Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/PT0WSMlKrWiX120Y11XWHyK8PDI.roa
File: PT0WSMlKrWiX120Y11XWHyK8PDI.roa (raw, json)
Hash identifier: 9EB9jIzK4cbDqhYEKC+JIbVUU1KmN44BbNBO0h4vbMk=
Subject key identifier: 3D:3D:16:48:C9:4A:AD:68:97:D7:6D:18:D7:55:D6:1F:22:BC:3C:32
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018CC8DCDEB1F75B60A1760B228196A6E545
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/PT0WSMlKrWiX120Y11XWHyK8PDI.roa
Signing time: Tue 02 Jan 2024 06:29:27 +0000
ROA not before: Tue 02 Jan 2024 06:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206950
IP address blocks: 94.188.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:de:b1:f7:5b:60:a1:76:0b:22:81:96:a6:e5:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Jan 2 06:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d3d1648c94aad6897d76d18d755d61f22bc3c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2b:02:98:7c:67:e4:24:50:9a:0d:2c:10:6a:
bb:30:7d:7a:33:8e:37:89:44:4d:18:64:a2:c5:72:
a3:78:91:a9:e3:fb:d7:42:ac:28:34:cb:58:52:01:
ba:3c:e6:c5:7b:1f:4d:51:22:1d:04:3f:d2:70:a3:
c6:6a:c6:b5:06:5d:1e:ad:06:c4:d0:45:bd:9d:75:
e4:5e:4c:86:aa:85:2e:6b:02:26:06:43:7d:2c:3c:
b4:4d:0a:f2:ac:79:e7:68:2b:a4:3a:88:af:f8:ec:
e0:d0:3f:76:c9:86:67:8c:00:5c:39:75:b1:0c:b3:
77:a6:30:6c:af:f0:64:de:15:bc:92:38:a5:8e:7c:
da:a5:5a:7b:8a:b4:f8:28:33:74:9f:0a:ef:4f:2d:
c6:03:50:91:af:9b:53:1f:4d:8f:76:f5:79:cb:5e:
21:63:cc:50:b3:39:dd:0b:59:22:cb:f7:0d:1d:a9:
09:e6:bc:59:0e:f5:8c:41:c5:98:e1:53:9a:99:54:
82:50:69:7e:4a:2e:36:a2:9b:32:78:8d:48:0b:cc:
1e:62:72:c4:9f:43:c8:9f:66:eb:51:ad:54:e8:b4:
23:4b:2c:f7:d5:c6:f7:10:de:92:fe:6b:6e:b2:b9:
82:13:42:4a:58:a0:0f:01:b5:d6:23:3c:98:64:e1:
10:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3D:16:48:C9:4A:AD:68:97:D7:6D:18:D7:55:D6:1F:22:BC:3C:32
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/PT0WSMlKrWiX120Y11XWHyK8PDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.185.0/24
Signature Algorithm: sha256WithRSAEncryption
30:5b:8b:89:fd:02:98:9f:77:d8:bd:c0:fd:d6:a6:8b:8b:67:
68:f5:4e:1c:64:22:cd:a7:a9:4a:70:7a:a3:aa:8e:87:e0:5c:
df:8a:97:13:c5:6c:3a:5e:62:1a:89:8f:00:fb:11:90:84:7d:
d5:b4:e7:8e:69:dc:d5:ae:2b:fc:dc:f3:a8:2c:52:95:3d:fc:
88:3e:7e:4a:7c:01:af:50:52:01:aa:ea:ed:2b:fc:0c:c5:6c:
39:84:b4:6c:64:b3:2b:6a:ee:63:8c:8a:cb:bc:66:4f:76:3f:
71:cb:67:16:86:4b:b7:08:98:d5:f3:87:2a:6e:72:34:cb:72:
fc:35:61:57:a6:2e:08:5e:91:2b:89:00:5e:40:b7:17:d5:71:
05:b3:4d:25:1f:51:08:ff:95:d2:4b:62:41:c1:e0:2a:0b:46:
bd:d8:70:1a:a3:ea:a4:83:af:06:98:98:c3:d9:ef:63:f5:fd:
4d:a9:f4:d7:24:c2:cd:d4:d8:14:43:36:6e:d5:d3:0b:9f:98:
73:76:0d:e7:24:8e:00:02:fa:e1:be:f5:ce:38:97:2c:1b:a8:
70:91:45:7a:25:b6:af:d8:88:e2:65:bc:bf:b4:2f:cd:f8:af:
ab:05:2b:80:3a:6e:f0:2c:7c:9b:67:52:bd:34:59:68:20:f1:
86:85:5c:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3N6x91tgoXYLIoGWpuVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjQwMTAyMDYyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDNkMTY0OGM5NGFhZDY4OTdkNzZkMThkNzU1ZDYxZjIyYmMzYzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoysCmHxn5CRQmg0sEGq7MH16M443
iURNGGSixXKjeJGp4/vXQqwoNMtYUgG6PObFex9NUSIdBD/ScKPGasa1Bl0erQbE
0EW9nXXkXkyGqoUuawImBkN9LDy0TQryrHnnaCukOoiv+Ozg0D92yYZnjABcOXWx
DLN3pjBsr/Bk3hW8kjiljnzapVp7irT4KDN0nwrvTy3GA1CRr5tTH02PdvV5y14h
Y8xQszndC1kiy/cNHakJ5rxZDvWMQcWY4VOamVSCUGl+Si42opsyeI1IC8weYnLE
n0PIn2brUa1U6LQjSyz31cb3EN6S/mtusrmCE0JKWKAPAbXWIzyYZOEQZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD09FkjJSq1ol9dtGNdV1h8ivDwyMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvUFQwV1NNbEtyV2lYMTIwWTExWFdIeUs4UERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXry5MA0G
CSqGSIb3DQEBCwUAA4IBAQAwW4uJ/QKYn3fYvcD91qaLi2do9U4cZCLNp6lKcHqj
qo6H4FzfipcTxWw6XmIaiY8A+xGQhH3VtOeOadzVriv83POoLFKVPfyIPn5KfAGv
UFIBqurtK/wMxWw5hLRsZLMrau5jjIrLvGZPdj9xy2cWhku3CJjV84cqbnI0y3L8
NWFXpi4IXpEriQBeQLcX1XEFs00lH1EI/5XSS2JBweAqC0a92HAao+qkg68GmJjD
2e9j9f1NqfTXJMLN1NgUQzZu1dMLn5hzdg3nJI4AAvrhvvXOOJcsG6hwkUV6Jbav
2IjiZby/tC/N+K+rBSuAOm7wLHybZ1K9NFloIPGGhVyR
-----END CERTIFICATE-----
Generated at Fri May 17 23:56:54 2024 by rpki-client on console-ams.rpki-client.org