Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/b4RkwwxHcM02ngsmN3yot9jdLI8.roa
File: b4RkwwxHcM02ngsmN3yot9jdLI8.roa (raw, json)
Hash identifier: KAHoFt3lRt0nV36d74INMEG1fEgkmIAkbr/tBZeKrQU=
Subject key identifier: 6F:84:64:C3:0C:47:70:CD:36:9E:0B:26:37:7C:A8:B7:D8:DD:2C:8F
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 0192BEBC30726743F90F12BB59AB666E5CA9
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/b4RkwwxHcM02ngsmN3yot9jdLI8.roa
Signing time: Thu 24 Oct 2024 13:34:17 +0000
ROA not before: Thu 24 Oct 2024 13:34:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.129.16.0/24 maxlen: 24
185.129.17.0/24 maxlen: 24
185.231.108.0/24 maxlen: 24
185.231.109.0/24 maxlen: 24
185.231.110.0/24 maxlen: 24
185.231.111.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:bc:30:72:67:43:f9:0f:12:bb:59:ab:66:6e:5c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Oct 24 13:34:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f8464c30c4770cd369e0b26377ca8b7d8dd2c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7c:75:4f:59:61:95:3d:46:68:19:fc:e6:5c:
af:c4:bd:19:a5:ac:d4:13:08:17:91:b3:1f:fb:17:
96:45:d4:bd:8f:38:cc:3f:e3:30:77:e6:72:97:5b:
9f:6b:be:cb:80:be:c2:fa:60:ec:3e:86:19:6b:1c:
60:b1:95:f2:38:62:93:18:13:e7:9a:43:7d:ef:31:
79:7c:bb:d6:69:61:54:00:c2:fa:c0:c1:34:68:10:
49:78:bc:93:cc:f2:10:af:a3:63:3d:b2:fc:19:7e:
9c:19:eb:85:fa:84:11:54:6f:00:07:85:21:a9:ee:
87:04:b0:47:82:0d:16:08:ba:f8:0b:a2:13:7c:30:
82:04:23:49:32:1a:b1:23:25:70:0f:ef:27:f2:5f:
8d:f4:9d:df:e4:25:88:b8:aa:67:72:a6:ca:32:f2:
1b:e6:04:9f:b8:be:20:c7:dc:d0:0e:77:5b:e8:71:
43:21:1d:f0:bc:99:2b:65:29:e5:e6:e9:7a:b5:ff:
8b:95:b0:dc:38:ac:3c:75:c1:0b:a9:17:28:35:f7:
6c:08:cb:e5:71:45:ad:07:03:01:24:77:6f:b7:f9:
ac:8e:96:0a:b1:16:4a:b6:d7:de:8b:24:8e:f2:c4:
96:b6:f6:68:6b:74:33:34:e1:17:39:4c:63:f5:64:
b6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:84:64:C3:0C:47:70:CD:36:9E:0B:26:37:7C:A8:B7:D8:DD:2C:8F
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/b4RkwwxHcM02ngsmN3yot9jdLI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
185.231.108.0/22
IPv6:
2a0f:aac0::-2a0f:aac0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
55:c2:46:a7:9b:6c:bc:0c:fe:ba:e9:05:7c:8a:f8:ce:43:51:
2f:54:6a:f9:b9:ee:dd:7e:9b:79:50:86:ee:dd:ce:59:30:7a:
f4:51:b5:e5:9a:02:0a:01:f7:78:19:0b:a6:20:bc:c5:d6:2b:
0a:b1:ce:29:9c:4d:df:e3:5a:51:3c:e0:8d:5e:99:f6:76:e6:
51:ee:ad:de:82:87:fe:76:43:5c:a9:c2:08:9c:5f:6c:40:1a:
f3:59:4b:4b:e1:2b:84:38:44:77:a1:64:e9:23:06:8e:d3:3d:
8b:32:24:2c:35:62:74:2e:46:a6:2b:53:63:f2:5e:d1:e4:58:
85:a6:69:1a:78:a1:60:1e:e1:be:52:b5:a0:9a:ce:31:4e:48:
f4:2b:0d:21:10:d2:49:78:d4:93:e3:75:93:66:fc:3a:24:5d:
d1:06:a5:6e:ec:a0:6b:5d:6c:00:17:83:78:87:4f:47:76:ab:
cd:98:b1:ae:ad:c6:f4:24:46:55:21:6d:c7:fc:9e:e4:18:39:
66:ff:0d:6c:4d:9b:db:3b:42:93:6e:cf:a4:d7:a7:dd:96:52:
ef:20:e9:f9:02:86:48:11:62:ff:58:56:ae:da:94:07:ae:c9:
43:52:04:09:cf:1c:94:9d:d7:e7:ce:67:9d:62:52:4c:32:58:
e5:61:32:b3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZK+vDByZ0P5DxK7WatmblypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQxMDI0MTMzNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjg0NjRjMzBjNDc3MGNkMzY5ZTBiMjYzNzdjYThiN2Q4ZGQyYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHx1T1lhlT1GaBn85lyvxL0ZpazU
EwgXkbMf+xeWRdS9jzjMP+Mwd+Zyl1ufa77LgL7C+mDsPoYZaxxgsZXyOGKTGBPn
mkN97zF5fLvWaWFUAML6wME0aBBJeLyTzPIQr6NjPbL8GX6cGeuF+oQRVG8AB4Uh
qe6HBLBHgg0WCLr4C6ITfDCCBCNJMhqxIyVwD+8n8l+N9J3f5CWIuKpncqbKMvIb
5gSfuL4gx9zQDndb6HFDIR3wvJkrZSnl5ul6tf+LlbDcOKw8dcELqRcoNfdsCMvl
cUWtBwMBJHdvt/msjpYKsRZKttfeiySO8sSWtvZoa3QzNOEXOUxj9WS2VQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFG+EZMMMR3DNNp4LJjd8qLfY3SyPMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvYjRSa3d3eEhjTTAybmdzbU4zeW90OWpkTEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBuYEQAwQC
uedsMBgEAgACMBIwEAMFBioPqsADBwAqD6rAAAIwDQYJKoZIhvcNAQELBQADggEB
AFXCRqebbLwM/rrpBXyK+M5DUS9Uavm57t1+m3lQhu7dzlkwevRRteWaAgoB93gZ
C6YgvMXWKwqxzimcTd/jWlE84I1emfZ25lHurd6Ch/52Q1ypwgicX2xAGvNZS0vh
K4Q4RHehZOkjBo7TPYsyJCw1YnQuRqYrU2PyXtHkWIWmaRp4oWAe4b5StaCazjFO
SPQrDSEQ0kl41JPjdZNm/DokXdEGpW7soGtdbAAXg3iHT0d2q82Ysa6txvQkRlUh
bcf8nuQYOWb/DWxNm9s7QpNuz6TXp92WUu8g6fkChkgRYv9YVq7alAeuyUNSBAnP
HJSd1+fOZ51iUkwyWOVhMrM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:31:03 2024 by rpki-client on console-ams.rpki-client.org