Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/2c67ed-8d41-4f9f-aded-06676be138fa/1/RnSoHDqaBcXMncIZGbGyZ3vgwXI.roa
File: RnSoHDqaBcXMncIZGbGyZ3vgwXI.roa (raw, json)
Hash identifier: xY/qVMwkaN06e/rfB6EjKwp1SgVn8HTfV+dIuMMdSHY=
Subject key identifier: 46:74:A8:1C:3A:9A:05:C5:CC:9D:C2:19:19:B1:B2:67:7B:E0:C1:72
Certificate issuer: /CN=26f170b19b97ee17de732a1b68ae22ba8e5f56e4
Certificate serial: 018CC64B52DD27257CEA44BB2ED384D088A8
Authority key identifier: 26:F1:70:B1:9B:97:EE:17:DE:73:2A:1B:68:AE:22:BA:8E:5F:56:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JvFwsZuX7hfecyobaK4iuo5fVuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/2c67ed-8d41-4f9f-aded-06676be138fa/1/RnSoHDqaBcXMncIZGbGyZ3vgwXI.roa
Signing time: Mon 01 Jan 2024 18:31:14 +0000
ROA not before: Mon 01 Jan 2024 18:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206055
IP address blocks: 185.238.118.0/23 maxlen: 23
2a13:9f80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/2c67ed-8d41-4f9f-aded-06676be138fa/1/JvFwsZuX7hfecyobaK4iuo5fVuQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/2c67ed-8d41-4f9f-aded-06676be138fa/1/JvFwsZuX7hfecyobaK4iuo5fVuQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/JvFwsZuX7hfecyobaK4iuo5fVuQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 23:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:52:dd:27:25:7c:ea:44:bb:2e:d3:84:d0:88:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26f170b19b97ee17de732a1b68ae22ba8e5f56e4
Validity
Not Before: Jan 1 18:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4674a81c3a9a05c5cc9dc21919b1b2677be0c172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1b:c3:79:0c:74:2d:bd:7e:42:8d:96:2f:3c:
bd:a1:c2:d9:3c:43:fe:f5:44:e9:60:76:0a:10:7f:
36:3a:a9:96:2a:41:6b:7a:66:a3:41:c3:00:12:9b:
d6:66:21:90:60:6a:b4:3d:c0:fd:96:c7:b5:15:67:
95:7d:26:17:b9:1b:ee:b0:b6:1e:d8:5f:e2:a3:90:
f1:06:5c:3a:12:38:2f:6e:79:58:27:da:ab:6e:fc:
21:84:dd:a2:34:fb:84:40:f6:e5:a1:ed:6a:ce:cf:
45:36:64:e1:6f:6a:e0:13:76:4c:ea:f3:fc:df:73:
87:3a:d2:27:dc:0f:a6:fc:92:e3:a9:9d:7f:c2:bb:
15:cc:d0:63:90:5b:78:30:0c:64:5e:51:27:0f:75:
d3:bb:2a:23:a6:a8:0e:22:18:67:39:aa:2f:10:2a:
1b:90:7d:3e:03:a1:ed:7e:df:a4:b8:fc:7a:3f:6c:
9f:4d:a2:46:bf:7d:23:e6:70:9f:52:d0:fd:c5:94:
3e:d4:46:1b:51:2c:16:22:fe:ad:ae:7e:5a:91:71:
9d:22:33:a1:0f:4c:51:60:dc:5b:ee:03:e5:6b:84:
13:7e:8b:29:93:b9:ae:de:88:47:6f:e8:70:3e:31:
2b:59:8b:71:ce:b6:9e:b2:13:c2:bb:de:92:45:07:
9b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:74:A8:1C:3A:9A:05:C5:CC:9D:C2:19:19:B1:B2:67:7B:E0:C1:72
X509v3 Authority Key Identifier:
keyid:26:F1:70:B1:9B:97:EE:17:DE:73:2A:1B:68:AE:22:BA:8E:5F:56:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JvFwsZuX7hfecyobaK4iuo5fVuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/2c67ed-8d41-4f9f-aded-06676be138fa/1/RnSoHDqaBcXMncIZGbGyZ3vgwXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/2c67ed-8d41-4f9f-aded-06676be138fa/1/JvFwsZuX7hfecyobaK4iuo5fVuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.118.0/23
