Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/21mqpNfpZUc8_VXnY4UaiK1c1F4.roa
File: 21mqpNfpZUc8_VXnY4UaiK1c1F4.roa (raw, json)
Hash identifier: 7eTLfH+oqz6BIpch3RNiPGX/N7skiR0ijS5CCDyOHhg=
Subject key identifier: DB:59:AA:A4:D7:E9:65:47:3C:FD:55:E7:63:85:1A:88:AD:5C:D4:5E
Certificate issuer: /CN=032b8c544e0debcfd6d7554d1595f044c2050783
Certificate serial: 018CC50018E886739D689F56E3A4D5AEE082
Authority key identifier: 03:2B:8C:54:4E:0D:EB:CF:D6:D7:55:4D:15:95:F0:44:C2:05:07:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyuMVE4N68_W11VNFZXwRMIFB4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/21mqpNfpZUc8_VXnY4UaiK1c1F4.roa
Signing time: Mon 01 Jan 2024 12:29:27 +0000
ROA not before: Mon 01 Jan 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201629
IP address blocks: 185.68.13.0/24 maxlen: 24
185.68.15.0/24 maxlen: 24
185.68.12.0/24 maxlen: 24
185.68.14.0/24 maxlen: 24
185.68.12.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/AyuMVE4N68_W11VNFZXwRMIFB4M.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/AyuMVE4N68_W11VNFZXwRMIFB4M.mft
rsync://rpki.ripe.net/repository/DEFAULT/AyuMVE4N68_W11VNFZXwRMIFB4M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 19:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:18:e8:86:73:9d:68:9f:56:e3:a4:d5:ae:e0:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=032b8c544e0debcfd6d7554d1595f044c2050783
Validity
Not Before: Jan 1 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db59aaa4d7e965473cfd55e763851a88ad5cd45e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bf:e0:37:85:57:51:94:91:09:a7:58:ca:0e:
6f:92:08:08:ad:75:2d:f5:72:cc:c7:e9:dd:3d:04:
e6:1f:5f:d3:8a:bc:23:b2:84:9e:82:de:ad:63:be:
fe:41:1f:b4:f4:0a:7d:aa:82:f5:d0:32:8d:cb:77:
e7:da:20:61:9e:97:39:10:e0:31:e4:da:9d:03:83:
8e:c2:3f:91:59:a7:2e:65:25:ee:e8:b6:39:5f:bc:
bc:ca:8c:2b:8a:fc:07:e0:4f:fb:f8:50:fd:93:09:
d2:b1:d7:e9:d6:4d:c4:3d:82:e8:b7:4f:e4:15:14:
81:a5:76:3a:cc:fa:39:7f:81:40:ff:86:6b:c3:18:
6e:38:f2:3c:f9:84:61:aa:41:92:ad:5c:06:56:66:
ad:8d:a3:b0:f7:5f:9f:8d:19:5c:72:c3:9a:3f:cb:
49:7a:b4:9e:cd:11:1b:63:c6:a5:42:2b:6d:71:db:
27:d4:91:03:d4:81:6c:38:ca:ac:5f:4f:79:f1:4d:
f9:cb:25:58:64:c4:a3:40:d6:04:82:9a:6f:fb:1f:
c8:88:e3:aa:bf:df:d7:ef:dd:2a:be:e3:7b:ad:51:
09:b6:4c:a2:10:8d:9d:59:a3:2f:2a:8b:77:c3:e3:
b3:4f:f3:b0:38:50:90:60:9b:93:00:e0:b7:d8:05:
c2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:59:AA:A4:D7:E9:65:47:3C:FD:55:E7:63:85:1A:88:AD:5C:D4:5E
X509v3 Authority Key Identifier:
keyid:03:2B:8C:54:4E:0D:EB:CF:D6:D7:55:4D:15:95:F0:44:C2:05:07:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyuMVE4N68_W11VNFZXwRMIFB4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/21mqpNfpZUc8_VXnY4UaiK1c1F4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/054d47-a112-48c6-b4aa-fb1942b5aff4/1/AyuMVE4N68_W11VNFZXwRMIFB4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.12.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:e8:6a:57:24:5f:36:40:21:2e:f6:12:98:a5:82:c5:1f:d0:
5e:64:ec:f9:f2:0d:2f:c5:17:60:b5:63:28:d3:1b:af:b3:e3:
bc:7e:49:14:06:f1:15:4d:c7:ba:bf:6e:df:50:0f:50:b8:71:
23:3e:5b:a4:53:1b:1e:35:43:6b:22:3a:10:10:50:22:28:a6:
77:06:81:5d:bc:93:14:1a:0a:18:29:bd:01:bd:ee:5f:27:2f:
3a:b9:e3:4b:f4:6f:d0:01:cd:91:e7:34:00:02:1a:a7:0e:ac:
59:ec:a9:4d:bd:ab:07:ce:2f:4a:7e:09:7f:66:28:42:9c:96:
54:60:d1:59:61:d8:26:49:bc:4c:9f:3c:da:87:64:8d:8c:10:
78:73:7a:58:9b:26:87:dc:06:f0:38:e4:6a:27:0b:c8:41:e0:
dc:9d:55:fc:0f:f0:fa:91:17:55:f7:9f:87:72:18:df:19:8b:
21:3a:e2:5d:d7:ce:50:fd:18:fc:28:77:37:7e:7c:f5:13:b6:
66:67:95:b0:f6:e1:a8:12:d7:b7:43:40:c2:c5:cf:aa:37:6c:
6c:ac:66:e0:a9:b1:69:cf:32:0a:5b:36:91:23:58:72:1e:f9:
c3:9b:76:d5:ed:d9:40:4c:a0:2d:55:d1:a3:ec:46:17:34:39:
38:d2:7b:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABjohnOdaJ9W46TVruCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMmI4YzU0NGUwZGViY2ZkNmQ3NTU0ZDE1OTVmMDQ0YzIw
NTA3ODMwHhcNMjQwMTAxMTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjU5YWFhNGQ3ZTk2NTQ3M2NmZDU1ZTc2Mzg1MWE4OGFkNWNkNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb/gN4VXUZSRCadYyg5vkggIrXUt
9XLMx+ndPQTmH1/TirwjsoSegt6tY77+QR+09Ap9qoL10DKNy3fn2iBhnpc5EOAx
5NqdA4OOwj+RWacuZSXu6LY5X7y8yowrivwH4E/7+FD9kwnSsdfp1k3EPYLot0/k
FRSBpXY6zPo5f4FA/4ZrwxhuOPI8+YRhqkGSrVwGVmatjaOw91+fjRlccsOaP8tJ
erSezREbY8alQittcdsn1JED1IFsOMqsX0958U35yyVYZMSjQNYEgppv+x/IiOOq
v9/X790qvuN7rVEJtkyiEI2dWaMvKot3w+OzT/OwOFCQYJuTAOC32AXCPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtZqqTX6WVHPP1V52OFGoitXNReMB8GA1UdIwQY
MBaAFAMrjFRODevP1tdVTRWV8ETCBQeDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXl1TVZFNE42OF9XMTFWTkZaWHdSTUlGQjRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8wNTRkNDctYTExMi00OGM2LWI0YWEt
ZmIxOTQyYjVhZmY0LzEvMjFtcXBOZnBaVWM4X1ZYblk0VWFpSzFjMUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8wNTRkNDctYTExMi00OGM2LWI0YWEtZmIxOTQyYjVhZmY0
LzEvQXl1TVZFNE42OF9XMTFWTkZaWHdSTUlGQjRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUQMMA0G
CSqGSIb3DQEBCwUAA4IBAQA96GpXJF82QCEu9hKYpYLFH9BeZOz58g0vxRdgtWMo
0xuvs+O8fkkUBvEVTce6v27fUA9QuHEjPlukUxseNUNrIjoQEFAiKKZ3BoFdvJMU
GgoYKb0Bve5fJy86ueNL9G/QAc2R5zQAAhqnDqxZ7KlNvasHzi9Kfgl/ZihCnJZU
YNFZYdgmSbxMnzzah2SNjBB4c3pYmyaH3AbwOORqJwvIQeDcnVX8D/D6kRdV95+H
chjfGYshOuJd185Q/Rj8KHc3fnz1E7ZmZ5Ww9uGoEte3Q0DCxc+qN2xsrGbgqbFp
zzIKWzaRI1hyHvnDm3bV7dlATKAtVdGj7EYXNDk40nsy
-----END CERTIFICATE-----
Generated at Fri Sep 27 23:35:30 2024 by rpki-client on console-fra.rpki-client.org