Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/PuZkQBweYTNvf5C6TrtDXYiXr9I.roa
File: PuZkQBweYTNvf5C6TrtDXYiXr9I.roa (raw, json)
Hash identifier: /1fzsaSMf+aDJ6R1crAwVkAQhccCgVjV5ILX8lZ/I2Y=
Subject key identifier: 3E:E6:64:40:1C:1E:61:33:6F:7F:90:BA:4E:BB:43:5D:88:97:AF:D2
Certificate issuer: /CN=7938dfb9eb924079bb706cb616eda572864a9e13
Certificate serial: 018CC9BCABB72B5F92FBA5B4075D011521E3
Authority key identifier: 79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/PuZkQBweYTNvf5C6TrtDXYiXr9I.roa
Signing time: Tue 02 Jan 2024 10:33:54 +0000
ROA not before: Tue 02 Jan 2024 10:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60786
IP address blocks: 185.51.42.0/24 maxlen: 24
185.51.43.0/24 maxlen: 24
2a04:c147::/34 maxlen: 34
2a04:c147:4000::/34 maxlen: 34
2a04:c147:c000::/34 maxlen: 34
2a04:c147:8000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/eTjfueuSQHm7cGy2Fu2lcoZKnhM.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/eTjfueuSQHm7cGy2Fu2lcoZKnhM.mft
rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ab:b7:2b:5f:92:fb:a5:b4:07:5d:01:15:21:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7938dfb9eb924079bb706cb616eda572864a9e13
Validity
Not Before: Jan 2 10:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ee664401c1e61336f7f90ba4ebb435d8897afd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:25:f1:84:df:e4:ef:fb:86:20:bd:91:4d:56:
f6:fa:b1:52:df:b4:82:39:b3:01:cb:78:90:dd:e7:
17:4e:e5:ed:ed:c2:27:a7:d9:0e:fb:02:5f:a4:e1:
9b:a5:e5:b4:0f:2c:99:5a:d0:24:de:13:e9:08:c8:
4c:bb:e4:85:55:a8:b4:ef:42:6d:44:ce:2c:d8:4f:
de:9c:0c:11:74:09:f8:19:c9:d0:29:3d:8c:40:d3:
d6:dd:21:31:f5:5c:21:d7:7a:44:9d:09:a9:36:73:
4e:72:47:83:f4:c1:a9:0a:92:29:37:e9:8c:3d:35:
f6:9c:2b:46:a9:81:5f:ab:f2:82:8d:9c:d3:e9:83:
c8:de:f0:c2:37:c6:65:7a:e1:bc:5e:62:64:1e:5e:
1b:96:c2:d2:84:0e:e1:5b:e2:3f:49:4a:b6:94:6d:
37:9a:43:4f:f2:da:0c:00:ce:0a:80:84:c7:f1:7a:
78:6e:a7:ff:ae:4a:a9:05:ed:85:6d:b1:d2:c2:5d:
d1:bd:42:60:c2:c5:b0:c7:d8:9a:b5:74:9c:ef:41:
61:78:ca:2f:1c:80:a8:9a:1e:da:62:9c:8f:35:d4:
5c:b1:3f:c8:20:3e:3d:4c:2f:e0:e6:22:cb:44:6d:
9c:a8:58:c5:d9:e0:65:29:9b:a9:db:c4:56:f2:25:
42:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E6:64:40:1C:1E:61:33:6F:7F:90:BA:4E:BB:43:5D:88:97:AF:D2
X509v3 Authority Key Identifier:
keyid:79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/PuZkQBweYTNvf5C6TrtDXYiXr9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/eTjfueuSQHm7cGy2Fu2lcoZKnhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.42.0/23
