Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/is1u1dG8RiY9yzsveA3SDJulyiA.roa
File: is1u1dG8RiY9yzsveA3SDJulyiA.roa (raw, json)
Hash identifier: mq8qc6brV3rNl+i1479BrfO00QF+GoCBbf+tzHk8AoU=
Subject key identifier: 8A:CD:6E:D5:D1:BC:46:26:3D:CB:3B:2F:78:0D:D2:0C:9B:A5:CA:20
Certificate issuer: /CN=c334a35abfa82d549e490704d68bbe658005d63c
Certificate serial: 018CC2DB65D65CF8BED33912499EB72CE0F2
Authority key identifier: C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/is1u1dG8RiY9yzsveA3SDJulyiA.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.104.0/24 maxlen: 24
185.1.101.0/24 maxlen: 24
2001:7f8:bc::/48 maxlen: 48
2001:7f8:be::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:65:d6:5c:f8:be:d3:39:12:49:9e:b7:2c:e0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c334a35abfa82d549e490704d68bbe658005d63c
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8acd6ed5d1bc46263dcb3b2f780dd20c9ba5ca20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:0c:ae:32:a1:f8:29:cc:c5:70:0b:4a:b4:bc:
d9:49:f1:08:28:15:e1:3f:36:d9:ee:16:37:7d:58:
44:a7:d2:83:c7:e7:a7:10:a1:17:f7:c5:bf:e7:c4:
3a:97:b8:af:a2:f2:8a:0f:53:99:92:0a:d2:34:b0:
9a:06:40:8f:f6:14:29:c4:9e:2f:49:1b:b8:23:98:
53:20:6a:c7:b5:23:72:eb:c7:37:f1:ea:d1:3e:60:
d2:f6:4f:53:76:b3:3d:78:1e:45:13:1b:18:ff:83:
8c:dc:35:bc:10:1b:46:51:d1:90:8a:0a:12:bb:db:
a5:c1:49:f6:6c:c1:c3:6c:39:b5:36:e6:a9:14:e6:
70:2c:66:60:03:72:75:26:95:1a:95:b8:05:9c:6f:
84:f3:e0:65:21:db:12:ec:1c:d6:71:1d:b8:ec:47:
dc:80:73:51:d2:8f:7a:04:61:3b:2a:12:fc:1f:12:
f0:58:a2:56:b8:e9:d9:a5:f7:ab:91:c4:c7:5d:fa:
77:25:b7:75:ad:39:51:16:5d:dc:ba:25:73:e2:08:
df:b0:3f:d6:63:8e:12:53:d9:25:c1:be:4b:20:39:
2d:5b:07:68:12:cd:d6:31:4a:dd:fa:8d:d6:4d:22:
ae:ac:90:d8:0c:4a:a5:63:b5:ba:0d:79:d0:a9:cb:
44:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CD:6E:D5:D1:BC:46:26:3D:CB:3B:2F:78:0D:D2:0C:9B:A5:CA:20
X509v3 Authority Key Identifier:
keyid:C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/is1u1dG8RiY9yzsveA3SDJulyiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.101.0/24
185.1.104.0/24
IPv6:
2001:7f8:bc::/48
2001:7f8:be::/48
Signature Algorithm: sha256WithRSAEncryption
50:74:74:95:ad:d6:76:aa:1e:c3:91:86:6c:ad:c2:8c:0c:45:
63:7a:41:08:b0:7a:6a:96:2f:92:05:57:96:ae:9c:19:40:7e:
36:55:6e:ec:6f:1b:db:42:3f:91:81:fc:f3:49:ae:4c:47:ec:
69:a6:d4:35:9c:92:a8:a7:bc:18:5a:ac:28:79:59:f4:20:91:
bd:5b:d8:31:1a:31:f7:ad:0b:79:4f:84:0c:b2:71:cf:8d:8d:
47:b2:4e:b4:93:89:49:f9:d9:ad:63:94:d7:79:12:64:22:c0:
4a:19:13:5a:c5:54:04:9b:57:ac:19:cb:6d:cd:15:29:1a:c2:
cc:2e:1b:21:94:18:62:b6:d8:3e:b9:e4:8d:7f:3f:03:e4:5a:
05:98:89:da:21:63:35:33:bc:94:3c:3f:73:29:b5:26:23:25:
09:29:72:8f:fe:b9:7e:27:c8:12:dc:35:7e:07:88:d2:eb:a8:
4a:d0:4f:36:84:e3:3b:5f:6d:4a:70:44:33:fd:ae:aa:e4:c8:
c7:b8:2c:00:85:f5:27:f0:8f:c1:83:c9:f6:0c:43:5b:8c:5b:
47:eb:95:77:dc:95:11:13:c4:da:55:25:43:3f:91:2b:ed:84:
93:0f:ef:23:93:ad:04:99:c0:5c:98:17:06:4f:ba:56:bf:7e:
9e:eb:75:26
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzC22XWXPi+0zkSSZ63LODyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMzRhMzVhYmZhODJkNTQ5ZTQ5MDcwNGQ2OGJiZTY1ODAw
NWQ2M2MwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWNkNmVkNWQxYmM0NjI2M2RjYjNiMmY3ODBkZDIwYzliYTVjYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgyuMqH4KczFcAtKtLzZSfEIKBXh
PzbZ7hY3fVhEp9KDx+enEKEX98W/58Q6l7ivovKKD1OZkgrSNLCaBkCP9hQpxJ4v
SRu4I5hTIGrHtSNy68c38erRPmDS9k9TdrM9eB5FExsY/4OM3DW8EBtGUdGQigoS
u9ulwUn2bMHDbDm1NuapFOZwLGZgA3J1JpUalbgFnG+E8+BlIdsS7BzWcR247Efc
gHNR0o96BGE7KhL8HxLwWKJWuOnZpferkcTHXfp3Jbd1rTlRFl3cuiVz4gjfsD/W
Y44SU9klwb5LIDktWwdoEs3WMUrd+o3WTSKurJDYDEqlY7W6DXnQqctEhQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIrNbtXRvEYmPcs7L3gN0gybpcogMB8GA1UdIwQY
MBaAFMM0o1q/qC1UnkkHBNaLvmWABdY8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMt
MjczODg0YjUzYzZlLzEvaXMxdTFkRzhSaVk5eXpzdmVBM1NESnVseWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMtMjczODg0YjUzYzZl
LzEvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuQFlAwQA
uQFoMBgEAgACMBIDBwAgAQf4ALwDBwAgAQf4AL4wDQYJKoZIhvcNAQELBQADggEB
AFB0dJWt1naqHsORhmytwowMRWN6QQiwemqWL5IFV5aunBlAfjZVbuxvG9tCP5GB
/PNJrkxH7Gmm1DWckqinvBharCh5WfQgkb1b2DEaMfetC3lPhAyycc+NjUeyTrST
iUn52a1jlNd5EmQiwEoZE1rFVASbV6wZy23NFSkawswuGyGUGGK22D655I1/PwPk
WgWYidohYzUzvJQ8P3MptSYjJQkpco/+uX4nyBLcNX4HiNLrqErQTzaE4ztfbUpw
RDP9rqrkyMe4LACF9Sfwj8GDyfYMQ1uMW0frlXfclRETxNpVJUM/kSvthJMP7yOT
rQSZwFyYFwZPula/fp7rdSY=
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:57:10 2024 by rpki-client on console-ams.rpki-client.org