Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/0UpDOpktDMnlBP_Nzjs04vEbwlw.roa
File: 0UpDOpktDMnlBP_Nzjs04vEbwlw.roa (raw, json)
Hash identifier: suLzUX415rar0AW4JTxTyqljlQruN09VGJgeGeaUxOU=
Subject key identifier: D1:4A:43:3A:99:2D:0C:C9:E5:04:FF:CD:CE:3B:34:E2:F1:1B:C2:5C
Certificate issuer: /CN=6eef0dc51dfff0103419599906365572b7fe48fe
Certificate serial: 0191F63538AB090245D6091E2CAB5CF7D7E5
Authority key identifier: 6E:EF:0D:C5:1D:FF:F0:10:34:19:59:99:06:36:55:72:B7:FE:48:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bu8NxR3_8BA0GVmZBjZVcrf-SP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/0UpDOpktDMnlBP_Nzjs04vEbwlw.roa
Signing time: Sun 15 Sep 2024 15:02:48 +0000
ROA not before: Sun 15 Sep 2024 15:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61055
IP address blocks: 185.10.72.0/24 maxlen: 24
185.10.73.0/24 maxlen: 24
185.10.74.0/24 maxlen: 24
185.10.75.0/24 maxlen: 24
2a02:dfc0:1::/48 maxlen: 48
2a02:dfc0:2::/48 maxlen: 48
2a02:dfc0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/bu8NxR3_8BA0GVmZBjZVcrf-SP4.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/bu8NxR3_8BA0GVmZBjZVcrf-SP4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bu8NxR3_8BA0GVmZBjZVcrf-SP4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f6:35:38:ab:09:02:45:d6:09:1e:2c:ab:5c:f7:d7:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eef0dc51dfff0103419599906365572b7fe48fe
Validity
Not Before: Sep 15 15:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d14a433a992d0cc9e504ffcdce3b34e2f11bc25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8c:df:fe:1d:dc:e1:30:3e:17:23:82:17:4e:
cd:73:27:18:7b:9f:50:91:76:55:64:d9:1f:17:7d:
08:90:a9:28:75:10:20:77:cd:56:84:fe:b0:36:46:
0a:35:b8:53:df:df:a4:8c:f9:b9:48:01:b5:48:49:
1a:77:82:b7:03:d8:f4:5f:f6:9b:bd:57:36:52:60:
46:a5:fe:2f:f9:bc:72:6e:05:41:be:db:97:88:3d:
5e:7a:5e:1c:d7:db:94:8f:e1:cf:f0:2e:a7:b6:83:
a0:67:d7:6e:85:2d:bb:2b:eb:5f:c9:e8:e9:82:35:
81:31:90:35:ff:1d:01:29:d5:4a:0b:08:6b:70:47:
cd:38:88:fa:45:4e:b7:93:54:4b:4d:9d:0d:21:46:
07:23:93:82:d9:4a:da:09:10:18:56:32:60:f9:18:
d6:96:dc:66:eb:cd:38:c5:fd:74:12:d9:05:41:e5:
e3:3a:d3:d4:61:6c:9b:8c:5b:4b:fd:50:0b:14:4c:
53:82:db:b2:fa:b2:28:71:c8:ba:dc:06:31:43:29:
0b:56:06:48:ce:61:3f:58:9d:d4:83:ef:9a:a9:8f:
94:e7:07:13:bb:df:aa:4d:96:71:8e:bb:f9:bc:d4:
68:0a:c5:80:bf:e6:39:56:4c:a7:7f:b9:78:bd:9b:
ee:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4A:43:3A:99:2D:0C:C9:E5:04:FF:CD:CE:3B:34:E2:F1:1B:C2:5C
X509v3 Authority Key Identifier:
keyid:6E:EF:0D:C5:1D:FF:F0:10:34:19:59:99:06:36:55:72:B7:FE:48:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bu8NxR3_8BA0GVmZBjZVcrf-SP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/0UpDOpktDMnlBP_Nzjs04vEbwlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/5f217a-de26-4bf0-ac20-4fdae09a677d/1/bu8NxR3_8BA0GVmZBjZVcrf-SP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.72.0/22
