Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/1V0SIb1YQCUIdn6z0bt7Fur5gmQ.roa
File: 1V0SIb1YQCUIdn6z0bt7Fur5gmQ.roa (raw, json)
Hash identifier: KDjWA35utE2XbamX7W7gvqafYqSUj23PtLgyvGYxbx0=
Subject key identifier: D5:5D:12:21:BD:58:40:25:08:76:7E:B3:D1:BB:7B:16:EA:F9:82:64
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018D649EF93ACF4257AAB3A543EDDA80AB7C
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/1V0SIb1YQCUIdn6z0bt7Fur5gmQ.roa
Signing time: Thu 01 Feb 2024 12:22:36 +0000
ROA not before: Thu 01 Feb 2024 12:22:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212667
IP address blocks: 85.235.81.0/24 maxlen: 24
192.109.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:9e:f9:3a:cf:42:57:aa:b3:a5:43:ed:da:80:ab:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Feb 1 12:22:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d55d1221bd58402508767eb3d1bb7b16eaf98264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e7:89:09:e6:cb:1a:df:b3:ee:b1:c3:27:dc:
6c:5c:57:ca:68:3d:7a:fc:63:94:97:ef:a2:78:33:
fb:a3:87:5b:94:a2:42:dc:9a:89:5c:03:29:8a:9f:
6c:2d:07:72:6f:89:51:32:e6:7c:7f:9e:f9:47:81:
38:e3:7f:04:0b:f6:bd:30:a9:d8:5d:15:4d:f0:80:
bc:f1:45:6f:96:77:1d:99:db:23:c6:33:4f:99:04:
18:eb:77:26:87:5d:d1:f4:22:4d:0a:11:bb:0f:3d:
52:a3:bb:6f:ae:47:3c:be:8c:09:aa:9e:67:df:c4:
88:09:4a:5f:f2:7d:d8:d5:24:99:64:99:df:a5:47:
73:f5:0a:a3:3e:0c:27:c5:c2:52:36:92:1a:55:6a:
70:1a:a6:5b:05:88:04:bb:85:1e:eb:50:9b:83:00:
82:bc:9d:8c:74:32:de:37:53:9e:00:a6:41:b0:a8:
c9:d8:39:aa:ec:0c:db:e4:fb:14:07:5d:3f:37:53:
ba:2c:d6:16:3e:97:fd:b9:58:f3:a8:5a:e6:28:d5:
5e:1b:cb:66:4a:15:34:dd:90:dd:b2:9c:a5:e8:f1:
c2:f4:05:90:71:fe:44:75:1d:0b:6e:7c:93:34:18:
dd:63:9b:2e:db:c6:87:cb:9f:cf:ce:ea:0f:77:6e:
1f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:5D:12:21:BD:58:40:25:08:76:7E:B3:D1:BB:7B:16:EA:F9:82:64
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/1V0SIb1YQCUIdn6z0bt7Fur5gmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.81.0/24
192.109.97.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:db:a9:d8:8e:ef:03:dd:60:b5:44:ba:e7:d1:b4:c8:95:92:
f5:85:de:3e:2c:33:0a:34:f6:99:d1:ba:1a:05:91:0f:e6:eb:
89:45:61:1a:55:96:8b:0f:8b:de:4f:b5:2e:8a:a3:a5:8f:0c:
47:2a:aa:89:f0:3a:00:66:1d:fd:f9:bd:36:6e:f0:df:31:5c:
9e:71:50:6e:50:6a:aa:e3:72:87:2b:4b:eb:38:07:88:01:54:
95:e2:6e:f0:86:81:e2:09:44:e5:09:87:67:be:9f:e7:97:cb:
1d:2c:93:82:7e:fb:3a:70:42:de:d0:e1:ca:cc:7d:5b:bb:4d:
75:3a:d6:bf:79:f9:9e:1c:e0:1b:b9:eb:42:7a:3b:39:54:57:
dd:1c:19:7f:60:56:45:4b:48:da:3b:25:f1:2e:92:84:6d:99:
1a:f6:de:55:c2:84:9e:10:87:82:2f:83:94:0f:3e:e5:5e:88:
0e:b1:34:d3:8b:44:81:48:03:d9:fd:32:61:c4:18:db:dc:e1:
49:44:7e:3c:cb:2d:ae:8b:5c:04:b6:04:95:df:15:49:38:65:
19:36:c7:d5:e7:c7:48:f0:49:9f:ba:e1:f9:9c:d2:99:38:72:
5f:e4:24:09:59:3c:0d:c7:54:6d:32:dd:d9:4d:ea:7d:3c:8e:
4e:13:c9:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1knvk6z0JXqrOlQ+3agKt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwMjAxMTIyMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTVkMTIyMWJkNTg0MDI1MDg3NjdlYjNkMWJiN2IxNmVhZjk4MjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOeJCebLGt+z7rHDJ9xsXFfKaD16
/GOUl++ieDP7o4dblKJC3JqJXAMpip9sLQdyb4lRMuZ8f575R4E4438EC/a9MKnY
XRVN8IC88UVvlncdmdsjxjNPmQQY63cmh13R9CJNChG7Dz1So7tvrkc8vowJqp5n
38SICUpf8n3Y1SSZZJnfpUdz9QqjPgwnxcJSNpIaVWpwGqZbBYgEu4Ue61CbgwCC
vJ2MdDLeN1OeAKZBsKjJ2Dmq7Azb5PsUB10/N1O6LNYWPpf9uVjzqFrmKNVeG8tm
ShU03ZDdspyl6PHC9AWQcf5EdR0LbnyTNBjdY5su28aHy5/PzuoPd24fywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNVdEiG9WEAlCHZ+s9G7exbq+YJkMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvMVYwU0liMVlRQ1VJZG42ejBidDdGdXI1Z21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVetRAwQA
wG1hMA0GCSqGSIb3DQEBCwUAA4IBAQAu26nYju8D3WC1RLrn0bTIlZL1hd4+LDMK
NPaZ0boaBZEP5uuJRWEaVZaLD4veT7UuiqOljwxHKqqJ8DoAZh39+b02bvDfMVye
cVBuUGqq43KHK0vrOAeIAVSV4m7whoHiCUTlCYdnvp/nl8sdLJOCfvs6cELe0OHK
zH1bu011Ota/efmeHOAbuetCejs5VFfdHBl/YFZFS0jaOyXxLpKEbZka9t5VwoSe
EIeCL4OUDz7lXogOsTTTi0SBSAPZ/TJhxBjb3OFJRH48yy2ui1wEtgSV3xVJOGUZ
NsfV58dI8EmfuuH5nNKZOHJf5CQJWTwNx1RtMt3ZTep9PI5OE8nj
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:55:26 2024 by rpki-client on console-ams.rpki-client.org