Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/0RC56n3YxWEH58GaRxBvTzhWebE.roa
File: 0RC56n3YxWEH58GaRxBvTzhWebE.roa (raw, json)
Hash identifier: EVlL9FrPbmGNXu2uN0RpEU9cAIuDCssogPFx/SbXS0A=
Subject key identifier: D1:10:B9:EA:7D:D8:C5:61:07:E7:C1:9A:47:10:6F:4F:38:56:79:B1
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018CC72750239B8092BD9634ABD04A2BABCE
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/0RC56n3YxWEH58GaRxBvTzhWebE.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10557
IP address blocks: 185.191.230.0/24 maxlen: 24
185.215.149.0/24 maxlen: 24
85.209.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:50:23:9b:80:92:bd:96:34:ab:d0:4a:2b:ab:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d110b9ea7dd8c56107e7c19a47106f4f385679b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7f:ef:15:b2:94:9f:ec:86:ed:f8:15:52:bb:
5e:21:fa:e7:02:a5:ca:4d:d0:e3:19:6d:58:5d:c5:
9d:38:6f:7c:c4:8e:18:0f:1a:27:7b:08:9e:4c:a2:
53:c8:e9:19:93:69:54:b2:3c:78:b4:43:b8:5e:7e:
c4:6b:7b:2b:b5:27:01:ae:4c:8e:53:ba:a2:2c:e9:
a5:92:a2:b7:82:39:32:fa:dd:54:10:d8:56:2b:f3:
a1:0d:74:33:94:1f:04:8f:cf:35:86:23:f3:be:29:
c1:cd:a1:f6:1d:4e:0e:2b:5a:dc:2a:52:d5:88:11:
c5:b4:30:7e:aa:77:40:2b:6d:c6:81:c2:ca:83:06:
10:6b:5c:44:c9:96:5a:1f:a6:91:28:6a:5a:d5:1e:
ef:37:59:0c:ae:13:cc:ed:9a:42:35:dc:71:70:71:
7c:c9:6e:46:dd:0e:63:f1:84:b3:5d:58:3b:bf:cb:
42:b1:de:10:24:d9:fc:6d:44:4d:20:54:c4:f5:c6:
df:f2:cc:d6:08:94:86:98:3e:23:93:38:b0:6b:fe:
95:1a:73:60:eb:09:ad:b8:b7:27:4d:2b:45:57:d5:
87:ca:f7:18:71:5e:2d:ce:82:82:16:d4:d1:b2:07:
d1:da:0a:bc:1a:e0:e0:4d:55:3e:dc:36:ef:46:3e:
f0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:10:B9:EA:7D:D8:C5:61:07:E7:C1:9A:47:10:6F:4F:38:56:79:B1
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/0RC56n3YxWEH58GaRxBvTzhWebE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.86.0/24
185.191.230.0/24
185.215.149.0/24
Signature Algorithm: sha256WithRSAEncryption
30:46:37:52:15:5b:5f:68:4b:62:87:6f:fb:90:27:c4:f3:44:
17:c1:8f:7b:aa:46:cd:a1:a6:38:13:05:7a:58:d2:29:da:60:
b5:03:29:b6:fd:4b:88:a9:ba:3f:0a:36:91:f0:36:7a:7b:81:
dc:55:9a:1e:e3:8a:e7:f4:61:da:f2:44:c1:1f:47:af:71:c1:
14:ba:e1:5b:e0:77:a7:c2:db:69:34:1c:eb:91:52:bf:aa:12:
5f:4e:86:42:66:f7:e1:30:b4:de:fe:46:57:df:26:6d:0b:a7:
21:78:ce:31:04:00:df:9b:d7:6e:87:8a:a4:70:25:5d:57:eb:
6a:df:58:71:3d:94:03:3a:0b:0a:d6:df:aa:71:8f:3d:b8:e1:
da:fa:c8:d8:70:91:07:6a:d0:8a:55:56:1f:5e:66:f6:e7:ab:
a3:c5:96:3b:2f:7a:0b:62:dc:e6:94:82:58:92:12:27:9d:60:
3d:96:36:58:24:79:a2:89:d9:68:ae:85:e9:4c:40:71:0f:51:
84:c0:a4:cc:65:84:3c:7e:b8:80:63:8e:99:f0:c0:6b:3c:8d:
23:a4:6f:fe:f4:46:1c:73:ea:4a:fa:70:12:30:9d:c2:d1:06:
ef:b2:2b:e8:1c:14:91:bf:e5:d9:1f:f3:56:64:68:9a:82:d4:
c8:09:19:26
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJ1Ajm4CSvZY0q9BKK6vOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTEwYjllYTdkZDhjNTYxMDdlN2MxOWE0NzEwNmY0ZjM4NTY3OWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAln/vFbKUn+yG7fgVUrteIfrnAqXK
TdDjGW1YXcWdOG98xI4YDxonewieTKJTyOkZk2lUsjx4tEO4Xn7Ea3srtScBrkyO
U7qiLOmlkqK3gjky+t1UENhWK/OhDXQzlB8Ej881hiPzvinBzaH2HU4OK1rcKlLV
iBHFtDB+qndAK23GgcLKgwYQa1xEyZZaH6aRKGpa1R7vN1kMrhPM7ZpCNdxxcHF8
yW5G3Q5j8YSzXVg7v8tCsd4QJNn8bURNIFTE9cbf8szWCJSGmD4jkziwa/6VGnNg
6wmtuLcnTStFV9WHyvcYcV4tzoKCFtTRsgfR2gq8GuDgTVU+3DbvRj7wrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNEQuep92MVhB+fBmkcQb084VnmxMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvMFJDNTZuM1l4V0VINThHYVJ4QnZUemhXZWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVdFWAwQA
ub/mAwQAudeVMA0GCSqGSIb3DQEBCwUAA4IBAQAwRjdSFVtfaEtih2/7kCfE80QX
wY97qkbNoaY4EwV6WNIp2mC1Aym2/UuIqbo/CjaR8DZ6e4HcVZoe44rn9GHa8kTB
H0evccEUuuFb4HenwttpNBzrkVK/qhJfToZCZvfhMLTe/kZX3yZtC6cheM4xBADf
m9duh4qkcCVdV+tq31hxPZQDOgsK1t+qcY89uOHa+sjYcJEHatCKVVYfXmb256uj
xZY7L3oLYtzmlIJYkhInnWA9ljZYJHmiidloroXpTEBxD1GEwKTMZYQ8friAY46Z
8MBrPI0jpG/+9EYcc+pK+nASMJ3C0QbvsivoHBSRv+XZH/NWZGiagtTICRkm
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:51:48 2024 by rpki-client on console-fra.rpki-client.org