Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/1-hWKwQ4VmMaTLDs6uF86znL85XM.roa
File: 1-hWKwQ4VmMaTLDs6uF86znL85XM.roa (raw, json)
Hash identifier: krBqvBlqM/Uxcg3L+TVuQzMw+XFx+qvjy2ONGjWk3Vo=
Subject key identifier: FA:15:8A:C1:0E:15:98:C6:93:2C:3B:3A:B8:5F:3A:CE:72:FC:E5:73
Certificate issuer: /CN=88fe1905cd7af36e63ada6366c147b61d85c9f2b
Certificate serial: 018CC87012B82F41C7D9AFE204590863237A
Authority key identifier: 88:FE:19:05:CD:7A:F3:6E:63:AD:A6:36:6C:14:7B:61:D8:5C:9F:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/1-hWKwQ4VmMaTLDs6uF86znL85XM.roa
Signing time: Tue 02 Jan 2024 04:30:37 +0000
ROA not before: Tue 02 Jan 2024 04:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.99.236.0/24 maxlen: 24
185.99.237.0/24 maxlen: 24
185.99.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.mft
rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:12:b8:2f:41:c7:d9:af:e2:04:59:08:63:23:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88fe1905cd7af36e63ada6366c147b61d85c9f2b
Validity
Not Before: Jan 2 04:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa158ac10e1598c6932c3b3ab85f3ace72fce573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:58:65:bd:f5:59:84:11:77:91:b5:40:4e:28:
1c:94:3d:58:fd:44:91:68:ef:3e:57:8c:90:18:01:
50:14:4d:50:89:bf:8a:a3:4f:f9:5a:d7:77:ca:c3:
a4:50:da:69:83:f6:8b:be:45:72:b5:d4:da:0b:25:
c0:90:08:65:31:5e:e3:e5:74:75:df:2f:a3:de:67:
1d:12:eb:fc:f7:0d:fe:95:13:c0:7e:b7:6e:2b:4e:
d3:42:09:6e:da:bc:32:9b:09:d5:3d:9a:94:50:13:
93:9a:54:b6:38:62:67:22:ca:55:2f:2b:51:e9:72:
a6:52:d8:cd:18:b3:e3:af:be:84:ba:75:59:2a:44:
0e:73:55:34:f6:9b:0b:b9:c3:eb:da:bc:d8:26:74:
b8:69:12:ef:aa:30:c8:43:42:96:32:fd:67:ee:41:
84:af:61:86:a5:5b:56:9d:03:e2:fc:21:34:05:a2:
18:54:20:68:07:05:2a:cd:3b:d2:06:3b:52:f1:b3:
15:3a:3b:46:90:8b:f1:14:89:02:f1:3e:69:c3:a0:
c6:01:41:2c:a7:46:7c:04:c1:2b:6d:d3:92:be:38:
96:16:df:2e:c0:76:fa:53:af:91:33:21:a1:b4:f0:
2c:d2:02:cd:17:2b:d5:d8:53:5b:75:ab:38:cb:fc:
3d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:15:8A:C1:0E:15:98:C6:93:2C:3B:3A:B8:5F:3A:CE:72:FC:E5:73
X509v3 Authority Key Identifier:
keyid:88:FE:19:05:CD:7A:F3:6E:63:AD:A6:36:6C:14:7B:61:D8:5C:9F:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/1-hWKwQ4VmMaTLDs6uF86znL85XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.236.0-185.99.238.255
Signature Algorithm: sha256WithRSAEncryption
2f:c4:eb:d7:80:60:7c:ec:d1:f0:e8:45:05:ae:5d:84:f6:8b:
