Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/m81UszLVPKNpLholpUWIlO071Sw.roa
File: m81UszLVPKNpLholpUWIlO071Sw.roa (raw, json)
Hash identifier: ZHp6k5BmM4hRlY23A9TF2ykiOOphPGtDDreYOLE3pUo=
Subject key identifier: 9B:CD:54:B3:32:D5:3C:A3:69:2E:1A:25:A5:45:88:94:ED:3B:D5:2C
Certificate issuer: /CN=f347ced9a0ed7f944b9f4efc38577b38e6d1c673
Certificate serial: 018CC5DC14DDC98843DCE91D54B4EF9E296D
Authority key identifier: F3:47:CE:D9:A0:ED:7F:94:4B:9F:4E:FC:38:57:7B:38:E6:D1:C6:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/m81UszLVPKNpLholpUWIlO071Sw.roa
Signing time: Mon 01 Jan 2024 16:29:43 +0000
ROA not before: Mon 01 Jan 2024 16:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21263
IP address blocks: 185.159.244.0/24 maxlen: 24
2a13:780::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/80fO2aDtf5RLn078OFd7OObRxnM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/80fO2aDtf5RLn078OFd7OObRxnM.mft
rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:14:dd:c9:88:43:dc:e9:1d:54:b4:ef:9e:29:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f347ced9a0ed7f944b9f4efc38577b38e6d1c673
Validity
Not Before: Jan 1 16:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bcd54b332d53ca3692e1a25a5458894ed3bd52c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:95:a1:93:0f:87:97:a1:90:f0:3c:90:51:cc:
46:5a:25:84:b7:f5:c5:e6:6c:56:fa:eb:5d:6d:2f:
18:ea:46:00:56:82:34:03:6a:e7:31:e7:51:ea:f5:
66:a3:d5:42:e0:24:53:dc:7a:43:75:d2:5f:e9:0f:
c8:cb:a2:73:85:dd:8c:84:33:f6:db:53:39:bd:ce:
62:1b:b6:87:ab:0a:a0:36:c5:37:30:0c:b6:b8:95:
19:fd:55:44:5e:07:7c:1d:d8:c9:85:da:12:44:9a:
2d:47:a9:66:03:de:1c:9c:a2:23:2b:c1:08:b9:19:
0f:cf:b7:73:cc:a4:25:25:c2:24:a0:79:bc:76:30:
cc:6e:ff:c6:60:22:d7:a4:aa:53:11:4c:f7:5e:f4:
a4:8f:dc:ea:72:f7:8f:63:3b:b3:d6:a7:7b:fe:cc:
ca:59:f9:9f:0b:ae:f5:b7:cd:17:54:35:07:c8:f5:
85:24:a1:6d:0c:bf:f4:94:8f:6b:9d:bd:ae:90:14:
6f:08:0d:41:6f:b2:a4:89:b6:a9:7f:2b:dd:22:80:
5f:05:d4:c6:15:c1:bf:03:24:dc:db:cf:c3:d1:6f:
ce:11:63:a7:84:2d:77:f2:e4:a8:31:53:b7:22:33:
f4:3b:19:89:5f:ea:a9:1e:18:dd:36:2b:a2:9c:b9:
b2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:CD:54:B3:32:D5:3C:A3:69:2E:1A:25:A5:45:88:94:ED:3B:D5:2C
X509v3 Authority Key Identifier:
keyid:F3:47:CE:D9:A0:ED:7F:94:4B:9F:4E:FC:38:57:7B:38:E6:D1:C6:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80fO2aDtf5RLn078OFd7OObRxnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/m81UszLVPKNpLholpUWIlO071Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/089603-b5be-4ffa-a2b2-232b4b4657e9/1/80fO2aDtf5RLn078OFd7OObRxnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.244.0/24
