Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/igMnd2gcmHFA6sXNmIZbrceXm7A.roa
File: igMnd2gcmHFA6sXNmIZbrceXm7A.roa (raw, json)
Hash identifier: UXRbNHsfM8gAzfDNpoxLDXBElAJTuhb8+R/IzrNbdAY=
Subject key identifier: 8A:03:27:77:68:1C:98:71:40:EA:C5:CD:98:86:5B:AD:C7:97:9B:B0
Certificate issuer: /CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Certificate serial: 018CC8714B078F4B3F813563D8D44CEDF043
Authority key identifier: 7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/igMnd2gcmHFA6sXNmIZbrceXm7A.roa
Signing time: Tue 02 Jan 2024 04:31:57 +0000
ROA not before: Tue 02 Jan 2024 04:31:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203954
IP address blocks: 185.118.240.0/24 maxlen: 24
2a06:9681::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:4b:07:8f:4b:3f:81:35:63:d8:d4:4c:ed:f0:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3b8877e1a130fe50386c610d6ead5641b97ba6
Validity
Not Before: Jan 2 04:31:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a032777681c987140eac5cd98865badc7979bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:51:87:5c:33:46:1a:f2:cd:f6:61:43:c2:2b:
bb:e4:cf:2f:80:d1:1c:21:de:99:3b:bd:59:64:4e:
da:44:5e:37:0f:72:c9:2a:1f:68:e1:02:85:f0:bd:
1e:2e:fe:22:1a:1d:1f:f9:b5:91:62:a0:18:d5:2c:
08:0c:6e:05:0c:04:2a:d0:03:a5:52:d7:29:f4:59:
f4:33:f2:9b:18:33:06:17:84:f2:2b:0e:5d:7e:d5:
56:ac:ea:0d:58:00:f5:09:cd:5d:0e:d6:87:cc:da:
7f:42:71:b5:8d:bd:ba:da:f2:ce:95:af:09:d3:c1:
c0:f8:29:bb:ab:45:e3:18:80:e8:93:13:e3:43:02:
37:0a:17:c0:40:b2:1d:d0:eb:38:59:76:1c:b6:9a:
c5:94:a9:f0:73:4d:68:57:1e:fa:9f:47:78:ab:c5:
16:29:12:65:8a:42:8a:87:d8:ff:56:5b:86:98:5a:
7b:4d:ba:01:77:77:43:ff:da:a1:7e:fb:01:6d:45:
49:c5:df:e6:cd:3d:98:10:10:13:9d:1a:ef:03:52:
fa:6f:9b:e7:ae:1c:87:94:3c:f3:6f:97:fd:cd:c5:
ed:35:b3:70:3e:e3:98:e5:62:39:4e:42:47:3d:38:
63:3a:8b:eb:4d:ea:1a:23:dc:a9:ff:2a:e9:56:a6:
2e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:03:27:77:68:1C:98:71:40:EA:C5:CD:98:86:5B:AD:C7:97:9B:B0
X509v3 Authority Key Identifier:
keyid:7C:3B:88:77:E1:A1:30:FE:50:38:6C:61:0D:6E:AD:56:41:B9:7B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDuId-GhMP5QOGxhDW6tVkG5e6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/igMnd2gcmHFA6sXNmIZbrceXm7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/17a712-4e5a-40c5-a3a2-12025c54f484/1/fDuId-GhMP5QOGxhDW6tVkG5e6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.240.0/24
IPv6:
2a06:9681::/32