IPv6:
2a04:c147::/32
Signature Algorithm: sha256WithRSAEncryption
95:09:a5:51:71:a5:6f:94:e2:11:e6:23:6f:27:12:19:68:e7:
b0:9b:9e:65:8f:2c:7c:5d:c3:88:5c:a7:98:d5:5c:af:64:40:
51:8e:7a:fb:31:fb:1e:84:fd:1d:29:43:f0:a1:b0:ca:ac:6d:
b4:82:76:6e:f7:f7:bb:c5:89:0f:22:ab:cd:f8:4e:b5:a7:20:
17:2e:a0:b8:4b:8b:16:08:cb:f5:48:00:da:3f:e5:23:b7:3b:
96:05:cf:7b:0f:df:27:67:83:18:c5:93:cd:4e:f5:62:85:bb:
25:25:62:3e:07:39:70:08:40:12:64:95:e8:3d:58:c5:c2:e1:
5f:e1:39:c2:51:6d:f3:20:62:de:7c:b4:dd:71:d4:03:a7:00:
ab:28:76:5b:71:25:c0:74:2e:15:c2:c7:50:7e:3f:3f:a1:86:
00:78:f1:02:0e:72:af:2a:9f:70:75:45:a7:3b:f9:dd:b2:99:
49:d8:1c:61:de:90:8b:a2:0f:d2:76:fe:df:97:99:33:db:f5:
aa:92:db:91:8f:f2:db:61:86:53:28:3c:ca:d3:89:81:3d:d3:
54:31:9f:f6:5e:34:48:f6:d3:6c:79:1e:a4:19:1d:24:af:c6:
3d:88:81:5d:85:45:dd:ef:9d:b4:9e:91:db:7a:78:27:4f:65:
ea:a0:de:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvKu3K1+S+6W0B10BFSHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MzhkZmI5ZWI5MjQwNzliYjcwNmNiNjE2ZWRhNTcyODY0
YTllMTMwHhcNMjQwMTAyMTAzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWU2NjQ0MDFjMWU2MTMzNmY3ZjkwYmE0ZWJiNDM1ZDg4OTdhZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSXxhN/k7/uGIL2RTVb2+rFS37SC
ObMBy3iQ3ecXTuXt7cInp9kO+wJfpOGbpeW0DyyZWtAk3hPpCMhMu+SFVai070Jt
RM4s2E/enAwRdAn4GcnQKT2MQNPW3SEx9Vwh13pEnQmpNnNOckeD9MGpCpIpN+mM
PTX2nCtGqYFfq/KCjZzT6YPI3vDCN8ZleuG8XmJkHl4blsLShA7hW+I/SUq2lG03
mkNP8toMAM4KgITH8Xp4bqf/rkqpBe2FbbHSwl3RvUJgwsWwx9iatXSc70FheMov
HIComh7aYpyPNdRcsT/IID49TC/g5iLLRG2cqFjF2eBlKZup28RW8iVCvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD7mZEAcHmEzb3+Quk67Q12Il6/SMB8GA1UdIwQY
MBaAFHk437nrkkB5u3BsthbtpXKGSp4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQt
MDZkYTJiYjA2MDcxLzEvUHVaa1FCd2VZVE52ZjVDNlRydERYWWlYcjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQtMDZkYTJiYjA2MDcx
LzEvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuTMqMA0E
AgACMAcDBQAqBMFHMA0GCSqGSIb3DQEBCwUAA4IBAQCVCaVRcaVvlOIR5iNvJxIZ
aOewm55ljyx8XcOIXKeY1VyvZEBRjnr7MfsehP0dKUPwobDKrG20gnZu9/e7xYkP
IqvN+E61pyAXLqC4S4sWCMv1SADaP+UjtzuWBc97D98nZ4MYxZPNTvVihbslJWI+
BzlwCEASZJXoPVjFwuFf4TnCUW3zIGLefLTdcdQDpwCrKHZbcSXAdC4VwsdQfj8/
oYYAePECDnKvKp9wdUWnO/ndsplJ2Bxh3pCLog/Sdv7fl5kz2/WqktuRj/LbYYZT
KDzK04mBPdNUMZ/2XjRI9tNseR6kGR0kr8Y9iIFdhUXd7520npHbengnT2XqoN45
-----END CERTIFICATE-----
Generated at Sat Nov 23 08:45:48 2024 by rpki-client on console-fra.rpki-client.org