Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/89ff3b-1263-4cdd-9cad-23df8dddf978/1/2N6urlOD0Xl64IaC4GaCBKvvuio.roa
File: 2N6urlOD0Xl64IaC4GaCBKvvuio.roa (raw, json)
Hash identifier: eGojIwzSmaJ45ysVGACMJ7wLajdu1hwCMuQoBMqID5M=
Subject key identifier: D8:DE:AE:AE:53:83:D1:79:7A:E0:86:82:E0:66:82:04:AB:EF:BA:2A
Certificate issuer: /CN=4f152900b0d323d36d94510ab0b01c93f4517c89
Certificate serial: 018CC3B71EE6CE3568ADD7E7253F7B17DB37
Authority key identifier: 4F:15:29:00:B0:D3:23:D3:6D:94:51:0A:B0:B0:1C:93:F4:51:7C:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxUpALDTI9NtlFEKsLAck_RRfIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/89ff3b-1263-4cdd-9cad-23df8dddf978/1/2N6urlOD0Xl64IaC4GaCBKvvuio.roa
Signing time: Mon 01 Jan 2024 06:30:07 +0000
ROA not before: Mon 01 Jan 2024 06:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203736
IP address blocks: 185.102.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/89ff3b-1263-4cdd-9cad-23df8dddf978/1/TxUpALDTI9NtlFEKsLAck_RRfIk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/89ff3b-1263-4cdd-9cad-23df8dddf978/1/TxUpALDTI9NtlFEKsLAck_RRfIk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxUpALDTI9NtlFEKsLAck_RRfIk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:1e:e6:ce:35:68:ad:d7:e7:25:3f:7b:17:db:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f152900b0d323d36d94510ab0b01c93f4517c89
Validity
Not Before: Jan 1 06:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8deaeae5383d1797ae08682e0668204abefba2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:6e:d5:f5:2d:9c:88:64:cd:86:ce:cb:c6:10:
d5:62:23:34:b9:c7:c4:27:76:f7:dd:85:b2:49:28:
59:28:a8:3f:2c:ee:2f:94:ad:dc:04:86:7b:65:5f:
3c:da:bf:99:71:06:f7:b9:46:15:73:00:e9:e9:f6:
5d:85:ea:9f:d6:16:ac:21:c3:36:0c:e5:da:67:21:
7b:05:fe:b6:f8:60:34:fa:5d:0f:5e:b8:ec:89:1b:
16:ec:39:48:77:4c:86:6b:78:cf:dd:fd:88:86:81:
4e:26:f0:99:cd:fd:a2:a6:51:a2:19:f8:c5:eb:58:
c0:d2:31:5d:18:6e:a2:14:0a:1a:52:b8:62:d1:30:
13:52:f4:42:66:d6:5a:3f:11:9e:c0:cb:58:39:41:
d5:24:71:2b:ab:1c:bc:b1:9b:ac:fe:56:ea:2c:42:
43:43:35:c1:91:11:31:7a:cd:99:9e:85:5e:cf:f7:
e3:81:4d:d4:4e:8e:6c:95:06:78:b3:7b:cd:ea:b2:
49:f5:7e:e6:69:8c:5b:5f:47:9c:37:9c:d7:2c:37:
75:85:0a:ee:c3:db:b8:3d:f1:32:fa:3b:a2:ac:7f:
5a:67:f4:3d:f5:7b:dc:21:b3:18:4a:98:32:35:16:
c1:ae:56:af:49:cb:67:7f:e4:ea:31:3c:b3:03:37:
e2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DE:AE:AE:53:83:D1:79:7A:E0:86:82:E0:66:82:04:AB:EF:BA:2A
X509v3 Authority Key Identifier:
keyid:4F:15:29:00:B0:D3:23:D3:6D:94:51:0A:B0:B0:1C:93:F4:51:7C:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxUpALDTI9NtlFEKsLAck_RRfIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/89ff3b-1263-4cdd-9cad-23df8dddf978/1/2N6urlOD0Xl64IaC4GaCBKvvuio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/89ff3b-1263-4cdd-9cad-23df8dddf978/1/TxUpALDTI9NtlFEKsLAck_RRfIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.32.0/22
