Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/fTbbEFGF_OMh0a4_wLKlAr9YZsU.roa
File: fTbbEFGF_OMh0a4_wLKlAr9YZsU.roa (raw, json)
Hash identifier: yHvGkwUDBaCnEWtdcIcy4tMre1rW9AFRPvIMkDaNsO0=
Subject key identifier: 7D:36:DB:10:51:85:FC:E3:21:D1:AE:3F:C0:B2:A5:02:BF:58:66:C5
Certificate issuer: /CN=5503251db69693362a927e2b130467945c54f0fc
Certificate serial: 01920EB0ED1EFEECF755287C0FB92BF7F957
Authority key identifier: 55:03:25:1D:B6:96:93:36:2A:92:7E:2B:13:04:67:94:5C:54:F0:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/fTbbEFGF_OMh0a4_wLKlAr9YZsU.roa
Signing time: Fri 20 Sep 2024 09:08:48 +0000
ROA not before: Fri 20 Sep 2024 09:08:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212441
IP address blocks: 185.244.180.0/24 maxlen: 24
185.244.181.0/24 maxlen: 24
185.244.182.0/24 maxlen: 24
185.244.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0e:b0:ed:1e:fe:ec:f7:55:28:7c:0f:b9:2b:f7:f9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5503251db69693362a927e2b130467945c54f0fc
Validity
Not Before: Sep 20 09:08:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d36db105185fce321d1ae3fc0b2a502bf5866c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1a:87:55:25:21:0f:4f:cf:98:8d:a9:83:f1:
9a:60:d6:4c:ec:db:9c:8f:ab:29:c2:41:22:47:ba:
47:62:7f:27:29:6f:5e:d3:1f:70:c2:f7:93:0e:56:
26:58:3c:66:86:17:1d:e3:b5:da:79:64:09:ea:e3:
88:6c:74:a5:70:3c:19:da:76:5b:e6:50:e3:57:72:
d1:92:e0:a1:f4:1d:6f:7f:3f:71:9b:5e:4f:23:95:
ed:2e:c1:07:3c:1a:be:03:0b:bb:05:b2:12:85:30:
d4:88:81:f9:34:3a:03:e6:45:0e:30:c2:ed:b8:cb:
f8:6b:9e:09:18:a5:7d:41:7c:70:15:92:e5:02:b2:
aa:f0:69:86:fb:01:58:c0:d4:43:f7:28:94:a7:9f:
e3:0a:5b:27:7a:15:4e:32:ea:47:43:df:3c:0c:f1:
83:88:af:8f:b8:58:28:7f:6e:e3:d0:6a:9c:be:fd:
ae:69:95:d0:52:6a:dd:e1:b2:e5:a1:b2:a7:23:11:
6f:f6:9f:94:3c:33:8f:80:0a:39:fd:77:83:d5:5e:
cd:92:5b:57:2d:ee:f8:d3:09:94:de:ac:5a:4d:f5:
a6:ab:62:20:5e:f6:74:fc:7d:d5:86:d5:0a:28:da:
c9:88:f9:ed:e9:12:0a:34:20:01:c6:39:81:ab:16:
03:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:36:DB:10:51:85:FC:E3:21:D1:AE:3F:C0:B2:A5:02:BF:58:66:C5
X509v3 Authority Key Identifier:
keyid:55:03:25:1D:B6:96:93:36:2A:92:7E:2B:13:04:67:94:5C:54:F0:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/fTbbEFGF_OMh0a4_wLKlAr9YZsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.180.0/22
Signature Algorithm: sha256WithRSAEncryption
93:7d:14:f5:f0:1d:b9:da:85:8a:0c:ec:7d:9a:35:5b:b0:c9:
