Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/7ab96f-093e-4c52-bf9b-52e151f42c23/1/ilDKw7-E1doCFmV5gdTB66ZBwAg.roa
File: ilDKw7-E1doCFmV5gdTB66ZBwAg.roa (raw, json)
Hash identifier: bHDo+bldPttKDhKsvvOzcdyKBOO2cLviC2PvrAW2Xvs=
Subject key identifier: 8A:50:CA:C3:BF:84:D5:DA:02:16:65:79:81:D4:C1:EB:A6:41:C0:08
Certificate issuer: /CN=a9d29f703b8ec8e93ca48405dee4730eed93c6b2
Certificate serial: 018CC26D0E43923B242BCA2821C00D162D63
Authority key identifier: A9:D2:9F:70:3B:8E:C8:E9:3C:A4:84:05:DE:E4:73:0E:ED:93:C6:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qdKfcDuOyOk8pIQF3uRzDu2TxrI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/7ab96f-093e-4c52-bf9b-52e151f42c23/1/ilDKw7-E1doCFmV5gdTB66ZBwAg.roa
Signing time: Mon 01 Jan 2024 00:29:36 +0000
ROA not before: Mon 01 Jan 2024 00:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212945
IP address blocks: 195.85.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/7ab96f-093e-4c52-bf9b-52e151f42c23/1/qdKfcDuOyOk8pIQF3uRzDu2TxrI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/7ab96f-093e-4c52-bf9b-52e151f42c23/1/qdKfcDuOyOk8pIQF3uRzDu2TxrI.mft
rsync://rpki.ripe.net/repository/DEFAULT/qdKfcDuOyOk8pIQF3uRzDu2TxrI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0e:43:92:3b:24:2b:ca:28:21:c0:0d:16:2d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9d29f703b8ec8e93ca48405dee4730eed93c6b2
Validity
Not Before: Jan 1 00:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a50cac3bf84d5da0216657981d4c1eba641c008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:20:60:37:65:35:d9:52:0b:cd:d5:25:ab:43:
f5:e2:86:ac:2a:6a:6b:37:1f:cf:c1:81:e0:23:25:
1c:47:a3:2a:10:b9:22:6b:ff:ae:6e:b4:e7:8e:f4:
d9:d7:70:47:f6:bd:1c:12:4c:53:7a:26:d3:80:83:
b3:6e:ac:4f:96:7a:19:65:57:2e:30:ff:fe:54:ae:
cc:dc:84:d4:8b:28:84:ce:15:0f:14:28:7f:15:4c:
4d:6a:b0:0d:31:ea:42:1c:93:7e:b6:20:5e:b7:62:
08:28:7b:b9:3e:bd:ba:47:20:8d:29:f8:3f:eb:72:
dd:f7:c4:9a:47:31:42:e9:60:e1:40:bd:c2:58:ca:
1c:bf:8f:f0:b3:91:95:b3:c2:97:fb:57:91:49:11:
71:ed:7a:ee:af:ec:aa:2a:9f:74:53:9e:32:79:2c:
77:f3:3b:82:7f:b4:40:50:06:e9:54:2f:77:59:10:
fc:d5:98:40:d1:e9:54:3e:0d:ce:04:eb:67:7c:33:
96:b9:ca:2a:9d:61:8b:cd:48:2f:ea:7d:47:72:6c:
5d:12:d1:be:0c:20:46:5c:ef:44:51:a4:af:ff:3c:
c6:44:82:37:e9:33:aa:01:a4:e8:68:b4:0e:24:f7:
56:0c:a6:12:90:9b:c3:60:d8:a4:9a:df:9b:4b:45:
67:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:50:CA:C3:BF:84:D5:DA:02:16:65:79:81:D4:C1:EB:A6:41:C0:08
X509v3 Authority Key Identifier:
