Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/e4af0a-a170-4ca3-ab57-54853c47661f/1/Ip3Zys08q81AOlsE9U_D_c9BlCw.roa
File: Ip3Zys08q81AOlsE9U_D_c9BlCw.roa (raw, json)
Hash identifier: iQBUVcBYDepUZ8dFc3+TPSauDQWJVg9t++HG8Gwy1as=
Subject key identifier: 22:9D:D9:CA:CD:3C:AB:CD:40:3A:5B:04:F5:4F:C3:FD:CF:41:94:2C
Certificate issuer: /CN=a45ded68e2260321bca39e8465b49c25d58a56e6
Certificate serial: 0192E2FCA68CF0CB9C6BAB386FE64213DC9C
Authority key identifier: A4:5D:ED:68:E2:26:03:21:BC:A3:9E:84:65:B4:9C:25:D5:8A:56:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pF3taOImAyG8o56EZbScJdWKVuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/e4af0a-a170-4ca3-ab57-54853c47661f/1/Ip3Zys08q81AOlsE9U_D_c9BlCw.roa
Signing time: Thu 31 Oct 2024 14:31:01 +0000
ROA not before: Thu 31 Oct 2024 14:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210542
IP address blocks: 185.128.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/e4af0a-a170-4ca3-ab57-54853c47661f/1/pF3taOImAyG8o56EZbScJdWKVuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/e4af0a-a170-4ca3-ab57-54853c47661f/1/pF3taOImAyG8o56EZbScJdWKVuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pF3taOImAyG8o56EZbScJdWKVuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e2:fc:a6:8c:f0:cb:9c:6b:ab:38:6f:e6:42:13:dc:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a45ded68e2260321bca39e8465b49c25d58a56e6
Validity
Not Before: Oct 31 14:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=229dd9cacd3cabcd403a5b04f54fc3fdcf41942c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0d:92:9f:66:22:af:a8:b2:8d:1e:3d:63:05:
62:03:d5:a7:0f:bc:27:6f:63:7c:5c:18:f7:43:8d:
2e:b1:ac:8c:85:d3:8c:1e:58:31:e8:69:44:ae:b8:
18:b1:ee:76:bf:cc:ed:9c:cf:ff:d6:ec:e5:34:41:
51:01:49:91:16:eb:a9:1c:b9:95:18:3f:3b:c3:81:
01:3f:0d:ba:6a:70:ec:a4:aa:86:d5:18:da:c1:c0:
12:5e:70:07:fe:50:a1:7a:e6:0f:a9:2f:b4:e5:5d:
75:48:cd:28:31:21:b6:bf:de:7b:f2:38:52:e4:91:
2b:41:7e:0d:b5:b1:73:83:69:5d:e0:f4:71:72:c8:
58:ec:4f:e9:22:37:d2:71:68:c7:fa:58:34:d9:e4:
0d:16:56:6f:57:21:04:5b:49:79:ac:07:01:e0:2d:
8b:e1:16:45:c7:51:54:ab:4c:3c:1f:80:76:b6:18:
32:74:be:c1:fa:0b:66:cb:38:1c:3d:83:41:1e:d8:
50:94:b5:f3:f3:47:18:6b:44:45:8d:af:2e:fc:b8:
3f:25:0d:5b:cb:62:36:de:6a:a2:af:95:fb:b5:e7:
30:4f:28:32:00:04:2a:29:51:b7:8a:34:de:36:23:
ff:7c:c5:d9:37:e7:6f:9e:de:89:1d:d7:6c:7a:38:
e6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:9D:D9:CA:CD:3C:AB:CD:40:3A:5B:04:F5:4F:C3:FD:CF:41:94:2C
X509v3 Authority Key Identifier:
keyid:A4:5D:ED:68:E2:26:03:21:BC:A3:9E:84:65:B4:9C:25:D5:8A:56:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pF3taOImAyG8o56EZbScJdWKVuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e4af0a-a170-4ca3-ab57-54853c47661f/1/Ip3Zys08q81AOlsE9U_D_c9BlCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/e4af0a-a170-4ca3-ab57-54853c47661f/1/pF3taOImAyG8o56EZbScJdWKVuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.226.0/24