50:11:27:71:d9:fd:30:f5:ca:d3:2f:4a:f5:1c:4a:35:c0:30:
69:2a:17:04:d6:fe:3e:88:b8:c6:e2:bd:7b:0b:c4:3f:7e:80:
d2:0c:6a:b4:a7:a7:18:77:6c:6a:e6:de:1a:27:2e:f5:a5:d1:
7d:82:9a:e1:20:2b:00:f9:b1:1d:f6:d7:cc:cc:3c:7d:33:e4:
14:7c:95:ff:72:fb:4b:21:69:ea:43:a1:52:21:8b:d7:40:4b:
86:e0:08:86:58:d6:a9:e2:fd:ae:2b:1f:23:9f:f9:27:d6:a6:
08:64:b3:46:94:1e:7e:a0:07:f4:c1:d9:94:65:60:28:5f:e9:
d6:15:f4:a9:b0:57:0d:e3:3a:09:9d:56:37:82:38:ef:07:86:
d9:4b:70:0f:89:bd:4c:d8:63:89:4f:aa:7a:16:bb:64:eb:b9:
ca:69:c6:8e:9d:53:b5:8f:c1:6f:16:0d:c5:44:15:c7:f0:4f:
7b:44:9b:93:a3:7b:87:a9:ff:74:bc:15:3a:5f:ef:df:41:80:
21:ef:cf:27:9b:3f:87:8b:0f:91:ef:2f:24:c7:09:23:70:7f:
0a:c3:ea:10:53:6e:cc:92:0d:0c:e0:44:93:9d:3f:d5:14:35:
28:78:d9:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIOsO0e/uz3VSh8D7kr9/lXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MDMyNTFkYjY5NjkzMzYyYTkyN2UyYjEzMDQ2Nzk0NWM1
NGYwZmMwHhcNMjQwOTIwMDkwODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDM2ZGIxMDUxODVmY2UzMjFkMWFlM2ZjMGIyYTUwMmJmNTg2NmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRqHVSUhD0/PmI2pg/GaYNZM7Nuc
j6spwkEiR7pHYn8nKW9e0x9wwveTDlYmWDxmhhcd47XaeWQJ6uOIbHSlcDwZ2nZb
5lDjV3LRkuCh9B1vfz9xm15PI5XtLsEHPBq+Awu7BbIShTDUiIH5NDoD5kUOMMLt
uMv4a54JGKV9QXxwFZLlArKq8GmG+wFYwNRD9yiUp5/jClsnehVOMupHQ988DPGD
iK+PuFgof27j0Gqcvv2uaZXQUmrd4bLlobKnIxFv9p+UPDOPgAo5/XeD1V7NkltX
Le740wmU3qxaTfWmq2IgXvZ0/H3VhtUKKNrJiPnt6RIKNCABxjmBqxYDaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH022xBRhfzjIdGuP8CypQK/WGbFMB8GA1UdIwQY
MBaAFFUDJR22lpM2KpJ+KxMEZ5RcVPD8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlFNbEhiYVdrellxa240ckV3Um5sRnhVOFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jN2I5ZGMtN2FjNi00YWNhLWE0M2It
M2NiYWQ1YjkwNGI1LzEvZlRiYkVGR0ZfT01oMGE0X3dMS2xBcjlZWnNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jN2I5ZGMtN2FjNi00YWNhLWE0M2ItM2NiYWQ1YjkwNGI1
LzEvVlFNbEhiYVdrellxa240ckV3Um5sRnhVOFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufS0MA0G
CSqGSIb3DQEBCwUAA4IBAQCTfRT18B252oWKDOx9mjVbsMlQESdx2f0w9crTL0r1
HEo1wDBpKhcE1v4+iLjG4r17C8Q/foDSDGq0p6cYd2xq5t4aJy71pdF9gprhICsA
+bEd9tfMzDx9M+QUfJX/cvtLIWnqQ6FSIYvXQEuG4AiGWNap4v2uKx8jn/kn1qYI
ZLNGlB5+oAf0wdmUZWAoX+nWFfSpsFcN4zoJnVY3gjjvB4bZS3APib1M2GOJT6p6
Frtk67nKacaOnVO1j8FvFg3FRBXH8E97RJuTo3uHqf90vBU6X+/fQYAh788nmz+H
iw+R7y8kxwkjcH8Kw+oQU27Mkg0M4ESTnT/VFDUoeNmU
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:17 2024 by rpki-client on console-fra.rpki-client.org