Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/rkfPYQpvTmEixqtNSSMIM4-44o0.roa
File: rkfPYQpvTmEixqtNSSMIM4-44o0.roa (raw, json)
Hash identifier: NEBfowkiJX5UtCtrKza5LvlK/ZNQzWY3BFtMi/IrvMM=
Subject key identifier: AE:47:CF:61:0A:6F:4E:61:22:C6:AB:4D:49:23:08:33:8F:B8:E2:8D
Certificate issuer: /CN=1bfe6b9a0e6898a7a2e9d84d3dbf6327b453e662
Certificate serial: 018CC49312E41637507E196A6E20F0D5CD48
Authority key identifier: 1B:FE:6B:9A:0E:68:98:A7:A2:E9:D8:4D:3D:BF:63:27:B4:53:E6:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_5rmg5omKei6dhNPb9jJ7RT5mI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/rkfPYQpvTmEixqtNSSMIM4-44o0.roa
Signing time: Mon 01 Jan 2024 10:30:22 +0000
ROA not before: Mon 01 Jan 2024 10:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202784
IP address blocks: 185.133.24.0/24 maxlen: 24
185.133.25.0/24 maxlen: 24
185.133.26.0/23 maxlen: 23
2a00:6700:1::/48 maxlen: 48
2a00:6700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/G_5rmg5omKei6dhNPb9jJ7RT5mI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/G_5rmg5omKei6dhNPb9jJ7RT5mI.mft
rsync://rpki.ripe.net/repository/DEFAULT/G_5rmg5omKei6dhNPb9jJ7RT5mI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 01:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:12:e4:16:37:50:7e:19:6a:6e:20:f0:d5:cd:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bfe6b9a0e6898a7a2e9d84d3dbf6327b453e662
Validity
Not Before: Jan 1 10:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae47cf610a6f4e6122c6ab4d492308338fb8e28d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a8:50:95:78:9e:df:7f:76:f9:46:67:24:38:
00:cb:07:46:6a:37:45:5f:c4:05:9b:5b:d8:ba:47:
b8:f6:dd:62:b6:5f:f8:77:90:4c:da:8d:ad:81:46:
26:99:bd:5c:d8:35:cb:1b:86:e8:4e:a2:62:91:8f:
22:f7:15:2a:b3:51:f2:f2:79:69:a7:05:1d:3d:42:
11:0b:7e:a9:68:43:05:e2:8f:40:9f:ce:a7:62:30:
26:84:6a:31:ea:2b:34:ff:02:8a:69:8d:d5:b8:96:
b3:be:36:47:eb:4d:99:dd:f9:34:71:72:d4:76:23:
7a:e7:85:1a:7c:86:92:73:61:a6:50:b3:17:e7:9f:
99:88:d1:63:6a:04:99:18:22:15:ad:ad:bf:43:03:
ac:01:78:ae:10:31:37:be:97:f2:34:50:76:5a:22:
7c:47:85:ce:49:aa:ed:4a:8d:3a:c7:9c:5f:bc:e0:
ca:a7:3e:7d:54:cb:3c:46:f9:5a:08:fa:7d:e7:fa:
56:32:99:61:fb:0d:ee:86:b1:c5:57:f2:94:85:27:
f5:c5:7b:1a:30:f0:d4:6b:03:4c:20:40:e9:b4:ab:
26:b4:a8:d6:7e:e5:cd:32:01:3e:87:70:f7:4c:4a:
74:31:ac:7b:85:fd:35:d4:8f:c2:f5:83:ba:51:9d:
47:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:47:CF:61:0A:6F:4E:61:22:C6:AB:4D:49:23:08:33:8F:B8:E2:8D
X509v3 Authority Key Identifier:
keyid:1B:FE:6B:9A:0E:68:98:A7:A2:E9:D8:4D:3D:BF:63:27:B4:53:E6:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_5rmg5omKei6dhNPb9jJ7RT5mI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/rkfPYQpvTmEixqtNSSMIM4-44o0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/a56723-d37c-417b-a8a1-6e22bf436304/1/G_5rmg5omKei6dhNPb9jJ7RT5mI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.24.0/22
