Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/d60548-8608-401c-a2b5-cd7b288d6ea0/1/7qU6w7ZIwG2fz8UnlRH6K_XtZV8.roa
File: 7qU6w7ZIwG2fz8UnlRH6K_XtZV8.roa (raw, json)
Hash identifier: g0uIyeyeELYMf/Su8P9/q41q9CB+NJIOMElhks2mW7Y=
Subject key identifier: EE:A5:3A:C3:B6:48:C0:6D:9F:CF:C5:27:95:11:FA:2B:F5:ED:65:5F
Certificate issuer: /CN=bf2631a89940c779fbd9da231a1d2e9840c9c7c6
Certificate serial: 018CC8DED07AFD241BB3D9189E824C8C7AB5
Authority key identifier: BF:26:31:A8:99:40:C7:79:FB:D9:DA:23:1A:1D:2E:98:40:C9:C7:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vyYxqJlAx3n72dojGh0umEDJx8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/d60548-8608-401c-a2b5-cd7b288d6ea0/1/7qU6w7ZIwG2fz8UnlRH6K_XtZV8.roa
Signing time: Tue 02 Jan 2024 06:31:34 +0000
ROA not before: Tue 02 Jan 2024 06:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50596
IP address blocks: 185.235.64.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/d60548-8608-401c-a2b5-cd7b288d6ea0/1/vyYxqJlAx3n72dojGh0umEDJx8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/d60548-8608-401c-a2b5-cd7b288d6ea0/1/vyYxqJlAx3n72dojGh0umEDJx8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vyYxqJlAx3n72dojGh0umEDJx8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:d0:7a:fd:24:1b:b3:d9:18:9e:82:4c:8c:7a:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf2631a89940c779fbd9da231a1d2e9840c9c7c6
Validity
Not Before: Jan 2 06:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eea53ac3b648c06d9fcfc5279511fa2bf5ed655f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:92:c1:96:67:c5:c6:2b:24:a8:c0:e7:7d:d4:
7e:d8:34:11:5b:3a:0f:f2:5f:8e:c5:f3:2b:39:1f:
88:0a:3a:37:ed:d9:12:6d:ac:c3:25:15:43:c7:e9:
5d:56:68:bc:9d:67:c3:2b:a0:9d:1d:c9:e3:fc:42:
3a:b9:d1:d7:3a:ac:30:90:80:e3:32:21:49:02:f1:
8d:14:06:48:35:27:98:b7:99:d6:d6:3c:af:8f:75:
7a:6f:40:5d:78:b0:00:9e:7e:86:22:3c:db:b9:5b:
00:d0:53:63:d1:2d:5b:28:ac:6c:9e:4b:64:75:77:
f6:52:f1:c3:64:c4:1b:8e:15:e6:b8:83:6c:ec:d1:
68:0f:2a:b7:ef:a8:43:26:2b:37:ee:d2:41:8e:01:
86:66:35:62:50:fb:7d:ec:a0:70:e3:bb:fc:42:ab:
d4:9c:a8:a3:08:94:25:52:59:23:02:54:78:96:ac:
bf:86:1c:37:3f:af:7f:9e:88:fb:26:10:dd:72:84:
76:c1:ed:69:3e:eb:48:15:14:dc:04:33:90:1e:be:
ef:1c:15:bd:e3:ab:1f:8b:08:da:d6:a1:85:20:64:
c8:4c:67:a8:d9:39:cb:c2:21:38:bc:37:a2:0e:6d:
7c:de:03:0e:c8:2f:04:13:6b:43:55:b5:40:b1:4a:
65:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A5:3A:C3:B6:48:C0:6D:9F:CF:C5:27:95:11:FA:2B:F5:ED:65:5F
X509v3 Authority Key Identifier:
keyid:BF:26:31:A8:99:40:C7:79:FB:D9:DA:23:1A:1D:2E:98:40:C9:C7:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vyYxqJlAx3n72dojGh0umEDJx8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/d60548-8608-401c-a2b5-cd7b288d6ea0/1/7qU6w7ZIwG2fz8UnlRH6K_XtZV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/d60548-8608-401c-a2b5-cd7b288d6ea0/1/vyYxqJlAx3n72dojGh0umEDJx8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.64.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:51:65:71:b3:41:84:95:fd:12:81:82:5a:04:f4:cb:c9:20:
e4:d7:08:c8:f0:fd:b3:b6:53:3d:4f:f4:f3:51:86:b4:22:fe:
1b:ed:23:92:08:23:45:ec:80:f8:b6:a8:32:c1:af:de:bf:16:
4e:2c:52:a0:c9:2d:3e:85:3c:61:1e:75:fa:66:a7:17:56:15:
cc:02:f5:e9:32:4c:78:53:c6:d9:32:26:2e:0f:f6:4f:b8:2b:
57:00:33:47:a6:45:59:b6:35:7e:ee:6e:31:b4:38:97:98:c2:
5e:a5:54:0c:63:96:5f:16:d5:90:39:b3:40:04:9d:7c:86:55:
e3:c5:3d:5c:7b:d5:6f:93:98:83:ca:81:7d:6c:d3:5c:1d:b8:
09:01:dd:58:1a:fb:59:f5:c4:3a:20:82:9c:f6:42:52:bc:b3:
bb:a2:0d:dd:94:4f:16:00:34:e5:b0:d2:f8:18:d3:a3:14:00:
07:2e:3a:ea:62:46:c8:5c:bd:56:5a:a4:ee:f8:38:da:47:fe:
9f:f0:fb:7f:45:e9:a2:87:eb:02:b9:7b:37:d8:11:b8:36:be:
a6:be:62:b4:33:90:7b:1b:fa:1c:58:46:ae:3e:bb:3c:7a:87:
bf:81:00:b1:a2:40:47:dd:24:3b:d8:a3:32:59:30:5b:0b:8f:
72:84:78:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3tB6/SQbs9kYnoJMjHq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMjYzMWE4OTk0MGM3NzlmYmQ5ZGEyMzFhMWQyZTk4NDBj
OWM3YzYwHhcNMjQwMTAyMDYzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWE1M2FjM2I2NDhjMDZkOWZjZmM1Mjc5NTExZmEyYmY1ZWQ2NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJLBlmfFxiskqMDnfdR+2DQRWzoP
8l+OxfMrOR+ICjo37dkSbazDJRVDx+ldVmi8nWfDK6CdHcnj/EI6udHXOqwwkIDj
MiFJAvGNFAZINSeYt5nW1jyvj3V6b0BdeLAAnn6GIjzbuVsA0FNj0S1bKKxsnktk
dXf2UvHDZMQbjhXmuINs7NFoDyq376hDJis37tJBjgGGZjViUPt97KBw47v8QqvU
nKijCJQlUlkjAlR4lqy/hhw3P69/noj7JhDdcoR2we1pPutIFRTcBDOQHr7vHBW9
46sfiwja1qGFIGTITGeo2TnLwiE4vDeiDm183gMOyC8EE2tDVbVAsUplLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6lOsO2SMBtn8/FJ5UR+iv17WVfMB8GA1UdIwQY
MBaAFL8mMaiZQMd5+9naIxodLphAycfGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnlZeHFKbEF4M243MmRvakdoMHVtRURKeDhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9kNjA1NDgtODYwOC00MDFjLWEyYjUt
Y2Q3YjI4OGQ2ZWEwLzEvN3FVNnc3Wkl3RzJmejhVbmxSSDZLX1h0WlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9kNjA1NDgtODYwOC00MDFjLWEyYjUtY2Q3YjI4OGQ2ZWEw
LzEvdnlZeHFKbEF4M243MmRvakdoMHVtRURKeDhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuetAMA0G
CSqGSIb3DQEBCwUAA4IBAQBcUWVxs0GElf0SgYJaBPTLySDk1wjI8P2ztlM9T/Tz
UYa0Iv4b7SOSCCNF7ID4tqgywa/evxZOLFKgyS0+hTxhHnX6ZqcXVhXMAvXpMkx4
U8bZMiYuD/ZPuCtXADNHpkVZtjV+7m4xtDiXmMJepVQMY5ZfFtWQObNABJ18hlXj
xT1ce9Vvk5iDyoF9bNNcHbgJAd1YGvtZ9cQ6IIKc9kJSvLO7og3dlE8WADTlsNL4
GNOjFAAHLjrqYkbIXL1WWqTu+DjaR/6f8Pt/Remih+sCuXs32BG4Nr6mvmK0M5B7
G/ocWEauPrs8eoe/gQCxokBH3SQ72KMyWTBbC49yhHg1
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:16:40 2024 by rpki-client on console-fra.rpki-client.org