Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/FSLnbe4TJt29VL_O3oZpxa0n6AA.roa
File: FSLnbe4TJt29VL_O3oZpxa0n6AA.roa (raw, json)
Hash identifier: u3pFy7i04o9t3o+pao/14X2I0M8YQhckgfD4PM0GyVo=
Subject key identifier: 15:22:E7:6D:EE:13:26:DD:BD:54:BF:CE:DE:86:69:C5:AD:27:E8:00
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 018CC64B2A6858DE697074D35B8C42BE0EB9
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/FSLnbe4TJt29VL_O3oZpxa0n6AA.roa
Signing time: Mon 01 Jan 2024 18:31:03 +0000
ROA not before: Mon 01 Jan 2024 18:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58331
IP address blocks: 185.141.104.0/24 maxlen: 24
185.141.107.0/24 maxlen: 24
185.141.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 17:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:2a:68:58:de:69:70:74:d3:5b:8c:42:be:0e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jan 1 18:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1522e76dee1326ddbd54bfcede8669c5ad27e800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:dd:35:94:7b:ef:0f:69:52:c6:48:e8:5b:63:
90:84:d2:7f:bf:91:af:a2:bb:91:2e:98:07:28:7f:
7b:1f:2e:c8:87:11:f2:b4:ef:97:00:2a:3d:7a:61:
a5:33:b9:7b:91:74:cd:5a:23:1b:98:e7:79:57:a2:
61:03:4e:44:fe:39:b9:f8:23:1b:b6:71:3e:fc:bb:
bf:9f:15:62:1f:07:19:6b:f2:79:34:bb:5a:eb:f2:
f2:b0:87:ee:7d:f5:72:ba:f6:7d:02:4d:89:d2:23:
61:07:5d:7c:ec:43:d4:a0:de:66:67:b4:91:54:ce:
63:39:fa:69:fa:3e:f5:81:d9:65:c3:65:3d:cf:66:
62:0b:94:19:d3:ca:3f:4d:77:d3:5f:e4:3d:6c:1f:
e0:ef:c9:2d:6e:01:ef:ae:91:cf:72:49:f3:d2:f0:
e5:fe:23:fb:80:cc:a8:8a:ea:d5:67:7c:2c:61:d1:
5c:d4:77:49:47:ad:e6:07:5e:41:46:bb:a0:4c:c5:
d6:d0:d0:fd:1f:c0:f9:43:3c:b3:ab:42:5e:c3:41:
f7:60:f1:bd:2b:87:f1:eb:ff:1e:80:b1:e2:af:fa:
19:01:e3:56:2b:7b:1f:38:4c:d8:27:3d:9c:0b:62:
a4:79:ba:7c:cd:2b:42:a4:c3:16:3a:72:23:8b:b5:
7a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:22:E7:6D:EE:13:26:DD:BD:54:BF:CE:DE:86:69:C5:AD:27:E8:00
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/FSLnbe4TJt29VL_O3oZpxa0n6AA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.104.0/24
185.141.106.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:cf:9f:d6:77:2b:7c:94:48:f2:2a:fd:87:3d:b9:76:ff:63:
73:fd:00:f9:cf:bf:cc:89:5f:f1:e2:80:7a:a8:1f:d2:5d:9c:
d5:d9:84:29:36:a4:37:43:1e:a5:3b:4b:ac:67:20:a0:db:df:
5a:24:a7:06:36:2c:a8:3b:1e:81:5d:09:6f:20:f1:b8:90:c7:
92:ab:dd:a3:49:9b:b3:41:f3:ce:87:15:db:d7:4d:7f:d1:de:
5a:1a:bc:d5:19:3b:26:14:5f:06:73:dc:e0:eb:0b:70:a1:f9:
03:73:19:79:9b:dd:c8:e1:26:c5:36:9b:08:c1:09:6c:80:b5:
67:5a:14:0a:13:fd:5d:93:76:be:97:2f:e5:26:f7:36:0c:f9:
10:70:98:49:a8:1d:6b:cd:af:93:48:ff:3b:47:61:69:60:b4:
cb:f8:8c:79:cc:7f:ba:6d:ad:57:07:73:04:02:91:70:d8:0f:
0e:39:73:37:32:e8:53:87:85:f1:12:b9:d7:30:73:d4:fa:2c:
0d:1c:94:21:db:cc:24:09:52:f3:5f:7b:69:85:76:54:25:90:
09:53:ac:1f:29:58:a8:b1:0a:8d:f3:61:76:f5:d3:7f:1b:ac:
aa:8a:a5:ba:3d:49:77:69:f3:33:15:3a:da:2a:59:fe:5a:07:
aa:8a:98:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSypoWN5pcHTTW4xCvg65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjQwMTAxMTgzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTIyZTc2ZGVlMTMyNmRkYmQ1NGJmY2VkZTg2NjljNWFkMjdlODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAot01lHvvD2lSxkjoW2OQhNJ/v5Gv
oruRLpgHKH97Hy7IhxHytO+XACo9emGlM7l7kXTNWiMbmOd5V6JhA05E/jm5+CMb
tnE+/Lu/nxViHwcZa/J5NLta6/LysIfuffVyuvZ9Ak2J0iNhB1187EPUoN5mZ7SR
VM5jOfpp+j71gdllw2U9z2ZiC5QZ08o/TXfTX+Q9bB/g78ktbgHvrpHPcknz0vDl
/iP7gMyoiurVZ3wsYdFc1HdJR63mB15BRrugTMXW0ND9H8D5Qzyzq0Jew0H3YPG9
K4fx6/8egLHir/oZAeNWK3sfOEzYJz2cC2Kkebp8zStCpMMWOnIji7V6FQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBUi523uEybdvVS/zt6GacWtJ+gAMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvRlNMbmJlNFRKdDI5VkxfTzNvWnB4YTBuNkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuY1oAwQB
uY1qMA0GCSqGSIb3DQEBCwUAA4IBAQAOz5/Wdyt8lEjyKv2HPbl2/2Nz/QD5z7/M
iV/x4oB6qB/SXZzV2YQpNqQ3Qx6lO0usZyCg299aJKcGNiyoOx6BXQlvIPG4kMeS
q92jSZuzQfPOhxXb101/0d5aGrzVGTsmFF8Gc9zg6wtwofkDcxl5m93I4SbFNpsI
wQlsgLVnWhQKE/1dk3a+ly/lJvc2DPkQcJhJqB1rza+TSP87R2FpYLTL+Ix5zH+6
ba1XB3MEApFw2A8OOXM3MuhTh4XxErnXMHPU+iwNHJQh28wkCVLzX3tphXZUJZAJ
U6wfKViosQqN82F29dN/G6yqiqW6PUl3afMzFTraKln+Wgeqipjn
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:36:57 2024 by rpki-client on console-ams.rpki-client.org