Signature Algorithm: sha256WithRSAEncryption
82:3a:15:01:f6:18:8d:74:bb:3c:dd:52:42:37:f6:13:44:2d:
89:2a:5b:84:0e:4b:76:72:40:91:7f:47:10:58:06:19:33:dd:
4a:07:ae:55:84:4f:ab:66:6e:f5:7f:f5:8d:54:be:13:18:c1:
1e:88:48:67:0e:50:b2:07:8f:3c:87:06:ea:bc:95:75:38:62:
55:d8:c0:f8:9d:52:b6:8d:c2:b7:55:49:41:a8:50:aa:4a:0f:
93:18:fd:62:81:3b:96:2f:78:19:29:46:26:24:1d:a6:c2:10:
ac:69:1d:89:45:f9:e6:59:2a:a8:0a:6d:d7:31:f1:ca:13:0a:
47:eb:d4:3c:05:a5:00:01:ab:30:09:b7:23:9e:4a:91:85:d5:
8a:49:e3:0d:70:4f:5c:74:93:a6:87:e6:ad:cd:bf:2c:e6:be:
53:7e:a6:5f:b8:c6:65:f8:a6:c0:83:3c:a1:e9:24:66:ad:b3:
3b:73:da:ba:31:f6:8e:dc:98:db:37:0c:c9:89:d6:16:07:8d:
55:94:79:13:dc:27:cf:1e:5c:ea:16:68:6c:31:d4:54:50:12:
c1:52:ff:74:45:56:fa:88:72:d7:b4:12:ca:e8:ff:08:d7:56:
23:43:d1:1f:50:78:8a:cc:90:ce:f6:a4:73:ed:46:6d:90:51:
55:29:9f:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLi/KaM8Muca6s4b+ZCE9ycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0NWRlZDY4ZTIyNjAzMjFiY2EzOWU4NDY1YjQ5YzI1ZDU4
YTU2ZTYwHhcNMjQxMDMxMTQzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjlkZDljYWNkM2NhYmNkNDAzYTViMDRmNTRmYzNmZGNmNDE5NDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA2Sn2Yir6iyjR49YwViA9WnD7wn
b2N8XBj3Q40usayMhdOMHlgx6GlErrgYse52v8ztnM//1uzlNEFRAUmRFuupHLmV
GD87w4EBPw26anDspKqG1RjawcASXnAH/lCheuYPqS+05V11SM0oMSG2v9578jhS
5JErQX4NtbFzg2ld4PRxcshY7E/pIjfScWjH+lg02eQNFlZvVyEEW0l5rAcB4C2L
4RZFx1FUq0w8H4B2thgydL7B+gtmyzgcPYNBHthQlLXz80cYa0RFja8u/Lg/JQ1b
y2I23mqir5X7tecwTygyAAQqKVG3ijTeNiP/fMXZN+dvnt6JHddsejjmVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKd2crNPKvNQDpbBPVPw/3PQZQsMB8GA1UdIwQY
MBaAFKRd7WjiJgMhvKOehGW0nCXVilbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEYzdGFPSW1BeUc4bzU2RVpiU2NKZFdLVnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9lNGFmMGEtYTE3MC00Y2EzLWFiNTct
NTQ4NTNjNDc2NjFmLzEvSXAzWnlzMDhxODFBT2xzRTlVX0RfYzlCbEN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9lNGFmMGEtYTE3MC00Y2EzLWFiNTctNTQ4NTNjNDc2NjFm
LzEvcEYzdGFPSW1BeUc4bzU2RVpiU2NKZFdLVnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYDiMA0G
CSqGSIb3DQEBCwUAA4IBAQCCOhUB9hiNdLs83VJCN/YTRC2JKluEDkt2ckCRf0cQ
WAYZM91KB65VhE+rZm71f/WNVL4TGMEeiEhnDlCyB488hwbqvJV1OGJV2MD4nVK2
jcK3VUlBqFCqSg+TGP1igTuWL3gZKUYmJB2mwhCsaR2JRfnmWSqoCm3XMfHKEwpH
69Q8BaUAAaswCbcjnkqRhdWKSeMNcE9cdJOmh+atzb8s5r5TfqZfuMZl+KbAgzyh
6SRmrbM7c9q6MfaO3JjbNwzJidYWB41VlHkT3CfPHlzqFmhsMdRUUBLBUv90RVb6
iHLXtBLK6P8I11YjQ9EfUHiKzJDO9qRz7UZtkFFVKZ8B
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:44 2024 by rpki-client on console-fra.rpki-client.org