Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/RimdIbMS0BjmlfMFLU1UqdSz0ps.roa
File: RimdIbMS0BjmlfMFLU1UqdSz0ps.roa (raw, json)
Hash identifier: U9ssFrJq4FYHS/LtBg4125BTRBxQEMwZId1x2lPSLUY=
Subject key identifier: 46:29:9D:21:B3:12:D0:18:E6:95:F3:05:2D:4D:54:A9:D4:B3:D2:9B
Certificate issuer: /CN=0f657093f326547bf25a9985c81cf1403140a3a8
Certificate serial: 018CC86F5FCF0FFB9332ECF01D6659EBD6D9
Authority key identifier: 0F:65:70:93:F3:26:54:7B:F2:5A:99:85:C8:1C:F1:40:31:40:A3:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/RimdIbMS0BjmlfMFLU1UqdSz0ps.roa
Signing time: Tue 02 Jan 2024 04:29:51 +0000
ROA not before: Tue 02 Jan 2024 04:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207044
IP address blocks: 185.241.132.0/22 maxlen: 22
185.138.112.0/24 maxlen: 24
185.138.112.0/22 maxlen: 22
185.138.113.0/24 maxlen: 24
185.138.114.0/24 maxlen: 24
185.138.115.0/24 maxlen: 24
2a0d:4707:1400::/38 maxlen: 38
2a0d:4707:400::/38 maxlen: 38
2a0d:4707:1000::/38 maxlen: 38
2a0d:4707::/38 maxlen: 38
2a0d:4707:c00::/38 maxlen: 38
2a0d:4707:800::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:5f:cf:0f:fb:93:32:ec:f0:1d:66:59:eb:d6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f657093f326547bf25a9985c81cf1403140a3a8
Validity
Not Before: Jan 2 04:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46299d21b312d018e695f3052d4d54a9d4b3d29b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b4:1c:66:3e:dd:c9:de:07:c0:3d:d7:23:cd:
ca:54:3b:24:d9:84:c4:94:51:75:86:9d:3e:e4:63:
ca:31:6b:7c:84:39:a2:65:a5:25:20:12:54:1f:bc:
13:89:9b:22:39:b1:66:c3:85:42:d1:3d:a2:8c:bb:
5d:c1:a6:93:c4:42:40:f4:2c:ac:6b:12:1b:40:4a:
3b:fe:24:d8:e9:71:f4:41:51:0b:95:d6:f6:40:fc:
c9:c6:6f:95:1e:f4:85:16:51:6a:81:f0:11:2d:de:
34:62:03:bd:ac:82:33:82:8f:02:9a:48:13:8c:8b:
3b:8e:af:ae:03:41:17:fc:e9:94:55:ad:fc:3b:8c:
00:98:e1:80:1c:cc:98:dc:e5:bc:93:4f:88:fb:20:
6f:38:41:aa:09:01:cc:25:aa:a6:80:24:79:85:93:
d6:0a:3c:3a:58:a7:04:a4:4f:a2:a8:06:dc:c7:d3:
28:43:01:30:2c:3b:0a:6f:fe:10:ed:69:b7:98:a8:
00:e4:2e:a8:f7:85:37:10:eb:67:76:51:2c:23:cc:
2f:cd:23:af:28:7d:2e:9e:aa:93:46:21:4b:18:9e:
09:8f:f1:a4:d1:94:84:12:1b:0d:5e:c5:60:a1:15:
43:24:c2:30:34:53:3a:2c:60:bb:51:a0:86:e1:de:
ec:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:29:9D:21:B3:12:D0:18:E6:95:F3:05:2D:4D:54:A9:D4:B3:D2:9B
X509v3 Authority Key Identifier:
keyid:0F:65:70:93:F3:26:54:7B:F2:5A:99:85:C8:1C:F1:40:31:40:A3:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/RimdIbMS0BjmlfMFLU1UqdSz0ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/181ad6-4764-4881-8962-0aff69faf68a/1/D2Vwk_MmVHvyWpmFyBzxQDFAo6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.112.0/22
