Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/1-bYgAy5TYsC5UZhJBCC1TpcXKDo.roa
File: 1-bYgAy5TYsC5UZhJBCC1TpcXKDo.roa (raw, json)
Hash identifier: iifGIe8YWAN7NHeYP6H6Pc1WK1QCo2atmAIMCq/KnSU=
Subject key identifier: F9:B6:20:03:2E:53:62:C0:B9:51:98:49:04:20:B5:4E:97:17:28:3A
Certificate issuer: /CN=dbd7fc50548287deaea7ce92099e47a04a70d451
Certificate serial: 018CC5012356CF430F24A536FFF35C7F9B81
Authority key identifier: DB:D7:FC:50:54:82:87:DE:AE:A7:CE:92:09:9E:47:A0:4A:70:D4:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/1-bYgAy5TYsC5UZhJBCC1TpcXKDo.roa
Signing time: Mon 01 Jan 2024 12:30:35 +0000
ROA not before: Mon 01 Jan 2024 12:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 185.73.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/29f8UFSCh96up86SCZ5HoEpw1FE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/29f8UFSCh96up86SCZ5HoEpw1FE.mft
rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:23:56:cf:43:0f:24:a5:36:ff:f3:5c:7f:9b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbd7fc50548287deaea7ce92099e47a04a70d451
Validity
Not Before: Jan 1 12:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9b620032e5362c0b95198490420b54e9717283a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:13:96:bc:d9:94:f0:40:46:ba:15:95:a7:a5:
c2:9a:74:c6:64:08:90:37:07:fd:3c:58:37:20:ca:
07:40:d0:02:3d:97:2b:5d:c1:0f:54:55:84:18:b1:
03:2e:85:64:31:3f:f1:d4:bb:2b:ea:ea:1f:cc:cc:
2b:ce:0d:27:4a:54:39:55:5a:b3:8e:68:94:4e:ce:
72:35:73:02:84:c2:98:a8:65:ce:3d:aa:24:2d:fa:
4e:49:9b:03:f6:a3:12:94:10:87:e9:e0:29:54:10:
45:b0:07:47:e4:c6:fb:2b:e5:10:01:61:c0:c1:05:
e4:4e:7c:c9:dc:3d:3a:3e:2c:dd:c0:12:28:23:48:
a3:5b:10:ab:2f:e2:13:2b:7b:00:af:ab:0a:90:cf:
d6:4f:19:d5:4f:98:4d:44:a5:a1:9f:bc:8e:71:63:
0e:48:e0:4f:90:94:4e:a0:bf:69:ee:f0:af:f2:cb:
a6:59:38:b7:42:24:17:dc:4a:f5:69:4e:c4:fc:96:
38:80:ef:0b:95:e2:53:c3:fb:3e:db:7e:35:80:b0:
4c:40:a4:7c:6c:9c:49:b3:28:00:05:46:9f:28:7b:
d1:e9:4f:07:bb:20:b3:ed:4e:3b:d8:6e:84:ed:2b:
b6:40:e1:92:ea:f2:ad:ac:3c:6c:7e:49:77:ce:2b:
06:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B6:20:03:2E:53:62:C0:B9:51:98:49:04:20:B5:4E:97:17:28:3A
X509v3 Authority Key Identifier:
keyid:DB:D7:FC:50:54:82:87:DE:AE:A7:CE:92:09:9E:47:A0:4A:70:D4:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29f8UFSCh96up86SCZ5HoEpw1FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/1-bYgAy5TYsC5UZhJBCC1TpcXKDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/606ea9-4834-4b63-9e0a-f25604c4be82/1/29f8UFSCh96up86SCZ5HoEpw1FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.224.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:cb:4e:e1:22:a1:2d:0b:c2:2c:9e:de:43:73:30:bd:d0:d2:
