Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f107d6-58fd-4323-8f51-2e41ff3e0a6f/1/PDchjnSEyhi-tb3Ur0PE7tNZY7s.roa
File: PDchjnSEyhi-tb3Ur0PE7tNZY7s.roa (raw, json)
Hash identifier: BbjMCX1Q2X6mCNTnqUkiX7L3q4iPPgkqzlM1+pVdq4w=
Subject key identifier: 3C:37:21:8E:74:84:CA:18:BE:B5:BD:D4:AF:43:C4:EE:D3:59:63:BB
Certificate issuer: /CN=5a52945d231f5f8a974be712e8718ab50f04cffa
Certificate serial: 018CC26D3FFB3F463A0A5825830BFFC599D4
Authority key identifier: 5A:52:94:5D:23:1F:5F:8A:97:4B:E7:12:E8:71:8A:B5:0F:04:CF:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WlKUXSMfX4qXS-cS6HGKtQ8Ez_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f107d6-58fd-4323-8f51-2e41ff3e0a6f/1/PDchjnSEyhi-tb3Ur0PE7tNZY7s.roa
Signing time: Mon 01 Jan 2024 00:29:48 +0000
ROA not before: Mon 01 Jan 2024 00:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42926
IP address blocks: 185.248.95.0/24 maxlen: 24
185.248.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/f107d6-58fd-4323-8f51-2e41ff3e0a6f/1/WlKUXSMfX4qXS-cS6HGKtQ8Ez_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/f107d6-58fd-4323-8f51-2e41ff3e0a6f/1/WlKUXSMfX4qXS-cS6HGKtQ8Ez_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/WlKUXSMfX4qXS-cS6HGKtQ8Ez_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:3f:fb:3f:46:3a:0a:58:25:83:0b:ff:c5:99:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a52945d231f5f8a974be712e8718ab50f04cffa
Validity
Not Before: Jan 1 00:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c37218e7484ca18beb5bdd4af43c4eed35963bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8a:dd:5a:48:fc:f6:3c:27:fe:29:58:97:bf:
5a:51:ce:60:e5:38:ad:f9:c9:15:e7:66:c1:00:81:
05:7c:27:64:d3:5a:ae:f5:37:29:55:4e:27:f7:81:
e9:4e:bb:8f:d9:15:d9:99:ee:11:de:73:a2:bf:9b:
fc:a6:51:c7:ca:9d:3f:e7:cc:4d:48:d0:88:7f:c3:
53:30:3c:aa:c2:f6:92:35:2e:e2:4a:e6:e8:74:7a:
09:50:d6:d8:ad:16:5e:97:9a:73:bf:db:df:b0:6d:
28:99:6d:14:8f:59:3f:82:02:74:57:ca:dd:99:50:
d9:54:91:3a:2d:ba:7e:8d:57:d7:5c:3e:cd:28:af:
1b:32:b6:ab:c7:ee:0a:68:99:0d:91:1e:85:6e:96:
08:e2:c3:ec:ae:15:b0:21:38:e3:b0:c3:68:ee:78:
3b:d2:14:4e:3e:a5:a4:5b:6f:9b:70:bb:92:0d:89:
01:9a:89:36:c1:9f:b7:8e:41:65:d5:34:81:8b:d6:
e6:b6:54:d6:23:85:98:c1:f5:c9:d1:34:eb:da:21:
21:c9:ea:56:c4:a4:24:0d:54:e4:3f:ed:2f:bf:ad:
3d:9e:8c:e4:91:11:c2:39:20:25:8a:d2:ea:d5:50:
be:ec:00:d9:72:69:5a:95:6c:17:4c:5f:f8:32:32:
d4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:37:21:8E:74:84:CA:18:BE:B5:BD:D4:AF:43:C4:EE:D3:59:63:BB
X509v3 Authority Key Identifier:
