Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/0a206f-1acd-495d-a8b7-6494e20e2b05/1/Q9MevEdaS2ZSUgd0la7QmlLz8iw.roa
File: Q9MevEdaS2ZSUgd0la7QmlLz8iw.roa (raw, json)
Hash identifier: fiyOCAGIgoP53XSKart7+AVgUc/HySM3K4kJnu3cs+0=
Subject key identifier: 43:D3:1E:BC:47:5A:4B:66:52:52:07:74:95:AE:D0:9A:52:F3:F2:2C
Certificate issuer: /CN=6034561c039ac6450bec8fd595c148cc770aa036
Certificate serial: 0192C31C0A450E8CBF67851D891E630E6165
Authority key identifier: 60:34:56:1C:03:9A:C6:45:0B:EC:8F:D5:95:C1:48:CC:77:0A:A0:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YDRWHAOaxkUL7I_VlcFIzHcKoDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/0a206f-1acd-495d-a8b7-6494e20e2b05/1/Q9MevEdaS2ZSUgd0la7QmlLz8iw.roa
Signing time: Fri 25 Oct 2024 09:57:27 +0000
ROA not before: Fri 25 Oct 2024 09:57:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211991
IP address blocks: 185.233.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/0a206f-1acd-495d-a8b7-6494e20e2b05/1/YDRWHAOaxkUL7I_VlcFIzHcKoDY.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/0a206f-1acd-495d-a8b7-6494e20e2b05/1/YDRWHAOaxkUL7I_VlcFIzHcKoDY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YDRWHAOaxkUL7I_VlcFIzHcKoDY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:1c:0a:45:0e:8c:bf:67:85:1d:89:1e:63:0e:61:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6034561c039ac6450bec8fd595c148cc770aa036
Validity
Not Before: Oct 25 09:57:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43d31ebc475a4b665252077495aed09a52f3f22c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3e:5d:86:9f:41:c8:7b:b5:c6:8f:2b:1d:c2:
4a:6e:58:af:94:c9:1b:fa:21:da:a3:f6:5e:07:e9:
35:e9:d8:13:3c:e9:4b:66:53:87:b5:b1:45:51:3d:
c7:c7:12:21:f7:f0:8c:47:21:53:82:5a:a9:24:6d:
37:3f:b4:83:4a:38:e0:72:f6:1b:82:c7:60:db:11:
cd:0e:7d:f4:ad:33:56:9b:b3:bb:92:95:42:77:f4:
35:37:c6:72:ed:a0:28:05:bc:b6:81:ee:86:88:db:
27:c9:61:4a:be:e5:4d:94:38:f9:77:30:8c:06:05:
b0:c5:61:ee:6e:0e:22:95:a9:d9:49:a2:af:80:81:
bb:42:b2:c0:c3:04:bf:3c:cf:63:3c:0c:e7:df:cf:
7c:b5:2f:68:7c:d6:57:8f:5f:8b:fb:78:e6:7b:22:
42:be:4a:16:bf:d8:ee:2d:7c:82:31:b2:06:83:69:
c9:23:c8:57:eb:ea:99:ff:16:b5:de:06:f0:d9:ff:
01:65:dd:1c:03:9b:6a:8e:51:c1:f0:a0:4b:51:f7:
1c:a3:b6:64:8e:bc:28:7f:18:50:62:54:24:e6:83:
2b:5a:be:a1:7a:fa:e8:f6:64:32:88:08:1a:15:f8:
f4:13:7b:f0:b1:66:7e:c2:a6:52:35:43:7e:c3:f0:
f4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D3:1E:BC:47:5A:4B:66:52:52:07:74:95:AE:D0:9A:52:F3:F2:2C
X509v3 Authority Key Identifier:
keyid:60:34:56:1C:03:9A:C6:45:0B:EC:8F:D5:95:C1:48:CC:77:0A:A0:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRWHAOaxkUL7I_VlcFIzHcKoDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0a206f-1acd-495d-a8b7-6494e20e2b05/1/Q9MevEdaS2ZSUgd0la7QmlLz8iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/0a206f-1acd-495d-a8b7-6494e20e2b05/1/YDRWHAOaxkUL7I_VlcFIzHcKoDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.65.0/24
