Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/3a7T9zhtOn8QNa9yW0yke32cD4g.roa
File: 3a7T9zhtOn8QNa9yW0yke32cD4g.roa (raw, json)
Hash identifier: ThkIrtYIV99e0slpzRpAaq6sYuVHy94zueMMVSgVsFU=
Subject key identifier: DD:AE:D3:F7:38:6D:3A:7F:10:35:AF:72:5B:4C:A4:7B:7D:9C:0F:88
Certificate issuer: /CN=e98dc5e78258e426739bd88c2d4c200aadf3bf13
Certificate serial: 018CC5DD0112FF64A8491E93FE55EC116A6A
Authority key identifier: E9:8D:C5:E7:82:58:E4:26:73:9B:D8:8C:2D:4C:20:0A:AD:F3:BF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Y3F54JY5CZzm9iMLUwgCq3zvxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/3a7T9zhtOn8QNa9yW0yke32cD4g.roa
Signing time: Mon 01 Jan 2024 16:30:44 +0000
ROA not before: Mon 01 Jan 2024 16:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.2.0/24 maxlen: 24
2001:7f8:81::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/6Y3F54JY5CZzm9iMLUwgCq3zvxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/6Y3F54JY5CZzm9iMLUwgCq3zvxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6Y3F54JY5CZzm9iMLUwgCq3zvxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:01:12:ff:64:a8:49:1e:93:fe:55:ec:11:6a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e98dc5e78258e426739bd88c2d4c200aadf3bf13
Validity
Not Before: Jan 1 16:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ddaed3f7386d3a7f1035af725b4ca47b7d9c0f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2d:1e:bb:bc:92:20:31:dd:66:09:de:a5:bb:
40:ad:23:61:c3:fc:38:93:9d:53:55:db:df:88:ed:
0b:af:a1:67:d8:e0:02:1d:43:63:55:3a:37:bd:27:
82:88:56:1a:f2:1b:a9:ed:dd:20:a6:d8:40:30:2e:
00:cc:a2:f8:4b:97:9d:0d:db:4f:b8:91:a4:68:64:
65:22:22:e7:bf:17:8a:db:12:76:2e:06:ab:bf:c0:
3c:c4:e0:c1:34:28:7f:5e:ea:3c:16:8f:a5:b9:27:
4c:ef:4d:9e:a9:04:27:20:bb:ce:2b:7a:5c:5a:81:
53:51:94:e4:a7:7d:2f:ca:52:de:14:e4:14:e8:e8:
6d:ff:45:d2:17:dc:19:a1:c6:72:3a:d6:40:9c:35:
95:54:4e:1b:a1:fa:28:1c:5d:db:d3:cc:4f:0a:9c:
23:0c:51:81:ce:ab:43:c4:9a:33:6b:d3:ce:1b:22:
81:56:fa:cb:17:89:f7:4e:37:d6:af:99:d9:0b:d6:
15:7d:ae:1e:de:74:b7:be:83:99:f5:d7:86:4b:88:
19:42:20:3f:05:d0:ee:92:5a:92:be:97:c7:bf:fd:
20:ca:85:be:31:b5:1a:9d:72:6a:cc:b4:63:5d:71:
45:0c:c8:22:62:25:66:d8:10:9f:f0:7b:4d:a7:30:
80:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AE:D3:F7:38:6D:3A:7F:10:35:AF:72:5B:4C:A4:7B:7D:9C:0F:88
X509v3 Authority Key Identifier:
keyid:E9:8D:C5:E7:82:58:E4:26:73:9B:D8:8C:2D:4C:20:0A:AD:F3:BF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Y3F54JY5CZzm9iMLUwgCq3zvxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/3a7T9zhtOn8QNa9yW0yke32cD4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/6Y3F54JY5CZzm9iMLUwgCq3zvxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.2.0/24