Signature Algorithm: sha256WithRSAEncryption
58:6c:43:e9:d8:46:62:b4:7a:b4:f2:f0:06:da:66:93:81:1a:
dd:46:15:ba:69:11:ce:81:7a:ef:72:7f:db:01:f0:a6:5f:1a:
3a:b5:c0:02:7a:3b:a8:cc:38:89:c1:99:85:02:f9:62:6e:ab:
2d:e8:e0:f2:8b:e6:2a:12:3f:b3:bc:e9:41:10:71:0e:21:c5:
35:56:b2:54:57:10:31:46:1b:24:11:5f:a7:cd:d1:f8:b9:13:
28:a0:b8:fd:cd:af:f6:fd:71:00:c2:f8:4b:e2:62:fe:08:ba:
cc:4b:6f:22:d5:83:fd:50:a3:b1:6c:f1:17:ec:7c:ff:5f:dc:
2a:2e:0b:fb:81:40:db:f1:ff:90:65:79:07:ba:95:ab:38:79:
4a:0e:5c:cd:79:e7:d5:ba:2a:9f:b1:25:40:f9:2a:94:01:70:
81:ec:a6:26:02:9f:c6:f9:1f:3d:a4:01:34:82:64:23:1e:1d:
60:90:bb:9b:90:24:e3:8b:34:17:3f:e6:9f:9d:65:fb:db:a6:
a3:b0:35:d0:03:0c:74:52:5e:21:2b:ea:8a:26:94:ff:b2:35:
2c:95:dc:8e:4a:82:c5:4a:d9:f9:fd:0e:66:c6:a4:6c:25:e6:
fd:e8:68:f6:83:c2:8e:71:53:53:f4:df:58:c9:5f:41:b2:b3:
26:90:5d:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtx7mzjVordfnJT97F9s3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTUyOTAwYjBkMzIzZDM2ZDk0NTEwYWIwYjAxYzkzZjQ1
MTdjODkwHhcNMjQwMTAxMDYzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRlYWVhZTUzODNkMTc5N2FlMDg2ODJlMDY2ODIwNGFiZWZiYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAim7V9S2ciGTNhs7LxhDVYiM0ucfE
J3b33YWySShZKKg/LO4vlK3cBIZ7ZV882r+ZcQb3uUYVcwDp6fZdheqf1hasIcM2
DOXaZyF7Bf62+GA0+l0PXrjsiRsW7DlId0yGa3jP3f2IhoFOJvCZzf2iplGiGfjF
61jA0jFdGG6iFAoaUrhi0TATUvRCZtZaPxGewMtYOUHVJHErqxy8sZus/lbqLEJD
QzXBkRExes2ZnoVez/fjgU3UTo5slQZ4s3vN6rJJ9X7maYxbX0ecN5zXLDd1hQru
w9u4PfEy+juirH9aZ/Q99XvcIbMYSpgyNRbBrlavSctnf+TqMTyzAzfi1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjerq5Tg9F5euCGguBmggSr77oqMB8GA1UdIwQY
MBaAFE8VKQCw0yPTbZRRCrCwHJP0UXyJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhVcEFMRFRJOU50bEZFS3NMQWNrX1JSZklrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84OWZmM2ItMTI2My00Y2RkLTljYWQt
MjNkZjhkZGRmOTc4LzEvMk42dXJsT0QwWGw2NElhQzRHYUNCS3Z2dWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84OWZmM2ItMTI2My00Y2RkLTljYWQtMjNkZjhkZGRmOTc4
LzEvVHhVcEFMRFRJOU50bEZFS3NMQWNrX1JSZklrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWYgMA0G
CSqGSIb3DQEBCwUAA4IBAQBYbEPp2EZitHq08vAG2maTgRrdRhW6aRHOgXrvcn/b
AfCmXxo6tcACejuozDiJwZmFAvlibqst6ODyi+YqEj+zvOlBEHEOIcU1VrJUVxAx
RhskEV+nzdH4uRMooLj9za/2/XEAwvhL4mL+CLrMS28i1YP9UKOxbPEX7Hz/X9wq
Lgv7gUDb8f+QZXkHupWrOHlKDlzNeefVuiqfsSVA+SqUAXCB7KYmAp/G+R89pAE0
gmQjHh1gkLubkCTjizQXP+afnWX726ajsDXQAwx0Ul4hK+qKJpT/sjUsldyOSoLF
Stn5/Q5mxqRsJeb96Gj2g8KOcVNT9N9YyV9BsrMmkF0S
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:09:14 2024 by rpki-client on console-ams.rpki-client.org