Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/96WNGF0lo8pxZatzGSt5t9whnU8.roa
File: 96WNGF0lo8pxZatzGSt5t9whnU8.roa (raw, json)
Hash identifier: WNsbFQ3aeHVtahsRn18uTY8XNG7zmE2Du0+QPgDBHJU=
Subject key identifier: F7:A5:8D:18:5D:25:A3:CA:71:65:AB:73:19:2B:79:B7:DC:21:9D:4F
Certificate issuer: /CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee
Certificate serial: 018CC42465AEAB46D8D0F04B137C77D81B79
Authority key identifier: B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/96WNGF0lo8pxZatzGSt5t9whnU8.roa
Signing time: Mon 01 Jan 2024 08:29:28 +0000
ROA not before: Mon 01 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43824
IP address blocks: 185.99.32.0/24 maxlen: 24
185.99.35.0/24 maxlen: 24
185.99.34.0/24 maxlen: 24
185.99.33.0/24 maxlen: 24
2a0a:c0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/sjDI_QIF7PDva1bgN9Vimxeyde4.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/sjDI_QIF7PDva1bgN9Vimxeyde4.mft
rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:65:ae:ab:46:d8:d0:f0:4b:13:7c:77:d8:1b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee
Validity
Not Before: Jan 1 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7a58d185d25a3ca7165ab73192b79b7dc219d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1c:e9:1b:54:01:ae:42:3d:c2:54:08:5d:d3:
18:2e:f1:b3:d8:56:23:97:e5:c2:ac:70:63:a2:6e:
1a:24:50:ed:72:b4:26:89:7d:42:1c:f8:74:f2:b7:
c2:22:a3:0d:69:08:90:17:6e:13:a6:b9:77:d3:13:
6d:b0:48:c5:29:c9:59:ac:b5:45:d7:83:75:a7:1a:
58:6f:4e:23:87:00:af:26:38:a1:6d:16:a3:1f:71:
7d:53:f2:9c:8c:53:b2:6d:37:a1:b0:a9:33:6e:bc:
eb:a1:61:c7:11:d8:91:86:ef:03:98:cc:d9:f3:5d:
2d:0d:f7:5f:b2:9f:0b:e6:56:2f:67:fc:3c:cc:da:
4d:45:08:76:45:7f:2f:d1:d6:e8:bc:b3:c7:30:f1:
fe:18:a3:e2:0a:22:f7:fb:75:97:5a:32:08:07:18:
71:2e:aa:1b:d2:89:a3:07:5d:60:60:85:18:2b:4e:
76:f2:7c:7f:53:8c:3f:c0:2e:6a:eb:36:3d:85:44:
0b:61:a0:38:24:56:42:49:c2:b8:65:d1:d3:47:4f:
ad:a0:4f:7d:d8:08:17:ff:bc:49:db:c5:73:2b:5b:
e0:ac:2c:28:22:b9:40:31:77:ee:87:3a:a6:6b:b1:
c0:fb:80:69:b4:7d:65:81:bc:13:3d:87:8f:1f:82:
e4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A5:8D:18:5D:25:A3:CA:71:65:AB:73:19:2B:79:B7:DC:21:9D:4F
X509v3 Authority Key Identifier:
keyid:B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/96WNGF0lo8pxZatzGSt5t9whnU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/sjDI_QIF7PDva1bgN9Vimxeyde4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.32.0/22
IPv6:
2a0a:c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
