Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/jS1KXp6KDCcP5aowe16csA4o6JY.roa
File: jS1KXp6KDCcP5aowe16csA4o6JY.roa (raw, json)
Hash identifier: Qqmwt0cVGbVQ7tN8Mg4b5a/3Vv7MXv71+r2LgFH333s=
Subject key identifier: 8D:2D:4A:5E:9E:8A:0C:27:0F:E5:AA:30:7B:5E:9C:B0:0E:28:E8:96
Certificate issuer: /CN=1c97b4823d3c9e121ec649821e00f0a79aeb9b8d
Certificate serial: 018CC8715B476558D7AA1196B1F472CC3DA4
Authority key identifier: 1C:97:B4:82:3D:3C:9E:12:1E:C6:49:82:1E:00:F0:A7:9A:EB:9B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJe0gj08nhIexkmCHgDwp5rrm40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/jS1KXp6KDCcP5aowe16csA4o6JY.roa
Signing time: Tue 02 Jan 2024 04:32:01 +0000
ROA not before: Tue 02 Jan 2024 04:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212492
IP address blocks: 185.61.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/HJe0gj08nhIexkmCHgDwp5rrm40.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/HJe0gj08nhIexkmCHgDwp5rrm40.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJe0gj08nhIexkmCHgDwp5rrm40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:5b:47:65:58:d7:aa:11:96:b1:f4:72:cc:3d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c97b4823d3c9e121ec649821e00f0a79aeb9b8d
Validity
Not Before: Jan 2 04:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d2d4a5e9e8a0c270fe5aa307b5e9cb00e28e896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a0:1e:7b:ba:05:4f:e1:fe:5f:77:65:36:f5:
7a:e7:6c:0a:f1:9a:cf:6a:da:2d:1f:08:b3:41:e1:
9d:58:f5:65:2f:15:ec:45:e2:48:ec:8a:54:49:30:
c3:89:35:05:09:a3:70:44:98:03:0b:ad:05:48:8b:
bc:22:3b:ac:48:99:62:02:ee:a5:a3:7d:b7:8a:31:
0d:9f:09:d5:01:d8:e2:5d:9f:f8:d5:5f:7d:a9:3c:
0d:15:71:b1:9e:73:a7:37:24:ab:ac:87:69:a3:99:
93:21:60:df:af:c2:88:a3:20:a6:10:8d:7c:21:48:
f9:5d:bf:14:e3:91:bb:48:23:21:9a:f0:fc:df:2b:
be:ae:e0:08:fc:7c:84:12:3c:70:3c:88:ad:79:41:
c2:d6:a1:09:40:99:6e:57:59:60:40:ca:78:2e:34:
f1:77:61:fb:26:f7:3f:7a:d0:4f:d3:5b:a3:32:96:
47:e9:d4:7a:51:09:3a:06:6c:11:b1:24:75:c9:5e:
d2:a2:82:07:71:c6:a9:0a:18:28:32:bc:b3:3d:65:
c3:ca:fb:80:40:74:06:5f:e4:82:f1:40:ff:92:47:
f7:c6:06:4a:5f:82:7e:b2:3d:db:db:bc:20:2d:d8:
06:df:62:09:0f:ce:b2:62:dd:89:2a:46:28:54:90:
b4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2D:4A:5E:9E:8A:0C:27:0F:E5:AA:30:7B:5E:9C:B0:0E:28:E8:96
X509v3 Authority Key Identifier:
keyid:1C:97:B4:82:3D:3C:9E:12:1E:C6:49:82:1E:00:F0:A7:9A:EB:9B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJe0gj08nhIexkmCHgDwp5rrm40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/jS1KXp6KDCcP5aowe16csA4o6JY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/15641a-6614-45e4-a2a9-9b9cd89659e0/1/HJe0gj08nhIexkmCHgDwp5rrm40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.58.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:89:e0:6b:94:7c:b9:8d:93:a3:f1:0f:b5:c2:76:14:a8:3e:
