Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/77c532-59c9-412a-aea8-02bd3dcae4ad/1/PlyOY5mqLCGu8pSsgpEKZTKaGWo.roa
File: PlyOY5mqLCGu8pSsgpEKZTKaGWo.roa (raw, json)
Hash identifier: 6sv/uXvlsO3NZ2gXwVpJi81Ow1aVgEWgbcE/bDIqBY8=
Subject key identifier: 3E:5C:8E:63:99:AA:2C:21:AE:F2:94:AC:82:91:0A:65:32:9A:19:6A
Certificate issuer: /CN=634d6eec403eff86b40f9c598091dd4302a9a721
Certificate serial: 01932FEC84EF7DA4B01590A9B765535F86A8
Authority key identifier: 63:4D:6E:EC:40:3E:FF:86:B4:0F:9C:59:80:91:DD:43:02:A9:A7:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y01u7EA-_4a0D5xZgJHdQwKppyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/77c532-59c9-412a-aea8-02bd3dcae4ad/1/PlyOY5mqLCGu8pSsgpEKZTKaGWo.roa
Signing time: Fri 15 Nov 2024 13:04:09 +0000
ROA not before: Fri 15 Nov 2024 13:04:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 185.216.13.0/24 maxlen: 24
2a13:6300::/32 maxlen: 32
2a13:6301::/32 maxlen: 32
2a13:6302::/32 maxlen: 32
2a13:6303::/32 maxlen: 32
2a13:6304::/32 maxlen: 32
2a13:6305::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/77c532-59c9-412a-aea8-02bd3dcae4ad/1/Y01u7EA-_4a0D5xZgJHdQwKppyE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/77c532-59c9-412a-aea8-02bd3dcae4ad/1/Y01u7EA-_4a0D5xZgJHdQwKppyE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y01u7EA-_4a0D5xZgJHdQwKppyE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2f:ec:84:ef:7d:a4:b0:15:90:a9:b7:65:53:5f:86:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=634d6eec403eff86b40f9c598091dd4302a9a721
Validity
Not Before: Nov 15 13:04:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e5c8e6399aa2c21aef294ac82910a65329a196a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b2:d9:29:6c:a2:ec:ad:7d:6f:cf:21:8c:9b:
0e:84:fd:04:e4:52:72:36:de:7a:e8:63:f8:83:c1:
15:5e:48:18:01:57:ce:50:40:09:3f:2c:e8:00:a9:
46:8c:98:32:70:23:93:bd:b3:53:10:55:46:68:bc:
ae:34:3e:49:53:f9:db:3f:65:79:57:68:f3:b9:c4:
71:c7:03:f6:ab:d6:bb:87:48:e7:04:2f:d4:0d:7c:
4a:97:13:7b:f5:1b:1c:5c:49:18:3c:56:1f:0e:d8:
9d:7d:b1:36:25:d0:2d:2e:24:16:74:58:1a:5b:40:
7d:1f:98:4c:ea:9b:91:f0:ef:91:1d:64:b8:58:6a:
ec:20:13:52:6d:d3:20:06:8d:6f:72:c4:ce:e2:a9:
a7:d4:7f:86:5e:18:fa:54:6d:45:42:fe:b3:7b:45:
02:06:61:a1:d7:a5:ef:96:ee:5d:de:bc:36:ce:1c:
03:ba:34:37:e9:94:7b:e6:b7:9f:80:4f:db:ca:3e:
91:b7:eb:ad:08:48:81:b4:11:30:be:e4:f9:a8:88:
1b:60:a0:87:6c:65:f6:3a:0b:70:e4:31:28:ab:ed:
6c:c2:fe:d4:c0:09:65:d7:33:7c:6e:23:06:93:4b:
dd:ca:05:39:aa:7f:62:d3:bb:df:7b:ca:6a:d8:22:
53:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5C:8E:63:99:AA:2C:21:AE:F2:94:AC:82:91:0A:65:32:9A:19:6A
X509v3 Authority Key Identifier:
