Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/D1F85OXcnQWe-4SPgGlRSB8pSjc.roa
File: D1F85OXcnQWe-4SPgGlRSB8pSjc.roa (raw, json)
Hash identifier: jTRvaJCVPCpP7cTJ6nit0f0leDT0Nlau14d2MzHNOpk=
Subject key identifier: 0F:51:7C:E4:E5:DC:9D:05:9E:FB:84:8F:80:69:51:48:1F:29:4A:37
Certificate issuer: /CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Certificate serial: 018CC8013FDD5F04DAA3B787E9BFCC136529
Authority key identifier: A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/D1F85OXcnQWe-4SPgGlRSB8pSjc.roa
Signing time: Tue 02 Jan 2024 02:29:34 +0000
ROA not before: Tue 02 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 185.131.48.0/24 maxlen: 24
185.131.49.0/24 maxlen: 24
185.131.51.0/24 maxlen: 24
185.131.50.0/24 maxlen: 24
185.241.137.0/24 maxlen: 24
185.241.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:3f:dd:5f:04:da:a3:b7:87:e9:bf:cc:13:65:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Validity
Not Before: Jan 2 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f517ce4e5dc9d059efb848f806951481f294a37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fa:8b:d4:c2:d5:e0:44:19:51:6f:85:fc:8a:
ca:84:0e:25:ff:5a:a2:1e:73:c9:af:ba:95:25:65:
74:7f:d0:d4:d8:73:17:fd:e1:f9:40:41:84:5d:d6:
89:10:01:67:c5:8b:73:0c:80:f0:b7:6a:66:e9:b3:
e4:61:16:e1:45:a2:0f:a9:11:75:22:ed:c0:cc:6b:
c6:7f:87:22:09:cd:68:35:c7:28:9b:91:27:b9:de:
c7:e4:f7:d6:6a:e3:9e:b9:9a:ff:d0:43:32:21:e3:
73:ed:c7:04:6e:ef:1f:a6:c0:7a:02:a1:3b:be:ac:
55:ef:b7:23:d0:fc:3a:bd:b3:31:6c:48:1b:86:32:
78:e5:24:13:e6:27:f3:a3:c7:92:ff:5d:00:3a:b7:
a5:a7:b9:a0:eb:06:69:2d:66:44:4d:ed:3c:83:1a:
f7:d3:e6:d5:76:38:88:86:75:c3:8a:f8:80:1e:a5:
0e:a1:18:97:87:7c:42:b1:fa:be:6b:d3:e0:b3:93:
3e:98:a0:a0:d0:11:da:5c:9b:f4:41:24:f0:ef:cc:
5d:92:0c:11:0b:11:26:02:52:16:5d:78:51:83:17:
10:fe:33:2c:8c:f4:45:be:24:f5:8c:d5:df:df:4e:
ae:08:d7:37:92:33:df:1e:3f:b8:b7:5d:9d:01:b0:
6c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:51:7C:E4:E5:DC:9D:05:9E:FB:84:8F:80:69:51:48:1F:29:4A:37
X509v3 Authority Key Identifier:
keyid:A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/D1F85OXcnQWe-4SPgGlRSB8pSjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.48.0/22
185.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:4b:54:09:bb:93:ce:de:97:55:af:e0:52:c8:44:5f:8c:cb:
2d:06:b2:79:a0:22:3e:1b:8e:cd:98:24:cc:cd:90:09:55:ef:
d8:15:79:d6:e2:80:81:69:b5:7c:05:08:ba:65:d8:24:6d:fe:
5b:52:86:99:2d:9c:70:55:3a:06:8c:48:70:84:3b:bd:62:92:
92:c3:46:a0:3a:df:4c:14:79:99:c9:05:b5:94:57:1b:49:1c:
d3:c3:7f:ad:61:b9:a3:bf:6d:c7:a8:7a:bc:a8:6f:04:71:d2:
1c:a6:19:3e:52:82:d0:c5:a2:f5:1c:27:21:92:fd:50:9f:fd:
d2:2e:d2:70:51:ab:05:2d:17:c3:7e:9c:c5:7d:d0:fe:8a:ab:
1c:a3:ab:c4:3e:69:b2:1c:99:c6:6c:a1:f4:13:ca:cc:b0:99:
89:fa:2c:f2:61:b4:1c:98:29:55:20:80:16:4d:9a:e9:30:e4:
dd:6f:b8:18:db:51:0c:a6:89:66:e8:0e:59:f6:aa:5a:24:6e:
15:6a:60:83:4e:e6:2a:c3:52:99:cc:42:c8:2a:4a:f7:c2:97:
da:5b:29:27:06:ef:94:fb:4f:ff:b0:a6:7e:c8:26:87:2a:7a:
7a:d2:87:f3:35:93:ba:bf:9d:fb:8a:5c:d2:70:46:1e:e9:aa:
0e:90:e9:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAT/dXwTao7eH6b/ME2UpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTIxNjFkN2YwMWZhNmZkMDg0MmMyMTEwODA2MzNmM2Vk
MzZiYTUwHhcNMjQwMTAyMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjUxN2NlNGU1ZGM5ZDA1OWVmYjg0OGY4MDY5NTE0ODFmMjk0YTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfqL1MLV4EQZUW+F/IrKhA4l/1qi
HnPJr7qVJWV0f9DU2HMX/eH5QEGEXdaJEAFnxYtzDIDwt2pm6bPkYRbhRaIPqRF1
Iu3AzGvGf4ciCc1oNccom5Enud7H5PfWauOeuZr/0EMyIeNz7ccEbu8fpsB6AqE7
vqxV77cj0Pw6vbMxbEgbhjJ45SQT5ifzo8eS/10AOrelp7mg6wZpLWZETe08gxr3
0+bVdjiIhnXDiviAHqUOoRiXh3xCsfq+a9Pgs5M+mKCg0BHaXJv0QSTw78xdkgwR
CxEmAlIWXXhRgxcQ/jMsjPRFviT1jNXf306uCNc3kjPfHj+4t12dAbBsxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA9RfOTl3J0FnvuEj4BpUUgfKUo3MB8GA1UdIwQY
MBaAFKPiFh1/Afpv0IQsIRCAYz8+02ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEt
N2UwMzQwZWM5NjY3LzEvRDFGODVPWGNuUVdlLTRTUGdHbFJTQjhwU2pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEtN2UwMzQwZWM5NjY3
LzEvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYMwAwQB
ufGIMA0GCSqGSIb3DQEBCwUAA4IBAQAdS1QJu5PO3pdVr+BSyERfjMstBrJ5oCI+
G47NmCTMzZAJVe/YFXnW4oCBabV8BQi6Zdgkbf5bUoaZLZxwVToGjEhwhDu9YpKS
w0agOt9MFHmZyQW1lFcbSRzTw3+tYbmjv23HqHq8qG8EcdIcphk+UoLQxaL1HCch
kv1Qn/3SLtJwUasFLRfDfpzFfdD+iqsco6vEPmmyHJnGbKH0E8rMsJmJ+izyYbQc
mClVIIAWTZrpMOTdb7gY21EMpolm6A5Z9qpaJG4VamCDTuYqw1KZzELIKkr3wpfa
WyknBu+U+0//sKZ+yCaHKnp60ofzNZO6v537ilzScEYe6aoOkOmB
-----END CERTIFICATE-----
Generated at Sun May 19 23:06:46 2024 by rpki-client on console-fra.rpki-client.org