Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/80F9flZBiBXX7cYq7Fpe6Y1_XmE.roa
File: 80F9flZBiBXX7cYq7Fpe6Y1_XmE.roa (raw, json)
Hash identifier: Y34JKxNCm+96WpvR+/eC8NWKCfT+GzSpQDJuXlu4BoI=
Subject key identifier: F3:41:7D:7E:56:41:88:15:D7:ED:C6:2A:EC:5A:5E:E9:8D:7F:5E:61
Certificate issuer: /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Certificate serial: 018D5E785053CBB954871358A5C40B7E06D9
Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/80F9flZBiBXX7cYq7Fpe6Y1_XmE.roa
Signing time: Wed 31 Jan 2024 07:42:39 +0000
ROA not before: Wed 31 Jan 2024 07:42:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25234
IP address blocks: 185.71.159.0/24 maxlen: 24
2a02:250:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:78:50:53:cb:b9:54:87:13:58:a5:c4:0b:7e:06:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Validity
Not Before: Jan 31 07:42:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3417d7e56418815d7edc62aec5a5ee98d7f5e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8e:a8:bc:a7:94:83:01:61:4e:c8:8f:2f:37:
b3:01:9d:a8:64:86:9e:91:ad:81:77:1e:90:0c:c5:
73:26:d9:a0:d4:06:b3:2c:ec:b0:58:27:9a:73:40:
66:43:9d:29:82:e0:f3:8b:4c:56:43:3b:5a:58:ea:
39:5b:58:f2:84:20:54:e6:02:fb:7c:eb:36:68:3c:
b8:30:60:97:2f:dc:2f:4d:f0:3b:5c:bb:3a:02:60:
c2:a3:3d:73:61:f4:61:12:02:d9:c6:be:e5:dd:d4:
8e:51:ec:e2:9f:61:db:43:f6:1d:a5:4d:75:54:50:
ed:aa:54:3e:65:07:c4:e6:e0:ee:47:45:7e:71:27:
85:3c:40:09:31:b1:1b:41:ee:23:83:60:80:15:81:
d3:f2:08:6a:7a:a6:9c:e5:73:11:91:21:91:62:f1:
de:2b:fe:b1:76:d6:0f:f0:d7:94:1d:79:52:74:62:
2e:fc:46:77:a1:da:5e:08:16:29:a5:3b:34:ad:c7:
46:b5:54:c5:a6:ca:e7:29:a5:59:e0:1a:cc:33:ca:
ae:2b:34:1b:6f:83:2c:b3:8f:3c:76:f8:9d:bc:41:
68:f1:ba:e8:42:08:bd:ee:c4:a8:30:37:2e:c6:9b:
dc:54:68:85:fb:03:00:d1:62:2e:3c:40:f3:ab:74:
31:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:41:7D:7E:56:41:88:15:D7:ED:C6:2A:EC:5A:5E:E9:8D:7F:5E:61
X509v3 Authority Key Identifier:
keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/80F9flZBiBXX7cYq7Fpe6Y1_XmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.159.0/24
IPv6:
2a02:250:3::/48
Signature Algorithm: sha256WithRSAEncryption
bf:cd:42:5a:f5:69:14:8c:89:0d:c9:73:57:82:cd:d2:fd:b3:
92:fa:3e:51:25:2f:27:3c:45:73:e1:33:b0:e2:ea:1e:dc:d3:
57:d4:df:75:b4:fc:dc:e7:46:e7:e9:dc:a7:4a:cb:e2:df:e4:
bb:62:7c:76:93:d7:7d:88:05:74:85:1b:f9:f2:ac:a8:80:66:
78:a1:68:25:83:73:08:09:8c:70:56:78:33:3a:9d:8e:ee:ee:
1a:a7:d5:58:04:08:fb:de:e9:7b:d8:59:36:f3:11:7e:da:26:
6a:91:5b:02:3a:55:4d:3c:cd:c4:43:2c:72:50:7d:7c:98:3c:
5e:79:90:40:07:52:e4:0d:ff:82:63:f9:44:4e:f2:f8:00:4a:
22:fd:8b:89:00:a3:ce:8d:81:91:fc:35:17:36:ea:aa:d9:5d:
f3:fb:98:bf:ef:ee:3d:bb:55:31:00:e5:e0:cf:aa:c5:a1:dd:
c2:1b:dc:1f:55:92:2c:08:d0:e7:f3:74:96:47:9b:47:5b:56:
f0:5e:6c:c1:d6:5c:58:dc:da:d4:a9:96:e7:ce:89:85:f9:52:
7a:b6:a5:cd:10:72:53:4a:ab:0f:4a:b8:8c:27:e9:59:8b:48:
f4:e6:74:f8:66:21:f6:d1:54:07:4e:8b:d9:c1:b1:f5:ee:37:
82:aa:d1:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1eeFBTy7lUhxNYpcQLfgbZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjVlZTIzYmZmNDJjY2Y2NzlkNzM3N2ZlNGRhNjk1ZDM0
MWFlZjAwHhcNMjQwMTMxMDc0MjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzQxN2Q3ZTU2NDE4ODE1ZDdlZGM2MmFlYzVhNWVlOThkN2Y1ZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY6ovKeUgwFhTsiPLzezAZ2oZIae
ka2Bdx6QDMVzJtmg1AazLOywWCeac0BmQ50pguDzi0xWQztaWOo5W1jyhCBU5gL7
fOs2aDy4MGCXL9wvTfA7XLs6AmDCoz1zYfRhEgLZxr7l3dSOUezin2HbQ/YdpU11
VFDtqlQ+ZQfE5uDuR0V+cSeFPEAJMbEbQe4jg2CAFYHT8ghqeqac5XMRkSGRYvHe
K/6xdtYP8NeUHXlSdGIu/EZ3odpeCBYppTs0rcdGtVTFpsrnKaVZ4BrMM8quKzQb
b4Mss488dvidvEFo8broQgi97sSoMDcuxpvcVGiF+wMA0WIuPEDzq3QxzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPNBfX5WQYgV1+3GKuxaXumNf15hMB8GA1UdIwQY
MBaAFM1l7iO/9CzPZ51zd/5NppXTQa7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQt
NWRjMmZhNmEzNTAzLzEvODBGOWZsWkJpQlhYN2NZcTdGcGU2WTFfWG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQtNWRjMmZhNmEzNTAz
LzEveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuUefMA8E
AgACMAkDBwAqAgJQAAMwDQYJKoZIhvcNAQELBQADggEBAL/NQlr1aRSMiQ3Jc1eC
zdL9s5L6PlElLyc8RXPhM7Di6h7c01fU33W0/NznRufp3KdKy+Lf5LtifHaT132I
BXSFG/nyrKiAZnihaCWDcwgJjHBWeDM6nY7u7hqn1VgECPve6XvYWTbzEX7aJmqR
WwI6VU08zcRDLHJQfXyYPF55kEAHUuQN/4Jj+URO8vgASiL9i4kAo86NgZH8NRc2
6qrZXfP7mL/v7j27VTEA5eDPqsWh3cIb3B9VkiwI0OfzdJZHm0dbVvBebMHWXFjc
2tSplufOiYX5Unq2pc0QclNKqw9KuIwn6VmLSPTmdPhmIfbRVAdOi9nBsfXuN4Kq
0aU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:14:24 2024 by rpki-client on console-fra.rpki-client.org