Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/U5dmkgQ-q2Eg8iJB2CpuDNnc3i8.roa
File: U5dmkgQ-q2Eg8iJB2CpuDNnc3i8.roa (raw, json)
Hash identifier: Sif7eYaVBLP2WcOTNq5mDmNlfWQjNAQKKOsiC1wPico=
Subject key identifier: 53:97:66:92:04:3E:AB:61:20:F2:22:41:D8:2A:6E:0C:D9:DC:DE:2F
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 018CC42554050979399886B6D5B33D523E0C
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/U5dmkgQ-q2Eg8iJB2CpuDNnc3i8.roa
Signing time: Mon 01 Jan 2024 08:30:29 +0000
ROA not before: Mon 01 Jan 2024 08:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 185.11.217.0/24 maxlen: 24
2a03:69c0:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:54:05:09:79:39:98:86:b6:d5:b3:3d:52:3e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Jan 1 08:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53976692043eab6120f22241d82a6e0cd9dcde2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:81:35:ce:54:c3:5d:3b:a9:66:12:4e:f0:95:
38:a2:14:07:7d:f2:34:54:c7:60:c3:77:61:a6:0b:
54:5e:c1:1c:1a:a1:cd:e8:16:f7:90:04:5c:3a:33:
fb:96:bb:b0:ce:c1:93:ca:73:3e:18:0f:22:03:98:
51:6a:80:89:bc:94:78:a1:bc:84:e5:aa:07:05:cf:
1a:66:29:2d:a1:f0:e0:cb:8c:23:18:a7:75:96:10:
7b:87:13:60:99:4a:46:9e:96:3d:da:16:65:c9:3b:
47:0d:66:bd:7c:ed:22:ca:a2:59:b3:5e:a4:9b:03:
68:a4:85:39:43:86:38:bd:7d:df:83:ab:e8:38:09:
5a:cb:64:ab:cc:67:97:60:d5:11:d0:ff:86:54:93:
63:00:44:e1:45:3a:42:7f:bd:ee:7a:d6:31:0a:2b:
4a:06:81:80:a9:a9:72:9f:2b:12:e5:9f:f2:8b:80:
13:f4:f9:c0:d3:48:db:b2:41:df:40:4f:d6:4c:c9:
f6:01:18:be:52:62:03:ca:a2:25:88:44:cb:21:02:
33:16:8d:be:6c:be:a0:85:f3:ea:44:4a:a1:cb:44:
1c:f1:a1:e9:2d:89:de:66:04:b6:ca:9e:4a:38:6f:
a9:1d:9a:67:8a:f7:1f:f3:80:ae:fa:a7:92:92:5d:
32:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:97:66:92:04:3E:AB:61:20:F2:22:41:D8:2A:6E:0C:D9:DC:DE:2F
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/U5dmkgQ-q2Eg8iJB2CpuDNnc3i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.217.0/24
IPv6:
2a03:69c0:100::/40
Signature Algorithm: sha256WithRSAEncryption
4d:fd:17:2a:bb:13:30:9b:33:7b:d7:6d:93:4f:b4:65:94:c3:
07:5d:6c:91:7b:01:d6:31:ff:ad:c5:76:ff:ee:d6:4c:9d:1d:
65:40:04:8b:41:b8:9e:3a:f5:6b:96:0e:08:23:96:9d:a2:dd:
79:fd:1d:15:fb:e2:96:eb:a9:36:7e:13:47:10:e7:4a:0e:f1:
17:44:60:66:d6:44:b7:8a:20:70:61:19:bf:25:6b:8a:33:d4:
29:3b:a8:2d:32:74:3a:e1:7f:b7:f3:73:7e:c0:3f:11:cb:4a:
e0:e1:3c:e1:01:e2:f8:8c:c4:90:10:b2:46:9b:ab:64:ea:d7:
b9:f9:4e:74:23:d3:2d:0b:ae:74:6c:02:5e:4f:83:c0:97:ac:
d8:48:ea:b9:20:81:c4:67:7c:af:4e:ec:11:ae:85:e3:c3:10:
ad:73:22:e5:a3:50:01:2a:50:d8:10:11:06:92:b3:ea:0e:a3:
c5:6f:dc:1e:7a:80:25:65:01:a5:9d:42:36:08:f2:5f:94:e6:
aa:e3:44:af:b5:07:c7:e6:70:fb:2d:b7:7c:b2:25:9a:cc:11:
99:67:6d:3f:a0:ab:89:49:5f:16:03:ac:88:50:51:b0:7f:6a:
dc:8f:fd:e3:31:fa:cb:47:c6:b5:97:e2:d2:7e:62:03:c6:ce:
f9:dc:65:7a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzEJVQFCXk5mIa21bM9Uj4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjQwMTAxMDgzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzk3NjY5MjA0M2VhYjYxMjBmMjIyNDFkODJhNmUwY2Q5ZGNkZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIE1zlTDXTupZhJO8JU4ohQHffI0
VMdgw3dhpgtUXsEcGqHN6Bb3kARcOjP7lruwzsGTynM+GA8iA5hRaoCJvJR4obyE
5aoHBc8aZiktofDgy4wjGKd1lhB7hxNgmUpGnpY92hZlyTtHDWa9fO0iyqJZs16k
mwNopIU5Q4Y4vX3fg6voOAlay2SrzGeXYNUR0P+GVJNjAEThRTpCf73uetYxCitK
BoGAqalynysS5Z/yi4AT9PnA00jbskHfQE/WTMn2ARi+UmIDyqIliETLIQIzFo2+
bL6ghfPqREqhy0Qc8aHpLYneZgS2yp5KOG+pHZpnivcf84Cu+qeSkl0yDwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFFOXZpIEPqthIPIiQdgqbgzZ3N4vMB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvVTVkbWtnUS1xMkVnOGlKQjJDcHVETm5jM2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuQvZMA4E
AgACMAgDBgAqA2nAATANBgkqhkiG9w0BAQsFAAOCAQEATf0XKrsTMJsze9dtk0+0
ZZTDB11skXsB1jH/rcV2/+7WTJ0dZUAEi0G4njr1a5YOCCOWnaLdef0dFfviluup
Nn4TRxDnSg7xF0RgZtZEt4ogcGEZvyVrijPUKTuoLTJ0OuF/t/NzfsA/EctK4OE8
4QHi+IzEkBCyRpurZOrXuflOdCPTLQuudGwCXk+DwJes2EjquSCBxGd8r07sEa6F
48MQrXMi5aNQASpQ2BARBpKz6g6jxW/cHnqAJWUBpZ1CNgjyX5TmquNEr7UHx+Zw
+y23fLIlmswRmWdtP6CriUlfFgOsiFBRsH9q3I/94zH6y0fGtZfi0n5iA8bO+dxl
eg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:30:33 2024 by rpki-client on console-ams.rpki-client.org