Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/_iIiOu6ypdI8XlUNKfFj8kIefUo.roa
File: _iIiOu6ypdI8XlUNKfFj8kIefUo.roa (raw, json)
Hash identifier: Njt5+FEeEQrrWvnMC1Q90JzZqsU4dwMtwIVH0zgJ8MA=
Subject key identifier: FE:22:22:3A:EE:B2:A5:D2:3C:5E:55:0D:29:F1:63:F2:42:1E:7D:4A
Certificate issuer: /CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Certificate serial: 018CCA2B793F434B7D118A8782E4D9396019
Authority key identifier: D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/_iIiOu6ypdI8XlUNKfFj8kIefUo.roa
Signing time: Tue 02 Jan 2024 12:34:55 +0000
ROA not before: Tue 02 Jan 2024 12:34:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210997
IP address blocks: 185.6.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:79:3f:43:4b:7d:11:8a:87:82:e4:d9:39:60:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Validity
Not Before: Jan 2 12:34:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe22223aeeb2a5d23c5e550d29f163f2421e7d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1c:ee:6e:00:ff:70:26:c8:d8:d9:ad:9e:d1:
4c:34:f9:b5:06:df:06:b4:e3:21:56:70:62:76:52:
ad:bb:df:e5:61:23:2e:2e:e1:5b:83:0d:ea:30:94:
9e:d5:0c:18:1c:ba:88:a2:60:14:c2:e4:25:36:09:
27:40:da:52:39:92:c7:06:5e:00:55:e4:1a:cf:da:
2f:f6:ce:bc:f9:3b:4a:ec:91:11:f3:62:e4:f9:00:
cf:dc:60:1b:e1:eb:a3:b4:76:10:6f:7d:20:34:bd:
cc:2a:35:2e:a4:ad:f2:e4:d5:4c:f4:47:4e:cf:37:
ae:14:fc:b8:40:db:38:5b:01:c1:21:dc:a1:56:70:
bd:a4:66:bf:6c:6c:f7:d6:8a:8b:d2:fd:25:ad:a0:
8b:17:5e:8c:40:9b:db:1c:7d:76:19:82:10:2c:a0:
6b:b5:0a:ad:14:04:1e:e5:2d:c0:99:5b:99:a4:1c:
51:fc:d4:41:15:f2:38:68:a9:61:ce:96:41:c5:51:
d3:be:d5:94:34:74:cc:43:bb:40:02:86:4f:8f:04:
4d:96:38:0d:39:16:99:6d:d2:b9:49:ec:a7:10:70:
06:bb:72:68:f2:d7:d8:8c:49:26:fc:48:40:f8:12:
7f:6e:86:79:1c:e5:30:98:9a:d8:55:06:2e:8c:ea:
a1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:22:22:3A:EE:B2:A5:D2:3C:5E:55:0D:29:F1:63:F2:42:1E:7D:4A
X509v3 Authority Key Identifier:
keyid:D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/_iIiOu6ypdI8XlUNKfFj8kIefUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.31.0/24
Signature Algorithm: sha256WithRSAEncryption
82:9e:d2:46:91:6f:ef:5e:00:7b:d4:2b:3f:be:20:10:b2:6b:
d0:74:41:8e:47:dd:56:0b:24:0f:29:19:41:c3:21:1e:ab:a8:
b2:bf:1c:be:8d:31:4b:4a:37:6e:4f:86:bb:f5:83:b9:e3:fd:
7c:a1:94:b9:4b:03:4d:c8:05:cc:87:8f:53:04:cd:f9:fb:8c:
87:02:a5:84:48:90:b8:ed:7e:31:01:ae:c5:72:27:08:27:a9:
4b:da:37:5f:19:da:d8:0a:60:22:1c:a4:ef:58:da:ad:5d:a9:
0d:29:26:f3:97:f9:df:f6:6f:35:ce:b1:6b:0c:4b:33:1f:bc:
7d:64:5b:c7:74:d0:8c:80:72:b6:29:61:ec:99:5b:25:3c:dd:
cf:5d:e2:58:26:c5:f1:1d:8d:29:35:cd:65:10:97:72:53:cc:
57:fe:81:d4:38:e6:c7:3e:4d:fc:fb:f8:0a:75:81:79:4b:16:
ed:a4:cb:0e:9e:a7:de:e0:73:17:8a:27:6d:c1:d5:47:86:ef:
d8:23:0a:6f:f0:ff:b7:ce:75:e3:3a:d3:bc:b4:b9:bb:26:c9:
3b:97:19:1c:d1:a3:f9:de:be:fd:f2:44:4b:94:87:f2:8e:a6:
c0:95:df:d6:95:cc:7e:a0:80:06:97:0c:b5:48:fc:5f:f7:1a:
b2:30:47:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK3k/Q0t9EYqHguTZOWAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTk4ODkxNmQ1MTQwNmY5YTI2OWYzMGEwMmQwMDg2YjU3
ZjRkNWEwHhcNMjQwMTAyMTIzNDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTIyMjIzYWVlYjJhNWQyM2M1ZTU1MGQyOWYxNjNmMjQyMWU3ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxzubgD/cCbI2NmtntFMNPm1Bt8G
tOMhVnBidlKtu9/lYSMuLuFbgw3qMJSe1QwYHLqIomAUwuQlNgknQNpSOZLHBl4A
VeQaz9ov9s68+TtK7JER82Lk+QDP3GAb4eujtHYQb30gNL3MKjUupK3y5NVM9EdO
zzeuFPy4QNs4WwHBIdyhVnC9pGa/bGz31oqL0v0lraCLF16MQJvbHH12GYIQLKBr
tQqtFAQe5S3AmVuZpBxR/NRBFfI4aKlhzpZBxVHTvtWUNHTMQ7tAAoZPjwRNljgN
ORaZbdK5SeynEHAGu3Jo8tfYjEkm/EhA+BJ/boZ5HOUwmJrYVQYujOqhQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP4iIjrusqXSPF5VDSnxY/JCHn1KMB8GA1UdIwQY
MBaAFNmpiJFtUUBvmiafMKAtAIa1f01aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDIt
NGQwNDlhMWVhZjJmLzEvX2lJaU91NnlwZEk4WGxVTktmRmo4a0llZlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDItNGQwNDlhMWVhZjJm
LzEvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQYfMA0G
CSqGSIb3DQEBCwUAA4IBAQCCntJGkW/vXgB71Cs/viAQsmvQdEGOR91WCyQPKRlB
wyEeq6iyvxy+jTFLSjduT4a79YO54/18oZS5SwNNyAXMh49TBM35+4yHAqWESJC4
7X4xAa7FcicIJ6lL2jdfGdrYCmAiHKTvWNqtXakNKSbzl/nf9m81zrFrDEszH7x9
ZFvHdNCMgHK2KWHsmVslPN3PXeJYJsXxHY0pNc1lEJdyU8xX/oHUOObHPk38+/gK
dYF5SxbtpMsOnqfe4HMXiidtwdVHhu/YIwpv8P+3znXjOtO8tLm7Jsk7lxkc0aP5
3r798kRLlIfyjqbAld/Wlcx+oIAGlwy1SPxf9xqyMEc+
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:15 2024 by rpki-client on console-ams.rpki-client.org