keyid:A9:D2:9F:70:3B:8E:C8:E9:3C:A4:84:05:DE:E4:73:0E:ED:93:C6:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qdKfcDuOyOk8pIQF3uRzDu2TxrI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/7ab96f-093e-4c52-bf9b-52e151f42c23/1/ilDKw7-E1doCFmV5gdTB66ZBwAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/7ab96f-093e-4c52-bf9b-52e151f42c23/1/qdKfcDuOyOk8pIQF3uRzDu2TxrI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.212.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:78:c7:01:3e:73:20:91:d7:a4:d4:23:5f:3e:8a:e6:70:15:
5d:a5:9b:2d:3a:b0:b0:32:47:6d:42:00:9a:ad:32:7a:14:35:
9e:f4:3b:8f:b6:33:05:b1:ef:22:78:f0:58:99:cd:49:3a:44:
38:34:d5:4a:69:89:5c:b2:04:65:0a:f0:9f:3d:d1:58:ca:9f:
23:93:07:7d:29:29:14:8c:3b:e2:4a:17:9b:a3:6d:be:2d:41:
4f:d0:ea:68:e3:b9:86:76:33:82:28:ba:79:dc:49:61:b1:e9:
71:14:c8:78:b6:77:c7:20:00:93:24:15:38:40:c4:d9:e5:ba:
f8:42:46:f6:7e:c0:f7:e5:45:15:6c:ac:ba:c5:85:ba:78:c0:
bb:dc:e2:3c:e9:f4:a4:26:a2:a3:0f:cc:25:9b:84:e8:ca:bf:
04:3a:8b:04:61:6b:0f:96:86:04:73:a9:0e:b1:c6:bf:0c:8b:
1a:ed:45:3c:cf:3a:b0:e7:ed:d1:ff:d7:01:76:29:3a:f1:da:
9f:ae:32:cf:0b:90:f1:36:46:30:5c:69:a4:8c:29:45:64:23:
42:b5:3c:09:19:ff:d7:53:db:e7:e5:0c:f1:f4:55:d2:b1:5d:
93:76:4a:64:18:fd:1e:af:b8:23:52:29:e2:64:84:7b:81:0f:
bf:e6:11:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbQ5DkjskK8ooIcANFi1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ZDI5ZjcwM2I4ZWM4ZTkzY2E0ODQwNWRlZTQ3MzBlZWQ5
M2M2YjIwHhcNMjQwMTAxMDAyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTUwY2FjM2JmODRkNWRhMDIxNjY1Nzk4MWQ0YzFlYmE2NDFjMDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyBgN2U12VILzdUlq0P14oasKmpr
Nx/PwYHgIyUcR6MqELkia/+ubrTnjvTZ13BH9r0cEkxTeibTgIOzbqxPlnoZZVcu
MP/+VK7M3ITUiyiEzhUPFCh/FUxNarANMepCHJN+tiBet2IIKHu5Pr26RyCNKfg/
63Ld98SaRzFC6WDhQL3CWMocv4/ws5GVs8KX+1eRSRFx7Xrur+yqKp90U54yeSx3
8zuCf7RAUAbpVC93WRD81ZhA0elUPg3OBOtnfDOWucoqnWGLzUgv6n1HcmxdEtG+
DCBGXO9EUaSv/zzGRII36TOqAaToaLQOJPdWDKYSkJvDYNikmt+bS0VnFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpQysO/hNXaAhZleYHUweumQcAIMB8GA1UdIwQY
MBaAFKnSn3A7jsjpPKSEBd7kcw7tk8ayMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWRLZmNEdU95T2s4cElRRjN1UnpEdTJUeHJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83YWI5NmYtMDkzZS00YzUyLWJmOWIt
NTJlMTUxZjQyYzIzLzEvaWxES3c3LUUxZG9DRm1WNWdkVEI2NlpCd0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83YWI5NmYtMDkzZS00YzUyLWJmOWItNTJlMTUxZjQyYzIz
LzEvcWRLZmNEdU95T2s4cElRRjN1UnpEdTJUeHJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1XUMA0G
CSqGSIb3DQEBCwUAA4IBAQAreMcBPnMgkdek1CNfPormcBVdpZstOrCwMkdtQgCa
rTJ6FDWe9DuPtjMFse8iePBYmc1JOkQ4NNVKaYlcsgRlCvCfPdFYyp8jkwd9KSkU
jDviShebo22+LUFP0Opo47mGdjOCKLp53ElhselxFMh4tnfHIACTJBU4QMTZ5br4
Qkb2fsD35UUVbKy6xYW6eMC73OI86fSkJqKjD8wlm4Toyr8EOosEYWsPloYEc6kO
sca/DIsa7UU8zzqw5+3R/9cBdik68dqfrjLPC5DxNkYwXGmkjClFZCNCtTwJGf/X
U9vn5Qzx9FXSsV2TdkpkGP0er7gjUiniZIR7gQ+/5hEi
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:25:06 2024 by rpki-client on console-fra.rpki-client.org