Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/183656-0dc5-4a94-ae6d-8ad1d0f80217/1/_2OgK1ZK1bH-gv0J0mu-PXexkbU.roa
File: _2OgK1ZK1bH-gv0J0mu-PXexkbU.roa (raw, json)
Hash identifier: RKSs9C4Q67nXwKp4OFrcneT6fL6q41uVrUZrTpyv/wg=
Subject key identifier: FF:63:A0:2B:56:4A:D5:B1:FE:82:FD:09:D2:6B:BE:3D:77:B1:91:B5
Certificate issuer: /CN=6904daf858b7b00b51cbb94afb28f03ea21e411d
Certificate serial: 0192F6CF6C33CB0D818C256914CFF407862A
Authority key identifier: 69:04:DA:F8:58:B7:B0:0B:51:CB:B9:4A:FB:28:F0:3E:A2:1E:41:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQTa-Fi3sAtRy7lK-yjwPqIeQR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/183656-0dc5-4a94-ae6d-8ad1d0f80217/1/_2OgK1ZK1bH-gv0J0mu-PXexkbU.roa
Signing time: Mon 04 Nov 2024 10:54:01 +0000
ROA not before: Mon 04 Nov 2024 10:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205900
IP address blocks: 185.154.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/183656-0dc5-4a94-ae6d-8ad1d0f80217/1/aQTa-Fi3sAtRy7lK-yjwPqIeQR0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/183656-0dc5-4a94-ae6d-8ad1d0f80217/1/aQTa-Fi3sAtRy7lK-yjwPqIeQR0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aQTa-Fi3sAtRy7lK-yjwPqIeQR0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:cf:6c:33:cb:0d:81:8c:25:69:14:cf:f4:07:86:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6904daf858b7b00b51cbb94afb28f03ea21e411d
Validity
Not Before: Nov 4 10:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff63a02b564ad5b1fe82fd09d26bbe3d77b191b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:22:58:37:29:33:78:c2:0b:57:98:b4:e5:62:
d4:aa:37:1e:51:37:1a:46:05:c2:84:ac:54:2b:62:
62:31:ab:35:11:56:a3:17:11:ea:f3:b5:c9:73:4b:
e6:ff:b2:0a:0f:4a:27:77:4e:d6:3a:d6:76:47:26:
fd:9a:ae:ff:d7:5e:3c:6e:04:45:f7:0a:2a:eb:80:
06:c1:4e:5f:57:ac:52:83:33:03:f1:7a:74:99:40:
d4:a3:00:76:2c:fe:f0:cb:32:63:df:2d:8d:30:11:
80:7b:63:2d:3f:cd:99:c5:03:11:b0:c3:65:4e:3f:
a9:af:57:81:e3:a3:e5:7f:ab:5f:03:23:ed:cd:35:
e8:80:5b:9b:83:1b:2e:72:de:16:d4:79:0b:7f:84:
62:04:24:f2:84:18:35:5c:ca:44:19:24:0b:dc:a9:
95:55:8a:90:96:eb:8a:f0:e9:13:b4:43:b1:7c:9d:
89:6f:01:9a:37:e5:d3:29:b7:d0:93:ac:87:af:3c:
09:9d:90:eb:4f:5f:a1:16:e0:0d:01:96:9d:a2:38:
24:f1:68:59:21:fe:14:bf:db:df:8d:51:6b:5e:22:
a8:b1:5b:ad:57:3b:89:14:6d:d6:4f:a3:72:88:46:
48:37:7b:e6:d1:e7:a1:3c:45:01:15:87:fe:0f:07:
6e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:63:A0:2B:56:4A:D5:B1:FE:82:FD:09:D2:6B:BE:3D:77:B1:91:B5
X509v3 Authority Key Identifier:
keyid:69:04:DA:F8:58:B7:B0:0B:51:CB:B9:4A:FB:28:F0:3E:A2:1E:41:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQTa-Fi3sAtRy7lK-yjwPqIeQR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/183656-0dc5-4a94-ae6d-8ad1d0f80217/1/_2OgK1ZK1bH-gv0J0mu-PXexkbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/183656-0dc5-4a94-ae6d-8ad1d0f80217/1/aQTa-Fi3sAtRy7lK-yjwPqIeQR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.48.0/24
