Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/rFL_OsVIi0buKDrmwpl3OKxwweI.roa
File: rFL_OsVIi0buKDrmwpl3OKxwweI.roa (raw, json)
Hash identifier: Ouu2ILqHrWU4UauB2kXGCTyshrJkoQahNCFtzVuD3bU=
Subject key identifier: AC:52:FF:3A:C5:48:8B:46:EE:28:3A:E6:C2:99:77:38:AC:70:C1:E2
Certificate issuer: /CN=1d0871fc2e99892ea1115a302138e1d32a62182c
Certificate serial: 018CC26D7F51558EA1ADAD5F0A8A3EC46348
Authority key identifier: 1D:08:71:FC:2E:99:89:2E:A1:11:5A:30:21:38:E1:D3:2A:62:18:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQhx_C6ZiS6hEVowITjh0ypiGCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/rFL_OsVIi0buKDrmwpl3OKxwweI.roa
Signing time: Mon 01 Jan 2024 00:30:04 +0000
ROA not before: Mon 01 Jan 2024 00:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.118.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/HQhx_C6ZiS6hEVowITjh0ypiGCw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/HQhx_C6ZiS6hEVowITjh0ypiGCw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQhx_C6ZiS6hEVowITjh0ypiGCw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:7f:51:55:8e:a1:ad:ad:5f:0a:8a:3e:c4:63:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0871fc2e99892ea1115a302138e1d32a62182c
Validity
Not Before: Jan 1 00:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac52ff3ac5488b46ee283ae6c2997738ac70c1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c0:34:71:65:ca:36:88:82:e9:f0:d1:6e:f0:
a8:20:d3:44:0f:eb:a5:97:cb:82:f5:cc:ce:eb:22:
87:50:51:03:5e:91:0b:f9:7f:c9:53:eb:b8:39:6e:
75:85:b0:c7:18:86:c2:f9:59:5c:1d:6a:2a:52:89:
79:7d:7c:45:d3:e9:d0:68:55:52:a3:05:e2:1d:7d:
ea:0e:e6:36:8e:f4:8d:6b:95:a6:25:45:5e:2c:76:
98:15:37:a9:d8:8f:3f:23:87:34:40:5b:e5:75:3d:
df:28:3c:92:2c:e3:b6:ba:bd:8c:ac:3a:0b:f7:b9:
7c:5f:73:95:4e:b6:b0:9c:ba:15:cc:55:58:53:c8:
0d:fc:6a:11:80:c2:d8:4f:3e:47:c0:1a:c6:3d:6a:
a6:31:24:c1:23:5d:21:40:1c:78:f3:f2:ff:c0:76:
0f:1c:fe:0e:24:41:76:41:11:13:54:05:b4:8e:86:
79:1c:a4:73:ef:7c:0d:b2:24:bb:ee:c0:a1:07:8a:
65:98:cb:03:63:cc:a0:11:52:fb:d4:3c:c8:76:96:
0e:b4:ff:30:54:02:07:4e:88:ad:88:df:15:de:75:
8b:38:a1:8c:1a:7f:94:6c:84:c3:06:26:30:75:62:
96:bf:04:fb:00:26:30:bc:ac:3f:03:e8:40:0a:08:
13:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:52:FF:3A:C5:48:8B:46:EE:28:3A:E6:C2:99:77:38:AC:70:C1:E2
X509v3 Authority Key Identifier:
keyid:1D:08:71:FC:2E:99:89:2E:A1:11:5A:30:21:38:E1:D3:2A:62:18:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQhx_C6ZiS6hEVowITjh0ypiGCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/rFL_OsVIi0buKDrmwpl3OKxwweI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/205275-2ced-4a4e-b900-4f3e5b2e0c56/1/HQhx_C6ZiS6hEVowITjh0ypiGCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.109.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:d2:cb:e9:0f:69:51:7b:98:a8:f0:66:11:d1:ed:38:e2:71:
