Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/pluLhXMo1ItC7PX1wWfhQaKDYIY.roa
File: pluLhXMo1ItC7PX1wWfhQaKDYIY.roa (raw, json)
Hash identifier: HZJfXjTJKRtlXtASAXxRpmIU9OCatvHmZ4zN2Ga/tRM=
Subject key identifier: A6:5B:8B:85:73:28:D4:8B:42:EC:F5:F5:C1:67:E1:41:A2:83:60:86
Certificate issuer: /CN=b90dfc2a651b5efab2c0cd59322d6d3b55906563
Certificate serial: 018CC49375F1EA2EFA565B9AD26EB3405CEB
Authority key identifier: B9:0D:FC:2A:65:1B:5E:FA:B2:C0:CD:59:32:2D:6D:3B:55:90:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uQ38KmUbXvqywM1ZMi1tO1WQZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/pluLhXMo1ItC7PX1wWfhQaKDYIY.roa
Signing time: Mon 01 Jan 2024 10:30:47 +0000
ROA not before: Mon 01 Jan 2024 10:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198046
IP address blocks: 185.238.173.0/24 maxlen: 24
2a01:ad00:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/uQ38KmUbXvqywM1ZMi1tO1WQZWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/uQ38KmUbXvqywM1ZMi1tO1WQZWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/uQ38KmUbXvqywM1ZMi1tO1WQZWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:75:f1:ea:2e:fa:56:5b:9a:d2:6e:b3:40:5c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b90dfc2a651b5efab2c0cd59322d6d3b55906563
Validity
Not Before: Jan 1 10:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a65b8b857328d48b42ecf5f5c167e141a2836086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a4:85:f8:04:90:85:99:a7:c4:14:43:41:f0:
a3:5f:32:8f:e2:f5:9e:75:e2:f7:e0:f9:e0:36:c4:
10:6c:9c:f0:48:7a:47:3c:25:7b:67:ef:fa:14:43:
d6:4c:29:d1:ff:43:cc:48:50:6e:dc:f4:f0:39:68:
fb:5e:21:5e:4e:91:75:7d:af:aa:d5:60:7d:d2:d9:
f6:d7:6f:e7:bb:85:0a:be:3e:e8:92:2e:97:8a:67:
c6:80:59:e6:05:98:1c:76:91:bf:fa:ad:75:64:d1:
3a:a6:54:8d:3f:59:f6:ae:c3:34:b0:1b:05:be:cf:
0d:4d:f1:f5:4f:ec:16:3f:cb:ac:50:89:31:4b:3d:
2b:0f:dd:90:82:ac:e2:3e:d8:89:e7:6d:cc:ec:01:
33:e1:0b:fe:ff:0d:7d:20:b3:8f:16:61:da:4d:55:
db:4f:f6:c3:df:0f:fb:af:4b:0b:be:01:2e:62:76:
bb:8d:96:97:8a:2f:6d:21:dd:65:b4:cd:a1:f3:38:
15:6f:cf:ec:33:c6:29:3e:13:77:73:77:5b:4d:cf:
dd:b5:d9:fc:d6:d3:aa:15:b1:a3:e0:d4:2f:61:f0:
f6:0c:99:be:de:ae:fd:57:06:f5:99:91:5d:16:71:
ec:4c:f1:fc:f9:54:f7:cc:0c:a9:3d:98:35:b3:b5:
a3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:5B:8B:85:73:28:D4:8B:42:EC:F5:F5:C1:67:E1:41:A2:83:60:86
X509v3 Authority Key Identifier:
keyid:B9:0D:FC:2A:65:1B:5E:FA:B2:C0:CD:59:32:2D:6D:3B:55:90:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uQ38KmUbXvqywM1ZMi1tO1WQZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/pluLhXMo1ItC7PX1wWfhQaKDYIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/847bc8-f7e6-43e0-a5cf-d3e16a163dd3/1/uQ38KmUbXvqywM1ZMi1tO1WQZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.173.0/24
