Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/wd7rWD8zD76euZ_kg78oGyLdlvI.roa
File: wd7rWD8zD76euZ_kg78oGyLdlvI.roa (raw, json)
Hash identifier: a+KdM2KHv23/nsO4SJIcCiSLmDdo4GCQHcMFjfHo1zE=
Subject key identifier: C1:DE:EB:58:3F:33:0F:BE:9E:B9:9F:E4:83:BF:28:1B:22:DD:96:F2
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018CC7942627DC02F4D8612D5E5A847030C7
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/wd7rWD8zD76euZ_kg78oGyLdlvI.roa
Signing time: Tue 02 Jan 2024 00:30:24 +0000
ROA not before: Tue 02 Jan 2024 00:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201096
IP address blocks: 85.206.144.0/23 maxlen: 24
85.206.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:26:27:dc:02:f4:d8:61:2d:5e:5a:84:70:30:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 00:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1deeb583f330fbe9eb99fe483bf281b22dd96f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cf:cc:60:87:60:b8:bb:b1:88:f4:bf:ff:a2:
99:40:0d:80:79:22:67:e3:cc:29:89:02:f4:fe:4a:
0a:bb:b1:25:59:c5:ea:41:86:9c:d1:7b:9b:93:d0:
35:f0:90:96:4d:7b:57:f7:4c:d8:78:61:f5:62:8b:
eb:19:8b:e0:a5:f6:63:a5:44:dc:d1:27:79:28:76:
79:03:e1:7f:cf:9a:b1:ff:80:dc:9b:9d:27:51:e5:
7a:7f:17:ed:3a:90:38:10:8d:4f:fe:5e:0e:d1:5a:
a7:31:21:41:fe:33:ab:f2:3a:a9:63:a2:32:37:b5:
c8:e3:a9:b1:5d:b0:c5:54:2c:e3:2c:bd:d1:7f:84:
98:6e:8f:7f:2a:b6:78:ec:dc:ad:f2:57:6f:75:f2:
8a:5e:79:c8:93:d8:5d:8c:0a:66:2b:d1:42:28:99:
8a:8e:bb:c4:97:11:c9:27:66:88:4a:f5:13:1f:b7:
ba:bd:fc:a9:c1:8f:12:70:b1:00:77:21:a5:6d:38:
f7:a4:a7:34:97:38:4f:87:96:1f:84:4b:94:51:7f:
7f:f3:c9:46:f3:14:68:09:6b:5c:12:81:d7:da:f2:
49:b5:48:d4:e9:06:94:a3:2f:b3:48:a1:b7:62:f7:
d2:eb:af:1f:ff:82:f0:14:cb:0e:aa:81:7b:13:b1:
08:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DE:EB:58:3F:33:0F:BE:9E:B9:9F:E4:83:BF:28:1B:22:DD:96:F2
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/wd7rWD8zD76euZ_kg78oGyLdlvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.144.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:a1:b0:22:89:f8:eb:5a:9c:99:05:52:d7:93:b2:a5:e5:41:
6d:3f:2f:f0:cd:07:bd:a3:40:5e:ca:10:2e:2a:38:52:94:e7:
8f:c3:55:ef:b2:fc:54:e9:d1:cb:54:2f:e2:23:b4:76:c2:df:
ff:a3:06:a3:bd:b0:f1:66:75:95:e5:bf:10:6e:8d:5e:d4:fc:
1d:dd:e0:b2:6f:ec:66:fd:70:7e:4a:b6:f7:10:1b:1b:e8:50:
1c:b1:44:dd:e1:cc:d7:0e:19:9c:5c:ee:3f:52:bd:9b:1c:4e:
c8:1d:ac:be:6b:8c:9c:29:f6:23:e3:a3:92:c1:33:4e:75:d2:
6f:e1:7c:51:f8:d8:4c:2e:f2:9c:6e:5e:6c:31:50:d1:57:6a:
ae:2b:e0:ea:47:8b:d6:66:2c:d4:ee:9f:a7:86:64:66:20:15:
80:4c:ec:c3:eb:d0:3e:20:1a:35:37:e0:b3:e7:07:2c:37:40:
a6:28:04:90:5e:d3:9d:84:63:33:26:c0:5d:c0:35:83:5c:b3:
1a:ff:ba:df:88:c3:ed:57:3a:4c:7f:c3:a4:9c:3b:f0:86:d2:
4f:36:0a:7b:f0:94:0f:38:94:87:cb:ac:fc:19:6d:55:7e:55:
9b:36:06:e2:8f:b3:24:66:30:83:00:ed:10:ad:aa:c5:a5:87:
bc:45:7e:21
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlCYn3AL02GEtXlqEcDDHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjQwMTAyMDAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWRlZWI1ODNmMzMwZmJlOWViOTlmZTQ4M2JmMjgxYjIyZGQ5NmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM/MYIdguLuxiPS//6KZQA2AeSJn
48wpiQL0/koKu7ElWcXqQYac0Xubk9A18JCWTXtX90zYeGH1YovrGYvgpfZjpUTc
0Sd5KHZ5A+F/z5qx/4Dcm50nUeV6fxftOpA4EI1P/l4O0VqnMSFB/jOr8jqpY6Iy
N7XI46mxXbDFVCzjLL3Rf4SYbo9/KrZ47Nyt8ldvdfKKXnnIk9hdjApmK9FCKJmK
jrvElxHJJ2aISvUTH7e6vfypwY8ScLEAdyGlbTj3pKc0lzhPh5YfhEuUUX9/88lG
8xRoCWtcEoHX2vJJtUjU6QaUoy+zSKG3YvfS668f/4LwFMsOqoF7E7EIqQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMHe61g/Mw++nrmf5IO/KBsi3ZbyMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL3dkN3JXRDh6RDc2ZXVaX2tnNzhvR3lMZGx2SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJVzpAw
DQYJKoZIhvcNAQELBQADggEBAB2hsCKJ+OtanJkFUteTsqXlQW0/L/DNB72jQF7K
EC4qOFKU54/DVe+y/FTp0ctUL+IjtHbC3/+jBqO9sPFmdZXlvxBujV7U/B3d4LJv
7Gb9cH5KtvcQGxvoUByxRN3hzNcOGZxc7j9SvZscTsgdrL5rjJwp9iPjo5LBM051
0m/hfFH42Ewu8pxuXmwxUNFXaq4r4OpHi9ZmLNTun6eGZGYgFYBM7MPr0D4gGjU3
4LPnByw3QKYoBJBe052EYzMmwF3ANYNcsxr/ut+Iw+1XOkx/w6ScO/CG0k82Cnvw
lA84lIfLrPwZbVV+VZs2BuKPsyRmMIMA7RCtqsWlh7xFfiE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:47 2024 by rpki-client on console-ams.rpki-client.org