Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/r4gdXvrIN4qS1TQbBFWJGE0ZALs.roa
File: r4gdXvrIN4qS1TQbBFWJGE0ZALs.roa (raw, json)
Hash identifier: ubrIfWCR55lVteqtlD5OAwJH/aKv8MwWQ7SM6ERBDjU=
Subject key identifier: AF:88:1D:5E:FA:C8:37:8A:92:D5:34:1B:04:55:89:18:4D:19:00:BB
Certificate issuer: /CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Certificate serial: 018DF5BB97B03C017916F17FFA4B92D14207
Authority key identifier: 23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/r4gdXvrIN4qS1TQbBFWJGE0ZALs.roa
Signing time: Thu 29 Feb 2024 16:38:48 +0000
ROA not before: Thu 29 Feb 2024 16:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215733
IP address blocks: 185.24.232.0/24 maxlen: 24
2a04:2e02::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.mft
rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:bb:97:b0:3c:01:79:16:f1:7f:fa:4b:92:d1:42:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23cbbf9348ae558c6efa0c086f24be04cb23c6e9
Validity
Not Before: Feb 29 16:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af881d5efac8378a92d5341b045589184d1900bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7d:20:78:34:63:8d:8b:c2:61:41:5f:4b:2c:
6e:91:c1:27:ca:59:3a:5d:ef:74:61:34:fa:c4:46:
e0:6e:7d:20:89:92:88:41:b9:59:f6:73:63:dc:23:
a6:81:99:96:c5:83:29:fd:f2:9d:af:d8:1b:c2:14:
4c:3b:54:04:cd:ad:28:db:6f:48:7c:dd:93:1d:ad:
3f:5b:93:d2:b5:52:4c:f2:3b:e0:04:96:8a:63:c6:
3c:58:d2:89:10:05:98:4e:e8:13:fb:59:3e:60:ee:
29:e1:45:b2:a6:6f:90:fd:4c:41:4f:a9:8c:fc:ca:
52:2d:48:3e:6a:f0:fa:7d:b4:e8:b9:aa:87:bb:b7:
62:ac:66:23:d6:f7:84:50:85:f7:2d:d0:4e:35:d9:
ca:62:46:89:f9:70:46:72:8d:9a:be:f0:13:20:13:
0f:b8:b0:1d:4c:39:0c:32:c0:e2:aa:a8:d0:ae:02:
cf:bb:ad:e3:ca:0c:6b:56:58:78:4a:0f:0b:9e:85:
e2:90:02:0c:02:8d:a8:ee:68:b8:8d:c7:75:4c:e6:
25:70:c9:03:49:d9:cb:8b:29:3a:77:15:39:8e:72:
b6:4e:cc:4f:59:17:7c:a6:e7:5f:ce:5c:d4:bc:6b:
da:3a:34:f7:e5:25:97:ef:82:1c:fd:01:a1:54:1e:
6b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:88:1D:5E:FA:C8:37:8A:92:D5:34:1B:04:55:89:18:4D:19:00:BB
X509v3 Authority Key Identifier:
keyid:23:CB:BF:93:48:AE:55:8C:6E:FA:0C:08:6F:24:BE:04:CB:23:C6:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I8u_k0iuVYxu-gwIbyS-BMsjxuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/r4gdXvrIN4qS1TQbBFWJGE0ZALs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0e90f9-e8d3-4562-a5b3-621ee052a6fc/1/I8u_k0iuVYxu-gwIbyS-BMsjxuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.232.0/24
