Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/CK4oDkDNAtrsANRAM9MzODRBeeo.roa
File: CK4oDkDNAtrsANRAM9MzODRBeeo.roa (raw, json)
Hash identifier: a8f7/OKcwxnl6RdBgGNJkXpXimkbiOKN0iu0xxz92y4=
Subject key identifier: 08:AE:28:0E:40:CD:02:DA:EC:00:D4:40:33:D3:33:38:34:41:79:EA
Certificate issuer: /CN=d6aa89f7b722279c032942dcf24865f6d72d6501
Certificate serial: 018CC64B7F22005E2400CE7464185D73F85D
Authority key identifier: D6:AA:89:F7:B7:22:27:9C:03:29:42:DC:F2:48:65:F6:D7:2D:65:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/CK4oDkDNAtrsANRAM9MzODRBeeo.roa
Signing time: Mon 01 Jan 2024 18:31:25 +0000
ROA not before: Mon 01 Jan 2024 18:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.225.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/1qqJ97ciJ5wDKULc8khl9tctZQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/1qqJ97ciJ5wDKULc8khl9tctZQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7f:22:00:5e:24:00:ce:74:64:18:5d:73:f8:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa89f7b722279c032942dcf24865f6d72d6501
Validity
Not Before: Jan 1 18:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08ae280e40cd02daec00d44033d33338344179ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8a:4c:17:34:6b:d9:9d:46:83:22:ca:74:15:
65:75:ef:dc:db:cd:97:49:8b:51:0f:53:90:93:d3:
62:7a:f6:80:4d:0f:a7:76:78:af:21:7f:98:cb:cb:
57:e5:c9:dc:84:cd:12:06:d5:e3:51:d7:a5:93:5c:
ca:b8:39:dd:27:02:df:63:f9:32:b9:bd:72:78:35:
85:03:74:c7:c8:16:d3:fa:37:5a:9c:48:cd:c3:be:
dc:e0:cd:37:cd:b5:01:c2:08:c7:dc:a0:38:fd:bc:
8e:fa:55:b1:61:24:f2:e9:bf:1e:76:4e:8c:5d:70:
b3:c8:44:d5:df:f2:6e:90:37:80:0a:62:54:de:2d:
ec:21:e8:52:65:8e:71:25:83:04:73:ca:2a:2c:67:
8b:c9:a3:0c:5e:ea:8a:01:94:26:0f:dd:39:74:4b:
56:9b:3f:01:0c:b9:86:c0:f0:84:6b:a4:88:2d:ff:
97:03:07:f7:d5:41:c1:f5:d2:46:75:bb:07:8f:51:
7e:67:e2:ae:da:82:0b:42:28:3e:ea:c9:c7:ec:6f:
31:4e:fa:e3:a2:fa:03:de:f9:2f:a0:9b:e9:c8:09:
b8:15:ac:2e:99:ff:a2:75:0d:ab:18:84:0e:5e:a5:
24:6e:1d:ad:87:ee:b3:29:4f:f9:0d:2d:a9:e8:9a:
24:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:AE:28:0E:40:CD:02:DA:EC:00:D4:40:33:D3:33:38:34:41:79:EA
X509v3 Authority Key Identifier:
keyid:D6:AA:89:F7:B7:22:27:9C:03:29:42:DC:F2:48:65:F6:D7:2D:65:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/CK4oDkDNAtrsANRAM9MzODRBeeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/1qqJ97ciJ5wDKULc8khl9tctZQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.252.0/22
Signature Algorithm: sha256WithRSAEncryption
