Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/1-mvJ93h5X0u-SK52gxs05RbODI0.roa
File: 1-mvJ93h5X0u-SK52gxs05RbODI0.roa (raw, json)
Hash identifier: 0MmqdgawGKXKVbzK5E2MOBi9rHaxz7B3xyzp6yR6jp0=
Subject key identifier: FA:6B:C9:F7:78:79:5F:4B:BE:48:AE:76:83:1B:34:E5:16:CE:0C:8D
Certificate issuer: /CN=a2893a4b284acb5d8a4164289045492109511688
Certificate serial: 018CC8712BE4B0F716E14B5AD0F55E4600E6
Authority key identifier: A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/1-mvJ93h5X0u-SK52gxs05RbODI0.roa
Signing time: Tue 02 Jan 2024 04:31:49 +0000
ROA not before: Tue 02 Jan 2024 04:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397451
IP address blocks: 185.25.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.mft
rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:2b:e4:b0:f7:16:e1:4b:5a:d0:f5:5e:46:00:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2893a4b284acb5d8a4164289045492109511688
Validity
Not Before: Jan 2 04:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa6bc9f778795f4bbe48ae76831b34e516ce0c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ee:eb:da:69:db:d9:21:10:8f:ab:b2:50:6f:
86:b6:55:08:ab:fb:67:4f:08:e0:23:14:49:8d:19:
15:7c:ff:0a:e5:02:39:e6:aa:08:0b:65:ef:b7:f0:
44:fd:08:07:7f:ef:a0:fc:11:2e:cb:a2:e0:a9:7c:
cd:a9:2c:cd:c5:c2:28:06:95:4e:4c:50:c0:c8:96:
22:ce:df:b6:33:af:53:c0:0d:bd:c2:03:96:67:0f:
c5:33:60:a4:e0:42:45:e8:f0:f3:6e:51:85:63:95:
8b:76:a2:0b:ec:d5:91:b8:ca:a1:b2:87:6f:d4:95:
86:d8:93:56:2c:12:a8:35:c9:10:7a:4c:4a:93:f3:
0d:75:02:9b:d9:f1:a8:4a:c9:ae:01:55:2d:ec:0f:
7e:85:8a:63:1d:14:99:82:c8:cb:e2:06:13:2d:d6:
27:9e:f8:36:dd:ee:6f:d1:cb:30:cb:b5:d7:43:e8:
a8:6f:24:66:a2:a9:08:72:70:6d:a5:4b:12:df:0d:
54:cd:d0:a3:9e:f6:44:3d:24:fe:ef:62:ab:6d:e3:
e5:91:50:7b:99:d3:6d:3b:fb:52:3b:57:33:d8:df:
95:79:3d:75:5b:35:be:5f:f0:fc:af:22:5f:d7:c9:
46:ea:f5:c1:de:28:0e:d3:5e:07:97:22:76:8c:95:
e4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6B:C9:F7:78:79:5F:4B:BE:48:AE:76:83:1B:34:E5:16:CE:0C:8D
X509v3 Authority Key Identifier:
keyid:A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/1-mvJ93h5X0u-SK52gxs05RbODI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.156.0/24
Signature Algorithm: sha256WithRSAEncryption
79:4a:c8:a2:be:ec:ea:70:76:5f:08:1f:55:65:a1:4d:80:eb:
b6:e6:f3:ba:4c:9c:02:38:f7:88:99:ed:e7:69:f6:39:de:9b:
52:ef:7f:31:85:a3:2c:04:46:be:32:8a:33:1e:80:b1:c7:01:
b7:68:1a:88:c1:50:ea:38:21:6b:b1:28:b1:56:5c:86:2c:14:
2f:60:f3:6f:ac:89:b8:18:38:d9:e1:63:b9:c2:89:d9:94:87:
c0:04:05:47:14:86:ca:db:34:dd:17:73:ba:d4:49:0e:51:3a:
60:bb:b2:1b:ad:90:60:cf:7b:b4:2f:4e:dd:ea:73:37:4c:67:
61:35:51:35:b6:84:20:ed:51:0f:89:6e:5f:f3:41:eb:b9:03:
ea:f1:cd:57:fa:5c:58:7a:78:55:82:b4:50:01:35:51:fa:36:
b6:13:c3:f5:fb:66:30:9f:dd:9d:c0:67:66:97:5a:fc:b5:29:
82:5f:a2:89:12:3c:ff:1d:9a:b7:bf:e4:bd:c8:17:80:70:c5:
c0:2f:14:ed:b2:a1:6c:e6:3c:c1:27:ae:1a:6d:1b:67:7d:c2:
64:92:05:11:a5:75:42:55:d4:78:ee:fa:d3:34:03:bc:d2:e8:
57:40:75:59:af:56:9e:31:d0:b6:56:85:a9:5b:15:cd:68:5b:
3f:ca:ce:e4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIcSvksPcW4Uta0PVeRgDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyODkzYTRiMjg0YWNiNWQ4YTQxNjQyODkwNDU0OTIxMDk1
MTE2ODgwHhcNMjQwMTAyMDQzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTZiYzlmNzc4Nzk1ZjRiYmU0OGFlNzY4MzFiMzRlNTE2Y2UwYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAke7r2mnb2SEQj6uyUG+GtlUIq/tn
TwjgIxRJjRkVfP8K5QI55qoIC2Xvt/BE/QgHf++g/BEuy6LgqXzNqSzNxcIoBpVO
TFDAyJYizt+2M69TwA29wgOWZw/FM2Ck4EJF6PDzblGFY5WLdqIL7NWRuMqhsodv
1JWG2JNWLBKoNckQekxKk/MNdQKb2fGoSsmuAVUt7A9+hYpjHRSZgsjL4gYTLdYn
nvg23e5v0cswy7XXQ+iobyRmoqkIcnBtpUsS3w1UzdCjnvZEPST+72KrbePlkVB7
mdNtO/tSO1cz2N+VeT11WzW+X/D8ryJf18lG6vXB3igO014HlyJ2jJXk9wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpryfd4eV9LvkiudoMbNOUWzgyNMB8GA1UdIwQY
MBaAFKKJOksoSstdikFkKJBFSSEJURaIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgt
YTVkM2NiOTE4MjA2LzEvMS1tdko5M2g1WDB1LVNLNTJneHMwNVJiT0RJMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2QvYjQ4N2FiLTVlMzEtNDExNy1hZGE4LWE1ZDNjYjkxODIw
Ni8xL29vazZTeWhLeTEyS1FXUW9rRVZKSVFsUkZvZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkZnDAN
BgkqhkiG9w0BAQsFAAOCAQEAeUrIor7s6nB2XwgfVWWhTYDrtubzukycAjj3iJnt
52n2Od6bUu9/MYWjLARGvjKKMx6AsccBt2gaiMFQ6jgha7EosVZchiwUL2Dzb6yJ
uBg42eFjucKJ2ZSHwAQFRxSGyts03RdzutRJDlE6YLuyG62QYM97tC9O3epzN0xn
YTVRNbaEIO1RD4luX/NB67kD6vHNV/pcWHp4VYK0UAE1Ufo2thPD9ftmMJ/dncBn
Zpda/LUpgl+iiRI8/x2at7/kvcgXgHDFwC8U7bKhbOY8wSeuGm0bZ33CZJIFEaV1
QlXUeO760zQDvNLoV0B1Wa9WnjHQtlaFqVsVzWhbP8rO5A==
-----END CERTIFICATE-----
Generated at Sat May 4 04:36:45 2024 by rpki-client on console-ams.rpki-client.org