Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/i0qia14BRj9z1u5Lytlotr6qLu0.roa
File: i0qia14BRj9z1u5Lytlotr6qLu0.roa (raw, json)
Hash identifier: dhQb4ec/D6IdlhIP/pwTTYpnihQReIgIlOuHjYfU/Dc=
Subject key identifier: 8B:4A:A2:6B:5E:01:46:3F:73:D6:EE:4B:CA:D9:68:B6:BE:AA:2E:ED
Certificate issuer: /CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Certificate serial: 018CC8DEECFAA395E4C7A47092C9222E5EAA
Authority key identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/i0qia14BRj9z1u5Lytlotr6qLu0.roa
Signing time: Tue 02 Jan 2024 06:31:42 +0000
ROA not before: Tue 02 Jan 2024 06:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212638
IP address blocks: 185.214.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ec:fa:a3:95:e4:c7:a4:70:92:c9:22:2e:5e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Validity
Not Before: Jan 2 06:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b4aa26b5e01463f73d6ee4bcad968b6beaa2eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2c:08:d8:8c:70:93:c8:88:57:f8:ca:ea:dd:
ea:05:52:9d:f8:4e:22:82:9d:a0:95:ad:a2:dd:20:
fd:ba:d8:82:12:ee:b4:c3:50:54:84:a9:ae:ab:02:
88:75:78:04:0e:6e:98:98:79:73:da:4f:10:24:5d:
7b:83:e4:be:5a:92:a3:70:c9:76:74:d3:0f:30:66:
89:15:b6:f7:07:ec:3d:2a:2d:b5:2c:ea:ee:f9:f2:
29:04:2a:3b:c6:c2:2e:f2:3d:5c:85:03:ce:6d:91:
30:8a:23:ad:86:e7:17:3b:66:b3:30:08:5b:97:63:
66:f4:78:4a:1c:dd:0a:af:87:31:a5:6c:d2:b3:23:
26:d2:b5:23:9d:3b:2e:c4:f4:92:de:b6:ee:96:80:
84:27:45:e3:5d:ec:d4:2a:0a:66:0b:86:c0:21:b0:
2d:ce:ab:f3:d8:62:a5:30:8c:49:d5:ee:7b:ba:37:
a4:4d:31:20:ff:2f:84:cb:c9:03:e7:94:ae:f7:31:
2e:30:63:7b:bc:ba:eb:f3:3d:8c:c0:6f:5f:c6:da:
83:b7:8c:e0:45:2f:be:05:2b:b8:39:b4:a8:d0:3f:
51:80:de:70:dc:87:2e:58:a9:b1:ba:fa:a6:81:38:
34:18:00:4b:91:0e:91:cd:44:c0:1a:f1:8d:28:97:
60:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:4A:A2:6B:5E:01:46:3F:73:D6:EE:4B:CA:D9:68:B6:BE:AA:2E:ED
X509v3 Authority Key Identifier:
keyid:85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/i0qia14BRj9z1u5Lytlotr6qLu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.43.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:ff:4e:91:82:bc:72:6b:64:3d:14:53:23:7b:cd:71:7c:76:
fa:3e:71:66:e6:2f:6b:68:4c:fb:87:2e:bb:af:2d:76:60:7c:
40:c4:7e:ff:c0:02:e8:a5:f6:02:66:9e:02:16:90:30:6b:d4:
f0:a0:3c:e8:91:c5:61:db:8d:14:d2:d7:76:00:44:96:be:ce:
d3:7f:cd:70:d0:47:0f:4f:21:b6:97:94:66:9c:87:2b:cf:eb:
3e:03:96:21:fd:67:b3:cc:0f:90:5b:80:a5:ad:26:4d:9b:07:
bd:89:05:5f:4a:98:ee:45:7c:94:ba:5e:64:95:de:cc:cd:68:
04:60:e0:e2:49:1c:de:e6:11:f8:a7:11:a0:e0:76:4f:06:ff:
4e:21:20:40:a0:69:7e:a7:48:d8:2a:db:ca:17:12:90:4f:9c:
a2:6f:ee:93:b6:ba:96:5a:2a:83:72:1e:ea:45:c1:3a:d7:a6:
9f:32:ea:e8:6b:6d:ee:0a:aa:cf:d8:16:3d:24:63:8d:0b:6a:
69:f3:87:a0:6c:b1:65:4e:bb:b9:87:d9:19:62:16:90:b7:7b:
1a:90:7c:72:37:f9:53:cc:5f:c0:37:e9:55:da:9a:59:9a:b9:
62:b1:81:2c:3e:6f:4c:a8:f2:a4:00:b3:da:55:b2:b9:bd:22:
62:f2:30:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3uz6o5Xkx6RwkskiLl6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1N2EyYzc0YWY1YTQ0ZDlhYWU0N2EwYjg5NDI1ZmE0Zjdm
YzdjMTkwHhcNMjQwMTAyMDYzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjRhYTI2YjVlMDE0NjNmNzNkNmVlNGJjYWQ5NjhiNmJlYWEyZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSwI2Ixwk8iIV/jK6t3qBVKd+E4i
gp2gla2i3SD9utiCEu60w1BUhKmuqwKIdXgEDm6YmHlz2k8QJF17g+S+WpKjcMl2
dNMPMGaJFbb3B+w9Ki21LOru+fIpBCo7xsIu8j1chQPObZEwiiOthucXO2azMAhb
l2Nm9HhKHN0Kr4cxpWzSsyMm0rUjnTsuxPSS3rbuloCEJ0XjXezUKgpmC4bAIbAt
zqvz2GKlMIxJ1e57ujekTTEg/y+Ey8kD55Su9zEuMGN7vLrr8z2MwG9fxtqDt4zg
RS++BSu4ObSo0D9RgN5w3IcuWKmxuvqmgTg0GABLkQ6RzUTAGvGNKJdgSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItKomteAUY/c9buS8rZaLa+qi7tMB8GA1UdIwQY
MBaAFIV6LHSvWkTZquR6C4lCX6T3/HwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQt
ODM2YWM5N2MwMWJiLzEvaTBxaWExNEJSajl6MXU1THl0bG90cjZxTHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQtODM2YWM5N2MwMWJi
LzEvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudYrMA0G
CSqGSIb3DQEBCwUAA4IBAQAK/06Rgrxya2Q9FFMje81xfHb6PnFm5i9raEz7hy67
ry12YHxAxH7/wALopfYCZp4CFpAwa9TwoDzokcVh240U0td2AESWvs7Tf81w0EcP
TyG2l5RmnIcrz+s+A5Yh/WezzA+QW4ClrSZNmwe9iQVfSpjuRXyUul5kld7MzWgE
YODiSRze5hH4pxGg4HZPBv9OISBAoGl+p0jYKtvKFxKQT5yib+6TtrqWWiqDch7q
RcE616afMuroa23uCqrP2BY9JGONC2pp84egbLFlTru5h9kZYhaQt3sakHxyN/lT
zF/AN+lV2ppZmrlisYEsPm9MqPKkALPaVbK5vSJi8jDC
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:30:06 2024 by rpki-client on console-fra.rpki-client.org