Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/1x9OUBgUhODwmMf208Vg2yzAN7o.roa
File: 1x9OUBgUhODwmMf208Vg2yzAN7o.roa (raw, json)
Hash identifier: ub2FuvXTNQ9O3Ob5pLwurK9WpwdC/e4GNwtq+7+ufqs=
Subject key identifier: D7:1F:4E:50:18:14:84:E0:F0:98:C7:F6:D3:C5:60:DB:2C:C0:37:BA
Certificate issuer: /CN=588b1024ea056e5ed498f6e9ddc20632bdf6c9c5
Certificate serial: 0192DE5C6D68E86479E795C7A79A7E050952
Authority key identifier: 58:8B:10:24:EA:05:6E:5E:D4:98:F6:E9:DD:C2:06:32:BD:F6:C9:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/1x9OUBgUhODwmMf208Vg2yzAN7o.roa
Signing time: Wed 30 Oct 2024 16:57:32 +0000
ROA not before: Wed 30 Oct 2024 16:57:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208208
IP address blocks: 84.252.120.0/24 maxlen: 24
84.252.121.0/24 maxlen: 24
84.252.122.0/24 maxlen: 24
84.252.123.0/24 maxlen: 24
185.230.160.0/24 maxlen: 24
185.230.161.0/24 maxlen: 24
185.230.162.0/24 maxlen: 24
185.230.163.0/24 maxlen: 24
185.240.241.0/24 maxlen: 24
185.240.242.0/24 maxlen: 24
185.240.243.0/24 maxlen: 24
2a09:6301::/32 maxlen: 32
2a09:6302::/32 maxlen: 32
2a09:6305::/32 maxlen: 32
2a09:6306::/32 maxlen: 32
2a0c:2500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:de:5c:6d:68:e8:64:79:e7:95:c7:a7:9a:7e:05:09:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588b1024ea056e5ed498f6e9ddc20632bdf6c9c5
Validity
Not Before: Oct 30 16:57:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d71f4e50181484e0f098c7f6d3c560db2cc037ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bf:22:dd:3b:65:28:26:de:12:49:2c:ff:d8:
f3:da:11:0a:2b:e9:b0:6f:06:77:02:4d:2c:04:8b:
41:49:58:8a:85:b2:66:1b:f4:4e:49:b9:9d:75:69:
5f:2e:d0:a2:62:b0:25:c2:d6:d7:d3:91:67:c7:d7:
ba:80:27:3e:49:87:9d:4b:20:2b:ce:68:2b:92:d8:
24:3a:a0:d9:2a:75:da:9e:f1:0a:3c:a6:53:3a:56:
ce:c3:56:18:c2:59:ff:08:95:ac:3e:8a:09:a2:5c:
09:2e:13:24:ff:47:b0:d6:5a:54:94:a7:26:d9:9e:
17:92:54:4a:0f:d1:9c:b5:ee:35:af:01:ee:14:9a:
35:0b:b8:42:ce:f9:ca:5b:5b:a0:0a:4e:fb:78:93:
ca:26:8c:ba:28:b7:2b:76:a5:cd:7e:06:e6:28:64:
1f:cf:50:de:38:da:3c:fe:a8:67:1a:0c:db:83:06:
84:1d:a2:df:32:98:30:42:7f:63:6b:0b:c9:fc:99:
35:8b:84:96:c0:e3:e0:8a:8c:bb:1f:dd:c3:8c:42:
e4:c6:82:4d:72:de:ed:1f:a8:e1:38:d4:68:64:35:
12:25:0a:40:95:cb:e4:59:05:28:b3:3f:52:5e:f2:
fb:fe:17:9c:11:f6:ae:48:03:48:33:dd:c9:c9:73:
5c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:1F:4E:50:18:14:84:E0:F0:98:C7:F6:D3:C5:60:DB:2C:C0:37:BA
X509v3 Authority Key Identifier:
keyid:58:8B:10:24:EA:05:6E:5E:D4:98:F6:E9:DD:C2:06:32:BD:F6:C9:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIsQJOoFbl7UmPbp3cIGMr32ycU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/1x9OUBgUhODwmMf208Vg2yzAN7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d34a74-d7cd-4f99-84cd-56628a46df40/1/WIsQJOoFbl7UmPbp3cIGMr32ycU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.120.0/22