IPv6:
2a13:9f80::/32
Signature Algorithm: sha256WithRSAEncryption
40:4a:1e:1e:a0:dd:18:36:62:01:23:a2:6c:8e:a1:07:c8:7e:
9b:c9:87:50:6b:be:cf:a6:ce:71:63:bc:2c:3f:ee:a7:16:f0:
50:39:69:11:ea:de:2a:8b:31:5d:41:7f:84:a3:c0:0e:e2:54:
d7:39:e6:1d:9a:63:51:00:24:cc:57:4d:0b:32:91:b1:ae:b7:
88:6d:48:f1:d7:be:ad:60:62:0c:2e:1d:a9:8f:d8:10:12:3b:
cf:62:a6:6e:c1:0d:87:ab:eb:e6:6c:47:35:17:ea:62:35:57:
56:db:f6:f5:a3:f4:17:77:31:fc:78:74:3d:4b:99:52:5b:d2:
4c:a9:4e:ee:75:b7:6b:f7:7c:84:78:07:0e:04:aa:0c:ca:59:
76:ee:5c:c2:70:42:97:3f:ad:3b:04:56:80:7e:f4:9e:22:8d:
de:f6:dd:2a:fc:2b:cf:48:e7:13:f2:e7:6a:05:b7:92:5f:e5:
99:d6:45:08:c2:2d:05:93:35:82:42:be:26:70:da:75:b4:cb:
c4:3b:0b:6a:a0:5b:04:46:d7:b4:36:43:fd:0e:6d:5a:a5:2e:
05:15:a5:48:97:0e:26:bb:f1:79:c2:c0:40:6a:82:27:97:2e:
93:51:4c:48:47:77:a9:79:9c:a7:18:f4:04:18:b0:69:09:4c:
64:44:3d:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS1LdJyV86kS7LtOE0IioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZjE3MGIxOWI5N2VlMTdkZTczMmExYjY4YWUyMmJhOGU1
ZjU2ZTQwHhcNMjQwMTAxMTgzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njc0YTgxYzNhOWEwNWM1Y2M5ZGMyMTkxOWIxYjI2NzdiZTBjMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBvDeQx0Lb1+Qo2WLzy9ocLZPEP+
9UTpYHYKEH82OqmWKkFremajQcMAEpvWZiGQYGq0PcD9lse1FWeVfSYXuRvusLYe
2F/io5DxBlw6EjgvbnlYJ9qrbvwhhN2iNPuEQPbloe1qzs9FNmThb2rgE3ZM6vP8
33OHOtIn3A+m/JLjqZ1/wrsVzNBjkFt4MAxkXlEnD3XTuyojpqgOIhhnOaovECob
kH0+A6Htft+kuPx6P2yfTaJGv30j5nCfUtD9xZQ+1EYbUSwWIv6trn5akXGdIjOh
D0xRYNxb7gPla4QTfospk7mu3ohHb+hwPjErWYtxzraeshPCu96SRQebYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEZ0qBw6mgXFzJ3CGRmxsmd74MFyMB8GA1UdIwQY
MBaAFCbxcLGbl+4X3nMqG2iuIrqOX1bkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnZGd3NadVg3aGZlY3lvYmFLNGl1bzVmVnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8yYzY3ZWQtOGQ0MS00ZjlmLWFkZWQt
MDY2NzZiZTEzOGZhLzEvUm5Tb0hEcWFCY1hNbmNJWkdiR3laM3Znd1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8yYzY3ZWQtOGQ0MS00ZjlmLWFkZWQtMDY2NzZiZTEzOGZh
LzEvSnZGd3NadVg3aGZlY3lvYmFLNGl1bzVmVnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBue52MA0E
AgACMAcDBQAqE5+AMA0GCSqGSIb3DQEBCwUAA4IBAQBASh4eoN0YNmIBI6JsjqEH
yH6byYdQa77Pps5xY7wsP+6nFvBQOWkR6t4qizFdQX+Eo8AO4lTXOeYdmmNRACTM
V00LMpGxrreIbUjx176tYGIMLh2pj9gQEjvPYqZuwQ2Hq+vmbEc1F+piNVdW2/b1
o/QXdzH8eHQ9S5lSW9JMqU7udbdr93yEeAcOBKoMyll27lzCcEKXP607BFaAfvSe
Io3e9t0q/CvPSOcT8udqBbeSX+WZ1kUIwi0FkzWCQr4mcNp1tMvEOwtqoFsERte0
NkP9Dm1apS4FFaVIlw4mu/F5wsBAaoInly6TUUxIR3epeZynGPQEGLBpCUxkRD1G
-----END CERTIFICATE-----
Generated at Wed Nov 27 06:04:39 2024 by rpki-client on console-fra.rpki-client.org