Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/rDx6Z4n-bdgnl_0lnhdr7uCdIeQ.roa
File: rDx6Z4n-bdgnl_0lnhdr7uCdIeQ.roa (raw, json)
Hash identifier: RCZsbOs5hKGgTgpJ4Ce4QtJlhQkyAAhQ1Xw8UfznRGY=
Subject key identifier: AC:3C:7A:67:89:FE:6D:D8:27:97:FD:25:9E:17:6B:EE:E0:9D:21:E4
Certificate issuer: /CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Certificate serial: 018CC3B73CE001CF29047510EE8553BEDFD2
Authority key identifier: D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/rDx6Z4n-bdgnl_0lnhdr7uCdIeQ.roa
Signing time: Mon 01 Jan 2024 06:30:14 +0000
ROA not before: Mon 01 Jan 2024 06:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200561
IP address blocks: 185.79.24.0/22 maxlen: 22
185.79.24.0/24 maxlen: 24
185.79.25.0/24 maxlen: 24
185.175.29.0/24 maxlen: 24
185.175.28.0/24 maxlen: 24
185.175.28.0/22 maxlen: 24
2a0b:cb00::/29 maxlen: 29
2a03:20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3c:e0:01:cf:29:04:75:10:ee:85:53:be:df:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Validity
Not Before: Jan 1 06:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac3c7a6789fe6dd82797fd259e176beee09d21e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3c:89:e0:3c:50:15:6d:74:e7:06:06:85:7a:
27:e8:b5:f3:3d:cd:29:28:f8:5b:cf:cf:b6:21:9b:
f6:f3:22:b8:c7:2e:43:0a:20:52:6c:b9:21:2e:32:
50:ec:22:7a:a4:dc:fb:41:e6:db:7f:04:d9:cd:c5:
2b:04:56:11:5a:80:fc:4d:c6:c6:98:84:9a:71:97:
7c:39:0d:c7:da:24:fe:5d:64:d0:c9:72:39:83:fd:
67:99:3c:5b:6f:ef:17:91:5a:b5:fd:e7:d5:32:b3:
8e:44:96:9a:28:ad:90:b8:1c:0e:b0:58:94:8e:b9:
e2:1b:9c:59:21:75:67:70:1e:ab:a0:0f:88:4d:db:
30:e4:2c:64:57:df:d5:70:aa:be:3e:ad:0d:f1:03:
7c:4c:ba:1f:a2:e6:1e:cf:ca:a4:68:3d:ad:0b:e2:
a8:8e:79:16:a3:fd:b0:8b:54:18:52:74:93:45:0c:
e6:d3:88:43:ca:5e:81:ce:51:18:c9:83:ed:62:5c:
76:ee:43:c9:fa:88:2b:0d:0a:8c:65:29:1b:42:eb:
2c:90:7f:a7:cd:24:4d:c4:e6:a8:92:79:ed:46:0a:
c7:e8:17:a0:59:24:f5:d3:85:d5:8b:c4:96:69:3f:
6c:dc:65:37:27:27:b0:a4:cd:2c:a3:e6:b6:9a:ad:
5b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3C:7A:67:89:FE:6D:D8:27:97:FD:25:9E:17:6B:EE:E0:9D:21:E4
X509v3 Authority Key Identifier:
keyid:D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/rDx6Z4n-bdgnl_0lnhdr7uCdIeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.24.0/22
185.175.28.0/22
IPv6:
2a03:20::/32
2a0b:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
62:64:a8:37:41:b4:e5:7d:a7:9d:91:c4:2a:24:47:bc:67:a6:
f5:a8:f4:8b:f7:97:48:22:70:27:76:f4:92:49:20:80:59:6c:
