Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/o_hJ2HiXuU9WzCOqJNXx_RR71UY.roa
File: o_hJ2HiXuU9WzCOqJNXx_RR71UY.roa (raw, json)
Hash identifier: qPFZm8g8mTBXy/p62YB/ypMK59Zqifa+y8Y3Kg6ZlsE=
Subject key identifier: A3:F8:49:D8:78:97:B9:4F:56:CC:23:AA:24:D5:F1:FD:14:7B:D5:46
Certificate issuer: /CN=4d88eb730ab1a501ea36ea3482d764544e141111
Certificate serial: 018CC5014CEE4FEF70C0A1EBF7D9C7A394DA
Authority key identifier: 4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/o_hJ2HiXuU9WzCOqJNXx_RR71UY.roa
Signing time: Mon 01 Jan 2024 12:30:45 +0000
ROA not before: Mon 01 Jan 2024 12:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 185.56.85.0/24 maxlen: 24
185.56.84.0/24 maxlen: 24
185.56.86.0/24 maxlen: 24
185.56.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.mft
rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4c:ee:4f:ef:70:c0:a1:eb:f7:d9:c7:a3:94:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d88eb730ab1a501ea36ea3482d764544e141111
Validity
Not Before: Jan 1 12:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3f849d87897b94f56cc23aa24d5f1fd147bd546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:09:a0:ad:24:af:91:d0:52:f5:73:48:f7:9d:
ec:10:54:33:f4:5f:ff:d6:45:f9:72:04:93:20:57:
9e:70:1f:0e:99:5a:26:19:1d:65:6a:c7:f6:e6:8f:
f1:c7:c6:26:b8:04:7b:63:c0:db:e1:b9:9d:af:6c:
aa:ec:50:86:46:e9:fe:42:02:37:e1:69:52:0e:d5:
cd:38:de:a1:48:36:2a:53:73:fc:00:8e:25:ce:69:
a7:d4:85:7a:f0:bf:b6:a2:ed:a2:bd:1a:13:2c:e1:
04:bd:a1:0c:4e:ab:67:eb:2f:70:04:83:06:8f:98:
68:11:0c:3f:46:67:c2:bb:e8:9f:fa:ef:15:c9:ca:
9a:f2:6b:15:a6:5c:24:7b:f8:10:5b:e7:f3:f4:01:
86:7e:8c:4a:1b:8a:49:99:b4:3e:88:ef:c1:8b:e8:
58:95:29:7b:4d:27:34:cb:40:56:44:86:da:35:3a:
7f:48:6e:40:5c:54:c3:f9:32:78:f3:1c:e1:fe:95:
4d:89:c1:f9:0c:64:d3:c0:3f:c5:b6:76:a5:97:8f:
5e:a1:05:35:f8:52:5d:04:20:98:11:f9:9b:e3:5e:
ad:b7:4d:04:e2:c1:54:aa:a1:27:70:80:71:b0:08:
d0:9c:3a:f4:07:7c:5b:3f:c4:f3:e1:cb:a9:6a:f5:
91:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F8:49:D8:78:97:B9:4F:56:CC:23:AA:24:D5:F1:FD:14:7B:D5:46
X509v3 Authority Key Identifier:
keyid:4D:88:EB:73:0A:B1:A5:01:EA:36:EA:34:82:D7:64:54:4E:14:11:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYjrcwqxpQHqNuo0gtdkVE4UERE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/o_hJ2HiXuU9WzCOqJNXx_RR71UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/c493ee-f66e-4208-a31d-726f83d23892/1/TYjrcwqxpQHqNuo0gtdkVE4UERE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.84.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:1f:08:ee:22:36:90:04:04:2c:55:79:52:f1:2a:7a:f9:17:
f9:0c:5a:92:a0:45:ae:7c:aa:c2:be:d9:fb:e5:ec:ae:44:4d:
0d:e0:e2:6c:4c:5d:b4:92:8b:e0:c3:be:59:ee:e8:f0:91:c6:
64:cf:f6:33:e9:42:f2:71:32:58:5d:d8:fd:52:34:74:87:c3:
f9:36:fb:cd:f2:70:0b:c7:f9:9e:a2:3f:7e:c2:37:78:ae:09:
32:be:83:21:02:fa:58:8b:c7:0c:2f:b3:20:9c:2f:8f:ef:b6:
d8:58:4b:51:2d:dc:88:34:90:85:50:48:c4:2e:cc:a5:1c:b3:
aa:e8:89:e9:7a:9e:a2:9f:c9:54:f1:a1:e6:bd:0e:fa:27:c9:
72:06:93:68:9d:28:25:a6:98:52:1a:2f:c6:01:7b:71:88:0a:
7b:dc:c7:a2:cc:12:9e:d0:ba:9f:2a:49:8e:f5:2f:39:0d:2d:
03:39:34:9f:fc:cc:a1:db:86:83:4e:e5:d9:61:7c:d2:b5:4d:
85:f7:ab:92:bc:eb:d7:f2:90:b2:71:09:d4:5d:01:0e:8b:60:
d0:68:b6:d3:20:f9:6d:2c:9c:e5:b2:d7:93:b4:85:19:4d:e4:
8c:19:73:d1:99:96:c2:77:54:6d:74:4e:62:70:9f:35:8f:22:
7d:2b:05:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAUzuT+9wwKHr99nHo5TaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkODhlYjczMGFiMWE1MDFlYTM2ZWEzNDgyZDc2NDU0NGUx
NDExMTEwHhcNMjQwMTAxMTIzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y4NDlkODc4OTdiOTRmNTZjYzIzYWEyNGQ1ZjFmZDE0N2JkNTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AmgrSSvkdBS9XNI953sEFQz9F//
1kX5cgSTIFeecB8OmVomGR1lasf25o/xx8YmuAR7Y8Db4bmdr2yq7FCGRun+QgI3
4WlSDtXNON6hSDYqU3P8AI4lzmmn1IV68L+2ou2ivRoTLOEEvaEMTqtn6y9wBIMG
j5hoEQw/RmfCu+if+u8Vycqa8msVplwke/gQW+fz9AGGfoxKG4pJmbQ+iO/Bi+hY
lSl7TSc0y0BWRIbaNTp/SG5AXFTD+TJ48xzh/pVNicH5DGTTwD/Ftnall49eoQU1
+FJdBCCYEfmb416tt00E4sFUqqEncIBxsAjQnDr0B3xbP8Tz4cupavWRewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKP4Sdh4l7lPVswjqiTV8f0Ue9VGMB8GA1UdIwQY
MBaAFE2I63MKsaUB6jbqNILXZFROFBERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQt
NzI2ZjgzZDIzODkyLzEvb19oSjJIaVh1VTlXekNPcUpOWHhfUlI3MVVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jNDkzZWUtZjY2ZS00MjA4LWEzMWQtNzI2ZjgzZDIzODky
LzEvVFlqcmN3cXhwUUhxTnVvMGd0ZGtWRTRVRVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuThUMA0G
CSqGSIb3DQEBCwUAA4IBAQAPHwjuIjaQBAQsVXlS8Sp6+Rf5DFqSoEWufKrCvtn7
5eyuRE0N4OJsTF20kovgw75Z7ujwkcZkz/Yz6ULycTJYXdj9UjR0h8P5NvvN8nAL
x/meoj9+wjd4rgkyvoMhAvpYi8cML7MgnC+P77bYWEtRLdyINJCFUEjELsylHLOq
6Inpep6in8lU8aHmvQ76J8lyBpNonSglpphSGi/GAXtxiAp73MeizBKe0LqfKkmO
9S85DS0DOTSf/Myh24aDTuXZYXzStU2F96uSvOvX8pCycQnUXQEOi2DQaLbTIPlt
LJzlsteTtIUZTeSMGXPRmZbCd1RtdE5icJ81jyJ9KwWh
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:14:50 2024 by rpki-client on console-ams.rpki-client.org