Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/849281-a302-4ff8-92e3-3ae4f9cf2683/1/bRKz-qmBvk2ExavS5ZK7121v_xU.roa
File: bRKz-qmBvk2ExavS5ZK7121v_xU.roa (raw, json)
Hash identifier: dgjMa5xPJ5EiPu9kI9kbewi5Hx3vJX0l1FQg5ghnyZ4=
Subject key identifier: 6D:12:B3:FA:A9:81:BE:4D:84:C5:AB:D2:E5:92:BB:D7:6D:6F:FF:15
Certificate issuer: /CN=736ef5730050c720f8c790466eb8b8a48efbe749
Certificate serial: 018CC5DC68F32DFF2D6E2B4EC66799F9D1FF
Authority key identifier: 73:6E:F5:73:00:50:C7:20:F8:C7:90:46:6E:B8:B8:A4:8E:FB:E7:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c271cwBQxyD4x5BGbri4pI7750k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/849281-a302-4ff8-92e3-3ae4f9cf2683/1/bRKz-qmBvk2ExavS5ZK7121v_xU.roa
Signing time: Mon 01 Jan 2024 16:30:05 +0000
ROA not before: Mon 01 Jan 2024 16:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42977
IP address blocks: 185.192.14.0/24 maxlen: 24
185.192.12.0/24 maxlen: 24
185.192.13.0/24 maxlen: 24
2a0a:25c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/849281-a302-4ff8-92e3-3ae4f9cf2683/1/c271cwBQxyD4x5BGbri4pI7750k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/849281-a302-4ff8-92e3-3ae4f9cf2683/1/c271cwBQxyD4x5BGbri4pI7750k.mft
rsync://rpki.ripe.net/repository/DEFAULT/c271cwBQxyD4x5BGbri4pI7750k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:68:f3:2d:ff:2d:6e:2b:4e:c6:67:99:f9:d1:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=736ef5730050c720f8c790466eb8b8a48efbe749
Validity
Not Before: Jan 1 16:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d12b3faa981be4d84c5abd2e592bbd76d6fff15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:60:86:e5:d7:89:66:52:4b:7e:7b:34:ff:0d:
ef:eb:d8:16:0c:c5:b5:9a:3b:e2:82:b3:9b:70:49:
6c:fc:4a:b7:40:51:53:92:6c:be:64:9e:75:de:f2:
82:95:40:ad:14:24:e4:6f:f1:12:47:3d:fe:b9:6b:
e1:d6:eb:48:5d:49:14:f6:7e:76:27:a4:64:1f:da:
05:8d:93:a1:ac:20:cd:9b:cd:57:a7:2a:13:17:7c:
41:9e:af:d0:b3:d7:fe:e5:70:88:09:57:06:12:c6:
17:df:07:32:96:88:2a:dc:f4:ae:79:ea:51:1d:a9:
b6:ab:14:37:86:7d:98:42:25:32:fa:a9:a2:84:c0:
3e:04:49:76:c7:9b:a2:88:f5:52:f8:a9:de:31:e1:
d2:e1:7b:ca:5c:07:eb:ff:b5:77:d1:75:75:a6:02:
b1:58:c7:cb:9b:32:5b:70:8f:8b:ce:a6:c1:3e:10:
df:ae:f1:90:f1:4d:bc:c6:5b:d9:92:3f:8a:c7:a8:
93:29:19:80:05:68:4c:bc:2e:73:db:cf:a4:b1:d2:
96:e6:69:e9:4d:7f:66:67:3b:00:e2:60:b7:d3:b9:
1c:3e:52:6d:e2:66:b6:39:ba:e0:56:23:5e:b7:57:
7e:ed:41:9f:58:04:9f:13:30:a2:75:16:8f:00:1d:
f8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:12:B3:FA:A9:81:BE:4D:84:C5:AB:D2:E5:92:BB:D7:6D:6F:FF:15
X509v3 Authority Key Identifier:
keyid:73:6E:F5:73:00:50:C7:20:F8:C7:90:46:6E:B8:B8:A4:8E:FB:E7:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c271cwBQxyD4x5BGbri4pI7750k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/849281-a302-4ff8-92e3-3ae4f9cf2683/1/bRKz-qmBvk2ExavS5ZK7121v_xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/849281-a302-4ff8-92e3-3ae4f9cf2683/1/c271cwBQxyD4x5BGbri4pI7750k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.12.0-185.192.14.255
