlifPNDpqvyAP6cY+JWra5G4
1VGXnSRUjEXWVj4Wr9saBIJZ8LoegFW3CfTKPvDW9gAf
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:07:28 2024 by rpki-client on console-ams.rpki-client.org