Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/1-Os_WatYp5Ju73ruE17uCiHWTlw.roa
File: 1-Os_WatYp5Ju73ruE17uCiHWTlw.roa (raw, json)
Hash identifier: QF9vphxsNYbcsX2pySURsNcT0GZ/8Fj1aMahDocw/AU=
Subject key identifier: F8:EB:3F:59:AB:58:A7:92:6E:EF:7A:EE:13:5E:EE:0A:21:D6:4E:5C
Certificate issuer: /CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Certificate serial: 018CC64AB293A853F02471DD0B3923BB4A38
Authority key identifier: 1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/1-Os_WatYp5Ju73ruE17uCiHWTlw.roa
Signing time: Mon 01 Jan 2024 18:30:33 +0000
ROA not before: Mon 01 Jan 2024 18:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211095
IP address blocks: 185.68.235.0/24 maxlen: 24
185.68.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.mft
rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:b2:93:a8:53:f0:24:71:dd:0b:39:23:bb:4a:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d65b7b7b898faaee70767d09715c436a83fcdc2
Validity
Not Before: Jan 1 18:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8eb3f59ab58a7926eef7aee135eee0a21d64e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9d:53:65:84:4a:65:4c:66:46:51:f7:31:ae:
84:4b:5f:bd:5f:35:c0:51:78:e6:05:3d:1c:c9:4b:
04:67:ed:91:8d:cf:49:13:5e:ac:5a:13:b6:cf:3b:
71:07:35:f2:c7:ae:b1:6c:ed:1d:63:01:b2:4f:9e:
9e:42:1d:73:53:83:1f:a9:8c:d4:e6:ab:b1:56:51:
42:cb:75:72:21:16:c6:6d:d8:42:e5:34:5f:65:9f:
8c:8b:63:5e:33:90:8e:15:cc:60:16:10:4e:cb:d7:
2d:d2:d2:92:84:d0:e6:46:d1:53:3f:44:dd:1a:f1:
df:14:3d:33:69:df:f6:d1:fe:3c:7e:0d:b5:72:e8:
5d:16:3d:ca:d1:02:91:0b:bb:b1:75:1f:cf:96:e5:
3d:9a:20:5b:8e:97:e8:de:3b:ac:86:d9:15:cc:c5:
76:c0:a4:92:2e:06:dd:a6:92:c6:5a:13:b9:23:d5:
24:ed:c9:9a:3d:2c:1a:e7:0f:23:2f:4f:2a:87:2c:
bd:c2:a6:e6:4d:f9:63:72:ad:59:8b:f7:2f:5f:44:
c1:ba:de:94:b3:23:14:70:7d:1b:9a:0a:95:4d:84:
88:db:8e:5d:c2:73:4f:ac:f7:94:22:d4:97:65:90:
c3:76:94:d3:f2:d1:c3:cb:22:ce:49:84:10:64:71:
e3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EB:3F:59:AB:58:A7:92:6E:EF:7A:EE:13:5E:EE:0A:21:D6:4E:5C
X509v3 Authority Key Identifier:
keyid:1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/1-Os_WatYp5Ju73ruE17uCiHWTlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.234.0/23
Signature Algorithm: sha256WithRSAEncryption
40:94:1f:d3:2d:f5:3d:0d:4f:00:8e:6b:fa:dc:b9:46:28:c9:
37:89:02:68:25:bf:ea:46:ef:55:a0:15:47:58:19:7b:a4:cf:
b3:3b:66:48:31:a3:55:be:06:aa:10:6e:e3:eb:58:4e:9f:9e:
a1:f4:82:02:98:de:0c:9c:84:fa:f6:5c:36:33:8a:20:21:39:
bf:57:d4:e2:5d:ca:fb:14:a8:6b:e2:e6:26:54:30:b2:90:ff:
46:07:0b:92:ce:7e:05:1c:c2:18:6c:1b:c6:c3:52:d0:79:b8:
a6:1e:60:63:93:54:2b:ca:91:55:92:9a:96:ee:2c:65:57:97:
fb:92:b2:7c:d4:cf:28:32:ee:a4:d2:f3:79:0c:06:60:46:ba:
39:85:d2:93:fb:34:8f:46:e8:9e:4d:16:bd:24:23:61:5a:15:
8c:a8:3d:41:52:5a:f7:d4:28:26:91:df:af:ae:16:aa:cc:3e:
8d:15:bd:f5:74:b4:55:4a:7c:60:16:d7:df:bc:b6:5c:83:f0:
7d:a1:0c:05:18:ea:af:82:bd:6b:f1:4e:5f:24:0e:62:f0:e1:
27:95:87:8b:dc:6e:d3:5d:f8:15:d9:8a:fc:35:6c:bd:cf:ab:
5d:01:81:ce:79:53:4a:51:85:e0:c4:97:bf:41:76:c4:40:59:
a4:19:bf:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGSrKTqFPwJHHdCzkju0o4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNjViN2I3Yjg5OGZhYWVlNzA3NjdkMDk3MTVjNDM2YTgz
ZmNkYzIwHhcNMjQwMTAxMTgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGViM2Y1OWFiNThhNzkyNmVlZjdhZWUxMzVlZWUwYTIxZDY0ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJ1TZYRKZUxmRlH3Ma6ES1+9XzXA
UXjmBT0cyUsEZ+2Rjc9JE16sWhO2zztxBzXyx66xbO0dYwGyT56eQh1zU4MfqYzU
5quxVlFCy3VyIRbGbdhC5TRfZZ+Mi2NeM5COFcxgFhBOy9ct0tKShNDmRtFTP0Td
GvHfFD0zad/20f48fg21cuhdFj3K0QKRC7uxdR/PluU9miBbjpfo3jushtkVzMV2
wKSSLgbdppLGWhO5I9Uk7cmaPSwa5w8jL08qhyy9wqbmTfljcq1Zi/cvX0TBut6U
syMUcH0bmgqVTYSI245dwnNPrPeUItSXZZDDdpTT8tHDyyLOSYQQZHHj4QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjrP1mrWKeSbu967hNe7goh1k5cMB8GA1UdIwQY
MBaAFB1lt7e4mPqu5wdn0JcVxDaoP83CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUt
OGZjMzczNzU3Njg0LzEvMS1Pc19XYXRZcDVKdTczcnVFMTd1Q2lIV1Rsdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2MvZGVhZWYxLTYyNDEtNDlhYi05ODI1LThmYzM3Mzc1NzY4
NC8xL0hXVzN0N2lZLXE3bkIyZlFseFhFTnFnX3pjSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAblE6jAN
BgkqhkiG9w0BAQsFAAOCAQEAQJQf0y31PQ1PAI5r+ty5RijJN4kCaCW/6kbvVaAV
R1gZe6TPsztmSDGjVb4GqhBu4+tYTp+eofSCApjeDJyE+vZcNjOKICE5v1fU4l3K
+xSoa+LmJlQwspD/RgcLks5+BRzCGGwbxsNS0Hm4ph5gY5NUK8qRVZKalu4sZVeX
+5KyfNTPKDLupNLzeQwGYEa6OYXSk/s0j0bonk0WvSQjYVoVjKg9QVJa99QoJpHf
r64Wqsw+jRW99XS0VUp8YBbX37y2XIPwfaEMBRjqr4K9a/FOXyQOYvDhJ5WHi9xu
0134FdmK/DVsvc+rXQGBznlTSlGF4MSXv0F2xEBZpBm/tQ==
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:26:20 2024 by rpki-client on console-ams.rpki-client.org