Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/X1D1uvUePePlze7nN5EOy7n-yp0.roa
File: X1D1uvUePePlze7nN5EOy7n-yp0.roa (raw, json)
Hash identifier: EDAHAgnMEd6TgZvsR98Mw6yCVudFHFWzA86M+VLY7pk=
Subject key identifier: 5F:50:F5:BA:F5:1E:3D:E3:E5:CD:EE:E7:37:91:0E:CB:B9:FE:CA:9D
Certificate issuer: /CN=b799ac989c44b2e1cdabc258e96ca93caad4bd64
Certificate serial: 018CC6B7B900691791B512B83136F72486C0
Authority key identifier: B7:99:AC:98:9C:44:B2:E1:CD:AB:C2:58:E9:6C:A9:3C:AA:D4:BD:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t5msmJxEsuHNq8JY6WypPKrUvWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/X1D1uvUePePlze7nN5EOy7n-yp0.roa
Signing time: Mon 01 Jan 2024 20:29:38 +0000
ROA not before: Mon 01 Jan 2024 20:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206359
IP address blocks: 185.242.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/t5msmJxEsuHNq8JY6WypPKrUvWQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/t5msmJxEsuHNq8JY6WypPKrUvWQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/t5msmJxEsuHNq8JY6WypPKrUvWQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:b9:00:69:17:91:b5:12:b8:31:36:f7:24:86:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b799ac989c44b2e1cdabc258e96ca93caad4bd64
Validity
Not Before: Jan 1 20:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f50f5baf51e3de3e5cdeee737910ecbb9feca9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:58:7f:16:9e:5d:16:93:0f:8a:fb:b4:bf:bb:
fb:c6:6a:8d:01:26:23:01:2e:e8:5d:a7:82:6a:ca:
ce:5f:d3:9f:42:fd:88:32:9b:25:ba:fb:ca:19:a6:
46:81:5b:2b:2d:de:87:c3:d3:90:0a:80:22:e1:45:
0e:f6:70:6c:cb:8b:07:87:97:4e:ea:df:14:b9:e9:
b6:c4:57:6c:b8:66:9a:47:f4:1d:2a:65:f0:bb:3b:
9b:fb:7a:38:79:1e:09:aa:3d:ae:ca:11:d4:d3:7a:
c2:d3:17:d3:d9:97:67:1b:c7:c5:17:a6:04:26:73:
2c:22:ab:3e:57:69:7e:6c:a3:66:32:6f:4a:54:7f:
a2:c4:36:7a:76:7f:83:7d:40:36:9c:07:0e:aa:b3:
9f:8b:65:b7:1f:23:37:32:16:74:6e:f1:40:b0:08:
5d:7b:a9:bb:84:1a:b2:7f:93:32:39:bd:52:86:21:
b6:b9:74:a8:9b:33:29:19:bf:6e:f4:69:24:be:23:
73:00:7c:56:9e:2c:82:13:29:d7:e7:bf:d4:b8:f4:
87:4a:84:ab:97:ed:16:02:db:d1:21:3b:ff:50:e1:
48:ba:ca:6b:d1:26:62:35:09:e1:f3:aa:d8:d8:71:
be:66:53:f7:b6:b5:a3:82:4a:56:e2:7b:7c:3f:db:
9f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:50:F5:BA:F5:1E:3D:E3:E5:CD:EE:E7:37:91:0E:CB:B9:FE:CA:9D
X509v3 Authority Key Identifier:
keyid:B7:99:AC:98:9C:44:B2:E1:CD:AB:C2:58:E9:6C:A9:3C:AA:D4:BD:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5msmJxEsuHNq8JY6WypPKrUvWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/X1D1uvUePePlze7nN5EOy7n-yp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/t5msmJxEsuHNq8JY6WypPKrUvWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.136.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:c4:1a:6d:6a:f4:87:95:44:18:fa:84:28:25:f7:8c:54:87:
f2:d9:9a:ab:03:87:43:f5:4e:5c:ce:75:d8:28:41:44:b2:f9:
a4:46:ee:f7:45:37:56:f7:2f:09:02:0d:1d:b3:8b:38:56:db:
2d:07:c1:08:cb:42:87:04:16:ae:8f:c8:92:60:59:22:e3:fd:
37:e2:f6:2d:aa:7c:9f:c6:9c:a5:86:59:79:d5:0b:b8:fb:1c:
b0:3f:0e:7b:94:b9:14:68:d2:0d:c1:33:25:6d:e4:0b:a6:f3:
e0:f5:e5:9d:f9:d7:32:76:cb:12:e5:cb:d9:10:9d:16:54:75:
16:94:dc:fc:8f:34:25:aa:62:74:92:56:a7:c3:da:65:40:fa:
ff:57:c6:1b:68:e7:c0:1f:28:d9:a4:be:aa:6b:19:7c:54:a7:
ac:00:e0:eb:5d:04:18:49:e2:1b:06:72:2a:fa:6e:fe:59:32:
d3:04:46:0c:46:2b:30:f3:8e:7c:36:1d:1a:f8:6a:5d:47:b2:
24:47:34:55:71:48:75:25:83:c5:3a:65:46:bc:80:97:03:3a:
0a:3a:7b:11:c4:7f:46:23:d8:3c:4b:b9:d2:5d:b9:5d:7f:af:
a3:1c:da:7a:1a:dd:44:1b:3c:17:4c:a9:e3:aa:b7:18:aa:c1:
3a:e7:36:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt7kAaReRtRK4MTb3JIbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OTlhYzk4OWM0NGIyZTFjZGFiYzI1OGU5NmNhOTNjYWFk
NGJkNjQwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjUwZjViYWY1MWUzZGUzZTVjZGVlZTczNzkxMGVjYmI5ZmVjYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1h/Fp5dFpMPivu0v7v7xmqNASYj
AS7oXaeCasrOX9OfQv2IMpsluvvKGaZGgVsrLd6Hw9OQCoAi4UUO9nBsy4sHh5dO
6t8Uuem2xFdsuGaaR/QdKmXwuzub+3o4eR4Jqj2uyhHU03rC0xfT2ZdnG8fFF6YE
JnMsIqs+V2l+bKNmMm9KVH+ixDZ6dn+DfUA2nAcOqrOfi2W3HyM3MhZ0bvFAsAhd
e6m7hBqyf5MyOb1ShiG2uXSomzMpGb9u9GkkviNzAHxWniyCEynX57/UuPSHSoSr
l+0WAtvRITv/UOFIuspr0SZiNQnh86rY2HG+ZlP3trWjgkpW4nt8P9ufgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9Q9br1Hj3j5c3u5zeRDsu5/sqdMB8GA1UdIwQY
MBaAFLeZrJicRLLhzavCWOlsqTyq1L1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVtc21KeEVzdUhOcThKWTZXeXBQS3JVdldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yZTVjNDktMGQ3NC00ODdhLWE4MWMt
OTE3NGRmNGRkYjlhLzEvWDFEMXV2VWVQZVBsemU3bk41RU95N24teXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8yZTVjNDktMGQ3NC00ODdhLWE4MWMtOTE3NGRmNGRkYjlh
LzEvdDVtc21KeEVzdUhOcThKWTZXeXBQS3JVdldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufKIMA0G
CSqGSIb3DQEBCwUAA4IBAQAcxBptavSHlUQY+oQoJfeMVIfy2ZqrA4dD9U5cznXY
KEFEsvmkRu73RTdW9y8JAg0ds4s4VtstB8EIy0KHBBauj8iSYFki4/034vYtqnyf
xpylhll51Qu4+xywPw57lLkUaNINwTMlbeQLpvPg9eWd+dcydssS5cvZEJ0WVHUW
lNz8jzQlqmJ0klanw9plQPr/V8YbaOfAHyjZpL6qaxl8VKesAODrXQQYSeIbBnIq
+m7+WTLTBEYMRisw8458Nh0a+GpdR7IkRzRVcUh1JYPFOmVGvICXAzoKOnsRxH9G
I9g8S7nSXbldf6+jHNp6Gt1EGzwXTKnjqrcYqsE65zZX
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:50:55 2024 by rpki-client on console-fra.rpki-client.org