185.241.132.0/22
IPv6:
2a0d:4707::-2a0d:4707:17ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:b0:15:82:c8:95:95:ca:25:1f:bc:4c:76:ff:6d:06:86:f9:
79:b7:4a:41:d0:02:fc:ed:2f:9d:41:9e:31:64:cf:0b:52:17:
14:65:0a:be:34:77:28:82:59:87:f7:e8:d4:df:23:5c:94:cb:
23:94:43:02:13:fc:01:10:a6:90:6c:55:57:e4:46:d7:67:2a:
51:f8:56:cc:3c:0b:e4:e0:35:1d:ac:9c:65:5e:76:e0:32:65:
03:45:8c:ad:b5:bf:ea:5f:e5:f1:13:52:cc:81:84:d2:34:d6:
9f:3e:08:aa:45:d3:ce:d2:a8:e7:99:db:7a:a9:79:1d:62:5f:
b5:70:78:56:ec:7f:8c:92:55:45:d0:c2:1b:fa:71:e0:2b:75:
c0:ef:86:9b:35:a6:28:ea:e0:0c:11:35:50:ae:22:6f:89:35:
e0:8d:be:2f:ec:ec:f4:10:19:83:bb:db:e9:35:82:f7:a1:bd:
33:95:cc:68:cc:c4:ad:5d:90:75:8c:65:fd:16:7a:f1:84:91:
ed:61:7c:cb:7f:27:74:47:6b:95:bf:ee:2f:61:c1:e3:51:73:
19:96:c5:af:5f:4d:ea:0c:6b:0c:42:f9:17:f2:5c:53:8a:4e:
47:88:5e:9e:da:ef:08:6d:8c:26:b2:c6:40:8d:42:23:68:3f:
6c:90:83:b1
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzIb1/PD/uTMuzwHWZZ69bZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjU3MDkzZjMyNjU0N2JmMjVhOTk4NWM4MWNmMTQwMzE0
MGEzYTgwHhcNMjQwMTAyMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI5OWQyMWIzMTJkMDE4ZTY5NWYzMDUyZDRkNTRhOWQ0YjNkMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLQcZj7dyd4HwD3XI83KVDsk2YTE
lFF1hp0+5GPKMWt8hDmiZaUlIBJUH7wTiZsiObFmw4VC0T2ijLtdwaaTxEJA9Cys
axIbQEo7/iTY6XH0QVELldb2QPzJxm+VHvSFFlFqgfARLd40YgO9rIIzgo8CmkgT
jIs7jq+uA0EX/OmUVa38O4wAmOGAHMyY3OW8k0+I+yBvOEGqCQHMJaqmgCR5hZPW
Cjw6WKcEpE+iqAbcx9MoQwEwLDsKb/4Q7Wm3mKgA5C6o94U3EOtndlEsI8wvzSOv
KH0unqqTRiFLGJ4Jj/Gk0ZSEEhsNXsVgoRVDJMIwNFM6LGC7UaCG4d7s0QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFEYpnSGzEtAY5pXzBS1NVKnUs9KbMB8GA1UdIwQY
MBaAFA9lcJPzJlR78lqZhcgc8UAxQKOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJWd2tfTW1WSHZ5V3BtRnlCenhRREZBbzZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xODFhZDYtNDc2NC00ODgxLTg5NjIt
MGFmZjY5ZmFmNjhhLzEvUmltZEliTVMwQmptbGZNRkxVMVVxZFN6MHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xODFhZDYtNDc2NC00ODgxLTg5NjItMGFmZjY5ZmFmNjhh
LzEvRDJWd2tfTW1WSHZ5V3BtRnlCenhRREZBbzZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQCuYpwAwQC
ufGEMBcEAgACMBEwDwMFACoNRwcDBgMqDUcHEDANBgkqhkiG9w0BAQsFAAOCAQEA
cLAVgsiVlcolH7xMdv9tBob5ebdKQdAC/O0vnUGeMWTPC1IXFGUKvjR3KIJZh/fo
1N8jXJTLI5RDAhP8ARCmkGxVV+RG12cqUfhWzDwL5OA1HaycZV524DJlA0WMrbW/
6l/l8RNSzIGE0jTWnz4IqkXTztKo55nbeql5HWJftXB4Vux/jJJVRdDCG/px4Ct1
wO+GmzWmKOrgDBE1UK4ib4k14I2+L+zs9BAZg7vb6TWC96G9M5XMaMzErV2QdYxl
/RZ68YSR7WF8y38ndEdrlb/uL2HB41FzGZbFr19N6gxrDEL5F/JcU4pOR4hentrv
CG2MJrLGQI1CI2g/bJCDsQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:03:37 2024 by rpki-client on console-fra.rpki-client.org