Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/812800-9e70-4cd2-90fd-3bcd2399ee64/1/Z1834X2M1YEYAAAIsY2KQZX5KvU.roa
File: Z1834X2M1YEYAAAIsY2KQZX5KvU.roa (raw, json)
Hash identifier: yj5GqDel4zXYI9gA5PHvvy/nGqsmnRG6evD4Rp8YDjA=
Subject key identifier: 67:5F:37:E1:7D:8C:D5:81:18:00:00:08:B1:8D:8A:41:95:F9:2A:F5
Certificate issuer: /CN=ad3dd8d32cfc717a6e690ebe3e1db4386d8f6c64
Certificate serial: 018CC6B922F92F114B91F0BBB23553173E52
Authority key identifier: AD:3D:D8:D3:2C:FC:71:7A:6E:69:0E:BE:3E:1D:B4:38:6D:8F:6C:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rT3Y0yz8cXpuaQ6-Ph20OG2PbGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/812800-9e70-4cd2-90fd-3bcd2399ee64/1/Z1834X2M1YEYAAAIsY2KQZX5KvU.roa
Signing time: Mon 01 Jan 2024 20:31:11 +0000
ROA not before: Mon 01 Jan 2024 20:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211727
IP address blocks: 185.243.130.0/24 maxlen: 24
2a10:9d40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/812800-9e70-4cd2-90fd-3bcd2399ee64/1/rT3Y0yz8cXpuaQ6-Ph20OG2PbGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/812800-9e70-4cd2-90fd-3bcd2399ee64/1/rT3Y0yz8cXpuaQ6-Ph20OG2PbGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rT3Y0yz8cXpuaQ6-Ph20OG2PbGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:22:f9:2f:11:4b:91:f0:bb:b2:35:53:17:3e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad3dd8d32cfc717a6e690ebe3e1db4386d8f6c64
Validity
Not Before: Jan 1 20:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=675f37e17d8cd58118000008b18d8a4195f92af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5a:fb:fd:a6:78:e5:66:86:5a:52:e4:27:6c:
4c:04:8f:d0:db:84:09:97:7a:ac:cf:06:06:a8:76:
82:5b:ca:77:92:a3:9c:1f:bc:f0:f3:83:83:6d:86:
96:6d:26:a2:9c:7f:ee:b9:97:3d:f1:b1:cd:f1:e3:
24:45:b5:4c:e5:28:aa:8a:0c:a3:0e:4f:2d:0f:35:
dd:c5:32:0c:e7:fa:1f:cf:c8:c1:f8:2c:0d:16:4c:
84:1b:1d:47:7c:f3:a4:4e:da:60:ef:23:a8:09:23:
eb:c5:98:bb:1d:f6:8d:c2:34:4e:1c:50:22:d6:3b:
e9:67:22:5f:c8:27:84:23:c9:3e:73:4f:60:d1:ef:
ba:73:f3:d2:44:89:b8:2f:cb:1e:26:d9:4d:57:89:
7a:c3:6c:bb:3a:66:6c:d1:fd:ad:fd:77:ef:11:7a:
b5:ac:3f:a0:82:1a:22:94:50:4d:3a:d8:d7:59:3f:
cf:f8:91:43:92:16:22:1d:09:f5:c2:23:dc:b3:54:
73:d7:bd:d9:c5:bb:82:ae:f2:d5:6a:d4:e5:b4:1a:
77:0e:9c:34:0d:70:1b:25:f7:c9:4d:89:9f:e5:42:
3d:e5:4e:89:03:09:c7:07:cc:de:f0:d4:cf:38:c5:
e2:d5:3c:cc:47:cc:83:f7:2c:26:96:11:b5:e2:af:
5d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5F:37:E1:7D:8C:D5:81:18:00:00:08:B1:8D:8A:41:95:F9:2A:F5
X509v3 Authority Key Identifier:
keyid:AD:3D:D8:D3:2C:FC:71:7A:6E:69:0E:BE:3E:1D:B4:38:6D:8F:6C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rT3Y0yz8cXpuaQ6-Ph20OG2PbGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/812800-9e70-4cd2-90fd-3bcd2399ee64/1/Z1834X2M1YEYAAAIsY2KQZX5KvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/812800-9e70-4cd2-90fd-3bcd2399ee64/1/rT3Y0yz8cXpuaQ6-Ph20OG2PbGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.130.0/24
