Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/beYRjHWpRdm742UKdwd_P5l9XdI.roa
File: beYRjHWpRdm742UKdwd_P5l9XdI.roa (raw, json)
Hash identifier: fB3Zjcl/ZIomW7V63UbmcSQkLlrmXXff1wb22yx1GhQ=
Subject key identifier: 6D:E6:11:8C:75:A9:45:D9:BB:E3:65:0A:77:07:7F:3F:99:7D:5D:D2
Certificate issuer: /CN=da90d04bf57fa4868e69997c83b3ad771fd50a9d
Certificate serial: 018CC64B0DB0D8E6DB095071C1C164952FFE
Authority key identifier: DA:90:D0:4B:F5:7F:A4:86:8E:69:99:7C:83:B3:AD:77:1F:D5:0A:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/beYRjHWpRdm742UKdwd_P5l9XdI.roa
Signing time: Mon 01 Jan 2024 18:30:56 +0000
ROA not before: Mon 01 Jan 2024 18:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210939
IP address blocks: 185.237.124.0/22 maxlen: 22
2a11:9700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 23:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:0d:b0:d8:e6:db:09:50:71:c1:c1:64:95:2f:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da90d04bf57fa4868e69997c83b3ad771fd50a9d
Validity
Not Before: Jan 1 18:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6de6118c75a945d9bbe3650a77077f3f997d5dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d2:2b:8a:a9:28:79:de:dd:ff:71:f1:44:a1:
18:24:e2:7d:67:8c:97:03:2d:fe:31:56:ee:c6:47:
96:97:27:7d:ba:18:05:8a:13:0d:14:52:32:0a:76:
e8:45:a8:c5:d6:6a:24:4f:d6:6b:a7:16:68:dc:74:
b9:b8:38:84:e9:36:56:1c:69:4b:29:7d:ec:42:7e:
bd:ed:d5:1a:f7:5d:08:6c:ac:8d:e0:fe:31:fd:73:
9b:8f:98:4c:92:a8:e3:c8:72:f1:b4:7f:23:dc:09:
79:b0:b4:22:8a:c2:d2:3c:e4:1c:8a:61:02:71:ec:
28:bb:f0:e9:0c:f5:5f:2c:3b:48:01:82:1f:85:ac:
42:d8:8b:33:d4:9b:65:57:73:24:20:d0:20:15:35:
21:3a:cc:ec:76:f2:1e:2d:64:e0:47:65:34:be:5b:
45:9c:99:d3:67:e4:7c:e3:fb:9a:ad:b0:a9:43:f8:
36:ef:b8:2d:78:21:45:e3:2a:0e:f6:73:04:b0:71:
ba:5f:ab:8a:c8:60:58:1c:70:fb:1b:4e:37:ae:7f:
6f:bd:77:fc:e2:cf:20:9e:90:30:e4:fa:70:f2:03:
df:1d:ce:9f:f0:c2:d2:41:c7:0f:97:52:b2:22:ae:
26:72:8e:28:f9:07:69:27:41:71:6e:6b:8c:ed:83:
34:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E6:11:8C:75:A9:45:D9:BB:E3:65:0A:77:07:7F:3F:99:7D:5D:D2
X509v3 Authority Key Identifier:
keyid:DA:90:D0:4B:F5:7F:A4:86:8E:69:99:7C:83:B3:AD:77:1F:D5:0A:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/beYRjHWpRdm742UKdwd_P5l9XdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.124.0/22
IPv6:
2a11:9700::/32
Signature Algorithm: sha256WithRSAEncryption
