Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/duVTPl2B9U-0HD8-5FWkz77JR2M.roa
File: duVTPl2B9U-0HD8-5FWkz77JR2M.roa (raw, json)
Hash identifier: wYlhUmfFuV5NUuO25Ro/2GMeYD1vfB8fJmcXezKn0yI=
Subject key identifier: 76:E5:53:3E:5D:81:F5:4F:B4:1C:3F:3E:E4:55:A4:CF:BE:C9:47:63
Certificate issuer: /CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Certificate serial: 018CC94CD1D4F5B51D4AC2F7E9513BF633D3
Authority key identifier: 10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/duVTPl2B9U-0HD8-5FWkz77JR2M.roa
Signing time: Tue 02 Jan 2024 08:31:44 +0000
ROA not before: Tue 02 Jan 2024 08:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 185.70.47.0/24 maxlen: 24
2a05:2606::/32 maxlen: 32
2a05:2605::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.mft
rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:d1:d4:f5:b5:1d:4a:c2:f7:e9:51:3b:f6:33:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Validity
Not Before: Jan 2 08:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76e5533e5d81f54fb41c3f3ee455a4cfbec94763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:21:cd:90:3d:36:77:ab:0a:34:0b:4b:58:13:
7b:50:4b:cd:55:ec:67:04:63:76:fd:c8:cf:5a:3f:
cc:29:cc:ca:fc:d8:4a:b0:13:72:be:83:39:0f:fb:
ee:4a:90:9e:69:ed:ba:4e:ab:15:a6:bb:c1:2c:2f:
6f:28:82:2e:ef:58:8d:fb:bb:8a:b9:c9:c9:c5:60:
ff:90:e8:14:d3:fd:ee:0a:de:1e:eb:69:8f:38:6c:
77:01:bb:75:ba:e1:f5:d6:45:db:04:2f:d8:a3:30:
b2:97:60:60:3e:46:ba:eb:6e:4b:c4:12:4b:82:3e:
d0:db:95:96:fa:aa:7a:1f:69:6d:f1:47:0d:e3:35:
18:88:b3:6d:72:ff:1f:3c:af:67:d5:57:c7:e1:fa:
b4:fd:47:c8:94:30:1c:55:30:f9:8e:ff:f8:be:26:
89:a4:91:60:3e:60:8f:88:23:de:f1:16:22:1f:5a:
c7:70:10:ab:71:e9:f7:5d:ae:68:c7:a9:ae:e3:34:
27:1e:0f:40:49:81:87:68:ab:ec:f1:19:b1:a6:cf:
44:7d:20:4c:0d:99:ab:0c:7c:09:c3:ab:cf:f6:dd:
ff:8d:08:2d:b0:f9:2e:68:93:bf:93:ca:0a:2c:bc:
1a:e4:7e:44:25:1a:9c:4e:3e:a1:f4:e9:51:5f:68:
31:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E5:53:3E:5D:81:F5:4F:B4:1C:3F:3E:E4:55:A4:CF:BE:C9:47:63
X509v3 Authority Key Identifier:
keyid:10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/duVTPl2B9U-0HD8-5FWkz77JR2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.47.0/24
IPv6:
2a05:2605::-2a05:2606:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8a:98:c4:c9:3f:38:97:0e:46:2d:7b:37:0c:4e:ac:f2:ce:28:
4b:42:57:84:ac:fb:c5:cc:dc:ab:d8:f4:73:d3:ab:2e:12:1c:
58:52:7e:23:f1:8f:41:08:56:8b:aa:39:ab:a9:b2:0d:89:9d:
1d:7f:4e:aa:bb:1b:0f:d3:d1:08:dc:64:9b:4a:0a:ee:9a:7b:
5c:84:c3:78:a2:ae:f7:6f:fd:6d:42:b6:c9:e8:52:7a:56:67:
24:60:0a:7f:6e:8c:e3:07:01:2e:97:e5:34:38:3d:0b:09:44:
5a:03:87:0b:c3:13:d7:69:b2:75:5a:c5:f5:5e:16:a3:83:db:
cb:cc:d4:f0:cf:f5:46:54:68:18:51:16:35:06:bf:fa:7a:af:
7f:a3:4b:fd:cb:29:80:57:01:d3:26:2a:67:4a:19:40:92:f8:
1d:13:21:3b:14:c5:b7:cc:8b:da:2a:34:1b:71:02:e7:0f:ea:
5e:a3:06:d2:06:e7:27:d3:54:24:b0:8a:99:4f:7d:79:74:b8:
89:27:10:76:65:ca:53:55:f2:0f:4a:72:8b:75:07:27:2d:e1:
83:6b:8a:83:c9:9b:28:2c:72:29:f1:f2:9f:a5:01:4a:35:ea:
cb:47:2e:7e:c6:2e:30:18:c8:f7:e8:dc:92:b8:f9:89:12:7c:
8d:41:a4:c8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTNHU9bUdSsL36VE79jPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYThjNmU5MzA4YmIwMDA4MzEwMDE3MWUwMGRiYjYxNDBm
NGY1ODAwHhcNMjQwMTAyMDgzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmU1NTMzZTVkODFmNTRmYjQxYzNmM2VlNDU1YTRjZmJlYzk0NzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCHNkD02d6sKNAtLWBN7UEvNVexn
BGN2/cjPWj/MKczK/NhKsBNyvoM5D/vuSpCeae26TqsVprvBLC9vKIIu71iN+7uK
ucnJxWD/kOgU0/3uCt4e62mPOGx3Abt1uuH11kXbBC/YozCyl2BgPka6625LxBJL
gj7Q25WW+qp6H2lt8UcN4zUYiLNtcv8fPK9n1VfH4fq0/UfIlDAcVTD5jv/4viaJ
pJFgPmCPiCPe8RYiH1rHcBCrcen3Xa5ox6mu4zQnHg9ASYGHaKvs8Rmxps9EfSBM
DZmrDHwJw6vP9t3/jQgtsPkuaJO/k8oKLLwa5H5EJRqcTj6h9OlRX2gxkQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHblUz5dgfVPtBw/PuRVpM++yUdjMB8GA1UdIwQY
MBaAFBCoxukwi7AAgxABceANu2FA9PWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUtqRzZUQ0xzQUNERUFGeDRBMjdZVUQwOVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMzc5NDctNzBjMi00NjYxLWEzNmYt
NmI0OTdiMmMwYjM4LzEvZHVWVFBsMkI5VS0wSEQ4LTVGV2t6NzdKUjJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMzc5NDctNzBjMi00NjYxLWEzNmYtNmI0OTdiMmMwYjM4
LzEvRUtqRzZUQ0xzQUNERUFGeDRBMjdZVUQwOVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAuUYvMBYE
AgACMBAwDgMFACoFJgUDBQAqBSYGMA0GCSqGSIb3DQEBCwUAA4IBAQCKmMTJPziX
DkYtezcMTqzyzihLQleErPvFzNyr2PRz06suEhxYUn4j8Y9BCFaLqjmrqbINiZ0d
f06quxsP09EI3GSbSgrumntchMN4oq73b/1tQrbJ6FJ6VmckYAp/bozjBwEul+U0
OD0LCURaA4cLwxPXabJ1WsX1Xhajg9vLzNTwz/VGVGgYURY1Br/6eq9/o0v9yymA
VwHTJipnShlAkvgdEyE7FMW3zIvaKjQbcQLnD+peowbSBucn01QksIqZT315dLiJ
JxB2ZcpTVfIPSnKLdQcnLeGDa4qDyZsoLHIp8fKfpQFKNerLRy5+xi4wGMj36NyS
uPmJEnyNQaTI
-----END CERTIFICATE-----
Generated at Wed May 15 16:34:28 2024 by rpki-client on console-ams.rpki-client.org