keyid:5A:52:94:5D:23:1F:5F:8A:97:4B:E7:12:E8:71:8A:B5:0F:04:CF:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WlKUXSMfX4qXS-cS6HGKtQ8Ez_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f107d6-58fd-4323-8f51-2e41ff3e0a6f/1/PDchjnSEyhi-tb3Ur0PE7tNZY7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f107d6-58fd-4323-8f51-2e41ff3e0a6f/1/WlKUXSMfX4qXS-cS6HGKtQ8Ez_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.94.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:80:ea:56:64:02:53:1d:97:05:15:fb:0b:b0:34:96:69:7a:
aa:34:ca:1b:7f:4e:3a:7f:85:9e:da:5d:ed:b0:4a:36:68:3b:
28:c8:cb:b0:96:30:e6:d7:f1:05:71:7b:5e:b4:34:4f:91:e4:
1e:18:c3:29:b4:e2:25:60:ce:56:8c:17:65:b7:e0:61:46:79:
1c:99:6a:a0:9c:74:9e:46:f1:92:25:14:3e:95:43:c5:11:34:
3a:14:29:94:84:f1:63:a7:9a:36:bc:76:02:13:d1:c6:a9:87:
7f:fd:a1:c7:09:dd:7e:b2:c7:78:c5:b2:8c:03:9f:10:96:85:
98:87:09:64:3c:6a:90:6e:6a:31:b9:4a:15:41:84:31:12:20:
f1:4c:e7:f5:ec:01:11:be:b1:8d:3a:70:16:bc:78:23:11:4a:
c0:3d:dd:29:f5:d6:ee:b0:de:47:81:ef:fe:ec:f5:fa:34:a6:
0e:2c:22:e6:64:0d:f9:a5:d7:f8:82:1b:1f:64:b9:5a:7e:92:
71:ff:d0:15:00:ce:bc:39:4f:5e:b9:d0:5f:a7:bb:f3:68:7e:
54:46:a5:24:c3:aa:e8:09:71:a5:f6:df:6d:dd:e2:30:71:5a:
73:36:12:83:72:dd:37:7f:5a:3b:0b:ff:fd:f7:2e:79:8b:f8:
e2:8f:bd:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbT/7P0Y6Clglgwv/xZnUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNTI5NDVkMjMxZjVmOGE5NzRiZTcxMmU4NzE4YWI1MGYw
NGNmZmEwHhcNMjQwMTAxMDAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzM3MjE4ZTc0ODRjYTE4YmViNWJkZDRhZjQzYzRlZWQzNTk2M2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4rdWkj89jwn/ilYl79aUc5g5Tit
+ckV52bBAIEFfCdk01qu9TcpVU4n94HpTruP2RXZme4R3nOiv5v8plHHyp0/58xN
SNCIf8NTMDyqwvaSNS7iSubodHoJUNbYrRZel5pzv9vfsG0omW0Uj1k/ggJ0V8rd
mVDZVJE6Lbp+jVfXXD7NKK8bMrarx+4KaJkNkR6FbpYI4sPsrhWwITjjsMNo7ng7
0hROPqWkW2+bcLuSDYkBmok2wZ+3jkFl1TSBi9bmtlTWI4WYwfXJ0TTr2iEhyepW
xKQkDVTkP+0vv609nozkkRHCOSAlitLq1VC+7ADZcmlalWwXTF/4MjLUIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDw3IY50hMoYvrW91K9DxO7TWWO7MB8GA1UdIwQY
MBaAFFpSlF0jH1+Kl0vnEuhxirUPBM/6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2xLVVhTTWZYNHFYUy1jUzZIR0t0UThFel9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mMTA3ZDYtNThmZC00MzIzLThmNTEt
MmU0MWZmM2UwYTZmLzEvUERjaGpuU0V5aGktdGIzVXIwUEU3dE5aWTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mMTA3ZDYtNThmZC00MzIzLThmNTEtMmU0MWZmM2UwYTZm
LzEvV2xLVVhTTWZYNHFYUy1jUzZIR0t0UThFel9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufheMA0G
CSqGSIb3DQEBCwUAA4IBAQAMgOpWZAJTHZcFFfsLsDSWaXqqNMobf046f4We2l3t
sEo2aDsoyMuwljDm1/EFcXtetDRPkeQeGMMptOIlYM5WjBdlt+BhRnkcmWqgnHSe
RvGSJRQ+lUPFETQ6FCmUhPFjp5o2vHYCE9HGqYd//aHHCd1+ssd4xbKMA58QloWY
hwlkPGqQbmoxuUoVQYQxEiDxTOf17AERvrGNOnAWvHgjEUrAPd0p9dbusN5Hge/+
7PX6NKYOLCLmZA35pdf4ghsfZLlafpJx/9AVAM68OU9eudBfp7vzaH5URqUkw6ro
CXGl9t9t3eIwcVpzNhKDct03f1o7C//99y55i/jij70o
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:50:45 2024 by rpki-client on console-ams.rpki-client.org