Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/3iBo7rtaE-bfjlrLXKTAWHSRTl0.roa
File: 3iBo7rtaE-bfjlrLXKTAWHSRTl0.roa (raw, json)
Hash identifier: sHTu/OMy4KXK2gTTbJWpwLiy46VfWuLQh7UAPHxxeRM=
Subject key identifier: DE:20:68:EE:BB:5A:13:E6:DF:8E:5A:CB:5C:A4:C0:58:74:91:4E:5D
Certificate issuer: /CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Certificate serial: 018CC9BC06AAEEF6F69720A5FACB3993360F
Authority key identifier: CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/3iBo7rtaE-bfjlrLXKTAWHSRTl0.roa
Signing time: Tue 02 Jan 2024 10:33:12 +0000
ROA not before: Tue 02 Jan 2024 10:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210924
IP address blocks: 185.210.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:06:aa:ee:f6:f6:97:20:a5:fa:cb:39:93:36:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Validity
Not Before: Jan 2 10:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de2068eebb5a13e6df8e5acb5ca4c05874914e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:54:98:56:d5:33:1e:a3:7a:50:d9:75:72:67:
c3:39:91:72:e1:ba:24:a5:f1:28:99:b6:9f:39:7c:
84:98:23:51:e8:9b:33:00:68:14:4e:eb:85:ae:5b:
3d:aa:a2:5b:6d:d0:51:88:9c:e0:3a:28:b0:85:ff:
cc:63:dd:28:e0:39:27:e1:4f:c7:78:38:95:e7:6d:
b4:58:f8:da:5d:20:d4:92:5d:dc:3a:f1:41:f5:9b:
2d:64:23:f9:3a:97:97:c0:e9:ce:10:0c:19:d5:81:
90:2f:0a:11:d5:de:d6:32:36:da:92:77:b6:5f:d8:
80:a9:65:6b:06:6e:54:95:b4:9a:c8:19:26:20:11:
1e:45:04:4a:7e:a9:70:f8:65:95:de:3a:77:dd:8c:
47:7f:ac:69:c9:f8:a5:fc:14:de:46:ee:ba:ee:0e:
5b:dd:72:50:7f:f9:b3:a8:fd:c9:18:a5:1f:0f:29:
a0:0b:19:c9:53:9d:a0:9a:6d:23:12:a7:88:13:f4:
cd:b7:11:01:c5:2b:75:80:e5:58:fb:4b:4e:30:01:
8a:f5:32:e9:67:20:f5:f2:d3:16:97:4e:22:cb:f6:
e0:38:18:63:3d:1d:09:81:37:15:4d:cb:20:6d:26:
9a:a9:2e:d3:ec:91:07:8f:47:08:60:7e:da:09:a5:
ea:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:20:68:EE:BB:5A:13:E6:DF:8E:5A:CB:5C:A4:C0:58:74:91:4E:5D
X509v3 Authority Key Identifier:
keyid:CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/3iBo7rtaE-bfjlrLXKTAWHSRTl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.157.0/24
Signature Algorithm: sha256WithRSAEncryption
86:4c:63:0b:91:d2:9b:64:2d:c6:af:4c:16:6c:12:1f:31:8c:
fa:c8:43:dc:ec:42:14:d2:72:12:75:e1:5e:29:95:93:89:77:
a9:ce:25:7e:31:0a:11:f7:b0:2c:69:d9:1b:58:a1:b2:4d:de:
c5:17:65:1d:4a:6b:b2:00:e5:43:9d:cd:59:24:3f:dc:af:99:
7e:df:c3:fc:84:81:9e:82:70:e4:c0:1b:dd:5a:b2:97:64:63:
eb:45:05:d2:e0:46:16:cf:1e:99:65:eb:f2:61:af:96:4a:c5:
b4:98:e7:c9:53:6b:e5:7b:38:ea:7d:9d:2d:0b:47:a6:f3:a5:
be:07:47:f9:38:d7:12:69:64:1c:02:8c:19:77:4d:aa:08:d9:
cf:39:8f:1b:94:f7:96:c6:31:1d:68:95:71:6b:64:c1:c3:34:
20:b1:67:10:e9:b5:36:d4:21:44:a2:56:45:1a:e4:72:57:b5:
a2:94:bc:90:b6:d5:6d:0c:d3:bb:c4:75:e5:5e:5c:61:d1:2a:
a7:ab:0e:23:64:e7:3e:8d:78:14:78:a6:c1:88:3f:9d:50:a4:
01:ca:f8:fa:41:34:8f:ba:f2:cf:70:ab:d4:74:85:9f:21:bc:
c2:5f:58:dd:9f:56:0a:9b:df:24:77:9a:ac:9c:5e:d5:4a:2c:
0b:56:37:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvAaq7vb2lyCl+ss5kzYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjQ1YmMwZmRiODYyNmJjZTJjMDQyNWM0MDg3YjU0ZTE1
MGQzODYwHhcNMjQwMTAyMTAzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTIwNjhlZWJiNWExM2U2ZGY4ZTVhY2I1Y2E0YzA1ODc0OTE0ZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFSYVtUzHqN6UNl1cmfDOZFy4bok
pfEombafOXyEmCNR6JszAGgUTuuFrls9qqJbbdBRiJzgOiiwhf/MY90o4Dkn4U/H
eDiV5220WPjaXSDUkl3cOvFB9ZstZCP5OpeXwOnOEAwZ1YGQLwoR1d7WMjbakne2
X9iAqWVrBm5UlbSayBkmIBEeRQRKfqlw+GWV3jp33YxHf6xpyfil/BTeRu667g5b
3XJQf/mzqP3JGKUfDymgCxnJU52gmm0jEqeIE/TNtxEBxSt1gOVY+0tOMAGK9TLp
ZyD18tMWl04iy/bgOBhjPR0JgTcVTcsgbSaaqS7T7JEHj0cIYH7aCaXqQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN4gaO67WhPm345ay1ykwFh0kU5dMB8GA1UdIwQY
MBaAFMtkW8D9uGJrziwEJcQIe1ThUNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmIt
ZTg3NTRkMDA1ZWJlLzEvM2lCbzdydGFFLWJmamxyTFhLVEFXSFNSVGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmItZTg3NTRkMDA1ZWJl
LzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudKdMA0G
CSqGSIb3DQEBCwUAA4IBAQCGTGMLkdKbZC3Gr0wWbBIfMYz6yEPc7EIU0nISdeFe
KZWTiXepziV+MQoR97AsadkbWKGyTd7FF2UdSmuyAOVDnc1ZJD/cr5l+38P8hIGe
gnDkwBvdWrKXZGPrRQXS4EYWzx6ZZevyYa+WSsW0mOfJU2vlezjqfZ0tC0em86W+
B0f5ONcSaWQcAowZd02qCNnPOY8blPeWxjEdaJVxa2TBwzQgsWcQ6bU21CFEolZF
GuRyV7WilLyQttVtDNO7xHXlXlxh0Sqnqw4jZOc+jXgUeKbBiD+dUKQByvj6QTSP
uvLPcKvUdIWfIbzCX1jdn1YKm98kd5qsnF7VSiwLVjfX
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:06:49 2024 by rpki-client on console-ams.rpki-client.org