Signature Algorithm: sha256WithRSAEncryption
07:9b:df:fe:19:8c:cc:c2:37:8b:44:4d:fe:17:c7:cd:82:f1:
c2:ea:22:f7:67:97:fd:aa:3b:83:c6:ee:46:e8:ce:b2:9f:81:
57:ce:01:59:b2:a3:35:6b:be:e1:98:e6:2a:e3:d4:f7:c3:12:
21:f5:e9:f8:41:17:84:f2:23:fe:29:c6:e6:ee:2c:11:43:88:
7e:4c:a3:ff:f7:92:65:a4:d6:66:4d:86:0a:2e:59:6c:98:4b:
64:69:0a:b7:82:4e:05:13:92:9f:35:c3:ad:fe:58:62:33:2c:
da:76:9b:98:40:c3:5a:f2:b8:2b:3a:66:7b:21:f6:56:52:d7:
22:c3:b2:4f:63:99:e0:05:25:97:9d:0f:65:06:f1:87:39:96:
80:ba:e6:a1:18:43:70:61:57:46:ca:11:43:29:c3:b8:5d:1a:
fa:53:62:b9:a4:97:6f:72:fd:13:da:e0:8d:2f:19:7a:99:16:
d0:b3:e6:8d:53:7a:bd:9c:85:43:e4:f4:1b:72:27:c9:bf:bb:
e3:d8:97:6e:43:74:7e:7e:d7:96:59:a9:db:a2:e9:e9:4a:84:
ab:65:2e:41:4b:ee:0b:6c:2f:08:94:ee:af:dc:07:7b:4e:ed:
29:1d:e5:8c:58:11:0f:5c:47:b6:f3:7d:0c:c2:17:ca:b5:65:
2c:9a:9e:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL2z2wzyw2BjCVpFM/0B4YqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MDRkYWY4NThiN2IwMGI1MWNiYjk0YWZiMjhmMDNlYTIx
ZTQxMWQwHhcNMjQxMTA0MTA1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYzYTAyYjU2NGFkNWIxZmU4MmZkMDlkMjZiYmUzZDc3YjE5MWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCJYNykzeMILV5i05WLUqjceUTca
RgXChKxUK2JiMas1EVajFxHq87XJc0vm/7IKD0ond07WOtZ2Ryb9mq7/1148bgRF
9woq64AGwU5fV6xSgzMD8Xp0mUDUowB2LP7wyzJj3y2NMBGAe2MtP82ZxQMRsMNl
Tj+pr1eB46Plf6tfAyPtzTXogFubgxsuct4W1HkLf4RiBCTyhBg1XMpEGSQL3KmV
VYqQluuK8OkTtEOxfJ2JbwGaN+XTKbfQk6yHrzwJnZDrT1+hFuANAZadojgk8WhZ
If4Uv9vfjVFrXiKosVutVzuJFG3WT6NyiEZIN3vm0eehPEUBFYf+DwduwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9joCtWStWx/oL9CdJrvj13sZG1MB8GA1UdIwQY
MBaAFGkE2vhYt7ALUcu5Svso8D6iHkEdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVFUYS1GaTNzQXRSeTdsSy15andQcUllUVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8xODM2NTYtMGRjNS00YTk0LWFlNmQt
OGFkMWQwZjgwMjE3LzEvXzJPZ0sxWksxYkgtZ3YwSjBtdS1QWGV4a2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8xODM2NTYtMGRjNS00YTk0LWFlNmQtOGFkMWQwZjgwMjE3
LzEvYVFUYS1GaTNzQXRSeTdsSy15andQcUllUVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZowMA0G
CSqGSIb3DQEBCwUAA4IBAQAHm9/+GYzMwjeLRE3+F8fNgvHC6iL3Z5f9qjuDxu5G
6M6yn4FXzgFZsqM1a77hmOYq49T3wxIh9en4QReE8iP+Kcbm7iwRQ4h+TKP/95Jl
pNZmTYYKLllsmEtkaQq3gk4FE5KfNcOt/lhiMyzadpuYQMNa8rgrOmZ7IfZWUtci
w7JPY5ngBSWXnQ9lBvGHOZaAuuahGENwYVdGyhFDKcO4XRr6U2K5pJdvcv0T2uCN
Lxl6mRbQs+aNU3q9nIVD5PQbcifJv7vj2JduQ3R+fteWWanbounpSoSrZS5BS+4L
bC8IlO6v3Ad7Tu0pHeWMWBEPXEe2830MwhfKtWUsmp5b
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:12 2024 by rpki-client on console-ams.rpki-client.org