Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/1I9Y2eT9qRfiaGCqOCKF4eR8zFg.roa
File: 1I9Y2eT9qRfiaGCqOCKF4eR8zFg.roa (raw, json)
Hash identifier: QDKthJY/wQarLsZeuwPLcrhYvhcS1yGYjPVrqB2aceI=
Subject key identifier: D4:8F:58:D9:E4:FD:A9:17:E2:68:60:AA:38:22:85:E1:E4:7C:CC:58
Certificate issuer: /CN=39ca5065043d28a2adc36383a1df7d3bec81ce8d
Certificate serial: 018CC72768833642702032073A8101BE8022
Authority key identifier: 39:CA:50:65:04:3D:28:A2:AD:C3:63:83:A1:DF:7D:3B:EC:81:CE:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OcpQZQQ9KKKtw2ODod99O-yBzo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/1I9Y2eT9qRfiaGCqOCKF4eR8zFg.roa
Signing time: Mon 01 Jan 2024 22:31:37 +0000
ROA not before: Mon 01 Jan 2024 22:31:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206860
IP address blocks: 85.202.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OcpQZQQ9KKKtw2ODod99O-yBzo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:68:83:36:42:70:20:32:07:3a:81:01:be:80:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39ca5065043d28a2adc36383a1df7d3bec81ce8d
Validity
Not Before: Jan 1 22:31:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d48f58d9e4fda917e26860aa382285e1e47ccc58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:20:40:c0:de:0c:23:67:a5:8d:8f:de:c0:fd:
0c:b4:df:14:b0:5a:07:66:aa:a1:4c:bf:5c:59:c7:
3d:0d:0b:48:f7:eb:4b:cc:ad:32:bc:a6:8e:4a:5a:
46:b7:09:9c:a5:7c:78:08:90:f7:88:b0:76:f0:4d:
51:5a:83:7e:51:96:71:a8:57:71:1a:90:2d:5e:14:
c5:90:b0:bc:2c:f9:45:e1:76:cd:9b:96:8e:c5:1b:
bd:b9:89:7f:09:cb:ad:8b:4e:e4:2e:fd:16:e3:b6:
fc:d4:03:1f:ba:75:0d:91:70:a1:51:35:0f:47:2a:
21:34:2d:fb:f7:5a:c9:a1:e7:a2:82:e0:4e:9b:06:
98:55:d1:82:53:63:a5:ad:81:8e:fe:f3:78:7a:71:
61:c2:64:be:5d:70:0b:17:45:c7:41:e2:f3:f7:dd:
26:3d:2c:ea:b0:77:ad:e1:68:08:1f:22:a9:29:bf:
33:e5:49:75:47:e7:34:f5:26:da:40:16:2c:a5:b7:
43:c3:f6:b4:d1:df:5f:e5:15:a1:a5:25:35:91:69:
2c:7e:6d:ac:43:c8:53:21:cd:d8:19:33:0b:c7:f1:
81:62:39:69:11:e6:4e:cf:d9:49:e4:bc:57:cd:9c:
44:70:e3:3d:a3:db:fe:c9:91:e4:af:41:4b:9a:4f:
03:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8F:58:D9:E4:FD:A9:17:E2:68:60:AA:38:22:85:E1:E4:7C:CC:58
X509v3 Authority Key Identifier:
keyid:39:CA:50:65:04:3D:28:A2:AD:C3:63:83:A1:DF:7D:3B:EC:81:CE:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OcpQZQQ9KKKtw2ODod99O-yBzo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/1I9Y2eT9qRfiaGCqOCKF4eR8zFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/347c34-96d8-4184-a668-870acfecbcdf/1/OcpQZQQ9KKKtw2ODod99O-yBzo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.201.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:82:a6:51:a2:af:7b:a9:c0:da:db:65:22:06:59:04:06:dc:
69:3b:46:3f:48:d8:37:75:c5:d5:a3:4c:a3:b3:bb:b6:23:59:
36:21:0a:31:d2:4c:1f:59:0f:c9:ee:ab:07:3c:ec:58:f6:b2:
b2:25:1f:fb:49:4f:ed:28:fb:65:aa:ce:c5:fb:6a:f6:5c:a2:
0a:d3:29:64:f1:8b:b4:fa:b9:b7:f0:20:71:9f:65:0a:0c:a1:
18:65:ed:94:09:95:fc:cf:98:3d:5b:40:87:41:29:70:6f:89:
8b:ed:73:d2:f0:6a:a9:a4:af:08:c0:d5:27:a4:d9:85:ad:ec:
ca:19:34:c0:75:4c:91:9f:bd:c4:9f:df:0c:52:6a:03:9f:6c:
b8:74:e7:9a:16:ef:33:5b:4b:d8:97:5b:ce:61:50:10:aa:d0:
83:90:7b:b5:22:63:7d:06:41:67:14:2e:53:6e:1f:44:34:f0:
e0:ea:ea:42:3a:36:f5:07:58:ea:64:00:f5:5d:8a:ae:13:53:
84:f9:44:3f:07:37:24:01:2a:40:ca:53:49:60:ff:8e:5b:2b:
d1:73:5e:94:2f:11:b5:bc:6a:91:f0:34:21:41:c7:28:e8:66:
eb:1f:4a:89:b2:f5:d0:5a:9c:9b:e2:39:a8:05:53:fa:b9:47:
6f:70:50:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ2iDNkJwIDIHOoEBvoAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5Y2E1MDY1MDQzZDI4YTJhZGMzNjM4M2ExZGY3ZDNiZWM4
MWNlOGQwHhcNMjQwMTAxMjIzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDhmNThkOWU0ZmRhOTE3ZTI2ODYwYWEzODIyODVlMWU0N2NjYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiBAwN4MI2eljY/ewP0MtN8UsFoH
ZqqhTL9cWcc9DQtI9+tLzK0yvKaOSlpGtwmcpXx4CJD3iLB28E1RWoN+UZZxqFdx
GpAtXhTFkLC8LPlF4XbNm5aOxRu9uYl/Ccuti07kLv0W47b81AMfunUNkXChUTUP
RyohNC3791rJoeeiguBOmwaYVdGCU2OlrYGO/vN4enFhwmS+XXALF0XHQeLz990m
PSzqsHet4WgIHyKpKb8z5Ul1R+c09SbaQBYspbdDw/a00d9f5RWhpSU1kWksfm2s
Q8hTIc3YGTMLx/GBYjlpEeZOz9lJ5LxXzZxEcOM9o9v+yZHkr0FLmk8DeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSPWNnk/akX4mhgqjgiheHkfMxYMB8GA1UdIwQY
MBaAFDnKUGUEPSiircNjg6HffTvsgc6NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2NwUVpRUTlLS0t0dzJPRG9kOTlPLXlCem8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8zNDdjMzQtOTZkOC00MTg0LWE2Njgt
ODcwYWNmZWNiY2RmLzEvMUk5WTJlVDlxUmZpYUdDcU9DS0Y0ZVI4ekZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8zNDdjMzQtOTZkOC00MTg0LWE2NjgtODcwYWNmZWNiY2Rm
LzEvT2NwUVpRUTlLS0t0dzJPRG9kOTlPLXlCem8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcrJMA0G
CSqGSIb3DQEBCwUAA4IBAQCngqZRoq97qcDa22UiBlkEBtxpO0Y/SNg3dcXVo0yj
s7u2I1k2IQox0kwfWQ/J7qsHPOxY9rKyJR/7SU/tKPtlqs7F+2r2XKIK0ylk8Yu0
+rm38CBxn2UKDKEYZe2UCZX8z5g9W0CHQSlwb4mL7XPS8GqppK8IwNUnpNmFrezK
GTTAdUyRn73En98MUmoDn2y4dOeaFu8zW0vYl1vOYVAQqtCDkHu1ImN9BkFnFC5T
bh9ENPDg6upCOjb1B1jqZAD1XYquE1OE+UQ/BzckASpAylNJYP+OWyvRc16ULxG1
vGqR8DQhQcco6GbrH0qJsvXQWpyb4jmoBVP6uUdvcFBU
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:57:07 2024 by rpki-client on console-ams.rpki-client.org