9b:00:0e:2a:15:31:87:84:2e:f3:23:ba:bb:8d:08:94:06:6f:
0f:58:f4:0b:c9:f6:20:10:8b:81:73:e5:5c:5d:4a:cb:16:da:
0c:5a:49:e4:b9:be:04:0c:b1:f7:63:8b:06:3d:84:22:9f:d0:
f3:f0:2b:93:43:c0:e0:ba:47:40:72:c7:17:09:1b:04:3a:e4:
14:59:de:44:48:a4:93:09:82:0f:74:9b:b4:25:25:45:b0:30:
03:97:ea:86:02:80:0c:c7:ad:b2:11:fc:4b:6f:a3:09:e9:be:
5c:18:ff:a7:02:66:86:2e:e4:92:18:96:71:dc:1a:59:ba:e2:
a8:0c:fd:1f:a2:92:df:fc:b5:59:41:66:70:a9:9e:7e:1d:e3:
50:61:05:54:6a:5b:40:31:6d:50:62:0a:5c:18:e6:e8:82:62:
c6:ad:c5:ff:f3:a4:12:e5:85:a3:38:d9:20:1c:8a:00:26:1e:
c4:07:13:d4:49:9a:6c:98:5b:e3:e5:3a:22:b5:d1:47:60:b4:
ca:98:3e:d3:04:8a:74:1c:e7:e8:01:38:f9:42:1d:c9:63:2e:
50:99:e7:2d:35:1c:97:e0:b0:85:dd:a7:ee:35:2f:47:50:c4:
fe:bf:20:09
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFASNWz0MPJKU2//Ncf5uBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDdmYzUwNTQ4Mjg3ZGVhZWE3Y2U5MjA5OWU0N2EwNGE3
MGQ0NTEwHhcNMjQwMTAxMTIzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI2MjAwMzJlNTM2MmMwYjk1MTk4NDkwNDIwYjU0ZTk3MTcyODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxOWvNmU8EBGuhWVp6XCmnTGZAiQ
Nwf9PFg3IMoHQNACPZcrXcEPVFWEGLEDLoVkMT/x1Lsr6uofzMwrzg0nSlQ5VVqz
jmiUTs5yNXMChMKYqGXOPaokLfpOSZsD9qMSlBCH6eApVBBFsAdH5Mb7K+UQAWHA
wQXkTnzJ3D06PizdwBIoI0ijWxCrL+ITK3sAr6sKkM/WTxnVT5hNRKWhn7yOcWMO
SOBPkJROoL9p7vCv8sumWTi3QiQX3Er1aU7E/JY4gO8LleJTw/s+2341gLBMQKR8
bJxJsygABUafKHvR6U8HuyCz7U472G6E7Su2QOGS6vKtrDxsfkl3zisGjwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPm2IAMuU2LAuVGYSQQgtU6XFyg6MB8GA1UdIwQY
MBaAFNvX/FBUgoferqfOkgmeR6BKcNRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlmOFVGU0NoOTZ1cDg2U0NaNUhvRXB3MUZFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS82MDZlYTktNDgzNC00YjYzLTllMGEt
ZjI1NjA0YzRiZTgyLzEvMS1iWWdBeTVUWXNDNVVaaEpCQ0MxVHBjWEtEby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2EvNjA2ZWE5LTQ4MzQtNGI2My05ZTBhLWYyNTYwNGM0YmU4
Mi8xLzI5ZjhVRlNDaDk2dXA4NlNDWjVIb0VwdzFGRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlJ4DAN
BgkqhkiG9w0BAQsFAAOCAQEAjstO4SKhLQvCLJ7eQ3MwvdDSmwAOKhUxh4Qu8yO6
u40IlAZvD1j0C8n2IBCLgXPlXF1KyxbaDFpJ5Lm+BAyx92OLBj2EIp/Q8/Ark0PA
4LpHQHLHFwkbBDrkFFneREikkwmCD3SbtCUlRbAwA5fqhgKADMetshH8S2+jCem+
XBj/pwJmhi7kkhiWcdwaWbriqAz9H6KS3/y1WUFmcKmefh3jUGEFVGpbQDFtUGIK
XBjm6IJixq3F//OkEuWFozjZIByKACYexAcT1EmabJhb4+U6IrXRR2C0ypg+0wSK
dBzn6AE4+UIdyWMuUJnnLTUcl+Cwhd2n7jUvR1DE/r8gCQ==
-----END CERTIFICATE-----
Generated at Sun May 5 18:53:30 2024 by rpki-client on console-fra.rpki-client.org