IPv6:
2a00:6700::/47
Signature Algorithm: sha256WithRSAEncryption
1d:74:7b:dd:64:48:3d:65:b7:ed:41:9e:aa:c2:18:6e:56:1a:
5d:c8:97:8b:b9:d2:93:23:e0:ae:44:8b:4d:aa:7f:ea:97:96:
22:21:b9:17:60:2f:f9:78:d9:4f:cf:42:e8:0d:98:a6:22:e1:
fb:e0:c9:ce:a6:e3:a9:4a:60:46:70:20:7d:8f:cd:46:3c:b3:
f6:f6:27:8d:d7:5a:f7:68:50:53:9f:f2:ed:37:a4:1b:56:64:
b2:ca:bc:02:d6:52:03:39:85:c3:e3:20:bf:6c:3c:0c:0e:65:
45:27:05:1c:0d:82:c6:b6:01:97:c1:ee:1c:44:3b:c7:f3:d8:
71:1a:57:9e:c9:58:76:bf:bc:07:9b:f8:07:fe:e5:a4:26:f8:
17:21:0c:0e:45:64:3a:98:57:19:fb:07:bd:7a:de:91:09:2c:
dc:54:66:a2:c3:ea:8d:11:de:20:c3:e3:b7:a2:de:c2:a5:92:
4c:67:60:02:95:88:bb:19:6a:ae:31:20:db:70:66:26:e9:b3:
9c:73:52:51:5e:5e:d2:a3:cc:0d:79:0c:66:66:68:b4:89:2f:
9e:a5:85:ac:8d:2a:b9:c9:80:b1:39:78:64:7c:50:3d:0b:8b:
f4:f1:0a:49:0f:d4:cb:68:45:c0:47:9b:5c:00:fc:d2:df:16:
77:e7:e8:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEkxLkFjdQfhlqbiDw1c1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZmU2YjlhMGU2ODk4YTdhMmU5ZDg0ZDNkYmY2MzI3YjQ1
M2U2NjIwHhcNMjQwMTAxMTAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTQ3Y2Y2MTBhNmY0ZTYxMjJjNmFiNGQ0OTIzMDgzMzhmYjhlMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKhQlXie3392+UZnJDgAywdGajdF
X8QFm1vYuke49t1itl/4d5BM2o2tgUYmmb1c2DXLG4boTqJikY8i9xUqs1Hy8nlp
pwUdPUIRC36paEMF4o9An86nYjAmhGox6is0/wKKaY3VuJazvjZH602Z3fk0cXLU
diN654UafIaSc2GmULMX55+ZiNFjagSZGCIVra2/QwOsAXiuEDE3vpfyNFB2WiJ8
R4XOSartSo06x5xfvODKpz59VMs8RvlaCPp95/pWMplh+w3uhrHFV/KUhSf1xXsa
MPDUawNMIEDptKsmtKjWfuXNMgE+h3D3TEp0Max7hf011I/C9YO6UZ1HBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK5Hz2EKb05hIsarTUkjCDOPuOKNMB8GA1UdIwQY
MBaAFBv+a5oOaJinounYTT2/Yye0U+ZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR181cm1nNW9tS2VpNmRoTlBiOWpKN1JUNW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hNTY3MjMtZDM3Yy00MTdiLWE4YTEt
NmUyMmJmNDM2MzA0LzEvcmtmUFlRcHZUbUVpeHF0TlNTTUlNNC00NG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hNTY3MjMtZDM3Yy00MTdiLWE4YTEtNmUyMmJmNDM2MzA0
LzEvR181cm1nNW9tS2VpNmRoTlBiOWpKN1JUNW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuYUYMA8E
AgACMAkDBwEqAGcAAAAwDQYJKoZIhvcNAQELBQADggEBAB10e91kSD1lt+1BnqrC
GG5WGl3Il4u50pMj4K5Ei02qf+qXliIhuRdgL/l42U/PQugNmKYi4fvgyc6m46lK
YEZwIH2PzUY8s/b2J43XWvdoUFOf8u03pBtWZLLKvALWUgM5hcPjIL9sPAwOZUUn
BRwNgsa2AZfB7hxEO8fz2HEaV57JWHa/vAeb+Af+5aQm+BchDA5FZDqYVxn7B716
3pEJLNxUZqLD6o0R3iDD47ei3sKlkkxnYAKViLsZaq4xINtwZibps5xzUlFeXtKj
zA15DGZmaLSJL56lhayNKrnJgLE5eGR8UD0Li/TxCkkP1MtoRcBHm1wA/NLfFnfn
6OM=
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:37:08 2024 by rpki-client on console-ams.rpki-client.org