Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/xCfTRuUS3uwyEmrVx2w1GJrMFKg.roa
File: xCfTRuUS3uwyEmrVx2w1GJrMFKg.roa (raw, json)
Hash identifier: 34fBiPxM8cORffxmx2+b8/RXm5L8WztubAuK7vSGYPo=
Subject key identifier: C4:27:D3:46:E5:12:DE:EC:32:12:6A:D5:C7:6C:35:18:9A:CC:14:A8
Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796
Certificate serial: 018CC50126F5EC70AC92C2E0A9B4C9DED223
Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/xCfTRuUS3uwyEmrVx2w1GJrMFKg.roa
Signing time: Mon 01 Jan 2024 12:30:36 +0000
ROA not before: Mon 01 Jan 2024 12:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 185.191.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:26:f5:ec:70:ac:92:c2:e0:a9:b4:c9:de:d2:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796
Validity
Not Before: Jan 1 12:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c427d346e512deec32126ad5c76c35189acc14a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:cc:50:ae:1f:b0:89:96:1e:e3:0e:57:47:63:
0c:b0:80:7b:0a:16:76:9a:8c:8c:3c:e0:44:b1:2c:
a6:2d:31:f3:3b:cb:6b:1a:ad:b4:ae:85:54:61:bb:
62:a6:52:d4:19:83:18:63:6b:74:08:c7:47:67:b7:
be:1e:51:5c:6b:83:2e:6b:29:17:08:b9:ad:9f:d9:
e1:2b:eb:30:d7:13:6d:ad:bb:bf:4f:bc:f8:d1:a5:
61:ec:e7:15:d2:5a:34:96:16:90:95:ee:a1:61:ec:
7c:79:a5:6d:f2:fa:9d:7b:43:25:f5:f2:db:70:b4:
d2:8e:68:da:f4:39:7a:ce:55:dc:48:52:41:0b:0d:
fe:43:d5:31:7c:5d:03:65:51:62:9c:34:4c:70:e8:
77:93:2a:fe:1d:82:c2:ee:d0:53:b8:d5:95:59:e7:
2f:59:8f:48:bf:c1:da:e7:a9:cb:12:7b:17:ac:c3:
b8:d3:f3:e7:0e:59:ca:cb:dc:d9:63:a3:94:11:75:
74:e3:0c:e2:75:08:b0:04:33:5d:34:2e:ec:49:fd:
10:ac:76:ea:fc:26:5d:60:f5:00:f3:d0:3f:8e:7f:
c6:ba:2a:91:f6:7a:69:7a:ed:40:74:e3:b9:9e:b1:
f8:ef:fd:d1:2d:9b:c3:16:1c:1d:43:5a:fd:9b:30:
34:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:27:D3:46:E5:12:DE:EC:32:12:6A:D5:C7:6C:35:18:9A:CC:14:A8
X509v3 Authority Key Identifier:
keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/xCfTRuUS3uwyEmrVx2w1GJrMFKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.146.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:0e:c0:f6:dd:94:b8:92:29:ca:03:71:aa:fa:ac:47:4c:c8:
bf:0d:6e:94:4e:90:a1:bd:6b:d1:b5:68:38:7c:4c:b3:bb:c3:
ae:c9:45:e0:87:db:18:ea:fb:b8:d6:7a:0b:0c:cc:7d:a8:1e:
ad:60:5d:cf:66:53:a7:83:d8:fd:f6:2f:5f:06:03:fa:d1:67:
b4:58:9e:96:03:e6:53:dd:d0:b3:27:57:e7:59:79:52:d7:9f:
34:dc:e4:d7:74:f0:e5:fe:5c:cf:50:1c:64:cc:46:9b:04:ea:
5e:34:1d:38:cc:2b:f7:9d:c3:56:ac:0e:d7:fe:dc:fc:97:6b:
cc:9a:82:de:68:83:69:89:ae:c9:ed:3a:c2:4b:5c:45:37:96:
e5:26:bc:ea:bd:e2:bc:bd:e6:91:3b:e6:62:73:f1:60:83:7d:
e2:e2:1e:71:d7:65:cd:ae:86:f0:0b:5c:9b:b4:68:3a:21:73:
14:ca:8b:99:9b:7e:72:ae:f1:50:e4:e8:10:7e:7f:9f:13:3f:
ab:72:60:11:29:b3:5a:16:66:3e:1a:23:33:85:ac:c8:25:b4:
8a:a5:ea:d2:4a:db:36:27:5e:58:23:40:9c:fe:01:65:30:af:
b4:6b:01:a1:84:03:93:08:fd:5e:30:57:6c:7e:e5:c1:99:e1:
f4:72:b4:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFASb17HCsksLgqbTJ3tIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy
Yjg3OTYwHhcNMjQwMTAxMTIzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDI3ZDM0NmU1MTJkZWVjMzIxMjZhZDVjNzZjMzUxODlhY2MxNGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosxQrh+wiZYe4w5XR2MMsIB7ChZ2
moyMPOBEsSymLTHzO8trGq20roVUYbtiplLUGYMYY2t0CMdHZ7e+HlFca4MuaykX
CLmtn9nhK+sw1xNtrbu/T7z40aVh7OcV0lo0lhaQle6hYex8eaVt8vqde0Ml9fLb
cLTSjmja9Dl6zlXcSFJBCw3+Q9UxfF0DZVFinDRMcOh3kyr+HYLC7tBTuNWVWecv
WY9Iv8Ha56nLEnsXrMO40/PnDlnKy9zZY6OUEXV04wzidQiwBDNdNC7sSf0QrHbq
/CZdYPUA89A/jn/GuiqR9nppeu1AdOO5nrH47/3RLZvDFhwdQ1r9mzA0jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQn00blEt7sMhJq1cdsNRiazBSoMB8GA1UdIwQY
MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt
NjFiNzMzNTRhYmRiLzEveENmVFJ1VVMzdXd5RW1yVngydzFHSnJNRktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi
LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+SMA0G
CSqGSIb3DQEBCwUAA4IBAQChDsD23ZS4kinKA3Gq+qxHTMi/DW6UTpChvWvRtWg4
fEyzu8OuyUXgh9sY6vu41noLDMx9qB6tYF3PZlOng9j99i9fBgP60We0WJ6WA+ZT
3dCzJ1fnWXlS15803OTXdPDl/lzPUBxkzEabBOpeNB04zCv3ncNWrA7X/tz8l2vM
moLeaINpia7J7TrCS1xFN5blJrzqveK8veaRO+Zic/Fgg33i4h5x12XNrobwC1yb
tGg6IXMUyouZm35yrvFQ5OgQfn+fEz+rcmARKbNaFmY+GiMzhazIJbSKperSSts2
J15YI0Cc/gFlMK+0awGhhAOTCP1eMFdsfuXBmeH0crQu
-----END CERTIFICATE-----
Generated at Tue Dec 10 23:25:12 2024 by rpki-client on console-fra.rpki-client.org