Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/bAdaLrO5SPZMcn-0BZUkJcs0LLc.roa
File: bAdaLrO5SPZMcn-0BZUkJcs0LLc.roa (raw, json)
Hash identifier: ugvnwsa5Q/R5Canhzuj+ekx7e+IX6wgnl3U5umMC5FE=
Subject key identifier: 6C:07:5A:2E:B3:B9:48:F6:4C:72:7F:B4:05:95:24:25:CB:34:2C:B7
Certificate issuer: /CN=80ab4c0945b738edda0583a274b63c1b8673a630
Certificate serial: 018CC94DA001837072AA9E6C840DA35616DA
Authority key identifier: 80:AB:4C:09:45:B7:38:ED:DA:05:83:A2:74:B6:3C:1B:86:73:A6:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKtMCUW3OO3aBYOidLY8G4ZzpjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/bAdaLrO5SPZMcn-0BZUkJcs0LLc.roa
Signing time: Tue 02 Jan 2024 08:32:36 +0000
ROA not before: Tue 02 Jan 2024 08:32:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43065
IP address blocks: 185.140.116.0/22 maxlen: 22
2a07:1c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/gKtMCUW3OO3aBYOidLY8G4ZzpjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/gKtMCUW3OO3aBYOidLY8G4ZzpjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/gKtMCUW3OO3aBYOidLY8G4ZzpjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:a0:01:83:70:72:aa:9e:6c:84:0d:a3:56:16:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80ab4c0945b738edda0583a274b63c1b8673a630
Validity
Not Before: Jan 2 08:32:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c075a2eb3b948f64c727fb405952425cb342cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:52:e1:3b:fc:8e:b9:a7:f8:ab:d5:86:f6:53:
06:3b:57:da:6f:e7:97:a5:37:09:63:5e:00:f4:3c:
9c:3c:76:b2:ab:fd:2f:46:2f:30:b5:b0:81:6f:9c:
d9:97:72:63:6b:c5:e0:af:95:e2:8e:be:7e:2f:4e:
70:55:cf:8f:c6:98:99:4d:77:9f:11:65:82:46:47:
c4:4d:76:d1:aa:be:62:01:51:60:cb:f5:8f:81:6b:
30:5e:1b:eb:de:b5:50:67:81:5b:5a:cb:ac:8f:74:
62:80:20:02:2c:61:b4:e5:ee:96:4e:50:5f:da:b1:
aa:db:e9:bb:e6:17:51:fa:d8:01:06:98:42:8b:c4:
63:06:ac:bb:b7:2f:71:0e:35:df:db:bd:6a:14:68:
e5:4e:87:f6:da:99:d2:43:a8:f4:14:75:c9:b8:9b:
af:8d:ba:f2:4c:de:11:0f:b0:69:fc:a2:da:25:85:
25:98:36:6d:e9:16:88:71:0d:20:af:19:aa:7e:06:
64:7d:ed:72:fa:6f:b0:3a:da:79:11:8b:f2:2e:5c:
2e:9d:3d:d7:95:f0:07:f5:07:d6:01:2f:86:2d:51:
89:b4:e8:42:e2:4f:c6:aa:d1:6a:ff:2a:c6:35:eb:
8c:18:4f:4e:45:e8:74:b3:24:0a:b2:0e:fe:e1:3d:
73:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:07:5A:2E:B3:B9:48:F6:4C:72:7F:B4:05:95:24:25:CB:34:2C:B7
X509v3 Authority Key Identifier:
keyid:80:AB:4C:09:45:B7:38:ED:DA:05:83:A2:74:B6:3C:1B:86:73:A6:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKtMCUW3OO3aBYOidLY8G4ZzpjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/bAdaLrO5SPZMcn-0BZUkJcs0LLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f6fee6-c0a2-4a03-a981-f5fda0ea300d/1/gKtMCUW3OO3aBYOidLY8G4ZzpjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.116.0/22