IPv6:
2a10:9d40::/29
Signature Algorithm: sha256WithRSAEncryption
5f:46:7b:65:a8:1e:3b:9a:25:ab:63:71:a6:2f:1d:1a:30:49:
db:be:67:d0:2f:20:51:d6:ef:f3:60:c3:49:45:c1:58:8e:9f:
ce:72:73:38:a8:4c:61:60:ff:8d:13:ab:62:12:7c:de:1a:8a:
eb:07:3a:6d:5e:e7:d9:3b:ac:35:09:95:c6:96:31:05:8b:16:
7d:20:d8:43:36:2e:c8:86:87:54:78:98:0f:06:a3:d2:ff:5a:
66:c1:29:68:20:ef:47:06:3c:37:b0:db:9a:41:50:cd:24:6d:
89:15:75:62:f6:fd:a2:0a:c3:04:e7:bd:99:c1:c4:3c:98:eb:
98:11:76:e7:95:1a:c0:d5:1c:5a:83:34:b0:69:cf:e1:e9:02:
70:72:37:f5:62:36:09:fd:cf:d2:c6:5b:2c:ad:ac:50:57:8a:
d9:20:5e:45:d5:26:74:a6:16:e1:39:e5:87:cd:b4:df:dd:6b:
63:e5:55:d0:8b:b9:be:d7:9b:e5:cc:b9:e1:8d:da:47:54:20:
51:42:4c:5c:d7:06:f1:94:63:22:47:c1:8c:81:69:c4:ac:0d:
75:0d:cf:e7:bc:6d:81:66:3a:e2:12:3d:80:56:71:3e:6b:4d:
de:2a:e2:e9:c2:1a:09:ae:8b:aa:07:69:3a:42:04:05:4c:6b:
24:17:b6:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuSL5LxFLkfC7sjVTFz5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkM2RkOGQzMmNmYzcxN2E2ZTY5MGViZTNlMWRiNDM4NmQ4
ZjZjNjQwHhcNMjQwMTAxMjAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzVmMzdlMTdkOGNkNTgxMTgwMDAwMDhiMThkOGE0MTk1ZjkyYWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlr7/aZ45WaGWlLkJ2xMBI/Q24QJ
l3qszwYGqHaCW8p3kqOcH7zw84ODbYaWbSainH/uuZc98bHN8eMkRbVM5Siqigyj
Dk8tDzXdxTIM5/ofz8jB+CwNFkyEGx1HfPOkTtpg7yOoCSPrxZi7HfaNwjROHFAi
1jvpZyJfyCeEI8k+c09g0e+6c/PSRIm4L8seJtlNV4l6w2y7OmZs0f2t/XfvEXq1
rD+gghoilFBNOtjXWT/P+JFDkhYiHQn1wiPcs1Rz173ZxbuCrvLVatTltBp3Dpw0
DXAbJffJTYmf5UI95U6JAwnHB8ze8NTPOMXi1TzMR8yD9ywmlhG14q9dvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGdfN+F9jNWBGAAACLGNikGV+Sr1MB8GA1UdIwQY
MBaAFK092NMs/HF6bmkOvj4dtDhtj2xkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclQzWTB5ejhjWHB1YVE2LVBoMjBPRzJQYkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84MTI4MDAtOWU3MC00Y2QyLTkwZmQt
M2JjZDIzOTllZTY0LzEvWjE4MzRYMk0xWUVZQUFBSXNZMktRWlg1S3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84MTI4MDAtOWU3MC00Y2QyLTkwZmQtM2JjZDIzOTllZTY0
LzEvclQzWTB5ejhjWHB1YVE2LVBoMjBPRzJQYkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufOCMA0E
AgACMAcDBQMqEJ1AMA0GCSqGSIb3DQEBCwUAA4IBAQBfRntlqB47miWrY3GmLx0a
MEnbvmfQLyBR1u/zYMNJRcFYjp/OcnM4qExhYP+NE6tiEnzeGorrBzptXufZO6w1
CZXGljEFixZ9INhDNi7IhodUeJgPBqPS/1pmwSloIO9HBjw3sNuaQVDNJG2JFXVi
9v2iCsME572ZwcQ8mOuYEXbnlRrA1RxagzSwac/h6QJwcjf1YjYJ/c/SxlssraxQ
V4rZIF5F1SZ0phbhOeWHzbTf3Wtj5VXQi7m+15vlzLnhjdpHVCBRQkxc1wbxlGMi
R8GMgWnErA11Dc/nvG2BZjriEj2AVnE+a03eKuLpwhoJrouqB2k6QgQFTGskF7Zz
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:29:20 2024 by rpki-client on console-fra.rpki-client.org