Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f0971a-8891-4b53-944c-5be9e117dbda/1/Phql4pegaP-8g_PnIHgfMUaaJuk.roa
File: Phql4pegaP-8g_PnIHgfMUaaJuk.roa (raw, json)
Hash identifier: pvXolEsHMj4/pGHELgtk3XFYd/G9tHlwva1rJ5nPZSA=
Subject key identifier: 3E:1A:A5:E2:97:A0:68:FF:BC:83:F3:E7:20:78:1F:31:46:9A:26:E9
Certificate issuer: /CN=6583d322ef24c87198b765ea1d1c42c283a7f8f6
Certificate serial: 018CC870C21788AA443F3245F08FF0073BD3
Authority key identifier: 65:83:D3:22:EF:24:C8:71:98:B7:65:EA:1D:1C:42:C2:83:A7:F8:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYPTIu8kyHGYt2XqHRxCwoOn-PY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f0971a-8891-4b53-944c-5be9e117dbda/1/Phql4pegaP-8g_PnIHgfMUaaJuk.roa
Signing time: Tue 02 Jan 2024 04:31:22 +0000
ROA not before: Tue 02 Jan 2024 04:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209209
IP address blocks: 185.232.44.0/24 maxlen: 24
2a11:fe80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f0971a-8891-4b53-944c-5be9e117dbda/1/ZYPTIu8kyHGYt2XqHRxCwoOn-PY.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f0971a-8891-4b53-944c-5be9e117dbda/1/ZYPTIu8kyHGYt2XqHRxCwoOn-PY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZYPTIu8kyHGYt2XqHRxCwoOn-PY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:c2:17:88:aa:44:3f:32:45:f0:8f:f0:07:3b:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6583d322ef24c87198b765ea1d1c42c283a7f8f6
Validity
Not Before: Jan 2 04:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e1aa5e297a068ffbc83f3e720781f31469a26e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8a:e7:6d:d0:37:b9:62:88:e1:65:e3:85:7d:
c3:d8:33:b3:d0:03:e7:07:7e:af:30:24:7f:d8:9b:
fa:ef:00:34:43:30:49:14:b8:57:65:ea:8a:54:44:
3b:d5:43:06:8e:3e:97:68:c4:e2:2e:17:57:a8:0e:
06:90:86:86:9d:19:c4:0a:7d:21:79:4d:29:45:85:
eb:56:59:05:d2:30:ed:a4:a2:58:44:00:9c:3e:a9:
0c:9e:eb:8c:51:55:7a:cf:6f:f6:d0:d6:71:50:0e:
94:00:e9:bf:7b:21:37:34:3a:92:2d:2d:ae:83:64:
73:dc:a3:41:63:7a:b2:ce:4f:c7:f5:c3:ba:d3:98:
f3:c9:f6:f2:ba:54:cf:12:a5:18:5c:78:db:67:a9:
34:0a:89:32:9c:06:c2:7a:00:b6:8c:37:7e:fa:08:
96:66:20:69:72:f1:b0:0c:90:02:99:9d:70:67:6a:
25:9f:df:dd:4e:84:a8:5c:7c:86:bf:2b:5b:47:a0:
d9:b9:be:0e:f4:78:e7:9e:86:ad:4d:b0:f1:ce:a1:
55:54:5c:16:5d:1a:80:97:0a:1d:11:a6:ba:4f:7c:
a9:61:d8:04:2f:d5:30:69:bb:3a:2e:58:bc:f6:fe:
89:77:99:2c:84:a7:60:71:c7:7e:0f:99:f7:c8:5a:
35:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:1A:A5:E2:97:A0:68:FF:BC:83:F3:E7:20:78:1F:31:46:9A:26:E9
X509v3 Authority Key Identifier:
keyid:65:83:D3:22:EF:24:C8:71:98:B7:65:EA:1D:1C:42:C2:83:A7:F8:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYPTIu8kyHGYt2XqHRxCwoOn-PY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f0971a-8891-4b53-944c-5be9e117dbda/1/Phql4pegaP-8g_PnIHgfMUaaJuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f0971a-8891-4b53-944c-5be9e117dbda/1/ZYPTIu8kyHGYt2XqHRxCwoOn-PY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.44.0/24