IPv6:
2a02:dfc0:1::-2a02:dfc0:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
07:d6:d0:47:07:d7:eb:a8:9e:96:87:57:4f:a3:31:e6:4c:4c:
f8:36:19:e8:19:08:b6:09:56:c0:4e:19:05:56:2c:ca:3a:9d:
e1:3c:7d:2e:17:9a:16:23:23:20:93:94:8b:db:44:87:4e:89:
64:cb:c9:52:f3:f9:6e:d2:97:db:bd:ba:51:d5:ac:c1:e4:46:
a9:43:75:81:d2:d0:3b:5c:94:52:96:f8:de:b0:96:3f:bb:aa:
7f:28:52:ab:1b:a1:81:41:de:bc:c4:c1:be:57:c0:bb:b4:39:
8f:4e:e8:e1:3f:03:83:89:85:05:0c:58:f2:6a:c1:fc:fb:9c:
1b:8f:3c:1e:de:f4:f0:8b:ff:cb:d2:5a:09:a2:bb:01:22:6f:
93:2f:86:60:42:ec:8f:ef:51:7b:b3:ed:d5:ef:df:97:f7:ca:
7c:e7:7c:55:11:3e:3a:33:a5:85:33:9b:29:00:4e:11:c8:ba:
da:75:9c:18:9f:c5:44:b0:cf:37:ee:16:44:2b:8b:ad:66:25:
e5:ef:4f:05:ff:37:98:2b:5f:b2:45:37:5c:bd:ef:28:9e:f7:
3a:20:88:99:f4:c3:38:8f:c9:46:62:4b:cc:5b:fc:6c:db:be:
0b:97:07:1b:1b:61:6b:d4:61:11:8c:e6:8c:de:ee:c0:4a:1c:
c1:6f:01:ae
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZH2NTirCQJF1gkeLKtc99flMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZWYwZGM1MWRmZmYwMTAzNDE5NTk5OTA2MzY1NTcyYjdm
ZTQ4ZmUwHhcNMjQwOTE1MTUwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRhNDMzYTk5MmQwY2M5ZTUwNGZmY2RjZTNiMzRlMmYxMWJjMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Yzf/h3c4TA+FyOCF07NcycYe59Q
kXZVZNkfF30IkKkodRAgd81WhP6wNkYKNbhT39+kjPm5SAG1SEkad4K3A9j0X/ab
vVc2UmBGpf4v+bxybgVBvtuXiD1eel4c19uUj+HP8C6ntoOgZ9duhS27K+tfyejp
gjWBMZA1/x0BKdVKCwhrcEfNOIj6RU63k1RLTZ0NIUYHI5OC2UraCRAYVjJg+RjW
ltxm6804xf10EtkFQeXjOtPUYWybjFtL/VALFExTgtuy+rIocci63AYxQykLVgZI
zmE/WJ3Ug++aqY+U5wcTu9+qTZZxjrv5vNRoCsWAv+Y5Vkynf7l4vZvudwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNFKQzqZLQzJ5QT/zc47NOLxG8JcMB8GA1UdIwQY
MBaAFG7vDcUd//AQNBlZmQY2VXK3/kj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnU4TnhSM184QkEwR1ZtWkJqWlZjcmYtU1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS81ZjIxN2EtZGUyNi00YmYwLWFjMjAt
NGZkYWUwOWE2NzdkLzEvMFVwRE9wa3RETW5sQlBfTnpqczA0dkVid2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS81ZjIxN2EtZGUyNi00YmYwLWFjMjAtNGZkYWUwOWE2Nzdk
LzEvYnU4TnhSM184QkEwR1ZtWkJqWlZjcmYtU1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuQpIMBoE
AgACMBQwEgMHACoC38AAAQMHAioC38AAADANBgkqhkiG9w0BAQsFAAOCAQEAB9bQ
RwfX66ielodXT6Mx5kxM+DYZ6BkItglWwE4ZBVYsyjqd4Tx9LheaFiMjIJOUi9tE
h06JZMvJUvP5btKX2726UdWsweRGqUN1gdLQO1yUUpb43rCWP7uqfyhSqxuhgUHe
vMTBvlfAu7Q5j07o4T8Dg4mFBQxY8mrB/PucG488Ht708Iv/y9JaCaK7ASJvky+G
YELsj+9Re7Pt1e/fl/fKfOd8VRE+OjOlhTObKQBOEci62nWcGJ/FRLDPN+4WRCuL
rWYl5e9PBf83mCtfskU3XL3vKJ73OiCImfTDOI/JRmJLzFv8bNu+C5cHGxtha9Rh
EYzmjN7uwEocwW8Brg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:30 2024 by rpki-client on console-ams.rpki-client.org