Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/CdV6ALD-WMhpli48mmkZuLb9-Kk.roa
File: CdV6ALD-WMhpli48mmkZuLb9-Kk.roa (raw, json)
Hash identifier: QZX9hvfsdcGOzWvh4UHNttZW8FuMkCh2lLKEIW3UEu8=
Subject key identifier: 09:D5:7A:00:B0:FE:58:C8:69:96:2E:3C:9A:69:19:B8:B6:FD:F8:A9
Certificate issuer: /CN=2f367c7949fa0f6cf05a21027e75b84612dc13b0
Certificate serial: 018CC50102AD4803FA18ED7FCC65606B3F34
Authority key identifier: 2F:36:7C:79:49:FA:0F:6C:F0:5A:21:02:7E:75:B8:46:12:DC:13:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzZ8eUn6D2zwWiECfnW4RhLcE7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/CdV6ALD-WMhpli48mmkZuLb9-Kk.roa
Signing time: Mon 01 Jan 2024 12:30:26 +0000
ROA not before: Mon 01 Jan 2024 12:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201565
IP address blocks: 185.62.249.0/24 maxlen: 24
185.62.248.0/24 maxlen: 24
185.62.251.0/24 maxlen: 24
185.62.250.0/24 maxlen: 24
2a03:820:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/LzZ8eUn6D2zwWiECfnW4RhLcE7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/LzZ8eUn6D2zwWiECfnW4RhLcE7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/LzZ8eUn6D2zwWiECfnW4RhLcE7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:02:ad:48:03:fa:18:ed:7f:cc:65:60:6b:3f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f367c7949fa0f6cf05a21027e75b84612dc13b0
Validity
Not Before: Jan 1 12:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09d57a00b0fe58c869962e3c9a6919b8b6fdf8a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:19:b0:51:54:19:32:9d:ae:66:be:38:1c:3e:
79:f8:3a:88:5c:bd:50:47:c5:67:bc:16:bb:0b:18:
0e:ac:bd:93:3d:18:79:bc:21:a9:0f:7e:f3:2f:ac:
15:6f:9f:49:de:c9:6d:54:21:ad:66:1c:49:42:d5:
90:54:7f:3a:a1:c2:f2:b4:d1:f7:26:fc:0f:55:2a:
6b:b7:4d:f9:f3:0b:f4:b2:8d:4a:6a:80:2b:60:57:
c8:bc:d3:c3:f5:28:0f:bb:03:93:9c:a8:93:63:46:
80:3a:73:06:f6:fc:24:dc:ab:9a:a5:b7:05:28:13:
ed:f7:cd:82:6c:c9:92:ab:f0:df:41:71:c8:3a:2d:
d0:9a:13:00:55:c3:9e:4e:90:b0:53:cd:fd:f6:98:
df:23:9e:a0:19:1e:cb:74:f9:6b:08:77:bd:50:be:
7c:94:0a:28:98:d9:21:d4:15:20:80:2a:fb:73:cf:
0b:1a:6d:7f:d8:d8:a9:ca:86:65:d3:89:42:96:60:
1b:f3:86:0b:e6:7c:be:86:03:dc:a6:3c:cc:9c:7f:
36:36:47:8b:c3:53:81:a3:09:fe:84:cd:d6:33:cf:
3b:5c:24:df:af:7a:5b:0a:cc:fe:bb:03:99:2b:2d:
e9:8a:87:f7:88:f4:77:73:90:ee:2b:69:6a:2a:62:
6d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:D5:7A:00:B0:FE:58:C8:69:96:2E:3C:9A:69:19:B8:B6:FD:F8:A9
X509v3 Authority Key Identifier:
keyid:2F:36:7C:79:49:FA:0F:6C:F0:5A:21:02:7E:75:B8:46:12:DC:13:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzZ8eUn6D2zwWiECfnW4RhLcE7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/CdV6ALD-WMhpli48mmkZuLb9-Kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/08e183-64eb-4999-9f78-7ce7322671eb/1/LzZ8eUn6D2zwWiECfnW4RhLcE7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.248.0/22
