Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/09830e-0ffe-4682-bc4d-eb77e9571152/1/aucZdZzdyNHXWtFnSo8LBqwdxTU.roa
File: aucZdZzdyNHXWtFnSo8LBqwdxTU.roa (raw, json)
Hash identifier: XdlulQewuL/VTQciaIvruZeSwdnMV3tAGzf52NgPyg8=
Subject key identifier: 6A:E7:19:75:9C:DD:C8:D1:D7:5A:D1:67:4A:8F:0B:06:AC:1D:C5:35
Certificate issuer: /CN=33a924ad59b459357a19ee0a47f379530e2d244c
Certificate serial: 018D1752BA51EFD8473B43FFE51ED2E046F1
Authority key identifier: 33:A9:24:AD:59:B4:59:35:7A:19:EE:0A:47:F3:79:53:0E:2D:24:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M6kkrVm0WTV6Ge4KR_N5Uw4tJEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/09830e-0ffe-4682-bc4d-eb77e9571152/1/aucZdZzdyNHXWtFnSo8LBqwdxTU.roa
Signing time: Wed 17 Jan 2024 12:08:34 +0000
ROA not before: Wed 17 Jan 2024 12:08:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51104
IP address blocks: 185.26.85.0/24 maxlen: 24
185.169.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/09830e-0ffe-4682-bc4d-eb77e9571152/1/M6kkrVm0WTV6Ge4KR_N5Uw4tJEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/09830e-0ffe-4682-bc4d-eb77e9571152/1/M6kkrVm0WTV6Ge4KR_N5Uw4tJEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/M6kkrVm0WTV6Ge4KR_N5Uw4tJEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:17:52:ba:51:ef:d8:47:3b:43:ff:e5:1e:d2:e0:46:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33a924ad59b459357a19ee0a47f379530e2d244c
Validity
Not Before: Jan 17 12:08:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ae719759cddc8d1d75ad1674a8f0b06ac1dc535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:33:1f:e3:08:1b:da:e9:df:ef:03:e2:db:b5:
c6:ad:93:40:3a:fa:ef:44:32:4d:27:d6:a2:88:f2:
78:2a:80:e0:ef:07:e4:f5:b7:7f:ab:3d:6a:a2:07:
ce:61:c0:83:89:d2:ec:f7:ea:ee:c1:40:d5:e5:77:
48:2a:5c:3a:19:e2:b6:32:0b:93:3f:b8:3a:b9:66:
89:b7:ff:72:b6:29:6e:92:1a:41:ca:0a:15:73:ad:
83:0f:6e:82:b9:4b:48:36:0c:85:28:b9:38:98:c1:
9b:84:97:66:c7:8e:74:3d:35:10:c5:f9:c3:08:6f:
15:27:7e:be:31:74:6d:d3:c3:31:1c:9d:a8:db:79:
ea:98:5b:67:88:08:a1:cb:dc:00:52:12:00:b4:82:
01:ba:d0:4b:e5:35:1a:a5:5d:49:a4:5f:ca:79:9b:
34:a6:be:ba:16:44:c1:a6:17:1e:91:f0:4d:58:14:
26:ce:e6:10:33:35:6e:5d:cf:28:43:e4:ed:8d:ff:
ef:70:ac:f7:cc:8c:64:66:8d:50:b5:6c:a8:bf:35:
68:f1:c9:4f:b6:96:88:e2:06:f9:14:7a:e4:f2:b5:
82:fc:84:df:7f:7b:13:1d:93:b5:86:a1:81:84:69:
42:5d:f9:5a:56:0b:77:1c:df:2a:86:01:f7:0f:bd:
75:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E7:19:75:9C:DD:C8:D1:D7:5A:D1:67:4A:8F:0B:06:AC:1D:C5:35
X509v3 Authority Key Identifier:
keyid:33:A9:24:AD:59:B4:59:35:7A:19:EE:0A:47:F3:79:53:0E:2D:24:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M6kkrVm0WTV6Ge4KR_N5Uw4tJEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/09830e-0ffe-4682-bc4d-eb77e9571152/1/aucZdZzdyNHXWtFnSo8LBqwdxTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/09830e-0ffe-4682-bc4d-eb77e9571152/1/M6kkrVm0WTV6Ge4KR_N5Uw4tJEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.85.0/24
