Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/wRqIibDxIzrYoN4yJEwme2GC6mg.roa
File: wRqIibDxIzrYoN4yJEwme2GC6mg.roa (raw, json)
Hash identifier: MqiDqNe6KNcMmpCYXz+9U6b1l37S0AhZ/HldXj6afko=
Subject key identifier: C1:1A:88:89:B0:F1:23:3A:D8:A0:DE:32:24:4C:26:7B:61:82:EA:68
Certificate issuer: /CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Certificate serial: 018CC8DEFEA7FA1FEDA6B88C70D668809F4F
Authority key identifier: 99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/wRqIibDxIzrYoN4yJEwme2GC6mg.roa
Signing time: Tue 02 Jan 2024 06:31:46 +0000
ROA not before: Tue 02 Jan 2024 06:31:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 185.248.0.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:fe:a7:fa:1f:ed:a6:b8:8c:70:d6:68:80:9f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Validity
Not Before: Jan 2 06:31:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c11a8889b0f1233ad8a0de32244c267b6182ea68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b5:cb:8d:22:47:2a:f0:47:05:f3:2e:06:14:
70:43:d7:be:f2:fc:f2:ac:6e:bd:57:66:9b:fa:ed:
20:1e:dd:21:ac:d8:ee:fa:79:a2:d5:6b:d6:47:93:
27:ef:ff:94:76:c9:8e:d3:ae:2f:78:fb:ed:e5:0f:
31:01:01:7b:f1:9a:3b:be:5e:59:c6:36:ae:77:20:
0a:a6:81:62:86:e0:9c:31:70:96:2b:d9:23:14:56:
44:50:1e:e1:c0:76:34:00:40:65:48:d0:4a:bb:24:
bd:82:32:88:5d:c5:e8:ad:37:56:41:37:f9:d9:d2:
07:a4:d9:88:f5:a3:7b:c0:e3:76:f2:ff:14:7c:13:
ea:d7:66:65:ef:b8:b5:47:90:66:c2:05:5c:70:a4:
43:96:eb:d0:3b:98:ee:e5:98:48:80:9a:0e:7f:2b:
63:68:9f:dd:26:8a:b0:79:b1:fd:0e:77:23:2b:e0:
43:64:e2:84:f8:e6:b8:a3:cd:ba:74:d7:ea:b5:d7:
64:79:db:72:54:20:c9:00:f0:20:52:4e:af:9b:0b:
53:c0:a5:f7:3e:11:74:28:44:23:7d:d2:37:31:c5:
8a:4a:bf:91:26:d1:0c:3f:80:f6:cb:ec:f0:f7:f3:
0a:be:d4:b1:4b:39:ff:7b:12:a1:47:01:fb:b0:2e:
94:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:1A:88:89:B0:F1:23:3A:D8:A0:DE:32:24:4C:26:7B:61:82:EA:68
X509v3 Authority Key Identifier:
keyid:99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/wRqIibDxIzrYoN4yJEwme2GC6mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.0.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:7e:80:5f:0a:90:bf:1d:b5:d8:16:2f:f2:ac:89:72:c5:0c:
3f:4d:a4:78:04:6f:97:40:29:5d:38:9b:40:f5:e6:de:5c:91:
43:be:a2:fa:b6:77:29:03:2a:0b:6d:5a:02:72:24:c9:7b:a0:
6b:93:10:a6:b6:f6:3d:b7:0b:5e:2c:31:69:44:94:37:0a:dd:
cf:29:bc:32:cf:f6:cf:e5:93:b6:91:b2:09:e6:b9:d4:db:15:
87:2c:9a:49:dc:fc:6a:8e:79:82:bc:c5:aa:f7:02:93:64:9c:
3b:25:be:e2:6a:13:4d:1c:cf:28:c5:46:1d:f3:e4:64:1a:ea:
0a:88:dc:0b:9f:29:ce:30:c5:f1:e3:04:fe:fe:09:51:c6:ba:
28:9a:c4:0f:9b:a1:b3:1b:d0:25:22:49:df:2e:b2:84:05:58:
dd:f1:9a:c3:37:ef:ca:a7:01:a1:f9:b3:b8:c1:14:41:cb:75:
0d:52:05:60:da:58:ab:ec:83:b4:bd:7b:c0:90:a6:cb:2b:a0:
f7:34:4f:55:50:1d:61:22:f7:93:d2:d9:2c:36:89:60:3d:e4:
3e:8b:fc:2c:ed:93:cd:56:37:6c:4c:72:21:d5:9e:ba:86:c3:
ec:91:d1:a5:d3:8e:05:17:a4:8e:57:5d:0c:11:81:fe:de:be:
a9:66:f7:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3v6n+h/tpriMcNZogJ9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZGNiZGYwNjMyYTEwMTYxM2E4ZjZjOTQ0OWIyOWVkNDVj
MWE4NzIwHhcNMjQwMTAyMDYzMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTFhODg4OWIwZjEyMzNhZDhhMGRlMzIyNDRjMjY3YjYxODJlYTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLXLjSJHKvBHBfMuBhRwQ9e+8vzy
rG69V2ab+u0gHt0hrNju+nmi1WvWR5Mn7/+UdsmO064vePvt5Q8xAQF78Zo7vl5Z
xjaudyAKpoFihuCcMXCWK9kjFFZEUB7hwHY0AEBlSNBKuyS9gjKIXcXorTdWQTf5
2dIHpNmI9aN7wON28v8UfBPq12Zl77i1R5BmwgVccKRDluvQO5ju5ZhIgJoOfytj
aJ/dJoqwebH9DncjK+BDZOKE+Oa4o826dNfqtddkedtyVCDJAPAgUk6vmwtTwKX3
PhF0KEQjfdI3McWKSr+RJtEMP4D2y+zw9/MKvtSxSzn/exKhRwH7sC6UfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMEaiImw8SM62KDeMiRMJnthgupoMB8GA1UdIwQY
MBaAFJncvfBjKhAWE6j2yUSbKe1FwahyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgt
ODg1OGE1NTlmMjUxLzEvd1JxSWliRHhJenJZb040eUpFd21lMkdDNm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgtODg1OGE1NTlmMjUx
LzEvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufgAMA0G
CSqGSIb3DQEBCwUAA4IBAQCMfoBfCpC/HbXYFi/yrIlyxQw/TaR4BG+XQCldOJtA
9ebeXJFDvqL6tncpAyoLbVoCciTJe6BrkxCmtvY9twteLDFpRJQ3Ct3PKbwyz/bP
5ZO2kbIJ5rnU2xWHLJpJ3PxqjnmCvMWq9wKTZJw7Jb7iahNNHM8oxUYd8+RkGuoK
iNwLnynOMMXx4wT+/glRxroomsQPm6GzG9AlIknfLrKEBVjd8ZrDN+/KpwGh+bO4
wRRBy3UNUgVg2lir7IO0vXvAkKbLK6D3NE9VUB1hIveT0tksNolgPeQ+i/ws7ZPN
VjdsTHIh1Z66hsPskdGl044FF6SOV10MEYH+3r6pZvfd
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:18:22 2024 by rpki-client on console-ams.rpki-client.org