IPv6:
2a07:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
85:7e:c8:35:c4:03:f9:7b:b4:c6:a0:5f:79:c9:26:46:ae:7a:
75:b2:da:f4:61:0b:f8:20:da:5b:3b:f6:e2:30:db:05:7a:10:
9b:e4:6e:2e:5e:4c:94:8e:4e:6b:32:e3:08:9a:71:bd:a0:e6:
fd:ed:e9:52:88:18:99:ef:95:e3:9b:69:25:18:db:f9:74:b8:
e7:9f:90:1c:e7:0c:e4:e7:69:e9:17:d9:a9:f2:25:34:4d:86:
b8:cb:64:6d:7b:1f:f4:68:91:97:9f:0b:8c:e0:21:23:a0:24:
23:eb:ba:66:b5:b3:2e:5d:60:0a:9b:78:45:64:fe:fa:8d:51:
cf:7c:20:1e:b9:b7:dd:bf:6a:a4:80:41:ba:5f:6e:ff:5d:fd:
07:e7:f0:26:6f:55:b7:0b:8b:26:0e:d8:7c:54:f9:bd:0f:94:
23:86:a1:8e:13:89:76:20:bf:3e:ac:d4:98:ab:f9:b8:80:50:
6d:53:4d:66:4f:6c:eb:87:61:77:91:d1:41:91:f6:53:11:b1:
cb:3a:bf:96:b0:3f:b5:06:45:98:79:f8:9f:2a:04:76:87:67:
2c:3f:82:f8:9c:0a:f7:fb:c4:18:1a:91:da:25:14:00:4f:61:
81:99:3c:3d:28:7b:e0:dc:e1:e8:e9:8e:0d:39:21:6b:bf:0c:
c5:26:54:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTaABg3Byqp5shA2jVhbaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYWI0YzA5NDViNzM4ZWRkYTA1ODNhMjc0YjYzYzFiODY3
M2E2MzAwHhcNMjQwMTAyMDgzMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzA3NWEyZWIzYjk0OGY2NGM3MjdmYjQwNTk1MjQyNWNiMzQyY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlLhO/yOuaf4q9WG9lMGO1fab+eX
pTcJY14A9DycPHayq/0vRi8wtbCBb5zZl3Jja8Xgr5Xijr5+L05wVc+PxpiZTXef
EWWCRkfETXbRqr5iAVFgy/WPgWswXhvr3rVQZ4FbWsusj3RigCACLGG05e6WTlBf
2rGq2+m75hdR+tgBBphCi8RjBqy7ty9xDjXf271qFGjlTof22pnSQ6j0FHXJuJuv
jbryTN4RD7Bp/KLaJYUlmDZt6RaIcQ0grxmqfgZkfe1y+m+wOtp5EYvyLlwunT3X
lfAH9QfWAS+GLVGJtOhC4k/GqtFq/yrGNeuMGE9OReh0syQKsg7+4T1z7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGwHWi6zuUj2THJ/tAWVJCXLNCy3MB8GA1UdIwQY
MBaAFICrTAlFtzjt2gWDonS2PBuGc6YwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0t0TUNVVzNPTzNhQllPaWRMWThHNFp6cGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9mNmZlZTYtYzBhMi00YTAzLWE5ODEt
ZjVmZGEwZWEzMDBkLzEvYkFkYUxyTzVTUFpNY24tMEJaVWtKY3MwTExjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9mNmZlZTYtYzBhMi00YTAzLWE5ODEtZjVmZGEwZWEzMDBk
LzEvZ0t0TUNVVzNPTzNhQllPaWRMWThHNFp6cGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYx0MA0E
AgACMAcDBQMqBxyAMA0GCSqGSIb3DQEBCwUAA4IBAQCFfsg1xAP5e7TGoF95ySZG
rnp1str0YQv4INpbO/biMNsFehCb5G4uXkyUjk5rMuMImnG9oOb97elSiBiZ75Xj
m2klGNv5dLjnn5Ac5wzk52npF9mp8iU0TYa4y2Rtex/0aJGXnwuM4CEjoCQj67pm
tbMuXWAKm3hFZP76jVHPfCAeubfdv2qkgEG6X27/Xf0H5/Amb1W3C4smDth8VPm9
D5QjhqGOE4l2IL8+rNSYq/m4gFBtU01mT2zrh2F3kdFBkfZTEbHLOr+WsD+1BkWY
efifKgR2h2csP4L4nAr3+8QYGpHaJRQAT2GBmTw9KHvg3OHo6Y4NOSFrvwzFJlRt
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:32:38 2024 by rpki-client on console-ams.rpki-client.org