91:b8:dc:d0:30:1c:c1:1c:89:37:17:b9:f3:23:26:e5:63:26:
ad:47:58:fc:4a:0e:f4:07:66:c3:de:34:4a:ab:23:4a:16:20:
77:d7:e3:2b:78:02:cb:5e:89:4b:60:91:56:84:71:24:4d:8d:
55:a9:85:4f:11:b2:39:cc:48:eb:62:6b:55:5c:a3:3d:02:1a:
ab:8a:dd:04:1a:3a:86:8a:50:14:ec:0a:95:32:c8:db:16:53:
c9:90:18:e5:d1:bb:c0:14:92:26:e5:51:5c:c5:14:ac:99:37:
67:3b:d6:fa:e7:a7:10:59:b5:43:ba:91:15:18:f2:f8:59:3d:
e2:41:79:dd:07:6c:57:52:65:43:b0:27:24:ce:c1:b3:0c:4a:
67:99:0f:22:12:17:81:cc:04:fc:df:e7:0f:70:e6:af:1c:a2:
b8:2a:39:4c:a5:d4:c1:75:45:b9:60:62:29:3e:36:42:44:2a:
68:03:94:43:be:3a:5f:52:5f:a5:7c:9c:8a:21:d6:35:8c:4a:
a8:89:f6:f3:80:60:1c:06:32:67:14:36:65:88:8e:9b:3e:5a:
89:09:8c:6d:47:58:2b:e7:ad:2f:ab:93:76:35:e8:47:a1:2f:
25:63:a7:6f:a5:19:ff:af:05:77:15:87:1f:5e:1c:5c:63:cf:
e7:d4:4b:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS38iAF4kAM50ZBhdc/hdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YWE4OWY3YjcyMjI3OWMwMzI5NDJkY2YyNDg2NWY2ZDcy
ZDY1MDEwHhcNMjQwMTAxMTgzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGFlMjgwZTQwY2QwMmRhZWMwMGQ0NDAzM2QzMzMzODM0NDE3OWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIpMFzRr2Z1GgyLKdBVlde/c282X
SYtRD1OQk9NievaATQ+ndnivIX+Yy8tX5cnchM0SBtXjUdelk1zKuDndJwLfY/ky
ub1yeDWFA3THyBbT+jdanEjNw77c4M03zbUBwgjH3KA4/byO+lWxYSTy6b8edk6M
XXCzyETV3/JukDeACmJU3i3sIehSZY5xJYMEc8oqLGeLyaMMXuqKAZQmD905dEtW
mz8BDLmGwPCEa6SILf+XAwf31UHB9dJGdbsHj1F+Z+Ku2oILQig+6snH7G8xTvrj
ovoD3vkvoJvpyAm4Fawumf+idQ2rGIQOXqUkbh2th+6zKU/5DS2p6JokJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiuKA5AzQLa7ADUQDPTMzg0QXnqMB8GA1UdIwQY
MBaAFNaqife3IiecAylC3PJIZfbXLWUBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXFxSjk3Y2lKNXdES1VMYzhraGw5dGN0WlFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8wZTdlMjgtYTgyOS00N2QyLTgwZTYt
OGJhNjg4ODY2OWNmLzEvQ0s0b0RrRE5BdHJzQU5SQU05TXpPRFJCZWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8wZTdlMjgtYTgyOS00N2QyLTgwZTYtOGJhNjg4ODY2OWNm
LzEvMXFxSjk3Y2lKNXdES1VMYzhraGw5dGN0WlFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueH8MA0G
CSqGSIb3DQEBCwUAA4IBAQCRuNzQMBzBHIk3F7nzIyblYyatR1j8Sg70B2bD3jRK
qyNKFiB31+MreALLXolLYJFWhHEkTY1VqYVPEbI5zEjrYmtVXKM9Ahqrit0EGjqG
ilAU7AqVMsjbFlPJkBjl0bvAFJIm5VFcxRSsmTdnO9b656cQWbVDupEVGPL4WT3i
QXndB2xXUmVDsCckzsGzDEpnmQ8iEheBzAT83+cPcOavHKK4KjlMpdTBdUW5YGIp
PjZCRCpoA5RDvjpfUl+lfJyKIdY1jEqoifbzgGAcBjJnFDZliI6bPlqJCYxtR1gr
560vq5N2NehHoS8lY6dvpRn/rwV3FYcfXhxcY8/n1Es4
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:33:25 2024 by rpki-client on console-ams.rpki-client.org