IPv6:
2a13:780::/29
Signature Algorithm: sha256WithRSAEncryption
63:ed:30:d4:19:10:b5:4a:39:6c:8d:34:68:e7:1b:3b:01:1d:
93:97:bb:c0:e9:be:af:63:56:60:2e:af:86:65:9c:a7:85:c5:
45:54:70:42:df:1d:d5:33:bc:71:78:e1:91:00:b6:b0:63:e8:
c0:3b:d8:7f:67:ea:95:ea:a7:81:ef:fa:1b:85:7d:50:af:d4:
d2:93:f6:e7:a8:13:2b:c6:d3:79:62:a9:96:50:ba:dd:1e:e4:
46:ab:39:1b:d9:13:00:c2:e0:e1:0d:10:d2:e1:41:ba:0d:73:
c3:6a:ac:94:9a:c5:9b:64:c1:48:b0:65:26:4c:8c:92:38:97:
14:e7:f8:57:fe:4b:ae:6c:95:5d:00:a7:30:ac:11:2d:8c:f6:
52:ec:62:0c:71:5e:91:d1:a1:63:24:a3:1f:18:45:af:9c:3d:
95:3e:53:02:85:cf:de:42:b0:1f:71:af:34:08:85:6e:47:f6:
b3:ca:df:4b:4d:63:06:9d:dc:3e:c9:67:2b:ff:c7:ae:c3:79:
41:b1:67:24:39:be:ba:7b:92:57:2d:75:73:3b:83:fd:b2:dd:
e4:49:df:6c:47:f4:a3:75:5b:26:86:2d:70:91:ed:87:f2:21:
70:c2:6b:cb:38:2a:9d:db:41:b8:d6:a7:eb:54:13:81:c8:8a:
17:79:0f:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3BTdyYhD3OkdVLTvniltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNDdjZWQ5YTBlZDdmOTQ0YjlmNGVmYzM4NTc3YjM4ZTZk
MWM2NzMwHhcNMjQwMTAxMTYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmNkNTRiMzMyZDUzY2EzNjkyZTFhMjVhNTQ1ODg5NGVkM2JkNTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5Whkw+Hl6GQ8DyQUcxGWiWEt/XF
5mxW+utdbS8Y6kYAVoI0A2rnMedR6vVmo9VC4CRT3HpDddJf6Q/Iy6Jzhd2MhDP2
21M5vc5iG7aHqwqgNsU3MAy2uJUZ/VVEXgd8HdjJhdoSRJotR6lmA94cnKIjK8EI
uRkPz7dzzKQlJcIkoHm8djDMbv/GYCLXpKpTEUz3XvSkj9zqcvePYzuz1qd7/szK
WfmfC671t80XVDUHyPWFJKFtDL/0lI9rnb2ukBRvCA1Bb7KkibapfyvdIoBfBdTG
FcG/AyTc28/D0W/OEWOnhC138uSoMVO3IjP0OxmJX+qpHhjdNiuinLmyXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJvNVLMy1TyjaS4aJaVFiJTtO9UsMB8GA1UdIwQY
MBaAFPNHztmg7X+US59O/DhXezjm0cZzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODBmTzJhRHRmNVJMbjA3OE9GZDdPT2JSeG5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8wODk2MDMtYjViZS00ZmZhLWEyYjIt
MjMyYjRiNDY1N2U5LzEvbTgxVXN6TFZQS05wTGhvbHBVV0lsTzA3MVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8wODk2MDMtYjViZS00ZmZhLWEyYjItMjMyYjRiNDY1N2U5
LzEvODBmTzJhRHRmNVJMbjA3OE9GZDdPT2JSeG5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZ/0MA0E
AgACMAcDBQMqEweAMA0GCSqGSIb3DQEBCwUAA4IBAQBj7TDUGRC1SjlsjTRo5xs7
AR2Tl7vA6b6vY1ZgLq+GZZynhcVFVHBC3x3VM7xxeOGRALawY+jAO9h/Z+qV6qeB
7/obhX1Qr9TSk/bnqBMrxtN5YqmWULrdHuRGqzkb2RMAwuDhDRDS4UG6DXPDaqyU
msWbZMFIsGUmTIySOJcU5/hX/kuubJVdAKcwrBEtjPZS7GIMcV6R0aFjJKMfGEWv
nD2VPlMChc/eQrAfca80CIVuR/azyt9LTWMGndw+yWcr/8euw3lBsWckOb66e5JX
LXVzO4P9st3kSd9sR/SjdVsmhi1wke2H8iFwwmvLOCqd20G41qfrVBOByIoXeQ+v
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:42:34 2024 by rpki-client on console-fra.rpki-client.org