6c:c2:cf:95:a2:e3:81:ea:94:b2:ad:1e:31:6e:d3:06:99:5c:
37:32:7a:94:18:f8:1b:3a:de:9e:3d:09:f9:a5:7d:c1:08:4b:
f7:bb:f6:5f:7d:1f:aa:01:00:82:5c:dd:67:df:d4:e9:4b:4e:
1c:7b:3d:86:3e:52:db:bf:e9:0e:39:10:a3:28:f7:60:78:b0:
5b:0f:fa:54:b7:43:9f:1c:1f:49:89:59:0d:72:36:fd:6f:7d:
d5:6f:55:92:33:3d:26:6b:46:70:c6:0c:34:0b:46:64:8f:8f:
72:d2:6d:60:ac:39:16:4a:72:c5:c5:be:0c:e8:ae:7f:3e:f1:
27:95:6e:59:bb:72:39:4e:b9:3a:e6:17:49:69:bb:29:38:f3:
1c:78:58:11:bb:40:65:28:14:b1:21:df:0e:0c:d1:03:b2:d8:
a7:51:4b:6c:da:d9:fc:d2:f1:57:24:a0:84:f8:fa:72:e9:5d:
a0:ac:d8:92:8f:7e:56:77:9c:81:c3:fd:d3:e5:4b:40:17:41:
25:7c:8a:ee:f3:ab:b4:33:a8:aa:97:03:6a:53:a3:77:fc:f6:
ab:48:5c:0e:ae:d9:8a:4b:00:43:7f:15:d0:fb:3f:c0:84:06:
3a:bc:c6:0d:71:1d:86:8d:a5:e1:96:7a:e2:f6:4f:07:2a:2d:
38:72:bb:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSw2w2ObbCVBxwcFklS/+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTBkMDRiZjU3ZmE0ODY4ZTY5OTk3YzgzYjNhZDc3MWZk
NTBhOWQwHhcNMjQwMTAxMTgzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGU2MTE4Yzc1YTk0NWQ5YmJlMzY1MGE3NzA3N2YzZjk5N2Q1ZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtIriqkoed7d/3HxRKEYJOJ9Z4yX
Ay3+MVbuxkeWlyd9uhgFihMNFFIyCnboRajF1mokT9ZrpxZo3HS5uDiE6TZWHGlL
KX3sQn697dUa910IbKyN4P4x/XObj5hMkqjjyHLxtH8j3Al5sLQiisLSPOQcimEC
cewou/DpDPVfLDtIAYIfhaxC2Isz1JtlV3MkINAgFTUhOszsdvIeLWTgR2U0vltF
nJnTZ+R84/uarbCpQ/g277gteCFF4yoO9nMEsHG6X6uKyGBYHHD7G043rn9vvXf8
4s8gnpAw5Ppw8gPfHc6f8MLSQccPl1KyIq4mco4o+QdpJ0FxbmuM7YM0ZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG3mEYx1qUXZu+NlCncHfz+ZfV3SMB8GA1UdIwQY
MBaAFNqQ0Ev1f6SGjmmZfIOzrXcf1QqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80ZDI1NDUtYTdkNS00NjVjLTk2MTgt
NTFhZDljMzgyYThkLzEvYmVZUmpIV3BSZG03NDJVS2R3ZF9QNWw5WGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80ZDI1NDUtYTdkNS00NjVjLTk2MTgtNTFhZDljMzgyYThk
LzEvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue18MA0E
AgACMAcDBQAqEZcAMA0GCSqGSIb3DQEBCwUAA4IBAQBsws+VouOB6pSyrR4xbtMG
mVw3MnqUGPgbOt6ePQn5pX3BCEv3u/ZffR+qAQCCXN1n39TpS04cez2GPlLbv+kO
ORCjKPdgeLBbD/pUt0OfHB9JiVkNcjb9b33Vb1WSMz0ma0Zwxgw0C0Zkj49y0m1g
rDkWSnLFxb4M6K5/PvEnlW5Zu3I5Trk65hdJabspOPMceFgRu0BlKBSxId8ODNED
stinUUts2tn80vFXJKCE+Ppy6V2grNiSj35Wd5yBw/3T5UtAF0ElfIru86u0M6iq
lwNqU6N3/ParSFwOrtmKSwBDfxXQ+z/AhAY6vMYNcR2GjaXhlnri9k8HKi04cruN
-----END CERTIFICATE-----
Generated at Wed Nov 27 06:04:55 2024 by rpki-client on console-fra.rpki-client.org