Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/CZfgsFEIjfB7lt504IJqEqkItQM.roa
File: CZfgsFEIjfB7lt504IJqEqkItQM.roa (raw, json)
Hash identifier: wRR1AAg3SIlpTDJ7yDuAROQAdu6JrIDbti+FZMOINCI=
Subject key identifier: 09:97:E0:B0:51:08:8D:F0:7B:96:DE:74:E0:82:6A:12:A9:08:B5:03
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B527B1C1EFF2830D54B1ECB7F0591
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/CZfgsFEIjfB7lt504IJqEqkItQM.roa
Signing time: Tue 02 Jan 2024 12:34:45 +0000
ROA not before: Tue 02 Jan 2024 12:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43308
IP address blocks: 185.182.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:52:7b:1c:1e:ff:28:30:d5:4b:1e:cb:7f:05:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0997e0b051088df07b96de74e0826a12a908b503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b8:9a:04:fd:9e:59:96:68:89:62:f1:5b:04:
7f:db:da:59:03:c6:cc:37:a1:58:ec:3f:83:06:f5:
db:c1:e5:3d:51:29:20:4f:5e:63:88:0f:26:4d:12:
03:22:fb:e2:56:39:e3:48:38:75:c4:51:4d:a1:30:
c7:fa:9d:fd:21:de:d8:79:2b:e4:3f:a5:56:8f:52:
4a:e7:07:6f:b0:1f:88:0b:2a:54:26:ba:16:3c:ee:
86:cd:95:10:2c:00:42:4c:3f:10:2c:93:28:76:94:
62:9b:63:c7:01:3d:13:9b:cb:c9:d5:d0:6a:a7:63:
52:5a:d2:52:82:9e:9f:d7:0d:f3:0d:61:b1:38:f8:
33:47:4a:0c:c1:52:c8:a6:97:b8:a5:84:5b:13:d3:
a6:b4:1d:1d:56:bb:17:32:a6:f2:01:e3:1e:0a:78:
5e:93:9e:8b:b7:88:7c:61:28:44:d0:bc:46:cf:a2:
78:08:b0:63:89:3c:00:d7:4a:bb:2e:bf:e4:7d:ed:
ad:f7:a5:f3:f4:47:41:40:35:23:26:f0:1b:55:ca:
e9:82:d7:cd:3b:ae:ae:aa:e7:fb:ad:53:b1:c8:96:
56:5f:2f:f1:f0:91:a2:38:47:7e:5c:2b:d4:1c:1f:
de:3a:b6:59:19:ad:14:5a:cb:4e:76:ab:59:9a:f4:
49:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:97:E0:B0:51:08:8D:F0:7B:96:DE:74:E0:82:6A:12:A9:08:B5:03
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/CZfgsFEIjfB7lt504IJqEqkItQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.61.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:b8:a9:d1:a6:ec:f0:ee:47:e0:c1:24:0d:5f:d0:e7:51:70:
a0:8f:fc:3b:8a:2c:dd:be:28:53:b5:f7:3a:05:bc:68:89:53:
87:a7:b4:d4:4e:12:c7:47:54:f1:85:ca:8b:43:0a:36:43:65:
94:df:e1:cf:2d:9a:40:13:07:fd:c2:64:81:88:fb:2e:88:0e:
32:78:0f:17:b7:67:81:64:d1:c9:f2:a6:67:d6:6e:50:d2:7f:
94:02:1b:28:73:ce:61:4c:50:11:4c:2c:47:82:24:b7:4f:e6:
94:d3:76:5e:5e:50:10:ff:9a:37:1d:50:8d:44:4a:9d:3a:2d:
33:01:b0:94:71:91:2b:41:a7:cf:c6:8a:8d:28:e3:96:db:1c:
9b:32:36:21:44:5d:61:29:7d:70:99:45:7c:43:0c:46:77:7f:
c4:4b:88:36:2e:8f:56:83:93:cd:40:6a:d7:26:07:83:20:e6:
d0:20:cf:5a:ba:88:78:70:8a:17:49:ad:49:4c:7a:0d:6d:56:
c9:84:cd:10:da:7f:a6:8b:a2:f6:a6:05:da:26:ff:ce:58:66:
5b:ab:cc:ff:12:d2:de:b1:09:94:fb:fe:b5:cb:68:8b:5b:30:
91:47:7f:94:50:b8:2b:30:18:89:35:54:04:cf:3f:50:20:8a:
83:6f:e7:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK1J7HB7/KDDVSx7LfwWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTk3ZTBiMDUxMDg4ZGYwN2I5NmRlNzRlMDgyNmExMmE5MDhiNTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkriaBP2eWZZoiWLxWwR/29pZA8bM
N6FY7D+DBvXbweU9USkgT15jiA8mTRIDIvviVjnjSDh1xFFNoTDH+p39Id7YeSvk
P6VWj1JK5wdvsB+ICypUJroWPO6GzZUQLABCTD8QLJModpRim2PHAT0Tm8vJ1dBq
p2NSWtJSgp6f1w3zDWGxOPgzR0oMwVLIppe4pYRbE9OmtB0dVrsXMqbyAeMeCnhe
k56Lt4h8YShE0LxGz6J4CLBjiTwA10q7Lr/kfe2t96Xz9EdBQDUjJvAbVcrpgtfN
O66uquf7rVOxyJZWXy/x8JGiOEd+XCvUHB/eOrZZGa0UWstOdqtZmvRJBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmX4LBRCI3we5bedOCCahKpCLUDMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvQ1pmZ3NGRUlqZkI3bHQ1MDRJSnFFcWtJdFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubY9MA0G
CSqGSIb3DQEBCwUAA4IBAQCbuKnRpuzw7kfgwSQNX9DnUXCgj/w7iizdvihTtfc6
BbxoiVOHp7TUThLHR1TxhcqLQwo2Q2WU3+HPLZpAEwf9wmSBiPsuiA4yeA8Xt2eB
ZNHJ8qZn1m5Q0n+UAhsoc85hTFARTCxHgiS3T+aU03ZeXlAQ/5o3HVCNREqdOi0z
AbCUcZErQafPxoqNKOOW2xybMjYhRF1hKX1wmUV8QwxGd3/ES4g2Lo9Wg5PNQGrX
JgeDIObQIM9auoh4cIoXSa1JTHoNbVbJhM0Q2n+mi6L2pgXaJv/OWGZbq8z/EtLe
sQmU+/61y2iLWzCRR3+UULgrMBiJNVQEzz9QIIqDb+dr
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:50:05 2024 by rpki-client on console-ams.rpki-client.org