Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/RXhDmF0Nf1871TrkNv974L3Z29Y.roa
File: RXhDmF0Nf1871TrkNv974L3Z29Y.roa (raw, json)
Hash identifier: NgWViqE4Dkuoc5sG/jNUAWTg7/UWYJWTg2J3N4zUoWc=
Subject key identifier: 45:78:43:98:5D:0D:7F:5F:3B:D5:3A:E4:36:FF:7B:E0:BD:D9:DB:D6
Certificate issuer: /CN=88e719f426793b1e9063771460abd311a3dff116
Certificate serial: 018CC493985827A328A20AF7866CCACEC8FF
Authority key identifier: 88:E7:19:F4:26:79:3B:1E:90:63:77:14:60:AB:D3:11:A3:DF:F1:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/RXhDmF0Nf1871TrkNv974L3Z29Y.roa
Signing time: Mon 01 Jan 2024 10:30:56 +0000
ROA not before: Mon 01 Jan 2024 10:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62528
IP address blocks: 185.134.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:98:58:27:a3:28:a2:0a:f7:86:6c:ca:ce:c8:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88e719f426793b1e9063771460abd311a3dff116
Validity
Not Before: Jan 1 10:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=457843985d0d7f5f3bd53ae436ff7be0bdd9dbd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8d:0e:80:89:8c:e2:5b:04:de:f4:ac:3b:24:
0c:68:3a:41:10:3d:d2:d8:0f:0d:98:5b:d1:e2:5a:
ec:fa:1a:ca:bf:d3:b6:03:21:f3:e9:99:93:8b:3d:
74:59:af:7c:f8:8e:87:0f:b0:e8:ae:cf:04:4a:05:
c5:f9:56:c4:bf:5d:7e:b4:f2:83:5a:bb:06:1f:07:
de:5e:bb:f4:35:15:24:81:b4:8b:07:cc:5e:d1:85:
37:dc:c4:35:72:9e:0c:b5:33:8e:bf:ad:e2:19:62:
75:59:a4:bf:76:59:e9:60:27:50:73:93:b6:c7:55:
36:0b:63:8e:98:c9:11:52:ed:b0:62:c5:19:61:3b:
02:21:d0:da:36:ee:50:5b:62:27:a9:23:b1:f1:92:
d6:cf:c9:0e:d0:d3:a3:9e:40:01:79:7a:9f:a2:b0:
74:53:ef:46:98:f7:71:09:1c:05:6a:82:82:39:bc:
ea:17:bc:b3:1e:d3:28:fc:39:e1:be:4e:67:a8:9e:
2d:d3:95:06:e2:80:00:7f:4b:93:4f:0b:c3:79:c1:
18:d1:3b:3d:0a:7e:66:23:df:d9:a4:cd:10:cf:bb:
72:7e:73:07:78:86:b4:09:09:c7:7d:ae:f7:58:be:
da:cf:a5:ed:58:06:18:80:97:46:33:59:29:48:3d:
fa:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:78:43:98:5D:0D:7F:5F:3B:D5:3A:E4:36:FF:7B:E0:BD:D9:DB:D6
X509v3 Authority Key Identifier:
keyid:88:E7:19:F4:26:79:3B:1E:90:63:77:14:60:AB:D3:11:A3:DF:F1:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/RXhDmF0Nf1871TrkNv974L3Z29Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/00d45d-5e48-458d-92f7-ae52e156b77e/1/iOcZ9CZ5Ox6QY3cUYKvTEaPf8RY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.183.0/24
Signature Algorithm: sha256WithRSAEncryption
55:1e:fd:ef:23:5f:e6:6e:a1:8d:d8:db:f2:d2:ac:19:07:67:
03:38:5e:0c:11:4f:5c:59:ab:48:d5:fd:36:0a:16:e3:f0:76:
9f:c7:ba:23:6e:6d:bd:36:fd:41:10:aa:37:56:54:4c:52:57:
46:cf:87:f7:05:ac:07:71:c4:59:2b:a0:09:c0:d3:ea:1c:aa:
a9:0d:00:57:68:6e:3d:5c:d1:e0:48:f1:20:10:18:73:c6:b6:
54:5e:99:5d:b1:5b:07:e0:b1:29:db:01:71:40:ed:ef:2e:a7:
c7:6b:28:54:77:d6:12:68:0e:44:0d:fc:92:11:cd:75:d5:47:
53:74:17:1b:b1:05:d9:50:d1:17:4a:09:c4:d0:42:8a:75:03:
c0:16:b7:25:68:60:ff:2e:c6:19:3a:3a:48:93:9f:30:e2:24:
6a:31:f1:dd:a6:44:57:a4:f2:a8:62:3d:04:83:b7:85:66:65:
01:4b:7e:5d:1c:37:ca:88:75:14:55:e0:7e:e9:1b:cc:20:d2:
24:a7:7c:c3:b3:2c:5d:a7:1c:bb:72:98:18:69:46:06:3f:0d:
b1:38:8e:00:b8:28:10:87:9b:e3:a3:55:db:26:82:53:75:4c:
59:88:ca:ff:7f:bd:0e:b6:3b:54:95:81:d7:2b:94:0a:e3:d9:
e7:77:2d:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk5hYJ6Moogr3hmzKzsj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTcxOWY0MjY3OTNiMWU5MDYzNzcxNDYwYWJkMzExYTNk
ZmYxMTYwHhcNMjQwMTAxMTAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTc4NDM5ODVkMGQ3ZjVmM2JkNTNhZTQzNmZmN2JlMGJkZDlkYmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI0OgImM4lsE3vSsOyQMaDpBED3S
2A8NmFvR4lrs+hrKv9O2AyHz6ZmTiz10Wa98+I6HD7Dors8ESgXF+VbEv11+tPKD
WrsGHwfeXrv0NRUkgbSLB8xe0YU33MQ1cp4MtTOOv63iGWJ1WaS/dlnpYCdQc5O2
x1U2C2OOmMkRUu2wYsUZYTsCIdDaNu5QW2InqSOx8ZLWz8kO0NOjnkABeXqforB0
U+9GmPdxCRwFaoKCObzqF7yzHtMo/Dnhvk5nqJ4t05UG4oAAf0uTTwvDecEY0Ts9
Cn5mI9/ZpM0Qz7tyfnMHeIa0CQnHfa73WL7az6XtWAYYgJdGM1kpSD36awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEV4Q5hdDX9fO9U65Db/e+C92dvWMB8GA1UdIwQY
MBaAFIjnGfQmeTsekGN3FGCr0xGj3/EWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9jWjlDWjVPeDZRWTNjVVlLdlRFYVBmOFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMGQ0NWQtNWU0OC00NThkLTkyZjct
YWU1MmUxNTZiNzdlLzEvUlhoRG1GME5mMTg3MVRya052OTc0TDNaMjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMGQ0NWQtNWU0OC00NThkLTkyZjctYWU1MmUxNTZiNzdl
LzEvaU9jWjlDWjVPeDZRWTNjVVlLdlRFYVBmOFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYa3MA0G
CSqGSIb3DQEBCwUAA4IBAQBVHv3vI1/mbqGN2Nvy0qwZB2cDOF4MEU9cWatI1f02
Chbj8Hafx7ojbm29Nv1BEKo3VlRMUldGz4f3BawHccRZK6AJwNPqHKqpDQBXaG49
XNHgSPEgEBhzxrZUXpldsVsH4LEp2wFxQO3vLqfHayhUd9YSaA5EDfySEc111UdT
dBcbsQXZUNEXSgnE0EKKdQPAFrclaGD/LsYZOjpIk58w4iRqMfHdpkRXpPKoYj0E
g7eFZmUBS35dHDfKiHUUVeB+6RvMINIkp3zDsyxdpxy7cpgYaUYGPw2xOI4AuCgQ
h5vjo1XbJoJTdUxZiMr/f70OtjtUlYHXK5QK49nndy2i
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:44 2024 by rpki-client on console-fra.rpki-client.org