Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d45531-d6c8-4dce-b606-85c855227b23/1/fStSr8whhQDwyaEfM4RRvU0IeMg.roa
File: fStSr8whhQDwyaEfM4RRvU0IeMg.roa (raw, json)
Hash identifier: szYaihN9bjgKPFXW3d+P+jisRCID6TE/FRZN00XvOI8=
Subject key identifier: 7D:2B:52:AF:CC:21:85:00:F0:C9:A1:1F:33:84:51:BD:4D:08:78:C8
Certificate issuer: /CN=f69527a06a035cbcaecf00daca2fd88399cf9d12
Certificate serial: 018CC26D5F3D28BA53FB3B5AAD1158703697
Authority key identifier: F6:95:27:A0:6A:03:5C:BC:AE:CF:00:DA:CA:2F:D8:83:99:CF:9D:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9pUnoGoDXLyuzwDayi_Yg5nPnRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d45531-d6c8-4dce-b606-85c855227b23/1/fStSr8whhQDwyaEfM4RRvU0IeMg.roa
Signing time: Mon 01 Jan 2024 00:29:56 +0000
ROA not before: Mon 01 Jan 2024 00:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44407
IP address blocks: 185.235.104.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/d45531-d6c8-4dce-b606-85c855227b23/1/9pUnoGoDXLyuzwDayi_Yg5nPnRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/d45531-d6c8-4dce-b606-85c855227b23/1/9pUnoGoDXLyuzwDayi_Yg5nPnRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/9pUnoGoDXLyuzwDayi_Yg5nPnRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:5f:3d:28:ba:53:fb:3b:5a:ad:11:58:70:36:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69527a06a035cbcaecf00daca2fd88399cf9d12
Validity
Not Before: Jan 1 00:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d2b52afcc218500f0c9a11f338451bd4d0878c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:29:1b:9a:0f:d0:c3:5a:3e:7d:2a:a8:4f:2e:
97:3a:4b:9a:92:c8:c0:2a:49:22:e2:d7:8a:f7:98:
dd:5e:39:8d:66:9e:28:93:51:94:21:94:14:85:2a:
1f:20:51:6f:d5:09:dc:06:05:ce:bd:8f:b2:28:4b:
1a:31:73:9a:5b:96:db:a2:c2:55:d9:9a:b1:c2:44:
a9:5f:47:91:c8:c5:31:59:89:28:ca:c5:a8:da:7c:
9b:39:49:c1:e2:99:4e:2e:eb:ec:07:8a:e6:d4:6c:
93:b9:96:a3:c7:c7:88:e4:f7:29:b3:7a:11:44:18:
71:7c:a6:3c:00:32:d8:2c:18:7a:c9:40:d5:b9:1f:
83:43:36:8e:c4:56:db:48:8e:07:e9:d6:21:bc:50:
c4:ef:02:05:fa:1a:f4:9a:46:64:cb:98:7e:53:30:
8e:c7:8c:c9:4e:86:1d:ca:47:c0:41:6d:67:1e:6c:
6d:cd:f7:2b:62:a9:4d:a2:1d:36:63:d7:93:a2:4b:
ac:1a:57:85:1b:27:ef:54:99:1d:2d:25:f7:98:92:
79:88:88:7a:a4:d0:78:c9:5b:43:d4:eb:04:32:e2:
a3:29:ce:4e:d8:62:67:a6:04:67:6e:cd:ad:2b:88:
d6:16:31:5c:2c:4a:ed:89:66:be:de:f7:6f:b3:ac:
87:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:2B:52:AF:CC:21:85:00:F0:C9:A1:1F:33:84:51:BD:4D:08:78:C8
X509v3 Authority Key Identifier:
keyid:F6:95:27:A0:6A:03:5C:BC:AE:CF:00:DA:CA:2F:D8:83:99:CF:9D:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9pUnoGoDXLyuzwDayi_Yg5nPnRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d45531-d6c8-4dce-b606-85c855227b23/1/fStSr8whhQDwyaEfM4RRvU0IeMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d45531-d6c8-4dce-b606-85c855227b23/1/9pUnoGoDXLyuzwDayi_Yg5nPnRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.104.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:54:c6:07:cc:b7:f8:1c:3e:ed:11:4b:47:fd:1d:b3:4b:40:
0f:17:7f:63:f6:ea:49:52:02:dc:63:ba:70:4f:3d:ec:22:d2:
ed:eb:fc:d3:4f:22:f8:e6:10:77:f6:ca:c0:f3:b9:42:42:fb:
70:32:3e:67:1e:39:39:3f:4e:d2:8e:42:d0:8f:55:16:b1:18:
d5:0e:f5:88:cb:42:3c:58:15:5a:41:29:07:b9:15:0e:b0:a9:
c7:85:56:1f:59:15:82:ad:43:93:6d:ea:f5:c5:33:06:d8:5d:
70:02:8f:a4:b4:56:cc:9d:a5:cd:ea:d5:c4:04:17:d8:e7:22:
bc:cf:e8:15:e0:26:ee:dd:a8:53:d1:a4:1d:47:25:05:f6:9a:
cc:0d:4a:9b:4c:32:0a:cd:f3:0c:09:a6:5e:89:ed:85:aa:3e:
30:0e:32:af:68:74:4c:ee:26:98:48:a4:30:4d:69:54:4e:c3:
38:6f:bb:28:63:37:97:1c:fa:2e:bc:d2:04:c1:ac:5f:d3:fb:
98:c1:42:b9:8a:d3:66:fe:e3:bd:db:ba:8a:e6:1f:ba:e3:25:
d1:8b:3d:ec:03:ec:57:5a:94:6d:07:02:4a:4c:f2:f7:7d:a3:
f8:81:25:92:49:ca:d8:01:92:6c:9d:12:10:88:d6:7f:5c:7a:
7f:c2:31:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbV89KLpT+ztarRFYcDaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OTUyN2EwNmEwMzVjYmNhZWNmMDBkYWNhMmZkODgzOTlj
ZjlkMTIwHhcNMjQwMTAxMDAyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDJiNTJhZmNjMjE4NTAwZjBjOWExMWYzMzg0NTFiZDRkMDg3OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoykbmg/Qw1o+fSqoTy6XOkuaksjA
Kkki4teK95jdXjmNZp4ok1GUIZQUhSofIFFv1QncBgXOvY+yKEsaMXOaW5bbosJV
2ZqxwkSpX0eRyMUxWYkoysWo2nybOUnB4plOLuvsB4rm1GyTuZajx8eI5Pcps3oR
RBhxfKY8ADLYLBh6yUDVuR+DQzaOxFbbSI4H6dYhvFDE7wIF+hr0mkZky5h+UzCO
x4zJToYdykfAQW1nHmxtzfcrYqlNoh02Y9eTokusGleFGyfvVJkdLSX3mJJ5iIh6
pNB4yVtD1OsEMuKjKc5O2GJnpgRnbs2tK4jWFjFcLErtiWa+3vdvs6yHTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH0rUq/MIYUA8MmhHzOEUb1NCHjIMB8GA1UdIwQY
MBaAFPaVJ6BqA1y8rs8A2sov2IOZz50SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXBVbm9Hb0RYTHl1endEYXlpX1lnNW5QblJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kNDU1MzEtZDZjOC00ZGNlLWI2MDYt
ODVjODU1MjI3YjIzLzEvZlN0U3I4d2hoUUR3eWFFZk00UlJ2VTBJZU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kNDU1MzEtZDZjOC00ZGNlLWI2MDYtODVjODU1MjI3YjIz
LzEvOXBVbm9Hb0RYTHl1endEYXlpX1lnNW5QblJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuetoMA0G
CSqGSIb3DQEBCwUAA4IBAQAcVMYHzLf4HD7tEUtH/R2zS0APF39j9upJUgLcY7pw
Tz3sItLt6/zTTyL45hB39srA87lCQvtwMj5nHjk5P07SjkLQj1UWsRjVDvWIy0I8
WBVaQSkHuRUOsKnHhVYfWRWCrUOTber1xTMG2F1wAo+ktFbMnaXN6tXEBBfY5yK8
z+gV4Cbu3ahT0aQdRyUF9prMDUqbTDIKzfMMCaZeie2Fqj4wDjKvaHRM7iaYSKQw
TWlUTsM4b7soYzeXHPouvNIEwaxf0/uYwUK5itNm/uO927qK5h+64yXRiz3sA+xX
WpRtBwJKTPL3faP4gSWSScrYAZJsnRIQiNZ/XHp/wjGF
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:59 2024 by rpki-client on console-fra.rpki-client.org