Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/0lAkUHWZ6ou0VC9FN00aa-vgLZU.roa
File: 0lAkUHWZ6ou0VC9FN00aa-vgLZU.roa (raw, json)
Hash identifier: tdQ1tLaGTQ7CmfvsiqATF+mMwmkyQIWihDl8I+lOTak=
Subject key identifier: D2:50:24:50:75:99:EA:8B:B4:54:2F:45:37:4D:1A:6B:EB:E0:2D:95
Certificate issuer: /CN=258f5a8e295ad1d7b48a1e11958790052b57a253
Certificate serial: 018CC26D639D263EE094332B3E69D47968C3
Authority key identifier: 25:8F:5A:8E:29:5A:D1:D7:B4:8A:1E:11:95:87:90:05:2B:57:A2:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JY9ajila0de0ih4RlYeQBStXolM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/0lAkUHWZ6ou0VC9FN00aa-vgLZU.roa
Signing time: Mon 01 Jan 2024 00:29:57 +0000
ROA not before: Mon 01 Jan 2024 00:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25117
IP address blocks: 185.228.228.0/22 maxlen: 24
2a03:7787:fffc::/47 maxlen: 47
2a03:7787:fffe::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/JY9ajila0de0ih4RlYeQBStXolM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/JY9ajila0de0ih4RlYeQBStXolM.mft
rsync://rpki.ripe.net/repository/DEFAULT/JY9ajila0de0ih4RlYeQBStXolM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:63:9d:26:3e:e0:94:33:2b:3e:69:d4:79:68:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=258f5a8e295ad1d7b48a1e11958790052b57a253
Validity
Not Before: Jan 1 00:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d25024507599ea8bb4542f45374d1a6bebe02d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:71:c1:6d:12:ef:8a:b7:34:ac:b1:ff:50:96:
ab:38:db:85:dd:b1:9e:eb:e5:c9:3f:76:18:6a:4c:
5c:3d:f5:fa:2f:05:32:c8:1f:31:58:bd:72:47:3d:
38:7c:6f:55:b3:df:c1:e7:91:cf:ed:5b:42:75:2e:
75:45:93:c1:92:0e:b2:b2:f5:c2:3d:37:ed:bf:76:
9d:22:58:73:d0:e7:5e:9a:93:02:a8:a1:f0:7d:87:
40:ef:a9:9d:15:7f:22:d7:ba:cd:01:7e:bc:59:11:
4f:30:59:82:71:33:2f:e1:b0:f3:09:54:d3:90:0c:
be:9d:49:2f:89:b6:7e:8c:5f:42:79:27:13:97:1c:
d3:68:2e:88:ba:ee:86:08:3a:31:a2:6e:b5:6e:a9:
12:3a:71:89:c4:b8:77:a8:ac:75:0d:e0:a2:2c:7d:
ee:22:2e:56:f6:c2:30:db:88:5e:e5:16:fd:25:ad:
28:01:53:2e:e1:5b:60:e3:56:29:66:14:56:d1:98:
27:21:6a:90:26:95:69:b7:a2:c1:b8:b0:53:ab:9a:
0c:8c:a4:a5:a3:c9:69:24:36:ab:32:f5:31:aa:0b:
03:32:43:d1:9f:11:ce:74:4a:78:84:c8:1e:5c:1e:
d1:da:56:14:01:18:ee:7b:e9:35:8e:fe:fe:c5:3c:
02:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:50:24:50:75:99:EA:8B:B4:54:2F:45:37:4D:1A:6B:EB:E0:2D:95
X509v3 Authority Key Identifier:
keyid:25:8F:5A:8E:29:5A:D1:D7:B4:8A:1E:11:95:87:90:05:2B:57:A2:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY9ajila0de0ih4RlYeQBStXolM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/0lAkUHWZ6ou0VC9FN00aa-vgLZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3719f3-22e1-4344-9a39-458a2736157a/1/JY9ajila0de0ih4RlYeQBStXolM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.228.0/22
