Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/c6ia2iFL7Zt6oVmiYJQ9U4qB8cQ.roa
File: c6ia2iFL7Zt6oVmiYJQ9U4qB8cQ.roa (raw, json)
Hash identifier: 8q2b6ZA1IVhLzu27q2etWFpye27ilB7/sw6WEw6ddoA=
Subject key identifier: 73:A8:9A:DA:21:4B:ED:9B:7A:A1:59:A2:60:94:3D:53:8A:81:F1:C4
Certificate issuer: /CN=10af800ce95bfbb1f473b0b5f9f7b93175930e89
Certificate serial: 018CC726F878D339711347FB5DC88F71929D
Authority key identifier: 10:AF:80:0C:E9:5B:FB:B1:F4:73:B0:B5:F9:F7:B9:31:75:93:0E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EK-ADOlb-7H0c7C1-fe5MXWTDok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/c6ia2iFL7Zt6oVmiYJQ9U4qB8cQ.roa
Signing time: Mon 01 Jan 2024 22:31:08 +0000
ROA not before: Mon 01 Jan 2024 22:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24971
IP address blocks: 185.32.160.0/22 maxlen: 24
2a00:a5a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/EK-ADOlb-7H0c7C1-fe5MXWTDok.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/EK-ADOlb-7H0c7C1-fe5MXWTDok.mft
rsync://rpki.ripe.net/repository/DEFAULT/EK-ADOlb-7H0c7C1-fe5MXWTDok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f8:78:d3:39:71:13:47:fb:5d:c8:8f:71:92:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10af800ce95bfbb1f473b0b5f9f7b93175930e89
Validity
Not Before: Jan 1 22:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73a89ada214bed9b7aa159a260943d538a81f1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f7:02:8f:42:80:d2:7f:56:3a:7b:26:db:3e:
42:ff:71:a7:85:90:89:40:b7:0d:00:9d:6b:bc:31:
95:07:eb:4f:04:ef:37:1e:89:e9:9f:07:66:88:54:
d5:00:f6:d6:21:07:9a:44:3d:fe:7a:d2:2d:b3:68:
ae:6e:cb:0b:c6:0c:1e:0d:85:8f:b4:55:e5:67:7a:
38:58:96:ca:c8:89:3a:30:c8:4d:2e:20:4e:ad:97:
1c:22:ea:87:81:a4:94:f8:56:a1:07:80:72:e3:25:
f6:d1:d6:46:2a:e7:f9:a6:2d:6a:c1:f7:f2:36:70:
d7:99:b7:1e:09:28:53:95:c5:40:37:5e:80:94:1e:
89:95:1b:7a:ce:7c:fc:02:46:8f:91:46:b5:b0:b0:
30:5f:81:bf:12:e1:e1:ab:80:e2:67:f9:81:90:b1:
26:78:45:1c:d8:ae:b1:0b:f9:16:c3:48:4a:b6:f9:
4a:8e:17:d2:b2:6a:fe:91:24:0a:63:ce:85:82:42:
31:7a:54:27:07:45:c4:de:56:64:e2:77:2f:c8:13:
09:7d:53:72:9c:72:29:7b:55:0a:20:99:b7:cf:fc:
c8:40:c3:36:bb:2f:07:1d:75:39:6b:7b:48:eb:f1:
f9:37:98:6a:d5:44:97:3b:de:81:6a:28:57:df:f4:
55:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:A8:9A:DA:21:4B:ED:9B:7A:A1:59:A2:60:94:3D:53:8A:81:F1:C4
X509v3 Authority Key Identifier:
keyid:10:AF:80:0C:E9:5B:FB:B1:F4:73:B0:B5:F9:F7:B9:31:75:93:0E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EK-ADOlb-7H0c7C1-fe5MXWTDok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/c6ia2iFL7Zt6oVmiYJQ9U4qB8cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/EK-ADOlb-7H0c7C1-fe5MXWTDok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.160.0/22