185.169.7.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:3f:25:4b:ac:cd:e9:ab:5b:90:62:ec:9a:59:75:a6:25:07:
31:57:b8:56:68:5c:6f:51:a6:96:92:b5:5a:38:48:f0:89:8c:
d6:ce:f4:79:5f:7b:8a:1b:d1:6f:50:88:25:9f:1c:44:5b:50:
ec:50:1a:30:09:fa:40:5b:34:4e:cf:6d:ae:80:93:69:50:30:
c3:ec:47:72:3e:ff:7b:36:ff:53:d5:11:ba:0d:7f:db:b7:c8:
50:5f:b4:dd:29:3c:76:c2:31:2d:08:9a:9a:c3:d2:48:cd:6c:
77:0f:ef:38:d2:26:84:ad:58:1b:3d:1f:eb:49:54:a6:04:f3:
49:2e:99:58:93:9d:0e:e0:7e:84:a5:00:ca:74:8d:eb:02:19:
65:bb:2d:93:78:8e:91:27:54:fe:14:ce:e3:21:bb:36:4c:4d:
a8:1d:b3:06:06:f4:46:1b:05:3e:bb:23:c4:87:87:30:4d:39:
87:72:53:0d:cb:52:33:05:60:26:18:10:0d:c9:a8:2b:dc:47:
62:7d:13:27:a5:25:02:a8:17:10:1b:77:55:1e:4d:86:61:7e:
8e:f5:43:88:65:29:74:e0:ec:e4:9b:c2:be:f8:6a:b1:8f:97:
3b:b8:e9:f6:1b:c6:16:00:82:0f:3c:b4:9b:c6:5d:24:0b:5a:
b2:98:46:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0XUrpR79hHO0P/5R7S4EbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYTkyNGFkNTliNDU5MzU3YTE5ZWUwYTQ3ZjM3OTUzMGUy
ZDI0NGMwHhcNMjQwMTE3MTIwODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWU3MTk3NTljZGRjOGQxZDc1YWQxNjc0YThmMGIwNmFjMWRjNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTMf4wgb2unf7wPi27XGrZNAOvrv
RDJNJ9aiiPJ4KoDg7wfk9bd/qz1qogfOYcCDidLs9+ruwUDV5XdIKlw6GeK2MguT
P7g6uWaJt/9ytilukhpBygoVc62DD26CuUtINgyFKLk4mMGbhJdmx450PTUQxfnD
CG8VJ36+MXRt08MxHJ2o23nqmFtniAihy9wAUhIAtIIButBL5TUapV1JpF/KeZs0
pr66FkTBphcekfBNWBQmzuYQMzVuXc8oQ+Ttjf/vcKz3zIxkZo1QtWyovzVo8clP
tpaI4gb5FHrk8rWC/ITff3sTHZO1hqGBhGlCXflaVgt3HN8qhgH3D711IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGrnGXWc3cjR11rRZ0qPCwasHcU1MB8GA1UdIwQY
MBaAFDOpJK1ZtFk1ehnuCkfzeVMOLSRMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTZra3JWbTBXVFY2R2U0S1JfTjVVdzR0SkV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8wOTgzMGUtMGZmZS00NjgyLWJjNGQt
ZWI3N2U5NTcxMTUyLzEvYXVjWmRaemR5TkhYV3RGblNvOExCcXdkeFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8wOTgzMGUtMGZmZS00NjgyLWJjNGQtZWI3N2U5NTcxMTUy
LzEvTTZra3JWbTBXVFY2R2U0S1JfTjVVdzR0SkV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRpVAwQA
uakHMA0GCSqGSIb3DQEBCwUAA4IBAQCMPyVLrM3pq1uQYuyaWXWmJQcxV7hWaFxv
UaaWkrVaOEjwiYzWzvR5X3uKG9FvUIglnxxEW1DsUBowCfpAWzROz22ugJNpUDDD
7EdyPv97Nv9T1RG6DX/bt8hQX7TdKTx2wjEtCJqaw9JIzWx3D+840iaErVgbPR/r
SVSmBPNJLplYk50O4H6EpQDKdI3rAhlluy2TeI6RJ1T+FM7jIbs2TE2oHbMGBvRG
GwU+uyPEh4cwTTmHclMNy1IzBWAmGBANyagr3EdifRMnpSUCqBcQG3dVHk2GYX6O
9UOIZSl04Ozkm8K++Gqxj5c7uOn2G8YWAIIPPLSbxl0kC1qymEbo
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:36:27 2024 by rpki-client on console-ams.rpki-client.org