b9:c2:4c:7e:f5:41:4f:3b:14:52:8a:6c:8a:3f:74:62:5b:9d:
54:d8:32:7b:7d:e4:38:5e:cb:27:eb:01:dd:aa:5a:b6:69:66:
b9:c7:35:ce:f0:43:b1:f6:9b:e2:91:2a:5f:9a:18:cd:2e:ab:
7a:62:6c:6f:83:e5:a7:c3:f5:e7:15:6e:8d:62:f7:66:14:b4:
5b:7d:be:6e:a9:15:32:a5:a8:b2:ad:52:6f:8e:69:0d:0e:d3:
2d:9a:23:12:d9:48:8b:ab:8d:a8:df:9a:8e:5e:d5:c0:20:f4:
1d:b3:26:b0:d5:80:f6:41:3d:fb:a2:e9:14:cc:ac:5a:be:47:
92:13:52:1e:31:5d:09:fa:00:09:d6:85:b6:5d:d8:ef:01:e9:
bf:a4:f7:b9:88:e9:b3:0e:ae:88:7e:fd:c9:2d:c4:d5:f7:8e:
3f:36:26:ad:de:6e:17:c4:0e:86:9a:53:2e:c9:f7:58:97:64:
85:21:63:26:0a:24:4a:f0:82:36:62:6c:ed:a6:9b:c7:d5:98:
82:52:1d:de:98:d5:9b:8a:f8:d4:19:6f:40:d0:14:fe:b1:98:
64:19:9e:41:a2:d5:97:f4:35:1a:2b:17:64:b7:a2:23:ba:10:
60:28:aa:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcVtHZVjXqhGWsfRyzD2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTdiNDgyM2QzYzllMTIxZWM2NDk4MjFlMDBmMGE3OWFl
YjliOGQwHhcNMjQwMTAyMDQzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDJkNGE1ZTllOGEwYzI3MGZlNWFhMzA3YjVlOWNiMDBlMjhlODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaAee7oFT+H+X3dlNvV652wK8ZrP
atotHwizQeGdWPVlLxXsReJI7IpUSTDDiTUFCaNwRJgDC60FSIu8IjusSJliAu6l
o323ijENnwnVAdjiXZ/41V99qTwNFXGxnnOnNySrrIdpo5mTIWDfr8KIoyCmEI18
IUj5Xb8U45G7SCMhmvD83yu+ruAI/HyEEjxwPIiteUHC1qEJQJluV1lgQMp4LjTx
d2H7Jvc/etBP01ujMpZH6dR6UQk6BmwRsSR1yV7SooIHccapChgoMryzPWXDyvuA
QHQGX+SC8UD/kkf3xgZKX4J+sj3b27wgLdgG32IJD86yYt2JKkYoVJC0tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0tSl6eigwnD+WqMHtenLAOKOiWMB8GA1UdIwQY
MBaAFByXtII9PJ4SHsZJgh4A8Kea65uNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEplMGdqMDhuaElleGttQ0hnRHdwNXJybTQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8xNTY0MWEtNjYxNC00NWU0LWEyYTkt
OWI5Y2Q4OTY1OWUwLzEvalMxS1hwNktEQ2NQNWFvd2UxNmNzQTRvNkpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8xNTY0MWEtNjYxNC00NWU0LWEyYTktOWI5Y2Q4OTY1OWUw
LzEvSEplMGdqMDhuaElleGttQ0hnRHdwNXJybTQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT06MA0G
CSqGSIb3DQEBCwUAA4IBAQA9ieBrlHy5jZOj8Q+1wnYUqD65wkx+9UFPOxRSimyK
P3RiW51U2DJ7feQ4Xssn6wHdqlq2aWa5xzXO8EOx9pvikSpfmhjNLqt6Ymxvg+Wn
w/XnFW6NYvdmFLRbfb5uqRUypaiyrVJvjmkNDtMtmiMS2UiLq42o35qOXtXAIPQd
syaw1YD2QT37oukUzKxavkeSE1IeMV0J+gAJ1oW2XdjvAem/pPe5iOmzDq6Ifv3J
LcTV944/Niat3m4XxA6GmlMuyfdYl2SFIWMmCiRK8II2YmztppvH1ZiCUh3emNWb
ivjUGW9A0BT+sZhkGZ5BotWX9DUaKxdkt6IjuhBgKKpz
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:20 2024 by rpki-client on console-fra.rpki-client.org