IPv6:
2a03:820:4000::/36
Signature Algorithm: sha256WithRSAEncryption
26:61:6b:03:74:47:99:45:3d:7e:44:16:72:f9:e9:bb:bd:ef:
3f:e1:c6:52:73:08:5c:88:22:80:23:9d:31:f0:7c:ee:7e:f4:
ef:09:f7:40:14:13:cc:c1:14:de:f6:cf:9f:52:0d:15:53:ae:
59:a2:b8:0d:d2:42:44:ae:ca:ad:a1:51:28:e3:d1:a3:a2:47:
26:98:8a:e2:92:4a:db:42:32:44:fc:5a:f9:c7:99:ab:d0:d2:
d1:ac:f7:01:60:0e:7d:80:30:65:7f:0a:78:94:ca:f5:07:4c:
fa:32:f8:25:3a:14:67:df:95:41:c8:60:19:ca:b7:a9:24:e0:
15:fc:65:f2:2b:ab:88:aa:9f:51:0c:c5:ad:26:85:a9:69:43:
08:5c:df:2e:03:ec:69:51:0e:0f:77:af:dc:a1:da:3d:2b:65:
07:d0:ce:30:c7:e1:87:3c:f7:28:cd:84:3a:0b:34:53:c3:91:
08:9a:79:2a:ef:cb:18:f0:c0:c7:49:3b:da:36:44:81:9f:54:
f5:40:8c:fb:65:c0:f8:8d:98:47:51:17:e4:db:e2:0e:6a:e7:
bb:7c:5b:35:d6:c8:e6:e0:43:f8:6b:0c:a3:eb:16:ee:e1:c8:
1d:fd:ad:d3:e8:7f:a4:73:81:2c:25:d0:8b:33:bb:1f:b3:1a:
bb:15:51:79
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzFAQKtSAP6GO1/zGVgaz80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzY3Yzc5NDlmYTBmNmNmMDVhMjEwMjdlNzViODQ2MTJk
YzEzYjAwHhcNMjQwMTAxMTIzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWQ1N2EwMGIwZmU1OGM4Njk5NjJlM2M5YTY5MTliOGI2ZmRmOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhmwUVQZMp2uZr44HD55+DqIXL1Q
R8VnvBa7CxgOrL2TPRh5vCGpD37zL6wVb59J3sltVCGtZhxJQtWQVH86ocLytNH3
JvwPVSprt0358wv0so1KaoArYFfIvNPD9SgPuwOTnKiTY0aAOnMG9vwk3KuapbcF
KBPt982CbMmSq/DfQXHIOi3QmhMAVcOeTpCwU8399pjfI56gGR7LdPlrCHe9UL58
lAoomNkh1BUggCr7c88LGm1/2NipyoZl04lClmAb84YL5ny+hgPcpjzMnH82NkeL
w1OBown+hM3WM887XCTfr3pbCsz+uwOZKy3piof3iPR3c5DuK2lqKmJt+QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAnVegCw/ljIaZYuPJppGbi2/fipMB8GA1UdIwQY
MBaAFC82fHlJ+g9s8FohAn51uEYS3BOwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpaOGVVbjZEMnp3V2lFQ2ZuVzRSaExjRTdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wOGUxODMtNjRlYi00OTk5LTlmNzgt
N2NlNzMyMjY3MWViLzEvQ2RWNkFMRC1XTWhwbGk0OG1ta1p1TGI5LUtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wOGUxODMtNjRlYi00OTk5LTlmNzgtN2NlNzMyMjY3MWVi
LzEvTHpaOGVVbjZEMnp3V2lFQ2ZuVzRSaExjRTdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuT74MA4E
AgACMAgDBgQqAwggQDANBgkqhkiG9w0BAQsFAAOCAQEAJmFrA3RHmUU9fkQWcvnp
u73vP+HGUnMIXIgigCOdMfB87n707wn3QBQTzMEU3vbPn1INFVOuWaK4DdJCRK7K
raFRKOPRo6JHJpiK4pJK20IyRPxa+ceZq9DS0az3AWAOfYAwZX8KeJTK9QdM+jL4
JToUZ9+VQchgGcq3qSTgFfxl8iuriKqfUQzFrSaFqWlDCFzfLgPsaVEOD3ev3KHa
PStlB9DOMMfhhzz3KM2EOgs0U8ORCJp5Ku/LGPDAx0k72jZEgZ9U9UCM+2XA+I2Y
R1EX5NviDmrnu3xbNdbI5uBD+GsMo+sW7uHIHf2t0+h/pHOBLCXQizO7H7MauxVR
eQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:16:48 2024 by rpki-client on console-ams.rpki-client.org