4d:c1:09:6d:43:7b:59:8f:ab:77:64:f8:18:7e:03:bd:ed:e6:
b6:0a:25:45:e3:c3:dc:31:96:92:32:4c:4d:18:01:66:5d:0e:
df:aa:cf:f0:db:0a:d0:c4:d4:7a:be:9f:14:c4:3f:83:ae:c9:
4f:bf:1a:25:1b:98:13:e1:86:f4:22:1d:5d:eb:46:44:b5:ae:
dc:87:e6:4f:6f:11:6c:12:72:43:f5:c9:69:2c:ce:8f:91:1a:
86:b5:3b:af:1b:07:54:57:f8:32:5c:60:5c:12:45:48:78:e5:
69:8e:cb:00:6f:88:f8:5c:21:b2:8e:92:83:7d:a6:79:c6:77:
9f:32:15:9d:ec:53:1b:9b:50:d5:9a:85:af:b0:f4:b3:f7:e3:
28:a6:e0:98:8b:fb:03:1f:ac:fb:a2:1f:c1:f4:bb:20:94:65:
e0:56:4c:e0:74:d4:c1:5e:2a:dd:1d:72:37:94:29:ab:87:ec:
65:22:1c:6d:fd:15:f5:2d:67:3f:d4:d3:f6:09:04:90:f8:80:
09:75:07:45:43:9c:46:e1:63:19:03:97:12:65:9e:fa:9f:31:
63:91:1f:a1:9c:41:cf:59:75:a6:32:f1:a4:ae:72:f8:a6:b3:
3d:5c:68:8e
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYzIcBK4L0HH2a/iBFkIYyN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZmUxOTA1Y2Q3YWYzNmU2M2FkYTYzNjZjMTQ3YjYxZDg1
YzlmMmIwHhcNMjQwMTAyMDQzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTE1OGFjMTBlMTU5OGM2OTMyYzNiM2FiODVmM2FjZTcyZmNlNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51hlvfVZhBF3kbVATigclD1Y/USR
aO8+V4yQGAFQFE1Qib+Ko0/5Wtd3ysOkUNppg/aLvkVytdTaCyXAkAhlMV7j5XR1
3y+j3mcdEuv89w3+lRPAfrduK07TQglu2rwymwnVPZqUUBOTmlS2OGJnIspVLytR
6XKmUtjNGLPjr76EunVZKkQOc1U09psLucPr2rzYJnS4aRLvqjDIQ0KWMv1n7kGE
r2GGpVtWnQPi/CE0BaIYVCBoBwUqzTvSBjtS8bMVOjtGkIvxFIkC8T5pw6DGAUEs
p0Z8BMErbdOSvjiWFt8uwHb6U6+RMyGhtPAs0gLNFyvV2FNbdas4y/w9DwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPoVisEOFZjGkyw7OrhfOs5y/OVzMB8GA1UdIwQY
MBaAFIj+GQXNevNuY62mNmwUe2HYXJ8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVA0WkJjMTY4MjVqcmFZMmJCUjdZZGhjbnlzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zMTk1MmEtNjA4Yy00NjhlLWEwMGUt
ZDYzM2FhNzBkZDY2LzEvMS1oV0t3UTRWbU1hVExEczZ1Rjg2em5MODVYTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjcvMzE5NTJhLTYwOGMtNDY4ZS1hMDBlLWQ2MzNhYTcwZGQ2
Ni8xL2lQNFpCYzE2ODI1anJhWTJiQlI3WWRoY255cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCuWPs
AwQAuWPuMA0GCSqGSIb3DQEBCwUAA4IBAQAvxOvXgGB87NHw6EUFrl2E9otNwQlt
Q3tZj6t3ZPgYfgO97ea2CiVF48PcMZaSMkxNGAFmXQ7fqs/w2wrQxNR6vp8UxD+D
rslPvxolG5gT4Yb0Ih1d60ZEta7ch+ZPbxFsEnJD9clpLM6PkRqGtTuvGwdUV/gy
XGBcEkVIeOVpjssAb4j4XCGyjpKDfaZ5xnefMhWd7FMbm1DVmoWvsPSz9+MopuCY
i/sDH6z7oh/B9LsglGXgVkzgdNTBXirdHXI3lCmrh+xlIhxt/RX1LWc/1NP2CQSQ
+IAJdQdFQ5xG4WMZA5cSZZ76nzFjkR+hnEHPWXWmMvGkrnL4prM9XGiO
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:34:42 2024 by rpki-client on console-ams.rpki-client.org