Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/4916b7-000e-489d-9783-f2569ea4cd74/1/PbD_YpB2I8RPNvIGY_jfvbC9Jp0.roa
File: PbD_YpB2I8RPNvIGY_jfvbC9Jp0.roa (raw, json)
Hash identifier: wnz+SWvI03910vTJkLnMypz5Xf7O6dK+S9jgdcRzu5w=
Subject key identifier: 3D:B0:FF:62:90:76:23:C4:4F:36:F2:06:63:F8:DF:BD:B0:BD:26:9D
Certificate issuer: /CN=d0885b41ca81f93f583c1eca722b50558280c59a
Certificate serial: 018CCA29433BFC40B6DF9D07CB54CB372E6B
Authority key identifier: D0:88:5B:41:CA:81:F9:3F:58:3C:1E:CA:72:2B:50:55:82:80:C5:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0IhbQcqB-T9YPB7KcitQVYKAxZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/4916b7-000e-489d-9783-f2569ea4cd74/1/PbD_YpB2I8RPNvIGY_jfvbC9Jp0.roa
Signing time: Tue 02 Jan 2024 12:32:30 +0000
ROA not before: Tue 02 Jan 2024 12:32:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24904
IP address blocks: 185.219.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/4916b7-000e-489d-9783-f2569ea4cd74/1/0IhbQcqB-T9YPB7KcitQVYKAxZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/4916b7-000e-489d-9783-f2569ea4cd74/1/0IhbQcqB-T9YPB7KcitQVYKAxZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0IhbQcqB-T9YPB7KcitQVYKAxZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 10:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:43:3b:fc:40:b6:df:9d:07:cb:54:cb:37:2e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0885b41ca81f93f583c1eca722b50558280c59a
Validity
Not Before: Jan 2 12:32:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3db0ff62907623c44f36f20663f8dfbdb0bd269d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0c:70:4d:29:69:f4:61:3c:6f:e2:d9:93:c4:
68:c9:dc:b7:c5:09:05:3b:88:2b:15:be:55:0b:c3:
ee:b0:10:ec:86:8a:c6:cb:5e:15:80:b6:28:af:7a:
df:f4:b8:2c:1d:0a:77:b5:7f:61:9f:fb:7b:fc:16:
e0:c9:9b:3c:f8:b9:91:be:43:1f:a3:46:12:1d:94:
4e:75:0a:1f:b3:37:49:db:0a:7e:1e:aa:56:e0:c8:
f9:1c:05:19:d8:fd:ee:f0:0e:76:6a:0d:91:36:76:
8a:8e:c1:98:b7:41:ae:ce:95:46:52:ca:58:db:14:
d3:db:ff:5a:44:35:9a:0d:2e:3b:80:af:22:20:5b:
8c:e7:5e:0f:9b:f5:65:06:02:bc:41:53:bd:d6:36:
e9:23:b0:a0:a4:74:3b:78:cd:15:5d:76:84:a8:52:
65:cc:07:db:37:9f:75:b0:0b:6a:65:66:eb:7e:69:
41:5a:12:bb:72:a6:9d:26:16:10:28:7e:db:9e:68:
9c:1f:0f:ad:68:66:06:82:5c:b6:27:82:66:38:66:
12:3f:97:7a:18:f5:55:4f:b1:28:f9:3d:ac:cb:43:
a1:2a:9d:1d:37:3e:d6:73:94:4f:1d:eb:1a:b8:51:
bd:2b:12:e9:76:5c:3f:79:27:12:cf:cd:40:8f:9b:
26:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B0:FF:62:90:76:23:C4:4F:36:F2:06:63:F8:DF:BD:B0:BD:26:9D
X509v3 Authority Key Identifier:
keyid:D0:88:5B:41:CA:81:F9:3F:58:3C:1E:CA:72:2B:50:55:82:80:C5:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0IhbQcqB-T9YPB7KcitQVYKAxZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/4916b7-000e-489d-9783-f2569ea4cd74/1/PbD_YpB2I8RPNvIGY_jfvbC9Jp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/4916b7-000e-489d-9783-f2569ea4cd74/1/0IhbQcqB-T9YPB7KcitQVYKAxZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.204.0/22
Signature Algorithm: sha256WithRSAEncryption
16:85:5b:b6:7f:74:4a:24:c7:f3:46:fd:fd:38:ed:8f:3c:a7:
6a:3f:a8:d3:7d:c8:a2:d5:4f:d0:e5:cb:f0:87:1a:49:9c:b0:
b1:00:ce:50:3d:cd:13:97:07:28:71:15:41:32:51:8b:bf:bb:
55:e2:23:75:84:7a:03:1a:d1:08:d4:47:a0:44:ba:59:46:50:
c2:68:e6:48:16:83:8b:84:b6:a3:9d:b5:bf:07:73:1f:aa:99:
b0:e1:3f:fe:25:72:f5:09:09:6d:21:ad:87:44:11:6b:66:df:
d7:4f:51:de:29:cb:ee:7c:72:44:58:4c:dc:98:2b:34:b8:c7:
e3:b7:bf:d6:2e:12:f1:d3:53:7b:8e:5f:e0:0a:89:99:79:f8:
39:ab:25:e9:34:7e:9d:7a:2a:c6:b5:6c:b9:ac:82:23:9d:81:
fe:f4:ce:92:cb:ea:cb:c3:10:0e:1f:85:ad:0e:9d:3f:79:90:
8f:90:5d:f7:6f:de:b9:b0:27:37:6e:c2:14:86:54:1d:54:21:
44:5f:c8:fd:cc:63:af:ab:b2:1e:d1:a2:41:43:e0:aa:2e:d5:
07:a1:bc:fa:a9:35:f9:d4:2d:ed:5b:6f:6d:e0:20:02:0f:f5:
c9:f2:fb:41:dd:ce:b5:fe:0e:7c:d2:6b:5b:23:c6:e0:fd:5c:
02:8e:f4:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKUM7/EC2350Hy1TLNy5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwODg1YjQxY2E4MWY5M2Y1ODNjMWVjYTcyMmI1MDU1ODI4
MGM1OWEwHhcNMjQwMTAyMTIzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGIwZmY2MjkwNzYyM2M0NGYzNmYyMDY2M2Y4ZGZiZGIwYmQyNjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwxwTSlp9GE8b+LZk8Roydy3xQkF
O4grFb5VC8PusBDshorGy14VgLYor3rf9LgsHQp3tX9hn/t7/BbgyZs8+LmRvkMf
o0YSHZROdQofszdJ2wp+HqpW4Mj5HAUZ2P3u8A52ag2RNnaKjsGYt0GuzpVGUspY
2xTT2/9aRDWaDS47gK8iIFuM514Pm/VlBgK8QVO91jbpI7CgpHQ7eM0VXXaEqFJl
zAfbN591sAtqZWbrfmlBWhK7cqadJhYQKH7bnmicHw+taGYGgly2J4JmOGYSP5d6
GPVVT7Eo+T2sy0OhKp0dNz7Wc5RPHesauFG9KxLpdlw/eScSz81Aj5smqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2w/2KQdiPETzbyBmP4372wvSadMB8GA1UdIwQY
MBaAFNCIW0HKgfk/WDweynIrUFWCgMWaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEloYlFjcUItVDlZUEI3S2NpdFFWWUtBeFpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC80OTE2YjctMDAwZS00ODlkLTk3ODMt
ZjI1NjllYTRjZDc0LzEvUGJEX1lwQjJJOFJQTnZJR1lfamZ2YkM5SnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC80OTE2YjctMDAwZS00ODlkLTk3ODMtZjI1NjllYTRjZDc0
LzEvMEloYlFjcUItVDlZUEI3S2NpdFFWWUtBeFpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudvMMA0G
CSqGSIb3DQEBCwUAA4IBAQAWhVu2f3RKJMfzRv39OO2PPKdqP6jTfcii1U/Q5cvw
hxpJnLCxAM5QPc0TlwcocRVBMlGLv7tV4iN1hHoDGtEI1EegRLpZRlDCaOZIFoOL
hLajnbW/B3Mfqpmw4T/+JXL1CQltIa2HRBFrZt/XT1HeKcvufHJEWEzcmCs0uMfj
t7/WLhLx01N7jl/gComZefg5qyXpNH6deirGtWy5rIIjnYH+9M6Sy+rLwxAOH4Wt
Dp0/eZCPkF33b965sCc3bsIUhlQdVCFEX8j9zGOvq7Ie0aJBQ+CqLtUHobz6qTX5
1C3tW29t4CACD/XJ8vtB3c61/g580mtbI8bg/VwCjvQs
-----END CERTIFICATE-----
Generated at Tue May 21 19:57:59 2024 by rpki-client on console-fra.rpki-client.org