f7:22:1b:b5:26:55:1b:18:b3:95:7d:7e:68:ba:39:25:95:21:
23:5f:2a:56:6f:5d:e0:40:82:e6:69:9f:5c:df:65:9f:c7:ec:
bf:92:59:63:b0:ff:95:85:ca:de:a3:a3:4b:73:de:f2:a0:44:
b5:5b:26:3a:2a:ff:76:8f:b8:80:82:76:4d:9c:6d:67:bd:7c:
a1:3a:51:3b:1f:1f:7c:62:64:ea:e2:28:e4:ec:13:dd:a4:4e:
2b:33:8c:ad:f8:61:95:b6:ad:6a:44:29:d1:2d:77:e3:61:0d:
f0:d5:9e:2c:70:22:e4:ec:ae:ad:a7:10:fd:7d:4f:69:85:25:
c6:ed:94:7d:b4:2f:d5:41:50:42:7b:15:14:08:c8:d9:dd:42:
d0:c6:32:af:24:c7:fe:cd:02:02:c5:47:70:4a:fd:33:d2:c8:
d1:5c:91:76:ae:dc:ab:86:ab:e9:50:95:e6:04:25:2f:37:d8:
f6:12:4b:34:ab:36:64:a7:2c:62:86:c4:7a:94:8a:a2:f9:a8:
b8:b0:37:6f:4a:03:10:66:bb:57:12:89:d3:d2:3e:88:38:d9:
db:b0:43:bd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDtzzgAc8pBHUQ7oVTvt/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MzVmOGZhYzcwNjJmNzdmMjRiOThjZDVjM2I1NGE4OWJh
ZDQ4MzgwHhcNMjQwMTAxMDYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzNjN2E2Nzg5ZmU2ZGQ4Mjc5N2ZkMjU5ZTE3NmJlZWUwOWQyMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzyJ4DxQFW105wYGhXon6LXzPc0p
KPhbz8+2IZv28yK4xy5DCiBSbLkhLjJQ7CJ6pNz7QebbfwTZzcUrBFYRWoD8TcbG
mISacZd8OQ3H2iT+XWTQyXI5g/1nmTxbb+8XkVq1/efVMrOORJaaKK2QuBwOsFiU
jrniG5xZIXVncB6roA+ITdsw5CxkV9/VcKq+Pq0N8QN8TLofouYez8qkaD2tC+Ko
jnkWo/2wi1QYUnSTRQzm04hDyl6BzlEYyYPtYlx27kPJ+ogrDQqMZSkbQusskH+n
zSRNxOaoknntRgrH6BegWST104XVi8SWaT9s3GU3JyewpM0so+a2mq1b2QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKw8emeJ/m3YJ5f9JZ4Xa+7gnSHkMB8GA1UdIwQY
MBaAFNU1+PrHBi938kuYzVw7VKibrUg4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVRYNC1zY0dMM2Z5UzVqTlhEdFVxSnV0U0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8wOTdkYTEtN2NjOS00MzQzLTgwMjQt
YjMxMGQ3MWMyY2FkLzEvckR4Nlo0bi1iZGdubF8wbG5oZHI3dUNkSWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8wOTdkYTEtN2NjOS00MzQzLTgwMjQtYjMxMGQ3MWMyY2Fk
LzEvMVRYNC1zY0dMM2Z5UzVqTlhEdFVxSnV0U0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuU8YAwQC
ua8cMBQEAgACMA4DBQAqAwAgAwUDKgvLADANBgkqhkiG9w0BAQsFAAOCAQEAYmSo
N0G05X2nnZHEKiRHvGem9aj0i/eXSCJwJ3b0kkkggFls9yIbtSZVGxizlX1+aLo5
JZUhI18qVm9d4ECC5mmfXN9ln8fsv5JZY7D/lYXK3qOjS3Pe8qBEtVsmOir/do+4
gIJ2TZxtZ718oTpROx8ffGJk6uIo5OwT3aROKzOMrfhhlbatakQp0S1342EN8NWe
LHAi5OyuracQ/X1PaYUlxu2UfbQv1UFQQnsVFAjI2d1C0MYyryTH/s0CAsVHcEr9
M9LI0VyRdq7cq4ar6VCV5gQlLzfY9hJLNKs2ZKcsYobEepSKovmouLA3b0oDEGa7
VxKJ09I+iDjZ27BDvQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:03:06 2024 by rpki-client on console-fra.rpki-client.org