Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/PU2k8n7yg27kvKwRoZ38LJWkPm0.roa
File: PU2k8n7yg27kvKwRoZ38LJWkPm0.roa (raw, json)
Hash identifier: GBIH+FsJHS0rm7VqEGd2IGIL8vS71eK/+LmgCgJA2xM=
Subject key identifier: 3D:4D:A4:F2:7E:F2:83:6E:E4:BC:AC:11:A1:9D:FC:2C:95:A4:3E:6D
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0191235650C7BF8E4D58328C9CC03B3F5ABD
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/PU2k8n7yg27kvKwRoZ38LJWkPm0.roa
Signing time: Mon 05 Aug 2024 16:19:04 +0000
ROA not before: Mon 05 Aug 2024 16:19:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208069
IP address blocks: 185.119.254.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:56:50:c7:bf:8e:4d:58:32:8c:9c:c0:3b:3f:5a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Aug 5 16:19:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d4da4f27ef2836ee4bcac11a19dfc2c95a43e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:f1:39:e6:19:bc:0a:3d:fe:38:3b:5d:7c:f7:
12:9a:d2:b5:92:3d:b2:61:d6:f4:25:fb:af:44:fb:
3b:60:37:31:2b:03:0c:1b:93:79:98:e5:d9:53:e0:
4c:a5:cc:e1:5e:65:10:86:6f:00:71:02:fb:e2:13:
b6:2d:30:98:34:f4:82:3e:4c:29:47:2f:2c:22:0e:
af:37:2b:d5:c5:2f:01:c2:2a:a4:b6:13:43:41:ac:
f8:9e:45:49:ef:af:82:26:49:e8:30:08:c5:a9:98:
c8:50:b6:c7:4b:eb:12:07:c0:e6:63:60:4e:97:ae:
9a:85:f5:bf:62:d3:51:64:11:a1:b8:b3:00:a3:72:
2f:47:b3:46:bf:62:a9:89:e2:90:07:5a:1c:0f:0a:
a1:5b:d5:05:e6:a8:79:a4:c6:4f:65:00:d8:04:6d:
1b:1f:f1:53:43:30:f7:68:80:e3:0e:fc:c0:6d:10:
25:b0:e4:29:00:cf:b7:00:1d:82:de:2d:dc:60:d5:
32:4a:d1:6a:64:67:e2:bd:b2:66:96:d1:fa:5f:15:
5a:b0:eb:d1:74:a3:c8:2e:d6:db:09:a8:bc:dc:2e:
f9:cc:f7:40:13:a4:73:89:8a:52:47:cc:93:a2:f0:
78:84:ef:9a:18:75:57:80:52:79:c3:2d:df:d2:3e:
e3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:4D:A4:F2:7E:F2:83:6E:E4:BC:AC:11:A1:9D:FC:2C:95:A4:3E:6D
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/PU2k8n7yg27kvKwRoZ38LJWkPm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.254.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:27:25:bf:ff:ce:ad:5b:ec:52:53:3f:ec:8f:5c:1f:d4:8c:
bb:28:22:ca:f5:9c:25:4b:5d:aa:12:65:ee:57:8c:53:c9:bf:
0f:e4:15:f9:a9:cf:7b:54:04:13:42:48:f1:3c:99:b4:b8:6d:
b9:7d:be:50:b8:58:bf:5d:64:d6:0a:fc:e9:55:2b:ed:45:d4:
0d:58:7e:e6:34:e0:f7:8c:49:37:ef:69:a8:8a:08:01:e0:6a:
72:49:31:b7:7d:3e:b3:1a:e1:29:7e:b8:0a:c4:27:4f:3d:83:
35:bb:f0:d4:94:aa:cd:c3:83:a1:37:02:02:50:ac:08:c4:cf:
73:76:9a:2f:be:50:e8:40:6b:b7:d2:bc:54:50:ba:79:7d:90:
08:cc:64:19:ee:0e:f4:e7:8d:ac:8b:54:67:eb:c2:a0:dd:75:
56:53:f8:f6:d9:3a:dd:88:1f:59:60:11:13:c3:eb:78:23:6e:
55:4a:da:4a:a6:c0:82:a7:a6:53:87:f2:1c:63:a7:2a:a9:af:
b0:68:c7:d0:9d:3c:39:68:b9:a2:c5:78:2a:39:d6:79:2c:c7:
30:4d:a9:93:f8:6e:98:d2:c2:39:c7:f9:5f:b0:06:42:90:5f:
8c:5d:6b:87:bf:d3:39:0b:46:7a:a6:ae:87:44:34:fa:e5:06:
cd:be:c9:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEjVlDHv45NWDKMnMA7P1q9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwODA1MTYxOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDRkYTRmMjdlZjI4MzZlZTRiY2FjMTFhMTlkZmMyYzk1YTQzZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vE55hm8Cj3+ODtdfPcSmtK1kj2y
Ydb0JfuvRPs7YDcxKwMMG5N5mOXZU+BMpczhXmUQhm8AcQL74hO2LTCYNPSCPkwp
Ry8sIg6vNyvVxS8BwiqkthNDQaz4nkVJ76+CJknoMAjFqZjIULbHS+sSB8DmY2BO
l66ahfW/YtNRZBGhuLMAo3IvR7NGv2KpieKQB1ocDwqhW9UF5qh5pMZPZQDYBG0b
H/FTQzD3aIDjDvzAbRAlsOQpAM+3AB2C3i3cYNUyStFqZGfivbJmltH6XxVasOvR
dKPILtbbCai83C75zPdAE6RziYpSR8yTovB4hO+aGHVXgFJ5wy3f0j7jjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD1NpPJ+8oNu5LysEaGd/CyVpD5tMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvUFUyazhuN3lnMjdrdkt3Um9aMzhMSldrUG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXf+MA0G
CSqGSIb3DQEBCwUAA4IBAQDJJyW//86tW+xSUz/sj1wf1Iy7KCLK9ZwlS12qEmXu
V4xTyb8P5BX5qc97VAQTQkjxPJm0uG25fb5QuFi/XWTWCvzpVSvtRdQNWH7mNOD3
jEk372moiggB4GpySTG3fT6zGuEpfrgKxCdPPYM1u/DUlKrNw4OhNwICUKwIxM9z
dpovvlDoQGu30rxUULp5fZAIzGQZ7g70542si1Rn68Kg3XVWU/j22TrdiB9ZYBET
w+t4I25VStpKpsCCp6ZTh/IcY6cqqa+waMfQnTw5aLmixXgqOdZ5LMcwTamT+G6Y
0sI5x/lfsAZCkF+MXWuHv9M5C0Z6pq6HRDT65QbNvskf
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:09:51 2024 by rpki-client on console-fra.rpki-client.org