Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/1lI0IIyXickfMCeAZuFlv8idECM.roa
File: 1lI0IIyXickfMCeAZuFlv8idECM.roa (raw, json)
Hash identifier: TbjhQ5fKEihbATQea00+yi0Y4AaVqkk+jdcLAz9mQ6Q=
Subject key identifier: D6:52:34:20:8C:97:89:C9:1F:30:27:80:66:E1:65:BF:C8:9D:10:23
Certificate issuer: /CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Certificate serial: 018CC9BC06198C424B8D3F1FB8C9E0208FC4
Authority key identifier: CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/1lI0IIyXickfMCeAZuFlv8idECM.roa
Signing time: Tue 02 Jan 2024 10:33:11 +0000
ROA not before: Tue 02 Jan 2024 10:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 185.210.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:06:19:8c:42:4b:8d:3f:1f:b8:c9:e0:20:8f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Validity
Not Before: Jan 2 10:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d65234208c9789c91f30278066e165bfc89d1023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a9:b4:9b:e7:86:a1:70:04:a7:1a:f0:a0:3a:
e5:e1:0f:1b:d3:ea:6e:2a:ac:a7:2b:f2:77:1d:33:
b1:9c:a8:d1:0e:e8:42:ad:1f:11:03:8f:6c:e3:76:
af:78:bc:ad:1d:e1:5e:45:92:2f:9c:e7:3d:80:92:
fc:e8:a7:27:5c:40:ec:f7:e8:96:74:e7:07:b2:b2:
e9:a4:a9:a4:a6:da:f3:29:5c:9f:31:9f:de:cc:0f:
73:7f:68:ac:07:20:31:be:ab:ee:ff:dc:88:97:d7:
d1:f5:68:1f:17:e9:13:41:43:6a:79:3e:4c:30:76:
94:62:fd:a0:60:2f:62:8f:c5:3c:6c:6e:20:98:18:
5b:bd:28:8d:1e:22:fb:ee:90:8d:3e:66:c1:72:22:
50:d9:76:db:bb:44:a5:5f:9f:f2:5a:66:45:68:aa:
ce:15:82:a8:a3:10:f8:65:5a:7e:82:eb:d2:4f:eb:
7b:5c:77:c6:90:85:5e:f3:2d:4d:99:2d:d6:8a:cb:
41:d0:29:ed:55:70:af:57:09:0f:2c:3d:8e:f1:6c:
99:f7:2f:b4:45:82:48:a0:60:f6:6c:bf:20:78:e2:
24:fe:63:a9:cf:ce:5c:4f:b4:42:05:dd:8b:ad:3e:
c8:86:d3:99:b0:87:be:e6:f4:0b:e7:c2:db:a7:1f:
77:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:52:34:20:8C:97:89:C9:1F:30:27:80:66:E1:65:BF:C8:9D:10:23
X509v3 Authority Key Identifier:
keyid:CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/1lI0IIyXickfMCeAZuFlv8idECM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.157.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b5:43:b9:a5:43:7d:8d:63:e8:d4:2e:d6:93:9c:50:d4:a6:
03:8b:b7:38:43:fc:5e:68:8f:ad:9f:e3:12:11:d1:a8:92:e9:
6d:95:68:6f:3a:58:d2:50:db:c1:f6:52:aa:34:3f:1e:97:73:
3f:d9:37:25:b1:73:22:ee:1d:ff:22:8c:28:c4:23:88:97:b5:
b6:ca:c7:28:4b:6b:27:85:91:da:65:58:af:1e:cb:3b:6f:cb:
cb:44:34:10:d9:38:03:0b:1c:31:ff:52:9b:d2:bd:a2:0a:3e:
ab:c8:18:d7:1e:a7:a6:a0:53:05:d9:b0:be:ee:54:66:80:18:
3a:52:66:29:f6:6d:36:60:ad:43:6a:28:c4:82:e8:71:b9:75:
39:40:7a:79:85:e4:59:bc:76:bf:be:6c:39:4f:74:37:65:59:
a2:d7:9a:0f:1b:ca:bc:ab:66:8b:a5:0a:06:fe:a5:f0:65:a6:
8c:69:05:93:d5:0e:08:cc:81:3d:03:50:8a:29:92:0e:43:0d:
48:88:ce:a7:92:c5:d5:32:f7:2e:6c:cf:8d:e1:3a:9d:b4:59:
5d:0a:9a:cc:75:eb:ad:44:10:74:f8:78:3f:ef:4a:16:b4:d7:
e4:9f:be:d1:5a:dd:49:4a:13:34:21:64:95:8f:1d:3c:3b:c6:
92:58:6a:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvAYZjEJLjT8fuMngII/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjQ1YmMwZmRiODYyNmJjZTJjMDQyNWM0MDg3YjU0ZTE1
MGQzODYwHhcNMjQwMTAyMTAzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjUyMzQyMDhjOTc4OWM5MWYzMDI3ODA2NmUxNjViZmM4OWQxMDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAram0m+eGoXAEpxrwoDrl4Q8b0+pu
KqynK/J3HTOxnKjRDuhCrR8RA49s43aveLytHeFeRZIvnOc9gJL86KcnXEDs9+iW
dOcHsrLppKmkptrzKVyfMZ/ezA9zf2isByAxvqvu/9yIl9fR9WgfF+kTQUNqeT5M
MHaUYv2gYC9ij8U8bG4gmBhbvSiNHiL77pCNPmbBciJQ2Xbbu0SlX5/yWmZFaKrO
FYKooxD4ZVp+guvST+t7XHfGkIVe8y1NmS3WistB0CntVXCvVwkPLD2O8WyZ9y+0
RYJIoGD2bL8geOIk/mOpz85cT7RCBd2LrT7IhtOZsIe+5vQL58Lbpx93OwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZSNCCMl4nJHzAngGbhZb/InRAjMB8GA1UdIwQY
MBaAFMtkW8D9uGJrziwEJcQIe1ThUNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmIt
ZTg3NTRkMDA1ZWJlLzEvMWxJMElJeVhpY2tmTUNlQVp1Rmx2OGlkRUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmItZTg3NTRkMDA1ZWJl
LzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudKdMA0G
CSqGSIb3DQEBCwUAA4IBAQAOtUO5pUN9jWPo1C7Wk5xQ1KYDi7c4Q/xeaI+tn+MS
EdGokultlWhvOljSUNvB9lKqND8el3M/2TclsXMi7h3/IowoxCOIl7W2yscoS2sn
hZHaZVivHss7b8vLRDQQ2TgDCxwx/1Kb0r2iCj6ryBjXHqemoFMF2bC+7lRmgBg6
UmYp9m02YK1DaijEguhxuXU5QHp5heRZvHa/vmw5T3Q3ZVmi15oPG8q8q2aLpQoG
/qXwZaaMaQWT1Q4IzIE9A1CKKZIOQw1IiM6nksXVMvcubM+N4TqdtFldCprMdeut
RBB0+Hg/70oWtNfkn77RWt1JShM0IWSVjx08O8aSWGrw
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:31:15 2024 by rpki-client on console-fra.rpki-client.org