Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/O4VlfybNPve5MgldzHU-xAYXsIk.roa
File: O4VlfybNPve5MgldzHU-xAYXsIk.roa (raw, json)
Hash identifier: OYySj57WGjUCBw/SV8CheRD0TSM60JPFox+F4RWH3Z0=
Subject key identifier: 3B:85:65:7F:26:CD:3E:F7:B9:32:09:5D:CC:75:3E:C4:06:17:B0:89
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DACC8797CF071A743762EAE431B97F
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/O4VlfybNPve5MgldzHU-xAYXsIk.roa
Signing time: Mon 01 Jan 2024 02:29:28 +0000
ROA not before: Mon 01 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202599
IP address blocks: 185.159.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cc:87:97:cf:07:1a:74:37:62:ea:e4:31:b9:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b85657f26cd3ef7b932095dcc753ec40617b089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e1:41:16:a9:c2:51:18:ed:9c:85:8c:05:19:
96:d5:73:9b:cb:05:7e:bb:4c:f7:62:58:44:d8:7a:
0f:b3:9f:7b:3a:b2:f1:6d:a5:b1:7e:d9:91:e1:9b:
5b:4d:fd:b3:ea:26:f9:a8:df:f2:67:37:ed:bc:9f:
19:33:3a:e6:10:42:9d:e9:bc:3b:c4:1a:5c:ee:d2:
27:82:0b:84:b4:de:d2:f2:c0:60:f7:df:cb:fa:68:
c7:e4:0b:70:f5:d2:59:55:54:aa:c9:94:4a:f2:e0:
e0:4b:ea:11:50:c2:33:04:bc:95:b1:7b:69:9d:06:
75:1f:86:c6:33:87:76:9a:6d:ce:51:14:06:d3:8d:
c6:0d:bb:d5:9e:8f:25:ea:ec:3f:2b:0a:7d:3c:29:
bc:b2:96:80:db:02:24:89:3e:73:70:de:e6:a5:a3:
76:71:5b:b2:95:32:0e:20:2d:e5:b5:2d:41:08:bb:
6c:e8:82:90:5f:6a:f9:01:e3:5f:b4:fe:0f:ab:46:
ed:19:44:b2:08:58:af:0e:a6:d9:0b:3e:be:c4:c7:
44:ed:b2:19:cf:06:f0:5d:5f:05:e4:75:ae:45:4d:
f3:99:7a:92:da:42:73:71:a6:ac:0b:ec:a5:f5:a5:
43:84:86:cf:58:ad:0c:84:ca:27:df:3f:e2:98:fa:
04:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:85:65:7F:26:CD:3E:F7:B9:32:09:5D:CC:75:3E:C4:06:17:B0:89
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/O4VlfybNPve5MgldzHU-xAYXsIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.212.0/22
Signature Algorithm: sha256WithRSAEncryption
71:f8:13:7e:62:c2:0d:13:7c:e0:45:d0:f2:b0:e8:d3:c3:a0:
60:4b:81:53:55:cc:33:7d:96:73:37:80:bb:59:8a:66:fb:68:
79:30:5f:43:78:fe:1a:f9:bb:08:29:e3:6a:5a:bc:4f:26:a1:
25:a1:77:4c:2a:19:06:6a:7f:c2:c3:fc:d6:16:e3:38:bd:61:
09:1c:aa:6d:14:83:19:bb:9c:c3:8b:9c:84:93:fc:05:09:52:
fd:1b:60:d8:d8:b6:9f:d1:8f:b7:17:65:da:0a:55:3b:16:07:
22:75:c0:0b:94:45:21:a1:d2:ca:39:55:5c:3f:39:81:e1:01:
82:cf:e7:4a:54:9c:c6:4d:a2:97:bc:70:8c:15:d4:05:84:6b:
f2:6e:74:13:a9:22:09:34:28:96:34:31:33:80:6e:e3:01:0c:
39:c6:59:07:ca:81:4c:bd:5c:ff:e0:4a:58:8d:88:93:c0:83:
13:b7:86:c1:bb:16:e5:d8:87:15:2b:56:bb:3c:af:b4:2c:fa:
f7:1e:0f:69:cc:72:69:21:f0:ea:57:dd:db:5f:f9:bd:27:d2:
c3:0a:2f:b9:d3:af:11:07:50:63:d8:85:fc:27:63:b8:0b:35:
be:51:8f:20:82:e1:b4:84:49:2a:f2:90:58:27:4f:87:b9:31:
da:cf:91:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2syHl88HGnQ3YurkMbl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjg1NjU3ZjI2Y2QzZWY3YjkzMjA5NWRjYzc1M2VjNDA2MTdiMDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneFBFqnCURjtnIWMBRmW1XObywV+
u0z3YlhE2HoPs597OrLxbaWxftmR4ZtbTf2z6ib5qN/yZzftvJ8ZMzrmEEKd6bw7
xBpc7tIngguEtN7S8sBg99/L+mjH5Atw9dJZVVSqyZRK8uDgS+oRUMIzBLyVsXtp
nQZ1H4bGM4d2mm3OURQG043GDbvVno8l6uw/Kwp9PCm8spaA2wIkiT5zcN7mpaN2
cVuylTIOIC3ltS1BCLts6IKQX2r5AeNftP4Pq0btGUSyCFivDqbZCz6+xMdE7bIZ
zwbwXV8F5HWuRU3zmXqS2kJzcaasC+yl9aVDhIbPWK0MhMon3z/imPoEkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuFZX8mzT73uTIJXcx1PsQGF7CJMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvTzRWbGZ5Yk5QdmU1TWdsZHpIVS14QVlYc0lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ/UMA0G
CSqGSIb3DQEBCwUAA4IBAQBx+BN+YsINE3zgRdDysOjTw6BgS4FTVcwzfZZzN4C7
WYpm+2h5MF9DeP4a+bsIKeNqWrxPJqEloXdMKhkGan/Cw/zWFuM4vWEJHKptFIMZ
u5zDi5yEk/wFCVL9G2DY2Laf0Y+3F2XaClU7FgcidcALlEUhodLKOVVcPzmB4QGC
z+dKVJzGTaKXvHCMFdQFhGvybnQTqSIJNCiWNDEzgG7jAQw5xlkHyoFMvVz/4EpY
jYiTwIMTt4bBuxbl2IcVK1a7PK+0LPr3Hg9pzHJpIfDqV93bX/m9J9LDCi+5068R
B1Bj2IX8J2O4CzW+UY8gguG0hEkq8pBYJ0+HuTHaz5GB
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:34 2024 by rpki-client on console-fra.rpki-client.org