Signature Algorithm: sha256WithRSAEncryption
72:fb:51:9a:58:48:f0:7a:af:bb:af:67:ef:02:d5:4e:21:fb:
9f:a7:64:32:37:a4:d9:74:77:11:8d:01:9d:6c:2a:27:57:47:
0b:d6:30:ff:e3:c3:9a:c8:71:f6:0d:2b:42:57:f7:16:56:00:
f3:fd:94:08:42:0a:bb:3f:b5:9c:0e:ad:1b:e6:3a:2c:6a:bb:
5a:df:c3:ae:fa:ef:29:51:33:f4:15:6a:1a:3b:50:dc:c4:c5:
68:0c:9f:49:86:56:26:aa:e0:66:ee:ae:64:61:58:91:35:cc:
9c:94:88:d9:fc:58:bb:87:fe:da:b5:d5:66:bc:e0:00:71:91:
b9:24:2f:22:8c:24:c0:87:73:bb:8e:39:3d:b4:1f:37:b9:55:
c6:f9:74:d7:41:2f:a4:52:ef:5c:95:4e:0a:14:bd:f4:41:e8:
07:5a:2a:8c:d3:a0:f8:e1:ab:e2:93:44:f9:6e:01:96:d6:c8:
f6:8f:dd:f7:ba:9a:6d:fb:7b:28:30:18:78:57:95:63:58:93:
b3:85:84:c8:ab:51:ab:43:68:96:e0:16:45:06:ad:df:26:99:
63:d7:3a:a0:8b:c4:c4:85:d5:9a:41:ec:32:c3:67:8a:96:0d:
fa:c7:76:87:11:61:6c:82:32:70:50:61:cf:43:0a:fa:4d:5d:
81:29:e1:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLDHApFDoy/Z4UdiR5jDmFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ1NjFjMDM5YWM2NDUwYmVjOGZkNTk1YzE0OGNjNzcw
YWEwMzYwHhcNMjQxMDI1MDk1NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2QzMWViYzQ3NWE0YjY2NTI1MjA3NzQ5NWFlZDA5YTUyZjNmMjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz5dhp9ByHu1xo8rHcJKblivlMkb
+iHao/ZeB+k16dgTPOlLZlOHtbFFUT3HxxIh9/CMRyFTglqpJG03P7SDSjjgcvYb
gsdg2xHNDn30rTNWm7O7kpVCd/Q1N8Zy7aAoBby2ge6GiNsnyWFKvuVNlDj5dzCM
BgWwxWHubg4ilanZSaKvgIG7QrLAwwS/PM9jPAzn3898tS9ofNZXj1+L+3jmeyJC
vkoWv9juLXyCMbIGg2nJI8hX6+qZ/xa13gbw2f8BZd0cA5tqjlHB8KBLUfcco7Zk
jrwofxhQYlQk5oMrWr6hevro9mQyiAgaFfj0E3vwsWZ+wqZSNUN+w/D0NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPTHrxHWktmUlIHdJWu0JpS8/IsMB8GA1UdIwQY
MBaAFGA0VhwDmsZFC+yP1ZXBSMx3CqA2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSV0hBT2F4a1VMN0lfVmxjRkl6SGNLb0RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wYTIwNmYtMWFjZC00OTVkLWE4Yjct
NjQ5NGUyMGUyYjA1LzEvUTlNZXZFZGFTMlpTVWdkMGxhN1FtbEx6OGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wYTIwNmYtMWFjZC00OTVkLWE4YjctNjQ5NGUyMGUyYjA1
LzEvWURSV0hBT2F4a1VMN0lfVmxjRkl6SGNLb0RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuelBMA0G
CSqGSIb3DQEBCwUAA4IBAQBy+1GaWEjweq+7r2fvAtVOIfufp2QyN6TZdHcRjQGd
bConV0cL1jD/48OayHH2DStCV/cWVgDz/ZQIQgq7P7WcDq0b5josarta38Ou+u8p
UTP0FWoaO1DcxMVoDJ9JhlYmquBm7q5kYViRNcyclIjZ/Fi7h/7atdVmvOAAcZG5
JC8ijCTAh3O7jjk9tB83uVXG+XTXQS+kUu9clU4KFL30QegHWiqM06D44avik0T5
bgGW1sj2j933uppt+3soMBh4V5VjWJOzhYTIq1GrQ2iW4BZFBq3fJplj1zqgi8TE
hdWaQewyw2eKlg36x3aHEWFsgjJwUGHPQwr6TV2BKeEc
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:33:31 2024 by rpki-client on console-ams.rpki-client.org