48:0e:3d:b9:ae:cf:93:d1:97:d5:15:4e:8d:b0:9c:6a:a6:23:
22:f8:19:29:4e:76:61:21:02:c1:f9:b1:1f:18:42:98:16:bc:
b7:ed:49:39:95:91:e7:bc:99:60:ba:e6:1f:0d:fd:b8:5b:ff:
93:49:8d:a9:0e:be:47:d9:b0:f8:cc:01:08:53:3a:54:60:d8:
b5:be:45:a7:bd:3e:84:37:6d:fa:64:f3:62:5a:1a:49:08:30:
a7:fb:4f:0a:1d:4e:27:b2:48:83:e7:75:d0:03:d0:b9:7a:b7:
bb:60:5f:59:32:6a:7a:06:a5:c8:04:b7:1c:af:6a:8c:71:67:
aa:2c:a6:9a:1e:4f:7a:e3:51:59:ad:76:f9:56:27:f3:f3:64:
bb:d1:9b:c5:35:7a:dd:e2:a7:49:0e:bf:17:1a:95:2d:ee:2c:
d9:59:98:2e:4d:63:00:3b:1d:5e:b9:14:78:cc:94:48:fc:4b:
cb:c2:83:50:91:eb:df:52:8e:7f:a5:cf:8c:9e:06:b3:6f:8c:
d5:05:fb:65:54:62:d9:d7:f2:13:cc:6d:4d:d0:41:1a:4a:f4:
7d:10:ac:b3:76:1e:85:a6:eb:9b:33:38:f1:23:9c:7f:ff:59:
36:ee:5c:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbX9RVY6hra1fCoo+xGNIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDg3MWZjMmU5OTg5MmVhMTExNWEzMDIxMzhlMWQzMmE2
MjE4MmMwHhcNMjQwMTAxMDAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzUyZmYzYWM1NDg4YjQ2ZWUyODNhZTZjMjk5NzczOGFjNzBjMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8A0cWXKNoiC6fDRbvCoINNED+ul
l8uC9czO6yKHUFEDXpEL+X/JU+u4OW51hbDHGIbC+VlcHWoqUol5fXxF0+nQaFVS
owXiHX3qDuY2jvSNa5WmJUVeLHaYFTep2I8/I4c0QFvldT3fKDySLOO2ur2MrDoL
97l8X3OVTrawnLoVzFVYU8gN/GoRgMLYTz5HwBrGPWqmMSTBI10hQBx48/L/wHYP
HP4OJEF2QRETVAW0joZ5HKRz73wNsiS77sChB4plmMsDY8ygEVL71DzIdpYOtP8w
VAIHToitiN8V3nWLOKGMGn+UbITDBiYwdWKWvwT7ACYwvKw/A+hACggTyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKxS/zrFSItG7ig65sKZdziscMHiMB8GA1UdIwQY
MBaAFB0IcfwumYkuoRFaMCE44dMqYhgsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFoeF9DNlppUzZoRVZvd0lUamgweXBpR0N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8yMDUyNzUtMmNlZC00YTRlLWI5MDAt
NGYzZTViMmUwYzU2LzEvckZMX09zVklpMGJ1S0RybXdwbDNPS3h3d2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8yMDUyNzUtMmNlZC00YTRlLWI5MDAtNGYzZTViMmUwYzU2
LzEvSFFoeF9DNlppUzZoRVZvd0lUamgweXBpR0N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXZtMA0G
CSqGSIb3DQEBCwUAA4IBAQCK0svpD2lRe5io8GYR0e044nFIDj25rs+T0ZfVFU6N
sJxqpiMi+BkpTnZhIQLB+bEfGEKYFry37Uk5lZHnvJlguuYfDf24W/+TSY2pDr5H
2bD4zAEIUzpUYNi1vkWnvT6EN236ZPNiWhpJCDCn+08KHU4nskiD53XQA9C5ere7
YF9ZMmp6BqXIBLccr2qMcWeqLKaaHk9641FZrXb5Vifz82S70ZvFNXrd4qdJDr8X
GpUt7izZWZguTWMAOx1euRR4zJRI/EvLwoNQkevfUo5/pc+Mngazb4zVBftlVGLZ
1/ITzG1N0EEaSvR9EKyzdh6FpuubMzjxI5x//1k27lyJ
-----END CERTIFICATE-----
Generated at Thu May 2 16:37:07 2024 by rpki-client on console-fra.rpki-client.org