IPv6:
2a0a:25c0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:9b:bd:d7:94:30:5a:ab:d3:ac:57:93:11:87:de:4b:3b:b7:
f6:0f:56:75:1b:29:76:23:d5:02:3e:a9:da:d9:e7:f7:98:04:
d2:f6:c7:ac:72:b3:08:42:d8:0b:39:98:e2:1f:3f:06:c7:db:
a4:1b:55:5d:8a:ab:b5:9a:0b:06:f9:ce:70:ca:c1:ae:e2:76:
08:f0:b3:36:fb:31:bd:d1:57:4a:83:4d:59:22:fa:7e:7d:f8:
1a:01:77:2f:20:da:a3:24:1a:84:3c:19:d0:5f:b6:ee:f9:a7:
76:e4:71:eb:cd:96:77:7c:56:68:59:7c:58:22:65:af:b1:68:
bd:49:54:74:ad:4d:9d:9f:3f:91:f8:16:f0:35:b4:e7:90:f4:
f0:48:6a:b7:34:e4:93:18:15:9a:9b:1e:ba:6e:2c:13:68:b8:
f5:a9:f2:b7:41:3b:ef:08:55:70:ba:2b:46:5d:1e:f7:ed:cd:
c9:e7:be:bb:22:1c:4e:a3:e3:93:28:91:f7:c0:70:d5:8c:58:
f4:05:a8:82:e6:0f:fe:09:22:02:8e:fd:fb:c6:00:0d:00:36:
52:c1:f0:f7:da:11:fe:9b:b3:af:15:53:6e:f8:7f:b7:24:47:
ed:ad:64:56:cb:94:9f:f7:b0:ac:da:51:95:12:0b:cc:ff:43:
5d:af:77:ff
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3GjzLf8tbitOxmeZ+dH/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczNmVmNTczMDA1MGM3MjBmOGM3OTA0NjZlYjhiOGE0OGVm
YmU3NDkwHhcNMjQwMTAxMTYzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDEyYjNmYWE5ODFiZTRkODRjNWFiZDJlNTkyYmJkNzZkNmZmZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmCG5deJZlJLfns0/w3v69gWDMW1
mjvigrObcEls/Eq3QFFTkmy+ZJ513vKClUCtFCTkb/ESRz3+uWvh1utIXUkU9n52
J6RkH9oFjZOhrCDNm81XpyoTF3xBnq/Qs9f+5XCICVcGEsYX3wcylogq3PSueepR
Ham2qxQ3hn2YQiUy+qmihMA+BEl2x5uiiPVS+KneMeHS4XvKXAfr/7V30XV1pgKx
WMfLmzJbcI+LzqbBPhDfrvGQ8U28xlvZkj+Kx6iTKRmABWhMvC5z28+ksdKW5mnp
TX9mZzsA4mC307kcPlJt4ma2ObrgViNet1d+7UGfWASfEzCidRaPAB34BwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG0Ss/qpgb5NhMWr0uWSu9dtb/8VMB8GA1UdIwQY
MBaAFHNu9XMAUMcg+MeQRm64uKSO++dJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzI3MWN3QlF4eUQ0eDVCR2JyaTRwSTc3NTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84NDkyODEtYTMwMi00ZmY4LTkyZTMt
M2FlNGY5Y2YyNjgzLzEvYlJLei1xbUJ2azJFeGF2UzVaSzcxMjF2X3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84NDkyODEtYTMwMi00ZmY4LTkyZTMtM2FlNGY5Y2YyNjgz
LzEvYzI3MWN3QlF4eUQ0eDVCR2JyaTRwSTc3NTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5wAwD
BAC5wA4wDQQCAAIwBwMFAyoKJcAwDQYJKoZIhvcNAQELBQADggEBAAubvdeUMFqr
06xXkxGH3ks7t/YPVnUbKXYj1QI+qdrZ5/eYBNL2x6xyswhC2As5mOIfPwbH26Qb
VV2Kq7WaCwb5znDKwa7idgjwszb7Mb3RV0qDTVki+n59+BoBdy8g2qMkGoQ8GdBf
tu75p3bkcevNlnd8VmhZfFgiZa+xaL1JVHStTZ2fP5H4FvA1tOeQ9PBIarc05JMY
FZqbHrpuLBNouPWp8rdBO+8IVXC6K0ZdHvftzcnnvrsiHE6j45MokffAcNWMWPQF
qILmD/4JIgKO/fvGAA0ANlLB8PfaEf6bs68VU274f7ckR+2tZFbLlJ/3sKzaUZUS
C8z/Q12vd/8=
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:41:10 2024 by rpki-client on console-ams.rpki-client.org