IPv6:
2a01:ad00:8::/48
Signature Algorithm: sha256WithRSAEncryption
5e:6d:14:25:14:9d:dc:43:e3:36:fd:f2:8e:3a:57:7e:e7:84:
20:48:35:71:63:4b:20:94:22:4d:22:34:e7:ae:1d:16:2a:e2:
c5:3d:77:60:1a:5a:fc:31:2e:6f:a6:c6:69:a6:01:47:7e:5c:
4e:67:db:00:ad:31:d6:a5:9f:86:17:06:09:72:80:ec:05:d3:
38:55:fc:88:4e:d1:0d:fe:0b:0c:6c:ee:40:aa:e9:13:51:59:
74:ce:82:10:85:da:d8:13:a2:8a:79:a9:71:e3:c1:cd:2a:96:
2c:3c:61:d8:4a:91:de:5d:9a:bb:c5:d7:93:ab:43:7a:dc:89:
e9:5b:d2:17:ee:cd:81:b1:71:10:f6:cb:f3:4a:d0:9c:8a:44:
43:8c:3d:01:5c:3b:11:87:6c:03:96:4c:b3:dc:51:48:31:4a:
f7:94:fa:8b:9c:99:25:15:2a:9e:80:e3:2d:62:15:2f:ac:26:
c4:e4:64:7c:9c:5b:9e:77:99:39:bd:ef:ee:cd:38:3b:e3:a7:
e6:63:4f:2d:49:71:d8:7c:e3:71:2a:24:1c:63:1c:f6:d2:71:
f4:94:a1:56:49:98:55:1e:3f:32:fa:bf:2e:72:6e:2f:da:b3:
6e:98:b3:6c:02:ea:89:42:13:76:81:9d:de:ff:bb:d1:e2:96:
b5:30:b5:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEk3Xx6i76Vlua0m6zQFzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MGRmYzJhNjUxYjVlZmFiMmMwY2Q1OTMyMmQ2ZDNiNTU5
MDY1NjMwHhcNMjQwMTAxMTAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjViOGI4NTczMjhkNDhiNDJlY2Y1ZjVjMTY3ZTE0MWEyODM2MDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqSF+ASQhZmnxBRDQfCjXzKP4vWe
deL34PngNsQQbJzwSHpHPCV7Z+/6FEPWTCnR/0PMSFBu3PTwOWj7XiFeTpF1fa+q
1WB90tn212/nu4UKvj7oki6XimfGgFnmBZgcdpG/+q11ZNE6plSNP1n2rsM0sBsF
vs8NTfH1T+wWP8usUIkxSz0rD92QgqziPtiJ523M7AEz4Qv+/w19ILOPFmHaTVXb
T/bD3w/7r0sLvgEuYna7jZaXii9tId1ltM2h8zgVb8/sM8YpPhN3c3dbTc/dtdn8
1tOqFbGj4NQvYfD2DJm+3q79Vwb1mZFdFnHsTPH8+VT3zAypPZg1s7WjZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKZbi4VzKNSLQuz19cFn4UGig2CGMB8GA1UdIwQY
MBaAFLkN/CplG176ssDNWTItbTtVkGVjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVEzOEttVWJYdnF5d00xWk1pMXRPMVdRWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC84NDdiYzgtZjdlNi00M2UwLWE1Y2Yt
ZDNlMTZhMTYzZGQzLzEvcGx1TGhYTW8xSXRDN1BYMXdXZmhRYUtEWUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC84NDdiYzgtZjdlNi00M2UwLWE1Y2YtZDNlMTZhMTYzZGQz
LzEvdVEzOEttVWJYdnF5d00xWk1pMXRPMVdRWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAue6tMA8E
AgACMAkDBwAqAa0AAAgwDQYJKoZIhvcNAQELBQADggEBAF5tFCUUndxD4zb98o46
V37nhCBINXFjSyCUIk0iNOeuHRYq4sU9d2AaWvwxLm+mxmmmAUd+XE5n2wCtMdal
n4YXBglygOwF0zhV/IhO0Q3+Cwxs7kCq6RNRWXTOghCF2tgToop5qXHjwc0qliw8
YdhKkd5dmrvF15OrQ3rcielb0hfuzYGxcRD2y/NK0JyKREOMPQFcOxGHbAOWTLPc
UUgxSveU+oucmSUVKp6A4y1iFS+sJsTkZHycW553mTm97+7NODvjp+ZjTy1Jcdh8
43EqJBxjHPbScfSUoVZJmFUePzL6vy5ybi/as26Ys2wC6olCE3aBnd7/u9HilrUw
tYw=
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:49:52 2024 by rpki-client on console-ams.rpki-client.org