Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/whHd_YaTVA0huQdMsHGmoLqQX64.roa
File: whHd_YaTVA0huQdMsHGmoLqQX64.roa (raw, json)
Hash identifier: VsRCENZOyJMMrquyVLXthSbvYZlHLNikp4q9ccaDJmA=
Subject key identifier: C2:11:DD:FD:86:93:54:0D:21:B9:07:4C:B0:71:A6:A0:BA:90:5F:AE
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 018CC3B7420D371AF6DF0ADB6B75C40BE47D
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/whHd_YaTVA0huQdMsHGmoLqQX64.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8485
IP address blocks: 185.44.120.0/22 maxlen: 32
2a02:e840:1002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:42:0d:37:1a:f6:df:0a:db:6b:75:c4:0b:e4:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c211ddfd8693540d21b9074cb071a6a0ba905fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ff:ca:3f:d8:29:d9:67:6c:0a:f1:56:d0:84:
1c:88:9e:c9:02:56:6a:cc:e1:a9:e8:5f:96:96:7d:
e4:ee:5e:de:7d:9e:7b:f0:a4:68:f4:6c:29:0d:92:
19:25:84:1e:e2:9f:1c:98:54:69:92:a5:6d:bd:71:
94:41:6f:e1:00:55:13:d8:47:d7:65:b2:80:d2:f0:
68:17:d3:ef:ac:ce:35:9e:ec:33:6d:9d:3c:a4:df:
4b:42:87:fd:c5:e8:85:08:82:f9:8d:81:ba:36:40:
e3:db:0f:93:a3:57:a6:e9:65:b3:76:d1:ed:12:0f:
a0:7b:be:e8:49:81:8b:f8:c1:1b:b3:8e:d0:2e:8d:
5f:9c:83:ca:35:13:56:35:27:64:83:24:80:e3:4a:
26:a2:8d:37:ac:84:07:5f:59:cf:ef:4a:87:1a:40:
c0:83:97:df:c9:9e:b2:45:10:b2:21:6b:2e:62:7d:
32:6d:fd:f3:ad:0d:95:ab:c3:5e:98:c9:a3:44:2c:
d5:46:a6:8d:23:3a:49:90:85:17:67:61:e1:5b:e4:
0c:ca:00:80:c3:ff:ee:5d:f8:58:8a:fc:e5:55:0d:
0f:4d:e8:05:8e:94:3b:23:ee:99:2f:f2:80:ee:48:
de:09:e9:b5:1b:71:ef:42:b2:8a:c4:a5:39:6a:74:
3d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:11:DD:FD:86:93:54:0D:21:B9:07:4C:B0:71:A6:A0:BA:90:5F:AE
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/whHd_YaTVA0huQdMsHGmoLqQX64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.120.0/22
IPv6:
2a02:e840:1002::/48
Signature Algorithm: sha256WithRSAEncryption
96:e1:42:27:2a:b1:84:65:b3:f7:e2:23:98:9d:99:76:a7:9c:
c8:d7:21:60:55:62:26:49:a1:5b:bc:94:b8:61:59:79:a6:26:
83:31:f8:2d:fc:c5:bb:0b:79:5f:0b:26:8d:83:7c:39:f9:07:
c0:40:a2:13:49:ae:de:6e:04:d5:34:82:b0:9e:8e:cc:47:52:
00:0d:71:2c:f0:bb:c2:6e:8e:ed:14:e9:35:67:99:7d:eb:9a:
1b:6d:da:c0:be:db:de:1c:18:03:49:50:33:9f:40:f0:ed:09:
a3:fa:0e:5e:4f:ad:02:5a:e4:b7:6f:e1:bd:14:8c:2c:37:5d:
8e:23:d7:a2:30:b1:67:2d:d6:42:53:06:82:44:98:cc:d1:3d:
00:ec:c7:67:ed:ab:08:0c:12:7c:04:ca:36:7d:b8:0e:1a:a1:
c0:04:38:2d:ce:cf:69:f1:36:5e:ed:7c:43:70:22:5f:04:90:
cb:ca:86:ff:55:8a:39:4e:c3:df:24:6f:6d:ec:e3:ee:97:f3:
69:84:d1:c2:85:0b:d5:5e:06:1e:68:5b:9e:02:a0:45:cf:b5:
62:a0:3a:91:31:d5:e3:d1:e2:0f:c0:f9:33:31:3b:cc:b2:0a:
40:bf:74:52:7d:8e:7e:db:83:df:28:f0:cf:f7:4f:54:0b:1f:
31:3a:48:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDt0INNxr23wrba3XEC+R9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjExZGRmZDg2OTM1NDBkMjFiOTA3NGNiMDcxYTZhMGJhOTA1ZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr//KP9gp2WdsCvFW0IQciJ7JAlZq
zOGp6F+Wln3k7l7efZ578KRo9GwpDZIZJYQe4p8cmFRpkqVtvXGUQW/hAFUT2EfX
ZbKA0vBoF9PvrM41nuwzbZ08pN9LQof9xeiFCIL5jYG6NkDj2w+To1em6WWzdtHt
Eg+ge77oSYGL+MEbs47QLo1fnIPKNRNWNSdkgySA40omoo03rIQHX1nP70qHGkDA
g5ffyZ6yRRCyIWsuYn0ybf3zrQ2Vq8NemMmjRCzVRqaNIzpJkIUXZ2HhW+QMygCA
w//uXfhYivzlVQ0PTegFjpQ7I+6ZL/KA7kjeCem1G3HvQrKKxKU5anQ9YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMIR3f2Gk1QNIbkHTLBxpqC6kF+uMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvd2hIZF9ZYVRWQTBodVFkTXNIR21vTHFRWDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuSx4MA8E
AgACMAkDBwAqAuhAEAIwDQYJKoZIhvcNAQELBQADggEBAJbhQicqsYRls/fiI5id
mXannMjXIWBVYiZJoVu8lLhhWXmmJoMx+C38xbsLeV8LJo2DfDn5B8BAohNJrt5u
BNU0grCejsxHUgANcSzwu8Juju0U6TVnmX3rmhtt2sC+294cGANJUDOfQPDtCaP6
Dl5PrQJa5Ldv4b0UjCw3XY4j16IwsWct1kJTBoJEmMzRPQDsx2ftqwgMEnwEyjZ9
uA4aocAEOC3Oz2nxNl7tfENwIl8EkMvKhv9VijlOw98kb23s4+6X82mE0cKFC9Ve
Bh5oW54CoEXPtWKgOpEx1ePR4g/A+TMxO8yyCkC/dFJ9jn7bg98o8M/3T1QLHzE6
SII=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:49:52 2024 by rpki-client on console-fra.rpki-client.org