Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/01knJTZP-oeKazqwQ1MILI7KFkA.roa
File: 01knJTZP-oeKazqwQ1MILI7KFkA.roa (raw, json)
Hash identifier: XHyEn40jsiyfbqHfrngX8+xEQQ7CWvJJjXBp8TKPPwo=
Subject key identifier: D3:59:27:25:36:4F:FA:87:8A:6B:3A:B0:43:53:08:2C:8E:CA:16:40
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801DC9C8822386474BC6DBAD89328A9
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/01knJTZP-oeKazqwQ1MILI7KFkA.roa
Signing time: Tue 02 Jan 2024 02:30:14 +0000
ROA not before: Tue 02 Jan 2024 02:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60144
IP address blocks: 185.222.219.0/24 maxlen: 24
2a09:0:12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:dc:9c:88:22:38:64:74:bc:6d:ba:d8:93:28:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3592725364ffa878a6b3ab04353082c8eca1640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:92:09:2c:13:b9:29:6a:81:e0:5e:2e:43:95:
c8:ca:97:14:cd:d5:09:62:ca:3c:95:fc:90:ff:b4:
bc:3b:ec:cb:b0:2f:39:e0:9e:47:a7:c3:27:e6:c1:
63:c3:12:d6:ee:51:ec:c5:02:d3:a0:d8:d3:01:2e:
44:92:93:12:c9:e5:f4:80:17:b3:c0:c5:2d:c3:ad:
a7:37:80:25:9d:6c:ba:e8:2f:08:3a:3b:23:6d:35:
b1:2c:58:ad:e2:e5:34:3e:ce:ff:fb:0c:3b:09:2e:
af:08:94:1e:e3:38:e3:69:97:92:7e:dc:e7:cf:73:
51:dd:3a:85:10:da:01:28:fb:10:5c:7f:c0:4b:c2:
dc:20:8b:93:a5:cf:53:ef:95:80:44:41:20:4e:c9:
97:cc:6d:b8:3d:5b:98:d8:10:54:60:84:df:30:14:
95:51:92:f3:f0:4f:b7:e7:54:ed:76:fb:8c:ab:b3:
2c:6d:0f:ca:bd:6e:ad:c9:07:f1:ea:67:d9:a9:65:
00:9d:13:ab:c4:71:33:78:0b:01:5b:af:d8:61:01:
6b:4b:ac:c9:d9:8a:f9:f2:eb:bc:fe:e9:39:6e:50:
fd:68:18:29:9d:4d:84:f3:f5:69:f5:3b:64:b8:aa:
04:80:39:e9:bf:3e:2a:70:ae:67:d7:26:78:ba:aa:
e6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:59:27:25:36:4F:FA:87:8A:6B:3A:B0:43:53:08:2C:8E:CA:16:40
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/01knJTZP-oeKazqwQ1MILI7KFkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.219.0/24
IPv6:
2a09:0:12::/48
Signature Algorithm: sha256WithRSAEncryption
5b:cf:32:6b:fb:2e:33:51:a8:e5:f0:a9:4c:81:48:e8:f4:59:
6b:5c:64:91:7b:ea:6e:27:d6:e8:57:1a:09:4a:dc:95:18:f7:
c8:11:23:a3:9f:6d:34:41:59:3e:1e:32:1a:50:e9:b2:b4:75:
5e:4b:3a:32:44:da:cc:ce:69:97:98:07:5d:a7:25:d1:d4:57:
2b:a2:ab:6a:8b:04:53:5a:cc:8f:8f:97:c8:90:7a:08:e3:39:
49:0d:6a:21:9b:f5:23:6f:3e:58:ab:a6:b1:ca:70:ca:b7:70:
c2:54:6c:8c:a2:65:15:bb:59:5c:36:71:79:e8:76:fd:28:b4:
f8:ca:9b:46:e6:5a:0c:ea:5c:76:c9:6f:f2:75:1f:53:4c:8b:
08:eb:3e:56:c4:f7:11:cb:58:93:c6:94:85:e6:9d:cc:95:ea:
46:c2:af:9e:6a:1d:75:4c:cc:6f:f1:b0:85:41:eb:8a:b2:af:
21:f2:2e:8d:b4:64:13:56:c4:4d:de:eb:b9:92:7d:c5:a1:7a:
22:0c:e6:ee:f0:be:a3:ef:13:af:35:0f:bc:ab:7d:a7:3a:ab:
4f:a0:9b:da:9b:6e:04:dc:55:f3:c3:a8:26:fe:4e:cd:97:6d:
35:c1:5b:7c:77:2b:27:4f:b5:ef:4c:01:55:1b:b5:90:8a:d7:
b3:3f:d3:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAdyciCI4ZHS8bbrYkyipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU5MjcyNTM2NGZmYTg3OGE2YjNhYjA0MzUzMDgyYzhlY2ExNjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05IJLBO5KWqB4F4uQ5XIypcUzdUJ
Yso8lfyQ/7S8O+zLsC854J5Hp8Mn5sFjwxLW7lHsxQLToNjTAS5EkpMSyeX0gBez
wMUtw62nN4AlnWy66C8IOjsjbTWxLFit4uU0Ps7/+ww7CS6vCJQe4zjjaZeSftzn
z3NR3TqFENoBKPsQXH/AS8LcIIuTpc9T75WAREEgTsmXzG24PVuY2BBUYITfMBSV
UZLz8E+351TtdvuMq7MsbQ/KvW6tyQfx6mfZqWUAnROrxHEzeAsBW6/YYQFrS6zJ
2Yr58uu8/uk5blD9aBgpnU2E8/Vp9TtkuKoEgDnpvz4qcK5n1yZ4uqrmfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNNZJyU2T/qHims6sENTCCyOyhZAMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvMDFrbkpUWlAtb2VLYXpxd1ExTUlMSTdLRmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAud7bMA8E
AgACMAkDBwAqCQAAABIwDQYJKoZIhvcNAQELBQADggEBAFvPMmv7LjNRqOXwqUyB
SOj0WWtcZJF76m4n1uhXGglK3JUY98gRI6OfbTRBWT4eMhpQ6bK0dV5LOjJE2szO
aZeYB12nJdHUVyuiq2qLBFNazI+Pl8iQegjjOUkNaiGb9SNvPlirprHKcMq3cMJU
bIyiZRW7WVw2cXnodv0otPjKm0bmWgzqXHbJb/J1H1NMiwjrPlbE9xHLWJPGlIXm
ncyV6kbCr55qHXVMzG/xsIVB64qyryHyLo20ZBNWxE3e67mSfcWheiIM5u7wvqPv
E681D7yrfac6q0+gm9qbbgTcVfPDqCb+Ts2XbTXBW3x3KydPte9MAVUbtZCK17M/
070=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:29:03 2024 by rpki-client on console-fra.rpki-client.org