IPv6:
2a03:7787:fffc::/46
Signature Algorithm: sha256WithRSAEncryption
2a:a4:92:4a:4c:d8:cd:e6:75:16:f9:7c:38:b3:dc:17:70:3b:
b7:b2:f2:7b:59:ef:fd:45:d9:0c:f2:96:71:7f:bc:1f:ed:2b:
19:e7:63:26:f7:f8:ba:52:92:0e:4a:7b:70:08:0d:d0:09:ff:
6d:9b:5d:5f:9f:6c:af:10:bc:56:1b:8d:32:8e:bf:46:78:d3:
3e:8d:6d:41:a7:92:fd:ee:b1:74:39:dd:43:09:a5:b9:44:b4:
b8:56:62:ba:90:1a:6e:81:fb:a7:39:2c:b1:d1:a6:89:13:b9:
89:73:83:78:88:ec:f4:03:92:a5:d6:b1:10:bd:cd:97:62:85:
40:3b:45:2a:b9:00:15:d2:79:75:e9:1d:ba:91:9d:67:e2:54:
f1:60:2d:92:d7:67:a4:35:53:6c:f4:8b:89:c7:29:71:71:cf:
c6:16:ab:9b:66:ab:97:32:c1:14:02:ba:d9:d7:a2:13:ec:f5:
8f:0f:4b:e1:06:af:fe:98:41:8f:12:fc:db:8e:ed:c8:46:fa:
55:dd:c1:c6:48:2f:c3:d9:a5:55:79:6c:cb:f2:e3:ff:7d:52:
ef:a6:d4:19:42:c7:55:4a:4d:94:ea:30:86:d6:ee:a6:ec:a5:
ca:0f:16:b6:73:fb:93:21:51:00:cb:ee:e5:79:dc:6e:71:48:
b0:5a:03:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbWOdJj7glDMrPmnUeWjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGY1YThlMjk1YWQxZDdiNDhhMWUxMTk1ODc5MDA1MmI1
N2EyNTMwHhcNMjQwMTAxMDAyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjUwMjQ1MDc1OTllYThiYjQ1NDJmNDUzNzRkMWE2YmViZTAyZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXHBbRLvirc0rLH/UJarONuF3bGe
6+XJP3YYakxcPfX6LwUyyB8xWL1yRz04fG9Vs9/B55HP7VtCdS51RZPBkg6ysvXC
PTftv3adIlhz0OdempMCqKHwfYdA76mdFX8i17rNAX68WRFPMFmCcTMv4bDzCVTT
kAy+nUkvibZ+jF9CeScTlxzTaC6Iuu6GCDoxom61bqkSOnGJxLh3qKx1DeCiLH3u
Ii5W9sIw24he5Rb9Ja0oAVMu4Vtg41YpZhRW0ZgnIWqQJpVpt6LBuLBTq5oMjKSl
o8lpJDarMvUxqgsDMkPRnxHOdEp4hMgeXB7R2lYUARjue+k1jv7+xTwCoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNJQJFB1meqLtFQvRTdNGmvr4C2VMB8GA1UdIwQY
MBaAFCWPWo4pWtHXtIoeEZWHkAUrV6JTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk5YWppbGEwZGUwaWg0UmxZZVFCU3RYb2xNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zNzE5ZjMtMjJlMS00MzQ0LTlhMzkt
NDU4YTI3MzYxNTdhLzEvMGxBa1VIV1o2b3UwVkM5Rk4wMGFhLXZnTFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zNzE5ZjMtMjJlMS00MzQ0LTlhMzktNDU4YTI3MzYxNTdh
LzEvSlk5YWppbGEwZGUwaWg0UmxZZVFCU3RYb2xNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCueTkMA8E
AgACMAkDBwIqA3eH//wwDQYJKoZIhvcNAQELBQADggEBACqkkkpM2M3mdRb5fDiz
3BdwO7ey8ntZ7/1F2QzylnF/vB/tKxnnYyb3+LpSkg5Ke3AIDdAJ/22bXV+fbK8Q
vFYbjTKOv0Z40z6NbUGnkv3usXQ53UMJpblEtLhWYrqQGm6B+6c5LLHRpokTuYlz
g3iI7PQDkqXWsRC9zZdihUA7RSq5ABXSeXXpHbqRnWfiVPFgLZLXZ6Q1U2z0i4nH
KXFxz8YWq5tmq5cywRQCutnXohPs9Y8PS+EGr/6YQY8S/NuO7chG+lXdwcZIL8PZ
pVV5bMvy4/99Uu+m1BlCx1VKTZTqMIbW7qbspcoPFrZz+5MhUQDL7uV53G5xSLBa
A9w=
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:38:13 2024 by rpki-client on console-ams.rpki-client.org