IPv6:
2a11:fe80::/32
Signature Algorithm: sha256WithRSAEncryption
42:d4:e9:41:16:3b:e1:09:77:22:cd:68:b5:aa:55:1c:55:62:
1e:86:ec:ba:ee:5b:b8:d7:4d:c0:06:75:e5:f6:1a:a6:8d:61:
2a:6d:41:bd:f6:38:35:d3:2b:b8:52:a9:5a:41:3c:97:e5:7b:
0c:b8:a6:3d:28:d7:42:d3:1a:c9:f4:0a:a6:3b:6d:02:70:46:
a6:3d:11:bd:fa:97:a7:ef:de:b0:92:8a:4b:01:e8:88:b3:97:
74:8e:4f:77:98:bf:3d:a7:91:3e:7d:fa:0c:08:bd:f2:b9:d4:
b2:67:0b:3a:ea:6d:fc:3a:aa:15:51:ce:7b:02:41:ec:7c:f7:
cb:7f:55:e9:a8:6a:c0:e6:22:d7:4f:d0:e5:bf:d5:34:b3:d4:
c2:d6:53:63:9e:59:9b:21:de:be:9d:e6:8a:7e:63:90:4c:14:
e0:86:ac:3d:42:6d:15:ac:94:b5:d1:21:a9:bf:e1:74:59:22:
72:14:6a:82:06:e0:84:40:31:e6:ae:44:17:6c:fc:0b:59:a0:
4e:3a:8c:aa:4e:0f:93:f2:3c:f4:ea:11:e0:b2:73:4d:b9:8e:
fb:f5:1b:01:d3:80:c7:44:56:99:a5:1d:41:1c:77:73:2a:aa:
60:02:05:b6:47:ce:0e:8d:70:37:92:5b:cf:99:db:ff:fb:53:
cb:09:cd:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcMIXiKpEPzJF8I/wBzvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODNkMzIyZWYyNGM4NzE5OGI3NjVlYTFkMWM0MmMyODNh
N2Y4ZjYwHhcNMjQwMTAyMDQzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTFhYTVlMjk3YTA2OGZmYmM4M2YzZTcyMDc4MWYzMTQ2OWEyNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYrnbdA3uWKI4WXjhX3D2DOz0APn
B36vMCR/2Jv67wA0QzBJFLhXZeqKVEQ71UMGjj6XaMTiLhdXqA4GkIaGnRnECn0h
eU0pRYXrVlkF0jDtpKJYRACcPqkMnuuMUVV6z2/20NZxUA6UAOm/eyE3NDqSLS2u
g2Rz3KNBY3qyzk/H9cO605jzyfbyulTPEqUYXHjbZ6k0CokynAbCegC2jDd++giW
ZiBpcvGwDJACmZ1wZ2oln9/dToSoXHyGvytbR6DZub4O9HjnnoatTbDxzqFVVFwW
XRqAlwodEaa6T3ypYdgEL9Uwabs6Lli89v6Jd5kshKdgccd+D5n3yFo1xwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD4apeKXoGj/vIPz5yB4HzFGmibpMB8GA1UdIwQY
MBaAFGWD0yLvJMhxmLdl6h0cQsKDp/j2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllQVEl1OGt5SEdZdDJYcUhSeEN3b09uLVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDk3MWEtODg5MS00YjUzLTk0NGMt
NWJlOWUxMTdkYmRhLzEvUGhxbDRwZWdhUC04Z19QbklIZ2ZNVWFhSnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDk3MWEtODg5MS00YjUzLTk0NGMtNWJlOWUxMTdkYmRh
LzEvWllQVEl1OGt5SEdZdDJYcUhSeEN3b09uLVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuegsMA0E
AgACMAcDBQAqEf6AMA0GCSqGSIb3DQEBCwUAA4IBAQBC1OlBFjvhCXcizWi1qlUc
VWIehuy67lu4103ABnXl9hqmjWEqbUG99jg10yu4UqlaQTyX5XsMuKY9KNdC0xrJ
9AqmO20CcEamPRG9+pen796wkopLAeiIs5d0jk93mL89p5E+ffoMCL3yudSyZws6
6m38OqoVUc57AkHsfPfLf1XpqGrA5iLXT9Dlv9U0s9TC1lNjnlmbId6+neaKfmOQ
TBTghqw9Qm0VrJS10SGpv+F0WSJyFGqCBuCEQDHmrkQXbPwLWaBOOoyqTg+T8jz0
6hHgsnNNuY779RsB04DHRFaZpR1BHHdzKqpgAgW2R84OjXA3klvPmdv/+1PLCc2l
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:09:57 2024 by rpki-client on console-ams.rpki-client.org