Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/86-_hkjnUuQchlS7F9EqO8FzO4U.roa
File: 86-_hkjnUuQchlS7F9EqO8FzO4U.roa (raw, json)
Hash identifier: /VQriwERc5GM3/wsMA6AVFoBFL54yH2M5W4Djj2f7sE=
Subject key identifier: F3:AF:BF:86:48:E7:52:E4:1C:86:54:BB:17:D1:2A:3B:C1:73:3B:85
Certificate issuer: /CN=53787cd7946e10d88646ac79de57cc6ec59e4132
Certificate serial: 018CC50097DE7CB89E19E41D040C7A9E9616
Authority key identifier: 53:78:7C:D7:94:6E:10:D8:86:46:AC:79:DE:57:CC:6E:C5:9E:41:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3h815RuENiGRqx53lfMbsWeQTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/86-_hkjnUuQchlS7F9EqO8FzO4U.roa
Signing time: Mon 01 Jan 2024 12:29:59 +0000
ROA not before: Mon 01 Jan 2024 12:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60008
IP address blocks: 185.54.125.0/24 maxlen: 24
185.54.124.0/23 maxlen: 23
185.54.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/U3h815RuENiGRqx53lfMbsWeQTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/U3h815RuENiGRqx53lfMbsWeQTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/U3h815RuENiGRqx53lfMbsWeQTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:97:de:7c:b8:9e:19:e4:1d:04:0c:7a:9e:96:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53787cd7946e10d88646ac79de57cc6ec59e4132
Validity
Not Before: Jan 1 12:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3afbf8648e752e41c8654bb17d12a3bc1733b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f3:23:18:29:4a:35:f5:dc:05:7a:f3:79:41:
d9:c1:0d:6f:6b:76:ca:50:67:48:bf:f1:5a:15:53:
be:8e:54:77:0c:9b:32:eb:63:0a:1b:e0:af:3b:0c:
f1:72:37:e7:a6:80:97:5e:1e:6e:b6:6b:b8:4c:27:
b1:aa:06:06:6d:70:4f:01:f1:df:1f:2e:66:69:c9:
68:34:7a:a2:a3:51:92:18:85:b8:f5:59:93:17:31:
7a:4c:6f:78:c5:58:70:0e:6e:04:ed:bc:7c:02:b8:
0a:04:71:8e:96:89:43:45:c6:c7:5a:88:9d:3d:4e:
e2:0e:9c:d2:a3:88:f9:b6:d9:f9:ca:eb:e2:15:84:
84:04:22:ff:82:ce:06:67:0f:ec:9b:57:af:7c:c5:
e9:b5:b7:fd:62:65:3c:07:e7:42:ca:04:70:c0:c5:
3f:97:5c:ff:65:4f:94:79:3b:8d:1c:46:30:0d:09:
61:74:0a:77:95:de:e0:97:44:aa:3a:2e:5e:42:c4:
9b:fa:e6:6c:d3:38:1a:25:2b:c1:bf:9e:32:1d:b3:
8c:cb:5b:43:43:9d:ac:8a:45:2c:36:0e:fd:1e:ec:
87:1e:46:7c:05:26:14:c5:a8:40:9f:5d:06:7d:77:
f3:0f:ef:f4:53:82:c9:4a:10:47:ef:f2:8f:fd:88:
66:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AF:BF:86:48:E7:52:E4:1C:86:54:BB:17:D1:2A:3B:C1:73:3B:85
X509v3 Authority Key Identifier:
keyid:53:78:7C:D7:94:6E:10:D8:86:46:AC:79:DE:57:CC:6E:C5:9E:41:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3h815RuENiGRqx53lfMbsWeQTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/86-_hkjnUuQchlS7F9EqO8FzO4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c77825-68a3-4b3e-bc90-523fd86a07c7/1/U3h815RuENiGRqx53lfMbsWeQTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.124.0/23
