Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/Av6ADFhe3PaHcBJW6xr18DA9v6M.roa
File: Av6ADFhe3PaHcBJW6xr18DA9v6M.roa (raw, json)
Hash identifier: b23XAlMUkI49YIAVNpnl8tPrFM397w2EnLX6XW8f2E8=
Subject key identifier: 02:FE:80:0C:58:5E:DC:F6:87:70:12:56:EB:1A:F5:F0:30:3D:BF:A3
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018CC64B2751883738FA004EFFEAA7811103
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/Av6ADFhe3PaHcBJW6xr18DA9v6M.roa
Signing time: Mon 01 Jan 2024 18:31:03 +0000
ROA not before: Mon 01 Jan 2024 18:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41689
IP address blocks: 185.141.134.0/24 maxlen: 24
86.57.0.0/17 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:27:51:88:37:38:fa:00:4e:ff:ea:a7:81:11:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jan 1 18:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02fe800c585edcf687701256eb1af5f0303dbfa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:4e:48:c7:b5:ae:28:c1:75:8a:40:68:47:87:
0d:c0:40:44:da:a6:75:68:9d:98:fc:21:29:e2:c9:
4e:be:d6:22:b0:db:8c:e6:c4:19:74:6d:d1:4a:6a:
b9:1d:05:cf:24:4b:e8:d1:f6:a4:ca:1d:c1:61:d2:
8e:27:be:bb:bc:1f:44:56:2c:01:70:9e:17:68:1b:
2f:6e:47:3d:bd:36:01:6d:ee:c3:60:b7:a4:dd:e4:
f6:ef:e1:22:23:69:2a:1c:8a:e7:fc:e5:55:6e:b1:
d2:eb:8b:b0:97:d3:4e:38:33:0c:f4:87:e0:74:30:
c4:67:b2:87:f1:2a:8e:97:c3:fe:48:b6:7f:41:f9:
ed:b0:eb:c8:05:44:3e:49:ea:b3:14:a8:b8:ac:5a:
54:2f:47:c9:7a:66:06:a3:b7:aa:e5:90:e0:8f:8c:
d3:c4:25:a6:70:f7:78:e8:52:44:85:36:85:33:fa:
57:78:8b:71:0d:6e:d1:5d:cd:98:24:5d:0b:1a:cf:
c1:7b:a9:e4:85:27:ec:42:8c:10:2a:d7:d6:f3:42:
83:37:5f:a2:2c:95:d3:9c:28:d2:66:b3:41:3b:1b:
ee:60:05:e7:ef:54:d2:d4:d2:5a:af:9a:20:55:4e:
05:ed:37:be:ef:c2:77:dc:91:c5:2e:18:17:ea:aa:
3d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FE:80:0C:58:5E:DC:F6:87:70:12:56:EB:1A:F5:F0:30:3D:BF:A3
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/Av6ADFhe3PaHcBJW6xr18DA9v6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.57.0.0/17
185.141.134.0/24
Signature Algorithm: sha256WithRSAEncryption
02:24:62:ae:39:54:4d:bb:89:43:31:11:8e:42:0c:0c:64:fc:
b4:11:44:4d:d5:c7:09:f8:e4:d0:68:30:21:3e:ee:f6:ba:8d:
93:c9:3a:e8:0b:8f:f0:fa:d5:47:e2:57:06:95:b1:c1:1c:32:
f8:bc:5d:b5:d8:ed:e5:a2:76:37:89:4b:6c:05:2d:f9:87:bc:
7b:fc:a7:81:b7:98:30:04:6a:9b:45:bd:71:62:9f:02:19:e5:
b0:23:21:6c:c4:ad:c8:2c:65:7e:d4:fa:a6:07:a4:82:eb:97:
71:59:aa:7c:92:d9:5b:ba:5a:bc:bb:e9:02:97:08:43:c3:46:
9f:86:ed:81:fb:1e:e5:6e:22:bb:1c:7f:72:30:35:47:9e:cc:
6b:0c:9f:cf:ac:9c:c7:58:3e:26:0e:39:c3:c3:fa:dd:89:09:
63:23:cd:65:6d:ca:de:3a:84:eb:c1:02:db:c5:77:e7:bb:a6:
15:ff:ec:ca:fb:e6:03:33:89:d8:f8:e2:df:53:57:19:29:bb:
00:cf:e5:cc:8e:3b:94:30:a6:22:52:bf:0e:69:9d:13:4c:48:
95:d2:04:9b:c5:ab:7f:7a:f4:d7:c5:36:29:ad:09:08:04:a8:
2d:64:c8:c2:1f:0a:63:e6:dc:3b:88:d9:1b:61:e2:f7:b9:ac:
9d:3a:61:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSydRiDc4+gBO/+qngREDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjQwMTAxMTgzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmZlODAwYzU4NWVkY2Y2ODc3MDEyNTZlYjFhZjVmMDMwM2RiZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhU5Ix7WuKMF1ikBoR4cNwEBE2qZ1
aJ2Y/CEp4slOvtYisNuM5sQZdG3RSmq5HQXPJEvo0fakyh3BYdKOJ767vB9EViwB
cJ4XaBsvbkc9vTYBbe7DYLek3eT27+EiI2kqHIrn/OVVbrHS64uwl9NOODMM9Ifg
dDDEZ7KH8SqOl8P+SLZ/QfntsOvIBUQ+SeqzFKi4rFpUL0fJemYGo7eq5ZDgj4zT
xCWmcPd46FJEhTaFM/pXeItxDW7RXc2YJF0LGs/Be6nkhSfsQowQKtfW80KDN1+i
LJXTnCjSZrNBOxvuYAXn71TS1NJar5ogVU4F7Te+78J33JHFLhgX6qo9ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAL+gAxYXtz2h3ASVusa9fAwPb+jMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvQXY2QURGaGUzUGFIY0JKVzZ4cjE4REE5djZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHVjkAAwQA
uY2GMA0GCSqGSIb3DQEBCwUAA4IBAQACJGKuOVRNu4lDMRGOQgwMZPy0EURN1ccJ
+OTQaDAhPu72uo2TyTroC4/w+tVH4lcGlbHBHDL4vF212O3lonY3iUtsBS35h7x7
/KeBt5gwBGqbRb1xYp8CGeWwIyFsxK3ILGV+1PqmB6SC65dxWap8ktlbulq8u+kC
lwhDw0afhu2B+x7lbiK7HH9yMDVHnsxrDJ/PrJzHWD4mDjnDw/rdiQljI81lbcre
OoTrwQLbxXfnu6YV/+zK++YDM4nY+OLfU1cZKbsAz+XMjjuUMKYiUr8OaZ0TTEiV
0gSbxat/evTXxTYprQkIBKgtZMjCHwpj5tw7iNkbYeL3uaydOmFT
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:40:20 2024 by rpki-client on console-fra.rpki-client.org