Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/y1uCwd4PZkfNkTE0rihiPC6pPm0.roa
File: y1uCwd4PZkfNkTE0rihiPC6pPm0.roa (raw, json)
Hash identifier: tRwkDCFz9DprmXrK22bmikK/aKMLD7Ig//iRsLlAJPA=
Subject key identifier: CB:5B:82:C1:DE:0F:66:47:CD:91:31:34:AE:28:62:3C:2E:A9:3E:6D
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0192C2A1ADF1C9938BBDFDA3B2EE2AF89F31
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/y1uCwd4PZkfNkTE0rihiPC6pPm0.roa
Signing time: Fri 25 Oct 2024 07:43:48 +0000
ROA not before: Fri 25 Oct 2024 07:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212988
IP address blocks: 185.232.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:a1:ad:f1:c9:93:8b:bd:fd:a3:b2:ee:2a:f8:9f:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Oct 25 07:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb5b82c1de0f6647cd913134ae28623c2ea93e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:29:75:06:69:33:e9:0d:0f:6f:a0:17:73:39:
92:16:cd:43:0b:86:e8:ae:6f:ab:c5:a6:e3:04:b3:
f9:30:14:dd:2d:0f:de:f3:ab:bc:29:c7:e4:83:cb:
36:cd:53:f5:6b:b9:e7:75:f2:52:c6:ac:f5:61:84:
e2:50:93:b1:e3:f9:b3:f4:14:9d:ea:d4:e6:75:a7:
4a:a5:bb:d7:2a:4e:2d:65:54:7d:b2:bb:3a:4b:04:
b7:48:ec:7d:64:10:07:31:3d:1b:51:0e:e3:16:fb:
a5:c9:05:f1:5b:13:c4:06:b6:18:79:16:8f:a3:8d:
46:90:88:96:0a:d7:b0:e7:5b:12:68:27:68:1c:dd:
c6:95:77:55:5c:20:ef:cc:83:91:88:46:83:db:c0:
b1:91:e8:cc:f0:df:d0:7d:97:f8:56:6a:67:17:2f:
02:b7:2c:76:ee:93:ba:8a:c2:8e:8b:45:6d:04:03:
cd:93:6a:aa:11:21:d1:29:78:ee:ff:09:ce:66:de:
44:96:43:ea:12:3f:e3:5e:57:2d:e0:e6:70:7e:80:
b5:95:17:37:76:59:8b:9f:81:53:e0:ef:e0:49:e8:
04:e6:23:fb:c8:00:90:48:d8:5e:b3:6c:a2:6f:cc:
dc:7e:76:24:b5:e8:d4:1d:86:db:7e:37:2d:8a:92:
53:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5B:82:C1:DE:0F:66:47:CD:91:31:34:AE:28:62:3C:2E:A9:3E:6D
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/y1uCwd4PZkfNkTE0rihiPC6pPm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.133.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:8e:62:33:37:cd:f6:38:4b:b2:5f:ab:32:ce:16:94:45:f1:
c9:38:91:ed:57:38:0e:19:9e:e8:9f:cf:14:bb:2b:61:47:e2:
04:50:f8:59:c4:0b:b6:a3:c6:09:25:d6:66:f5:0a:64:27:a0:
a0:d4:06:72:9f:ef:3e:2d:eb:d0:a7:5d:10:a6:c5:7e:08:7b:
5f:d9:64:47:b6:6d:db:de:08:91:c1:fd:10:38:07:14:07:4a:
27:cd:64:f0:8f:ad:b6:92:de:ea:d8:a0:02:4d:80:7b:13:61:
f2:1d:48:f2:fc:02:85:1a:8d:b6:a3:bf:fa:dc:f5:f2:58:d1:
03:bd:1f:2e:a5:ef:7b:02:b4:f1:23:a2:bc:3d:43:3c:9f:4b:
20:a4:ca:f8:55:22:21:9a:2e:fe:d3:dc:b1:46:2e:6f:d0:29:
e4:b8:95:b1:29:f7:a0:e9:11:98:56:77:6d:38:dc:14:d8:2c:
5a:02:8d:f4:1c:9c:12:15:65:ee:ab:18:f1:da:5b:b5:33:6c:
6c:29:16:12:e6:b4:12:76:a1:e7:72:d9:e6:32:ad:61:69:af:
e7:51:77:f8:9c:8f:3d:3b:c4:15:e5:0f:6e:fd:7e:ca:03:2f:
56:69:d9:2f:c4:d5:56:cc:17:05:82:61:ba:5a:e6:a7:51:33:
06:de:37:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLCoa3xyZOLvf2jsu4q+J8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjQxMDI1MDc0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjViODJjMWRlMGY2NjQ3Y2Q5MTMxMzRhZTI4NjIzYzJlYTkzZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Cl1Bmkz6Q0Pb6AXczmSFs1DC4bo
rm+rxabjBLP5MBTdLQ/e86u8Kcfkg8s2zVP1a7nndfJSxqz1YYTiUJOx4/mz9BSd
6tTmdadKpbvXKk4tZVR9srs6SwS3SOx9ZBAHMT0bUQ7jFvulyQXxWxPEBrYYeRaP
o41GkIiWCtew51sSaCdoHN3GlXdVXCDvzIORiEaD28CxkejM8N/QfZf4VmpnFy8C
tyx27pO6isKOi0VtBAPNk2qqESHRKXju/wnOZt5ElkPqEj/jXlct4OZwfoC1lRc3
dlmLn4FT4O/gSegE5iP7yACQSNhes2yib8zcfnYktejUHYbbfjctipJTxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMtbgsHeD2ZHzZExNK4oYjwuqT5tMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEveTF1Q3dkNFBaa2ZOa1RFMHJpaGlQQzZwUG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueiFMA0G
CSqGSIb3DQEBCwUAA4IBAQCajmIzN832OEuyX6syzhaURfHJOJHtVzgOGZ7on88U
uythR+IEUPhZxAu2o8YJJdZm9QpkJ6Cg1AZyn+8+LevQp10QpsV+CHtf2WRHtm3b
3giRwf0QOAcUB0onzWTwj622kt7q2KACTYB7E2HyHUjy/AKFGo22o7/63PXyWNED
vR8upe97ArTxI6K8PUM8n0sgpMr4VSIhmi7+09yxRi5v0CnkuJWxKfeg6RGYVndt
ONwU2CxaAo30HJwSFWXuqxjx2lu1M2xsKRYS5rQSdqHnctnmMq1haa/nUXf4nI89
O8QV5Q9u/X7KAy9WadkvxNVWzBcFgmG6WuanUTMG3jcR
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:15:34 2024 by rpki-client on console-fra.rpki-client.org