IPv6:
2a04:2e02::/32
Signature Algorithm: sha256WithRSAEncryption
79:01:8c:10:03:21:b4:ce:1a:cd:3a:5e:39:5c:1b:f7:00:bb:
19:fb:96:d0:ad:ee:a3:c9:84:22:b5:09:07:c5:64:41:4c:ba:
3d:18:23:20:19:20:9c:32:67:d8:3d:ce:16:25:d2:17:4a:03:
95:7c:37:e3:8e:68:19:43:c4:69:43:48:62:ce:8a:a7:cf:d0:
07:af:1a:26:bb:fa:14:94:75:09:11:f1:da:84:a8:d1:b7:14:
e6:95:ff:df:a2:c2:9a:5b:a0:7c:64:84:45:8a:f9:c6:c2:50:
e2:1f:d3:40:01:7b:2b:af:81:d0:dd:b7:d4:73:7d:ee:f3:78:
2a:43:ae:b8:64:33:8b:41:42:a9:c3:92:0a:f4:94:61:bd:7c:
7e:90:7e:85:45:2c:bb:3d:6e:3c:8c:a2:d0:fc:cb:bd:f9:0a:
d0:92:b5:31:e6:9e:92:66:80:eb:5d:ec:3e:b0:31:c9:88:3b:
42:b3:d1:0b:87:24:67:40:7d:90:d5:d4:bc:27:2d:64:78:bc:
08:10:1c:49:38:51:af:34:10:e8:5c:a4:06:72:68:4a:0f:f5:
89:08:2c:8a:9d:d8:d7:b1:f4:c3:85:17:52:5c:d4:4c:9f:99:
a4:ea:d0:aa:6e:d0:5f:dd:85:3b:99:49:49:2c:ac:d0:dd:8b:
c4:09:a0:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY31u5ewPAF5FvF/+kuS0UIHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzY2JiZjkzNDhhZTU1OGM2ZWZhMGMwODZmMjRiZTA0Y2Iy
M2M2ZTkwHhcNMjQwMjI5MTYzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjg4MWQ1ZWZhYzgzNzhhOTJkNTM0MWIwNDU1ODkxODRkMTkwMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX0geDRjjYvCYUFfSyxukcEnylk6
Xe90YTT6xEbgbn0giZKIQblZ9nNj3COmgZmWxYMp/fKdr9gbwhRMO1QEza0o229I
fN2THa0/W5PStVJM8jvgBJaKY8Y8WNKJEAWYTugT+1k+YO4p4UWypm+Q/UxBT6mM
/MpSLUg+avD6fbTouaqHu7dirGYj1veEUIX3LdBONdnKYkaJ+XBGco2avvATIBMP
uLAdTDkMMsDiqqjQrgLPu63jygxrVlh4Sg8LnoXikAIMAo2o7mi4jcd1TOYlcMkD
SdnLiyk6dxU5jnK2TsxPWRd8pudfzlzUvGvaOjT35SWX74Ic/QGhVB5rOwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+IHV76yDeKktU0GwRViRhNGQC7MB8GA1UdIwQY
MBaAFCPLv5NIrlWMbvoMCG8kvgTLI8bpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMt
NjIxZWUwNTJhNmZjLzEvcjRnZFh2cklONHFTMVRRYkJGV0pHRTBaQUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZTkwZjktZThkMy00NTYyLWE1YjMtNjIxZWUwNTJhNmZj
LzEvSTh1X2swaXVWWXh1LWd3SWJ5Uy1CTXNqeHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRjoMA0E
AgACMAcDBQAqBC4CMA0GCSqGSIb3DQEBCwUAA4IBAQB5AYwQAyG0zhrNOl45XBv3
ALsZ+5bQre6jyYQitQkHxWRBTLo9GCMgGSCcMmfYPc4WJdIXSgOVfDfjjmgZQ8Rp
Q0hizoqnz9AHrxomu/oUlHUJEfHahKjRtxTmlf/fosKaW6B8ZIRFivnGwlDiH9NA
AXsrr4HQ3bfUc33u83gqQ664ZDOLQUKpw5IK9JRhvXx+kH6FRSy7PW48jKLQ/Mu9
+QrQkrUx5p6SZoDrXew+sDHJiDtCs9ELhyRnQH2Q1dS8Jy1keLwIEBxJOFGvNBDo
XKQGcmhKD/WJCCyKndjXsfTDhRdSXNRMn5mk6tCqbtBf3YU7mUlJLKzQ3YvECaBP
-----END CERTIFICATE-----
Generated at Wed May 15 17:13:30 2024 by rpki-client on console-ams.rpki-client.org