Signature Algorithm: sha256WithRSAEncryption
83:bb:17:41:af:b1:7a:1e:6c:61:40:a7:35:41:33:b4:9e:46:
ba:8c:1c:12:80:d9:78:4c:5e:b9:79:76:e0:b0:9e:7e:00:71:
e3:ef:c5:78:b0:22:eb:bb:00:55:d3:71:98:68:b1:03:b6:95:
3a:79:ba:d7:58:54:7b:bf:43:9d:5d:c5:ff:64:a3:84:05:03:
05:c0:68:55:ac:55:51:89:6a:56:85:19:d5:30:17:e7:9e:79:
8e:a2:8b:26:8a:8f:f7:95:05:39:ec:43:82:6f:6f:d7:81:2d:
d0:ff:94:36:42:dc:d4:59:50:ea:ee:8f:2c:50:af:a8:8a:7d:
67:1c:b3:2a:ee:38:c9:4e:13:55:b6:69:83:4f:4d:ed:35:80:
d3:9a:0e:6a:fd:4e:9f:b1:c6:e3:02:cc:a1:a7:94:fb:17:82:
15:42:ff:23:ea:ff:d2:a2:6b:3f:cb:27:43:cb:28:ea:5a:8c:
50:1d:e5:85:4a:5e:d6:1b:c3:13:e6:d7:dc:e9:58:77:87:bf:
6c:7f:6d:ce:fd:22:21:a5:b6:26:33:d3:1d:fc:ef:f1:9c:5c:
c5:e0:7d:d7:6a:d2:54:b1:d4:89:93:e7:fd:25:47:43:7f:fd:
00:19:24:e5:62:98:db:83:4b:39:4b:66:33:64:8a:1d:21:36:
b5:86:d4:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAJfefLieGeQdBAx6npYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNzg3Y2Q3OTQ2ZTEwZDg4NjQ2YWM3OWRlNTdjYzZlYzU5
ZTQxMzIwHhcNMjQwMTAxMTIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2FmYmY4NjQ4ZTc1MmU0MWM4NjU0YmIxN2QxMmEzYmMxNzMzYjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPMjGClKNfXcBXrzeUHZwQ1va3bK
UGdIv/FaFVO+jlR3DJsy62MKG+CvOwzxcjfnpoCXXh5utmu4TCexqgYGbXBPAfHf
Hy5macloNHqio1GSGIW49VmTFzF6TG94xVhwDm4E7bx8ArgKBHGOlolDRcbHWoid
PU7iDpzSo4j5ttn5yuviFYSEBCL/gs4GZw/sm1evfMXptbf9YmU8B+dCygRwwMU/
l1z/ZU+UeTuNHEYwDQlhdAp3ld7gl0SqOi5eQsSb+uZs0zgaJSvBv54yHbOMy1tD
Q52sikUsNg79HuyHHkZ8BSYUxahAn10GfXfzD+/0U4LJShBH7/KP/YhmQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPOvv4ZI51LkHIZUuxfRKjvBczuFMB8GA1UdIwQY
MBaAFFN4fNeUbhDYhkased5XzG7FnkEyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTNoODE1UnVFTmlHUnF4NTNsZk1ic1dlUVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9jNzc4MjUtNjhhMy00YjNlLWJjOTAt
NTIzZmQ4NmEwN2M3LzEvODYtX2hram5VdVFjaGxTN0Y5RXFPOEZ6TzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9jNzc4MjUtNjhhMy00YjNlLWJjOTAtNTIzZmQ4NmEwN2M3
LzEvVTNoODE1UnVFTmlHUnF4NTNsZk1ic1dlUVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuTZ8MA0G
CSqGSIb3DQEBCwUAA4IBAQCDuxdBr7F6HmxhQKc1QTO0nka6jBwSgNl4TF65eXbg
sJ5+AHHj78V4sCLruwBV03GYaLEDtpU6ebrXWFR7v0OdXcX/ZKOEBQMFwGhVrFVR
iWpWhRnVMBfnnnmOoosmio/3lQU57EOCb2/XgS3Q/5Q2QtzUWVDq7o8sUK+oin1n
HLMq7jjJThNVtmmDT03tNYDTmg5q/U6fscbjAsyhp5T7F4IVQv8j6v/Soms/yydD
yyjqWoxQHeWFSl7WG8MT5tfc6Vh3h79sf23O/SIhpbYmM9Md/O/xnFzF4H3XatJU
sdSJk+f9JUdDf/0AGSTlYpjbg0s5S2YzZIodITa1htR9
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:04:49 2024 by rpki-client on console-fra.rpki-client.org