Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/doSeYfzhL5sitToOsDMi1HF-xko.roa
File: doSeYfzhL5sitToOsDMi1HF-xko.roa (raw, json)
Hash identifier: qS/Sna2aIZbvUQp8TlVTPxOhDXoS6ZIkiwLFsr6cd4k=
Subject key identifier: 76:84:9E:61:FC:E1:2F:9B:22:B5:3A:0E:B0:33:22:D4:71:7E:C6:4A
Certificate issuer: /CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Certificate serial: 018CC8011EE552D71EB4D3AB228A836E5743
Authority key identifier: F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/doSeYfzhL5sitToOsDMi1HF-xko.roa
Signing time: Tue 02 Jan 2024 02:29:25 +0000
ROA not before: Tue 02 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60011
IP address blocks: 185.101.97.0/24 maxlen: 24
185.101.98.0/24 maxlen: 24
185.101.99.0/24 maxlen: 24
2a06:1c80::/32 maxlen: 48
2a06:1c80::/31 maxlen: 32
2a04:ad80:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1e:e5:52:d7:1e:b4:d3:ab:22:8a:83:6e:57:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f81fc8c82986310c5f6a9b56fb76b6bd9877fcc0
Validity
Not Before: Jan 2 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76849e61fce12f9b22b53a0eb03322d4717ec64a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3d:dc:d7:2d:55:5e:1a:4a:f9:0a:34:d5:ce:
85:47:07:00:54:0e:10:d3:d6:06:82:cf:6d:c4:51:
c5:34:42:5b:f9:6e:37:7b:19:7a:41:59:d0:8e:4b:
e8:a0:88:f1:16:3c:66:b4:89:ad:df:f2:e9:cf:50:
90:a7:cc:13:20:13:f2:34:d8:da:0a:d7:17:17:d6:
cc:bf:47:3c:cf:d2:5c:4b:19:e7:d9:f1:91:55:52:
01:b8:b1:b9:c1:71:d1:5b:cd:ca:15:c8:d9:67:85:
71:ad:0a:a1:b5:62:8a:bf:0f:e6:a2:f6:aa:1d:e5:
e7:c5:44:d9:b3:77:f9:e0:f0:df:6d:af:34:9d:a1:
0d:88:09:6f:b0:5e:77:57:f0:32:e2:23:9d:94:d8:
2b:ae:c5:a9:56:3b:46:53:d0:c0:17:29:e7:ce:14:
69:c3:51:e4:9e:d2:32:ef:fb:af:e3:85:38:9e:c0:
90:c8:30:af:4d:55:f1:dd:15:19:d8:4a:bf:0f:65:
a7:8d:4f:c3:14:a9:92:9f:a4:30:3a:19:b5:95:df:
cd:f9:57:d0:a5:7b:2b:64:65:54:4c:ea:f9:5e:e7:
08:0b:c5:31:0b:6f:4c:84:d6:e6:d6:5f:ef:9b:dc:
de:d1:fd:e0:76:3a:87:3d:3d:75:2f:11:d1:86:64:
91:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:84:9E:61:FC:E1:2F:9B:22:B5:3A:0E:B0:33:22:D4:71:7E:C6:4A
X509v3 Authority Key Identifier:
keyid:F8:1F:C8:C8:29:86:31:0C:5F:6A:9B:56:FB:76:B6:BD:98:77:FC:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-B_IyCmGMQxfaptW-3a2vZh3_MA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/doSeYfzhL5sitToOsDMi1HF-xko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/3e59c9-9f01-4562-921d-513ca8e6cece/1/1-B_IyCmGMQxfaptW-3a2vZh3_MA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.97.0-185.101.99.255
IPv6:
2a04:ad80:2::/48
2a06:1c80::/31