IPv6:
2a00:a5a0::/32
Signature Algorithm: sha256WithRSAEncryption
96:fb:1f:15:fa:df:ba:1b:b3:f3:b5:3a:0d:b6:af:d3:53:42:
7b:28:70:f0:9b:1f:bc:80:12:ea:af:4a:0e:3e:e6:23:4c:f1:
77:77:58:0d:7a:71:24:04:62:78:84:d5:40:06:37:d0:47:a1:
e1:07:78:59:57:e3:83:e9:a5:8b:86:0e:60:85:2b:52:5f:c4:
a9:8f:ad:a8:bc:1e:3a:45:b4:f5:b2:69:2d:c0:1f:b6:c4:f0:
b0:7b:80:80:6f:a9:a0:81:06:36:7d:d0:8f:ab:d6:72:d9:2a:
10:96:ea:65:54:13:d2:9a:61:25:ed:c4:33:88:9f:ec:06:59:
dd:68:a7:81:91:aa:d5:2a:a7:46:bc:eb:72:bc:01:55:ad:2b:
c5:c8:bf:ef:6f:f0:c3:8b:00:1d:9d:70:2e:ec:5b:20:e5:58:
b5:04:65:d0:fb:a0:d5:f1:a5:59:5e:21:34:5c:9d:2f:e8:16:
50:ac:7d:ea:c7:fc:19:0e:11:fb:74:0a:be:93:ce:ea:c4:59:
94:8d:1c:63:be:dd:a4:62:e9:cd:5f:69:c3:44:51:88:53:dc:
25:ee:69:33:ef:eb:65:dd:ec:72:ee:81:a5:fa:b5:8a:64:3e:
06:dd:5a:47:11:9f:0b:0d:3b:70:a7:e1:03:16:3c:99:2f:c6:
ed:51:64:fd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJvh40zlxE0f7XciPcZKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYWY4MDBjZTk1YmZiYjFmNDczYjBiNWY5ZjdiOTMxNzU5
MzBlODkwHhcNMjQwMTAxMjIzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2E4OWFkYTIxNGJlZDliN2FhMTU5YTI2MDk0M2Q1MzhhODFmMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfcCj0KA0n9WOnsm2z5C/3GnhZCJ
QLcNAJ1rvDGVB+tPBO83HonpnwdmiFTVAPbWIQeaRD3+etIts2iubssLxgweDYWP
tFXlZ3o4WJbKyIk6MMhNLiBOrZccIuqHgaSU+FahB4By4yX20dZGKuf5pi1qwffy
NnDXmbceCShTlcVAN16AlB6JlRt6znz8AkaPkUa1sLAwX4G/EuHhq4DiZ/mBkLEm
eEUc2K6xC/kWw0hKtvlKjhfSsmr+kSQKY86FgkIxelQnB0XE3lZk4ncvyBMJfVNy
nHIpe1UKIJm3z/zIQMM2uy8HHXU5a3tI6/H5N5hq1USXO96BaihX3/RVHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHOomtohS+2beqFZomCUPVOKgfHEMB8GA1UdIwQY
MBaAFBCvgAzpW/ux9HOwtfn3uTF1kw6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUstQURPbGItN0gwYzdDMS1mZTVNWFdURG9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85YTc4ZTYtM2JmNy00MmI2LThjYmYt
MTE5OTQyZjNkN2E3LzEvYzZpYTJpRkw3WnQ2b1ZtaVlKUTlVNHFCOGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85YTc4ZTYtM2JmNy00MmI2LThjYmYtMTE5OTQyZjNkN2E3
LzEvRUstQURPbGItN0gwYzdDMS1mZTVNWFdURG9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSCgMA0E
AgACMAcDBQAqAKWgMA0GCSqGSIb3DQEBCwUAA4IBAQCW+x8V+t+6G7PztToNtq/T
U0J7KHDwmx+8gBLqr0oOPuYjTPF3d1gNenEkBGJ4hNVABjfQR6HhB3hZV+OD6aWL
hg5ghStSX8Spj62ovB46RbT1smktwB+2xPCwe4CAb6mggQY2fdCPq9Zy2SoQlupl
VBPSmmEl7cQziJ/sBlndaKeBkarVKqdGvOtyvAFVrSvFyL/vb/DDiwAdnXAu7Fsg
5Vi1BGXQ+6DV8aVZXiE0XJ0v6BZQrH3qx/wZDhH7dAq+k87qxFmUjRxjvt2kYunN
X2nDRFGIU9wl7mkz7+tl3exy7oGl+rWKZD4G3VpHEZ8LDTtwp+EDFjyZL8btUWT9
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:53:03 2024 by rpki-client on console-ams.rpki-client.org