keyid:63:4D:6E:EC:40:3E:FF:86:B4:0F:9C:59:80:91:DD:43:02:A9:A7:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y01u7EA-_4a0D5xZgJHdQwKppyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/77c532-59c9-412a-aea8-02bd3dcae4ad/1/PlyOY5mqLCGu8pSsgpEKZTKaGWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/77c532-59c9-412a-aea8-02bd3dcae4ad/1/Y01u7EA-_4a0D5xZgJHdQwKppyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.13.0/24
IPv6:
2a13:6300::-2a13:6305:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1b:4b:69:bc:31:38:cc:03:75:75:fa:bd:9d:45:55:07:93:64:
77:5d:7f:3c:7e:6f:26:c7:3a:6d:6f:eb:a5:82:d1:b3:9a:f7:
d7:65:f5:a3:60:d0:ae:9b:fa:e4:24:f7:f0:e9:ba:c6:c4:be:
81:30:06:3d:e9:4b:0d:fd:19:a1:7c:ce:81:5f:5f:fb:74:99:
c5:46:5c:de:a8:96:e9:d1:59:b0:76:10:aa:19:33:d9:48:10:
60:ad:22:08:3e:5d:61:2b:6a:6e:a7:11:9d:36:69:8c:a1:9e:
7b:7b:3b:22:3d:c1:37:7f:9a:00:b5:6c:0a:a7:e6:ac:f5:00:
b4:8f:14:49:43:1e:a8:f6:35:64:54:0a:f1:8b:51:f7:33:e5:
26:79:f5:4e:b1:80:12:76:cd:5b:11:4e:e3:1e:4b:a2:8e:de:
46:a2:46:19:6a:ad:c3:3e:09:fe:99:97:b5:78:ec:90:99:e7:
09:6b:2a:94:11:6c:2e:3c:73:b5:7c:8a:95:30:28:d1:da:ba:
91:76:9a:0a:c8:a4:6a:2b:97:5d:d3:63:b6:0c:91:e8:c7:aa:
af:29:97:9f:60:40:b1:35:f4:e3:ed:d8:76:c5:38:37:ef:9c:
d5:ad:89:19:2c:35:56:3c:3c:34:b0:4f:c7:eb:ee:39:cc:fe:
d0:dc:b4:03
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZMv7ITvfaSwFZCpt2VTX4aoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNGQ2ZWVjNDAzZWZmODZiNDBmOWM1OTgwOTFkZDQzMDJh
OWE3MjEwHhcNMjQxMTE1MTMwNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTVjOGU2Mzk5YWEyYzIxYWVmMjk0YWM4MjkxMGE2NTMyOWExOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LLZKWyi7K19b88hjJsOhP0E5FJy
Nt566GP4g8EVXkgYAVfOUEAJPyzoAKlGjJgycCOTvbNTEFVGaLyuND5JU/nbP2V5
V2jzucRxxwP2q9a7h0jnBC/UDXxKlxN79RscXEkYPFYfDtidfbE2JdAtLiQWdFga
W0B9H5hM6puR8O+RHWS4WGrsIBNSbdMgBo1vcsTO4qmn1H+GXhj6VG1FQv6ze0UC
BmGh16Xvlu5d3rw2zhwDujQ36ZR75refgE/byj6Rt+utCEiBtBEwvuT5qIgbYKCH
bGX2Ogtw5DEoq+1swv7UwAll1zN8biMGk0vdygU5qn9i07vfe8pq2CJTywIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFD5cjmOZqiwhrvKUrIKRCmUymhlqMB8GA1UdIwQY
MBaAFGNNbuxAPv+GtA+cWYCR3UMCqachMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTAxdTdFQS1fNGEwRDV4WmdKSGRRd0twcHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi83N2M1MzItNTljOS00MTJhLWFlYTgt
MDJiZDNkY2FlNGFkLzEvUGx5T1k1bXFMQ0d1OHBTc2dwRUtaVEthR1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi83N2M1MzItNTljOS00MTJhLWFlYTgtMDJiZDNkY2FlNGFk
LzEvWTAxdTdFQS1fNGEwRDV4WmdKSGRRd0twcHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAudgNMBUE
AgACMA8wDQMEACoTYwMFASoTYwQwDQYJKoZIhvcNAQELBQADggEBABtLabwxOMwD
dXX6vZ1FVQeTZHddfzx+bybHOm1v66WC0bOa99dl9aNg0K6b+uQk9/DpusbEvoEw
Bj3pSw39GaF8zoFfX/t0mcVGXN6olunRWbB2EKoZM9lIEGCtIgg+XWEram6nEZ02
aYyhnnt7OyI9wTd/mgC1bAqn5qz1ALSPFElDHqj2NWRUCvGLUfcz5SZ59U6xgBJ2
zVsRTuMeS6KO3kaiRhlqrcM+Cf6Zl7V47JCZ5wlrKpQRbC48c7V8ipUwKNHaupF2
mgrIpGorl13TY7YMkejHqq8pl59gQLE19OPt2HbFODfvnNWtiRksNVY8PDSwT8fr
7jnM/tDctAM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:29:12 2024 by rpki-client on console-ams.rpki-client.org