Signature Algorithm: sha256WithRSAEncryption
3a:88:a7:42:de:90:1e:12:b2:16:dc:7e:87:9c:00:5b:2f:d1:
c8:58:60:fc:a9:bc:09:57:bb:be:be:e1:a0:70:87:6b:e1:80:
99:fc:de:87:8e:77:eb:3c:05:23:0a:a5:2a:6b:fa:f8:25:2f:
dc:0c:cb:d5:d4:b5:87:38:96:d1:ac:f2:f3:38:9c:83:48:55:
f8:06:c7:0b:f9:be:22:e6:c1:39:c7:94:0b:90:45:5f:23:84:
6b:d0:fe:45:8c:8d:d8:cb:9c:95:95:65:c0:0f:b9:3b:8d:a5:
51:cd:03:93:9f:70:c5:ac:6e:7b:0e:2b:d0:c6:9e:b9:8b:de:
25:b9:5d:70:fb:b8:d4:67:a9:10:2a:9b:77:28:4b:39:95:0b:
52:d9:de:96:54:0c:5f:e4:8d:55:3e:4f:04:a8:68:a8:82:d8:
40:a3:19:c3:0c:70:e8:d8:32:85:1d:07:a5:57:cd:b1:4a:da:
f8:fb:46:43:17:90:e4:8f:b9:22:df:c8:df:27:2d:d2:28:32:
31:ce:d7:32:c6:54:a6:57:ff:6b:6f:18:ef:68:fa:78:52:03:
6f:2e:61:c6:c0:7a:73:d4:ac:56:df:5e:2a:dc:ba:c7:3b:a0:
96:ef:6c:df:60:2f:04:5e:62:8d:12:78:c1:9e:c7:e4:69:f8:
e7:b0:c8:17
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzIAR7lUtcetNOrIoqDbldDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MWZjOGM4Mjk4NjMxMGM1ZjZhOWI1NmZiNzZiNmJkOTg3
N2ZjYzAwHhcNMjQwMTAyMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njg0OWU2MWZjZTEyZjliMjJiNTNhMGViMDMzMjJkNDcxN2VjNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD3c1y1VXhpK+Qo01c6FRwcAVA4Q
09YGgs9txFHFNEJb+W43exl6QVnQjkvooIjxFjxmtImt3/Lpz1CQp8wTIBPyNNja
CtcXF9bMv0c8z9JcSxnn2fGRVVIBuLG5wXHRW83KFcjZZ4VxrQqhtWKKvw/movaq
HeXnxUTZs3f54PDfba80naENiAlvsF53V/Ay4iOdlNgrrsWpVjtGU9DAFynnzhRp
w1HkntIy7/uv44U4nsCQyDCvTVXx3RUZ2Eq/D2WnjU/DFKmSn6QwOhm1ld/N+VfQ
pXsrZGVUTOr5XucIC8UxC29MhNbm1l/vm9ze0f3gdjqHPT11LxHRhmSRPQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHaEnmH84S+bIrU6DrAzItRxfsZKMB8GA1UdIwQY
MBaAFPgfyMgphjEMX2qbVvt2tr2Yd/zAMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CX0l5Q21HTVF4ZmFwdFctM2EydlpoM19NQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFk
LTUxM2NhOGU2Y2VjZS8xL2RvU2VZZnpoTDVzaXRUb09zRE1pMUhGLXhrby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGYvM2U1OWM5LTlmMDEtNDU2Mi05MjFkLTUxM2NhOGU2Y2Vj
ZS8xLzEtQl9JeUNtR01ReGZhcHRXLTNhMnZaaDNfTUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMBQEAgABMA4wDAMEALll
YQMEArllYDAWBAIAAjAQAwcAKgStgAACAwUBKgYcgDANBgkqhkiG9w0BAQsFAAOC
AQEAOoinQt6QHhKyFtx+h5wAWy/RyFhg/Km8CVe7vr7hoHCHa+GAmfzeh4536zwF
IwqlKmv6+CUv3AzL1dS1hziW0azy8zicg0hV+AbHC/m+IubBOceUC5BFXyOEa9D+
RYyN2MuclZVlwA+5O42lUc0Dk59wxaxuew4r0MaeuYveJbldcPu41GepECqbdyhL
OZULUtnellQMX+SNVT5PBKhoqILYQKMZwwxw6NgyhR0HpVfNsUra+PtGQxeQ5I+5
It/I3yct0igyMc7XMsZUplf/a28Y72j6eFIDby5hxsB6c9SsVt9eKty6xzuglu9s
32AvBF5ijRJ4wZ7H5Gn457DIFw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:51:03 2024 by rpki-client on console-fra.rpki-client.org