185.230.160.0/22
185.240.241.0-185.240.243.255
IPv6:
2a09:6301::-2a09:6302:ffff:ffff:ffff:ffff:ffff:ffff
2a09:6305::-2a09:6306:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:2500::/32
Signature Algorithm: sha256WithRSAEncryption
51:d6:2f:5c:88:8b:c6:bb:25:3e:73:ab:f3:36:d2:db:ca:24:
9e:e7:65:76:dd:02:4c:72:de:e7:3b:d3:37:c7:40:28:a7:dd:
b4:2e:60:53:84:c5:4b:58:f6:d1:1b:40:a1:c4:0e:ac:44:8b:
a1:34:15:b3:44:95:79:78:3e:b6:1a:e7:df:50:7f:6c:6f:d6:
88:c4:28:de:a9:d4:21:0e:be:ec:68:eb:e1:cb:1d:01:97:a1:
c2:98:64:de:2c:e7:98:cf:2c:c7:26:50:21:02:db:9c:2e:bf:
d6:c8:aa:c3:27:d4:97:c5:91:64:00:36:b9:d1:12:2c:2e:cb:
53:39:13:fe:29:f8:30:b1:b0:43:d7:2f:b0:bc:5c:80:4a:b0:
13:8e:38:2e:90:ea:aa:18:c5:d7:04:7b:f5:81:df:ab:75:df:
be:2b:62:a8:f1:4c:fa:aa:c8:7b:74:bc:e4:ed:ca:4d:59:2f:
0d:a8:a1:e6:a9:59:67:7e:2c:47:bf:87:e6:a7:0d:3f:94:16:
24:36:45:c2:00:46:bc:57:05:c4:0e:53:bd:02:01:69:6d:85:
47:40:08:cb:67:75:8b:46:da:5a:4f:cf:77:4c:e0:4b:3c:32:
e2:50:9d:ad:ec:b5:4b:fe:39:9c:13:0f:27:f8:9b:65:0f:53:
f0:1d:5f:02
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZLeXG1o6GR555XHp5p+BQlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGIxMDI0ZWEwNTZlNWVkNDk4ZjZlOWRkYzIwNjMyYmRm
NmM5YzUwHhcNMjQxMDMwMTY1NzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzFmNGU1MDE4MTQ4NGUwZjA5OGM3ZjZkM2M1NjBkYjJjYzAzN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb8i3TtlKCbeEkks/9jz2hEKK+mw
bwZ3Ak0sBItBSViKhbJmG/ROSbmddWlfLtCiYrAlwtbX05Fnx9e6gCc+SYedSyAr
zmgrktgkOqDZKnXanvEKPKZTOlbOw1YYwln/CJWsPooJolwJLhMk/0ew1lpUlKcm
2Z4XklRKD9Gcte41rwHuFJo1C7hCzvnKW1ugCk77eJPKJoy6KLcrdqXNfgbmKGQf
z1DeONo8/qhnGgzbgwaEHaLfMpgwQn9jawvJ/Jk1i4SWwOPgioy7H93DjELkxoJN
ct7tH6jhONRoZDUSJQpAlcvkWQUosz9SXvL7/hecEfauSANIM93JyXNcuQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFNcfTlAYFITg8JjH9tPFYNsswDe6MB8GA1UdIwQY
MBaAFFiLECTqBW5e1Jj26d3CBjK99snFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lzUUpPb0ZibDdVbVBicDNjSUdNcjMyeWNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kMzRhNzQtZDdjZC00Zjk5LTg0Y2Qt
NTY2MjhhNDZkZjQwLzEvMXg5T1VCZ1VoT0R3bU1mMjA4VmcyeXpBTjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kMzRhNzQtZDdjZC00Zjk5LTg0Y2QtNTY2MjhhNDZkZjQw
LzEvV0lzUUpPb0ZibDdVbVBicDNjSUdNcjMyeWNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAgBAIAATAaAwQCVPx4AwQC
ueagMAwDBAC58PEDBAK58PAwLQQCAAIwJzAOAwUAKgljAQMFACoJYwIwDgMFACoJ
YwUDBQAqCWMGAwUAKgwlADANBgkqhkiG9w0BAQsFAAOCAQEAUdYvXIiLxrslPnOr
8zbS28oknudldt0CTHLe5zvTN8dAKKfdtC5gU4TFS1j20RtAocQOrESLoTQVs0SV
eXg+thrn31B/bG/WiMQo3qnUIQ6+7Gjr4csdAZehwphk3iznmM8sxyZQIQLbnC6/
1siqwyfUl8WRZAA2udESLC7LUzkT/in4MLGwQ9cvsLxcgEqwE444LpDqqhjF1wR7
9YHfq3XfvitiqPFM+qrIe3S85O3KTVkvDaih5qlZZ34sR7+H5qcNP5QWJDZFwgBG
vFcFxA5TvQIBaW2FR0AIy2d1i0baWk/Pd0zgSzwy4lCdrey1S/45nBMPJ/ibZQ9T
8B1fAg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:29:21 2024 by rpki-client on console-ams.rpki-client.org