IPv6:
2001:7f8:81::/48
Signature Algorithm: sha256WithRSAEncryption
6d:ac:98:ef:de:c5:df:be:17:a4:ab:49:20:64:52:68:7f:9b:
3c:85:58:84:20:e1:6f:7b:cd:50:b0:28:34:1b:25:d1:19:0a:
66:4d:97:9f:15:db:6a:4d:a3:5d:74:ca:30:fa:8d:b9:38:24:
a5:8e:b6:1d:8d:b1:52:7f:0a:b2:13:15:72:76:85:87:2e:47:
c5:df:b3:3d:fa:6d:dc:ee:a9:d4:96:f0:f4:4d:6f:8b:9c:28:
e8:2b:2c:c5:9e:a9:79:02:ce:34:73:f5:86:87:09:c7:d5:de:
11:7d:46:7e:09:14:6b:84:76:cf:d0:26:b4:cd:5c:f6:e4:cb:
b9:4f:9e:66:f2:27:79:71:6f:51:02:90:c2:21:93:35:bb:5a:
cd:6a:0d:0b:30:d6:89:2a:b7:9b:06:1f:2b:4d:56:2e:18:15:
17:f7:ff:13:3c:4c:3e:f6:14:e8:4d:82:05:74:c3:7f:96:10:
56:9b:8b:bb:e8:ee:7e:93:d6:ad:bc:a9:b8:5a:d7:09:41:0d:
51:96:c7:d4:c7:4e:2f:af:63:04:9e:2a:72:99:b6:47:d9:f9:
21:1a:b0:41:58:99:9d:de:02:5e:d7:84:6c:40:67:86:46:5e:
c9:8c:28:1c:a5:1a:ac:43:f8:03:50:21:06:95:0a:54:9e:ab:
0d:1b:8b:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3QES/2SoSR6T/lXsEWpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5OGRjNWU3ODI1OGU0MjY3MzliZDg4YzJkNGMyMDBhYWRm
M2JmMTMwHhcNMjQwMTAxMTYzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGFlZDNmNzM4NmQzYTdmMTAzNWFmNzI1YjRjYTQ3YjdkOWMwZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS0eu7ySIDHdZgnepbtArSNhw/w4
k51TVdvfiO0Lr6Fn2OACHUNjVTo3vSeCiFYa8hup7d0gpthAMC4AzKL4S5edDdtP
uJGkaGRlIiLnvxeK2xJ2Lgarv8A8xODBNCh/Xuo8Fo+luSdM702eqQQnILvOK3pc
WoFTUZTkp30vylLeFOQU6Oht/0XSF9wZocZyOtZAnDWVVE4bofooHF3b08xPCpwj
DFGBzqtDxJoza9POGyKBVvrLF4n3TjfWr5nZC9YVfa4e3nS3voOZ9deGS4gZQiA/
BdDuklqSvpfHv/0gyoW+MbUanXJqzLRjXXFFDMgiYiVm2BCf8HtNpzCAoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN2u0/c4bTp/EDWvcltMpHt9nA+IMB8GA1UdIwQY
MBaAFOmNxeeCWOQmc5vYjC1MIAqt878TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlkzRjU0Slk1Q1p6bTlpTUxVd2dDcTN6dnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80ZDdmNmUtYzZkZi00MWQ3LThmZmQt
NTA4OWI2MDJiZmMyLzEvM2E3VDl6aHRPbjhRTmE5eVcweWtlMzJjRDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80ZDdmNmUtYzZkZi00MWQ3LThmZmQtNTA4OWI2MDJiZmMy
LzEvNlkzRjU0Slk1Q1p6bTlpTUxVd2dDcTN6dnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQECMA8E
AgACMAkDBwAgAQf4AIEwDQYJKoZIhvcNAQELBQADggEBAG2smO/exd++F6SrSSBk
Umh/mzyFWIQg4W97zVCwKDQbJdEZCmZNl58V22pNo110yjD6jbk4JKWOth2NsVJ/
CrITFXJ2hYcuR8Xfsz36bdzuqdSW8PRNb4ucKOgrLMWeqXkCzjRz9YaHCcfV3hF9
Rn4JFGuEds/QJrTNXPbky7lPnmbyJ3lxb1ECkMIhkzW7Ws1qDQsw1okqt5sGHytN
Vi4YFRf3/xM8TD72FOhNggV0w3+WEFabi7vo7n6T1q28qbha1wlBDVGWx9THTi+v
YwSeKnKZtkfZ+SEasEFYmZ3eAl7XhGxAZ4ZGXsmMKBylGqxD+ANQIQaVClSeqw0b
iww=
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:47:59 2024 by rpki-client on console-fra.rpki-client.org