Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/yYGlHF5Zu0UdOp8LMkSgRtRpL4w.roa
File: yYGlHF5Zu0UdOp8LMkSgRtRpL4w.roa (raw, json)
Hash identifier: RF+/0GkzcaJvrcP9cT9CFNt8jgCr19xU4I7vExH6s7E=
Subject key identifier: C9:81:A5:1C:5E:59:BB:45:1D:3A:9F:0B:32:44:A0:46:D4:69:2F:8C
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 018CC49321BF7736A7CBDA8E6FCCE5568270
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/yYGlHF5Zu0UdOp8LMkSgRtRpL4w.roa
Signing time: Mon 01 Jan 2024 10:30:25 +0000
ROA not before: Mon 01 Jan 2024 10:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47348
IP address blocks: 185.143.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:21:bf:77:36:a7:cb:da:8e:6f:cc:e5:56:82:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Jan 1 10:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c981a51c5e59bb451d3a9f0b3244a046d4692f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fe:18:96:f9:b5:c3:b3:ee:ac:9d:2e:7b:da:
1f:84:e8:a7:8d:44:72:88:e7:b5:67:4e:8d:f7:5f:
8f:84:57:d7:d0:c5:02:00:41:ce:8f:ac:34:08:2c:
10:46:4b:03:ec:9c:80:b0:d4:d7:b7:49:35:11:40:
1b:ea:ba:7b:42:dc:45:92:21:b5:17:0c:bf:8f:01:
e7:a5:32:d5:3d:05:f5:60:fc:73:4c:77:6a:50:17:
d9:1b:3b:b6:a4:39:84:cc:1e:9d:1d:01:d3:6d:dc:
fd:7a:eb:00:a8:2c:27:d9:a2:7d:3c:8e:1d:fe:04:
ba:fb:13:68:bd:68:83:82:c4:5b:16:43:0f:ef:40:
86:ce:a9:0c:b7:d3:3e:bb:26:d2:4c:80:03:53:f5:
6c:06:17:e9:af:42:1f:e0:59:d8:79:47:52:58:40:
f7:0a:99:00:ee:d2:a3:80:fb:4b:3d:0f:06:e3:79:
cc:be:71:20:fa:4e:a7:e2:8f:dd:fc:51:3f:96:2b:
a4:15:24:c6:25:1c:9b:a7:86:ac:b5:ca:53:cb:a1:
2d:20:d3:ef:e6:b6:7e:b1:f2:84:37:a9:6e:83:88:
54:10:a5:85:6c:0f:3c:63:ac:52:99:1b:1e:3d:9a:
3c:2a:29:f9:fb:ff:cc:68:fc:10:30:46:c8:ab:7c:
74:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:81:A5:1C:5E:59:BB:45:1D:3A:9F:0B:32:44:A0:46:D4:69:2F:8C
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/yYGlHF5Zu0UdOp8LMkSgRtRpL4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.32.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:1d:4b:75:4a:57:6f:f4:b6:e3:65:32:70:9c:aa:83:d9:1c:
92:ec:d8:29:49:09:b2:1d:ab:16:91:cd:10:0b:ec:74:2f:2f:
0c:34:bc:c5:b3:b0:de:7a:f3:e6:9a:f5:58:42:7d:69:d2:df:
9d:64:05:4f:5b:a4:ac:99:9d:92:55:a8:7b:7b:62:20:2c:48:
f1:e9:1b:18:38:5d:b9:65:73:cc:e2:00:88:c0:da:a1:37:0b:
09:f5:8e:2d:02:e8:17:b8:fb:9c:37:5a:4d:62:86:41:33:52:
86:d0:ed:fb:2d:07:60:50:23:e6:f7:bf:fe:e1:d6:19:2d:9f:
78:ca:9f:03:65:6e:5d:5b:d2:2a:ae:ea:d4:12:19:55:5e:a5:
ab:fb:dc:10:62:b6:81:d8:c4:09:a1:01:a5:4e:4d:24:98:96:
aa:0a:82:9f:ec:28:ee:7d:d7:8c:4b:1b:ba:d3:b9:52:35:d7:
3b:30:5d:ea:50:d7:9e:b7:64:f8:32:cf:7d:03:3a:45:a6:e3:
44:52:ed:3b:5a:41:41:a6:ee:1e:a7:a8:55:d6:4c:7e:68:6a:
ab:82:85:53:22:f1:c7:af:74:5e:a2:b6:05:00:0e:6c:2b:e0:
c3:c3:e5:76:43:13:39:61:7f:c4:e1:91:fc:82:69:4e:bc:e1:
c3:d1:e8:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkyG/dzany9qOb8zlVoJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjQwMTAxMTAzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTgxYTUxYzVlNTliYjQ1MWQzYTlmMGIzMjQ0YTA0NmQ0NjkyZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov4Ylvm1w7PurJ0ue9ofhOinjURy
iOe1Z06N91+PhFfX0MUCAEHOj6w0CCwQRksD7JyAsNTXt0k1EUAb6rp7QtxFkiG1
Fwy/jwHnpTLVPQX1YPxzTHdqUBfZGzu2pDmEzB6dHQHTbdz9eusAqCwn2aJ9PI4d
/gS6+xNovWiDgsRbFkMP70CGzqkMt9M+uybSTIADU/VsBhfpr0If4FnYeUdSWED3
CpkA7tKjgPtLPQ8G43nMvnEg+k6n4o/d/FE/liukFSTGJRybp4astcpTy6EtINPv
5rZ+sfKEN6lug4hUEKWFbA88Y6xSmRsePZo8Kin5+//MaPwQMEbIq3x0UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmBpRxeWbtFHTqfCzJEoEbUaS+MMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEveVlHbEhGNVp1MFVkT3A4TE1rU2dSdFJwTDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY8gMA0G
CSqGSIb3DQEBCwUAA4IBAQBqHUt1Sldv9LbjZTJwnKqD2RyS7NgpSQmyHasWkc0Q
C+x0Ly8MNLzFs7DeevPmmvVYQn1p0t+dZAVPW6SsmZ2SVah7e2IgLEjx6RsYOF25
ZXPM4gCIwNqhNwsJ9Y4tAugXuPucN1pNYoZBM1KG0O37LQdgUCPm97/+4dYZLZ94
yp8DZW5dW9IqrurUEhlVXqWr+9wQYraB2MQJoQGlTk0kmJaqCoKf7CjufdeMSxu6
07lSNdc7MF3qUNeet2T4Ms99AzpFpuNEUu07WkFBpu4ep6hV1kx+aGqrgoVTIvHH
r3ReorYFAA5sK+DDw+V2QxM5YX/E4ZH8gmlOvOHD0ehI
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:04:39 2024 by rpki-client on console-ams.rpki-client.org