43:d2:1a:2c:d7:9e:ea:65:5f:cf:4a:99:9a:71:b5:9d:77:97:
8a:3f:b8:50:30:ab:45:4d:73:14:68:c7:d3:aa:91:19:da:e2:
1c:d4:92:a2:43:80:cb:0a:f8:0e:23:c6:fc:c1:5f:0b:60:8c:
66:16:2e:28:51:c7:90:ed:6e:23:d8:2d:fb:a4:69:53:6c:2d:
ff:3f:e2:69:2b:b9:c6:bd:2b:ff:82:70:7a:2e:4a:c2:dc:b6:
a7:18:3f:cf:86:1f:17:13:31:03:58:cf:44:4f:f8:39:60:7b:
80:76:48:08:27:fb:1a:78:52:dd:32:08:e6:50:4a:4f:07:29:
1a:c2:0e:84:58:b2:47:a8:7d:95:e5:9c:99:7e:bb:42:d2:67:
26:cc:fe:e7:d7:be:54:bb:e0:b0:f5:ca:cc:9e:14:b6:ab:6c:
6a:23:0f:6f:34:6f:83:e8:2b:f6:b8:d6:7e:30:31:69:c2:08:
b9:0c:4b:cb:a6:4a:ee:c4:5c:f3:12:35:e5:1b:38:d0:e6:3c:
45:21:04:d7:aa:a5:17:2f:01:bd:08:a4:4c:cd:da:5c:88:e9:
7b:a3:1f:e3:23:09:f3:7f:ec:50:95:ca:75:2e:a6:bf:44:91:
04:62:da:83:da:95:9b:42:fa:69:9b:6e:09:a3:fa:51:62:f1:
f4:58:27:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJGWuq0bY0PBLE3x32Bt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMzBjOGZkMDIwNWVjZjBlZjZiNTZlMDM3ZDU2MjliMTdi
Mjc1ZWUwHhcNMjQwMTAxMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2E1OGQxODVkMjVhM2NhNzE2NWFiNzMxOTJiNzliN2RjMjE5ZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxzpG1QBrkI9wlQIXdMYLvGz2FYj
l+XCrHBjom4aJFDtcrQmiX1CHPh08rfCIqMNaQiQF24Tprl30xNtsEjFKclZrLVF
14N1pxpYb04jhwCvJjihbRajH3F9U/KcjFOybTehsKkzbrzroWHHEdiRhu8DmMzZ
810tDfdfsp8L5lYvZ/w8zNpNRQh2RX8v0dbovLPHMPH+GKPiCiL3+3WXWjIIBxhx
Lqob0omjB11gYIUYK0528nx/U4w/wC5q6zY9hUQLYaA4JFZCScK4ZdHTR0+toE99
2AgX/7xJ28VzK1vgrCwoIrlAMXfuhzqma7HA+4BptH1lgbwTPYePH4Lk1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPeljRhdJaPKcWWrcxkrebfcIZ1PMB8GA1UdIwQY
MBaAFLIwyP0CBezw72tW4DfVYpsXsnXuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2pESV9RSUY3UER2YTFiZ045VmlteGV5ZGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYTE3OTctNjE2Zi00OTczLWI3NDAt
YzhiNWRmYzVhMTNmLzEvOTZXTkdGMGxvOHB4WmF0ekdTdDV0OXdoblU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYTE3OTctNjE2Zi00OTczLWI3NDAtYzhiNWRmYzVhMTNm
LzEvc2pESV9RSUY3UER2YTFiZ045VmlteGV5ZGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuWMgMA8E
AgACMAkDBwAqCgDA//8wDQYJKoZIhvcNAQELBQADggEBAEPSGizXnuplX89KmZpx
tZ13l4o/uFAwq0VNcxRox9OqkRna4hzUkqJDgMsK+A4jxvzBXwtgjGYWLihRx5Dt
biPYLfukaVNsLf8/4mkruca9K/+CcHouSsLctqcYP8+GHxcTMQNYz0RP+Dlge4B2
SAgn+xp4Ut0yCOZQSk8HKRrCDoRYskeofZXlnJl+u0LSZybM/ufXvlS74LD1ysye
FLarbGojD280b4PoK/a41n4wMWnCCLkMS8umSu7EXPMSNeUbONDmPEUhBNeqpRcv
Ab0IpEzN2lyI6XujH+MjCfN/7FCVynUupr9EkQRi2oPalZtC+mmbbgmj+lFi8fRY
J+I=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:05:23 2024 by rpki-client on console-ams.rpki-client.org