Signature Algorithm: sha256WithRSAEncryption
a5:ca:3b:f9:fc:c9:56:8e:ca:38:f2:01:36:92:45:e4:22:d8:
ab:1c:fd:95:72:33:88:2b:8f:2b:9b:f2:73:50:90:75:f3:85:
24:44:9b:df:e2:e2:8e:7a:d3:cf:55:1f:b9:6c:72:a0:09:3f:
84:77:b3:fc:b0:c3:5f:77:2d:27:0d:32:f9:2d:30:9f:44:0a:
86:bc:ef:22:22:87:cb:6d:87:ba:6a:3b:16:df:de:0a:8c:82:
dd:9d:4f:02:c9:51:dd:ff:75:b9:dd:42:4d:82:e6:e7:02:22:
cd:0e:c3:6e:4a:ca:c0:ba:ae:1e:f3:ec:95:9c:df:66:f7:a2:
1c:79:62:ba:cc:a2:0c:e3:7e:4c:66:6e:9f:42:92:ee:78:cc:
5c:2e:4b:ee:6c:4c:0c:1a:c2:e0:c7:b4:1a:8f:73:0d:60:47:
67:c1:9d:40:83:e2:aa:c6:ae:4c:2f:f2:d9:f3:0f:a9:75:07:
1a:a2:b0:0a:01:ed:ca:d1:9f:f8:ca:17:d8:a5:44:b4:c5:54:
85:55:25:76:a2:99:e7:ec:bd:e4:22:de:eb:6c:bf:f5:dd:06:
83:0b:8c:00:1c:b5:53:7e:e1:0f:42:7d:f6:24:d9:cb:cf:44:
eb:59:8a:90:23:ec:2b:10:b4:0e:48:04:5b:5e:4e:d1:23:2b:
2b:62:72:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcUsHj0s/gTVj2NRM7fBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2I4ODc3ZTFhMTMwZmU1MDM4NmM2MTBkNmVhZDU2NDFi
OTdiYTYwHhcNMjQwMTAyMDQzMTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTAzMjc3NzY4MWM5ODcxNDBlYWM1Y2Q5ODg2NWJhZGM3OTc5YmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFGHXDNGGvLN9mFDwiu75M8vgNEc
Id6ZO71ZZE7aRF43D3LJKh9o4QKF8L0eLv4iGh0f+bWRYqAY1SwIDG4FDAQq0AOl
Utcp9Fn0M/KbGDMGF4TyKw5dftVWrOoNWAD1Cc1dDtaHzNp/QnG1jb262vLOla8J
08HA+Cm7q0XjGIDokxPjQwI3ChfAQLId0Os4WXYctprFlKnwc01oVx76n0d4q8UW
KRJlikKKh9j/VluGmFp7TboBd3dD/9qhfvsBbUVJxd/mzT2YEBATnRrvA1L6b5vn
rhyHlDzzb5f9zcXtNbNwPuOY5WI5TkJHPThjOovrTeoaI9yp/yrpVqYukQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIoDJ3doHJhxQOrFzZiGW63Hl5uwMB8GA1UdIwQY
MBaAFHw7iHfhoTD+UDhsYQ1urVZBuXumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTIt
MTIwMjVjNTRmNDg0LzEvaWdNbmQyZ2NtSEZBNnNYTm1JWmJyY2VYbTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xN2E3MTItNGU1YS00MGM1LWEzYTItMTIwMjVjNTRmNDg0
LzEvZkR1SWQtR2hNUDVRT0d4aERXNnRWa0c1ZTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXbwMA0E
AgACMAcDBQAqBpaBMA0GCSqGSIb3DQEBCwUAA4IBAQClyjv5/MlWjso48gE2kkXk
ItirHP2VcjOIK48rm/JzUJB184UkRJvf4uKOetPPVR+5bHKgCT+Ed7P8sMNfdy0n
DTL5LTCfRAqGvO8iIofLbYe6ajsW394KjILdnU8CyVHd/3W53UJNgubnAiLNDsNu
SsrAuq4e8+yVnN9m96IceWK6zKIM435MZm6fQpLueMxcLkvubEwMGsLgx7Qaj3MN
YEdnwZ1Ag+Kqxq5ML/LZ8w+pdQcaorAKAe3K0Z/4yhfYpUS0xVSFVSV2opnn7L3k
It7rbL/13QaDC4wAHLVTfuEPQn32JNnLz0TrWYqQI+wrELQOSARbXk7RIysrYnJz
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:18:15 2024 by rpki-client on console-ams.rpki-client.org