Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/1rSEcxSJI3Vqp99PWh7sJqbp0mI.roa
File: 1rSEcxSJI3Vqp99PWh7sJqbp0mI.roa (raw, json)
Hash identifier: k5gn4yfULZ2xeDivsMHe5nuaS1M7y4pXBi/lwQrW7q8=
Subject key identifier: D6:B4:84:73:14:89:23:75:6A:A7:DF:4F:5A:1E:EC:26:A6:E9:D2:62
Certificate issuer: /CN=a316c7659af1d56bc718faf614f092758f5edc7f
Certificate serial: 018CC794316561B1AE3A9C7ED58F3A35069A
Authority key identifier: A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/1rSEcxSJI3Vqp99PWh7sJqbp0mI.roa
Signing time: Tue 02 Jan 2024 00:30:27 +0000
ROA not before: Tue 02 Jan 2024 00:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54113
IP address blocks: 185.221.87.0/24 maxlen: 24
2a0d:8000:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.mft
rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:31:65:61:b1:ae:3a:9c:7e:d5:8f:3a:35:06:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a316c7659af1d56bc718faf614f092758f5edc7f
Validity
Not Before: Jan 2 00:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6b48473148923756aa7df4f5a1eec26a6e9d262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:37:f2:be:4f:d4:ee:cd:1f:c3:e6:a0:58:da:
f4:9e:03:fb:90:57:ab:14:60:a5:01:c6:ce:75:0d:
a3:a9:0f:06:68:8e:2a:bf:fc:4e:e2:5d:65:de:93:
83:16:37:e1:5b:b5:f3:31:ef:07:8b:27:09:e0:ad:
5d:97:e6:da:26:3f:e7:dc:26:1d:b1:d1:07:d7:5e:
21:71:03:bd:4e:3b:a5:d1:c9:7a:13:e0:93:e5:b7:
4d:eb:26:de:c6:a6:d4:30:5e:32:d7:a6:87:e6:cc:
d1:80:f6:2f:b3:44:fe:27:d6:49:ee:c2:ab:ca:0d:
96:df:55:3f:51:2a:84:f3:58:0b:10:7d:0d:aa:6c:
21:37:49:81:e6:d1:e7:85:56:fe:46:bb:bf:c5:df:
1b:d8:8c:77:c4:09:d5:32:a2:f7:a5:9f:66:6b:c6:
73:78:f7:e7:65:b9:85:b2:45:a9:03:d2:75:b0:82:
45:88:9d:1e:ee:33:30:5b:d9:d7:92:f9:8f:a6:32:
bd:37:ea:c1:ad:0b:87:72:29:ce:c3:87:92:37:8d:
03:80:80:c9:f2:03:2c:d2:2c:94:e9:6e:e9:6c:8b:
ba:87:5b:f2:01:6b:46:99:7e:d3:00:ef:b3:dd:bb:
81:83:78:98:31:1b:5a:2a:9a:f1:9f:60:2d:74:fa:
a7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B4:84:73:14:89:23:75:6A:A7:DF:4F:5A:1E:EC:26:A6:E9:D2:62
X509v3 Authority Key Identifier:
keyid:A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/1rSEcxSJI3Vqp99PWh7sJqbp0mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.87.0/24
IPv6:
2a0d:8000:1::/48
Signature Algorithm: sha256WithRSAEncryption
04:f1:87:f0:a2:6a:df:04:d4:8f:dc:ee:7d:ff:10:7a:e1:f7:
87:fb:73:5e:eb:05:2c:ca:82:a5:48:c7:4f:a7:6a:b2:9c:5f:
62:c9:53:74:41:bc:49:8a:0d:12:dd:61:89:10:92:9d:5b:61:
1e:5c:78:c5:6b:c0:7a:22:34:44:b7:75:4c:2f:51:e8:a2:fe:
27:f6:82:b5:fb:a5:b6:2e:6f:22:cc:c6:d5:ff:8a:63:2c:22:
73:aa:51:e8:f6:4a:87:c0:61:40:a1:eb:7f:97:56:06:ce:9f:
85:2e:cd:c8:bf:20:43:80:41:a7:30:9f:f9:0f:d9:4a:5d:7f:
dc:29:d2:62:28:d6:a7:7f:12:d2:55:ca:81:4c:33:7d:28:36:
b9:0d:95:7e:c5:4a:30:38:46:df:fa:96:23:c8:f2:f7:4c:c8:
8a:21:1a:13:9b:cf:e4:d1:01:86:9a:77:90:2b:b5:96:74:56:
30:b5:1a:72:32:89:31:e8:4a:64:bc:4d:7c:fa:89:6e:01:57:
3a:7b:0b:a3:52:68:4d:de:ef:54:ec:54:58:ab:ef:78:96:e0:
0f:27:01:fd:52:e7:2a:a8:77:a9:42:e4:db:25:b3:0f:44:c8:
89:df:94:b4:4a:f3:64:df:c1:a8:f1:d9:7b:27:ae:8c:d1:2d:
6b:2b:08:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHlDFlYbGuOpx+1Y86NQaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTZjNzY1OWFmMWQ1NmJjNzE4ZmFmNjE0ZjA5Mjc1OGY1
ZWRjN2YwHhcNMjQwMTAyMDAzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmI0ODQ3MzE0ODkyMzc1NmFhN2RmNGY1YTFlZWMyNmE2ZTlkMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDfyvk/U7s0fw+agWNr0ngP7kFer
FGClAcbOdQ2jqQ8GaI4qv/xO4l1l3pODFjfhW7XzMe8HiycJ4K1dl+baJj/n3CYd
sdEH114hcQO9Tjul0cl6E+CT5bdN6ybexqbUMF4y16aH5szRgPYvs0T+J9ZJ7sKr
yg2W31U/USqE81gLEH0NqmwhN0mB5tHnhVb+Rru/xd8b2Ix3xAnVMqL3pZ9ma8Zz
ePfnZbmFskWpA9J1sIJFiJ0e7jMwW9nXkvmPpjK9N+rBrQuHcinOw4eSN40DgIDJ
8gMs0iyU6W7pbIu6h1vyAWtGmX7TAO+z3buBg3iYMRtaKprxn2AtdPqnDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNa0hHMUiSN1aqffT1oe7Cam6dJiMB8GA1UdIwQY
MBaAFKMWx2Wa8dVrxxj69hTwknWPXtx/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUt
MzY4N2M4MThlZGU1LzEvMXJTRWN4U0pJM1ZxcDk5UFdoN3NKcWJwMG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUtMzY4N2M4MThlZGU1
LzEvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAud1XMA8E
AgACMAkDBwAqDYAAAAEwDQYJKoZIhvcNAQELBQADggEBAATxh/Ciat8E1I/c7n3/
EHrh94f7c17rBSzKgqVIx0+narKcX2LJU3RBvEmKDRLdYYkQkp1bYR5ceMVrwHoi
NES3dUwvUeii/if2grX7pbYubyLMxtX/imMsInOqUej2SofAYUCh63+XVgbOn4Uu
zci/IEOAQacwn/kP2Updf9wp0mIo1qd/EtJVyoFMM30oNrkNlX7FSjA4Rt/6liPI
8vdMyIohGhObz+TRAYaad5ArtZZ0VjC1GnIyiTHoSmS8TXz6iW4BVzp7C6NSaE3e
71TsVFir73iW4A8nAf1S5yqod6lC5Nslsw9EyInflLRK82Tfwajx2XsnrozRLWsr
CN8=
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:52:34 2024 by rpki-client on console-fra.rpki-client.org