Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/pCV08oFI_EcsCrsB0DgHIpBuqdQ.roa
File: pCV08oFI_EcsCrsB0DgHIpBuqdQ.roa (raw, json)
Hash identifier: bNwkRlWXUYEFxNjPFBS0AwwpyFOYAj9r0zYbauSiXIM=
Subject key identifier: A4:25:74:F2:81:48:FC:47:2C:0A:BB:01:D0:38:07:22:90:6E:A9:D4
Certificate issuer: /CN=d6c1c2465b4f973fb4b0cb6628a98b3b58896d48
Certificate serial: 018F5358C21872B88144E3D146AC25BB4D85
Authority key identifier: D6:C1:C2:46:5B:4F:97:3F:B4:B0:CB:66:28:A9:8B:3B:58:89:6D:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1sHCRltPlz-0sMtmKKmLO1iJbUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/pCV08oFI_EcsCrsB0DgHIpBuqdQ.roa
Signing time: Tue 07 May 2024 13:57:56 +0000
ROA not before: Tue 07 May 2024 13:57:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44066
IP address blocks: 185.197.164.0/24 maxlen: 24
185.197.165.0/24 maxlen: 24
185.197.166.0/24 maxlen: 24
185.197.167.0/24 maxlen: 24
2a0a:7bc0::/32 maxlen: 32
2a0a:7bc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/1sHCRltPlz-0sMtmKKmLO1iJbUg.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/1sHCRltPlz-0sMtmKKmLO1iJbUg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1sHCRltPlz-0sMtmKKmLO1iJbUg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:58:c2:18:72:b8:81:44:e3:d1:46:ac:25:bb:4d:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6c1c2465b4f973fb4b0cb6628a98b3b58896d48
Validity
Not Before: May 7 13:57:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a42574f28148fc472c0abb01d0380722906ea9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:40:16:40:19:b3:6c:75:89:f7:26:4e:a7:77:
00:87:38:a8:d7:c7:20:c8:a2:57:99:f2:42:53:0c:
61:09:e9:e2:ed:3b:99:82:13:bf:7a:6c:72:fd:00:
b9:84:19:03:41:2f:87:d6:48:50:86:1a:76:34:a3:
a2:8d:ba:d7:5d:ce:c3:db:31:6e:8b:ec:83:1d:f1:
9e:cc:e4:6f:12:c1:ad:44:70:ef:e4:8f:c1:87:53:
9d:72:ff:e9:17:a1:24:3f:98:81:04:3a:e2:9e:f9:
96:83:5b:e2:a0:9b:d0:09:34:ce:79:6d:5d:c6:86:
b4:05:69:3c:3e:5f:d5:fb:f4:9a:66:c8:26:32:5a:
38:81:89:6a:79:67:b7:46:53:f0:c0:5b:dc:56:4a:
20:ec:14:71:33:fb:e3:85:29:d6:ce:55:59:7d:50:
de:73:66:5c:1e:d2:61:16:63:24:31:3a:3c:8a:00:
ae:23:d6:dc:36:cc:d4:18:eb:91:b7:84:d7:ac:15:
fc:58:e1:53:74:dc:8e:cf:d6:e2:4e:c1:b8:32:79:
0d:c3:69:67:d3:35:04:f4:fd:4f:4a:bb:1e:a3:d8:
1a:e2:0a:fd:a0:2e:46:57:a1:8b:a5:e3:e1:6e:00:
6a:ee:09:ba:ae:12:b1:38:4e:4d:13:8a:be:80:28:
52:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:25:74:F2:81:48:FC:47:2C:0A:BB:01:D0:38:07:22:90:6E:A9:D4
X509v3 Authority Key Identifier:
keyid:D6:C1:C2:46:5B:4F:97:3F:B4:B0:CB:66:28:A9:8B:3B:58:89:6D:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1sHCRltPlz-0sMtmKKmLO1iJbUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/pCV08oFI_EcsCrsB0DgHIpBuqdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/1sHCRltPlz-0sMtmKKmLO1iJbUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.164.0/22
IPv6:
2a0a:7bc0::/32
2a0a:7bc7::/32
Signature Algorithm: sha256WithRSAEncryption
10:7f:e7:8d:f8:cc:39:08:70:9f:6f:b8:89:9a:37:5d:f8:bb:
c3:bc:70:13:bb:2b:6c:2a:ce:03:b9:44:53:03:94:b1:57:78:
49:a5:42:a4:ff:dd:4e:ae:0b:bf:f5:6c:fa:6d:4b:16:6f:8b:
96:1e:e1:3c:0d:fc:81:78:6c:40:1e:a8:0d:f9:fa:81:96:7c:
50:69:43:6e:ca:6b:ba:32:aa:41:4a:16:d8:da:e1:ea:70:4e:
22:d5:dd:95:f4:ea:71:2a:ba:ca:b5:4b:eb:35:2a:fe:4f:34:
a4:80:24:b2:8d:3f:14:83:3e:c3:b3:62:16:c6:01:e7:fe:d1:
57:84:f2:76:2c:45:9b:b6:4f:77:56:1c:ff:e2:b3:ce:f0:08:
cf:36:32:0f:4e:d1:ad:f0:d5:29:b8:8d:93:dd:a9:42:ab:58:
06:84:68:92:14:ee:e4:4e:64:a1:53:34:ea:66:29:39:27:d8:
1b:ba:77:b9:69:0b:8f:e9:84:16:c6:5d:97:3a:c9:a5:dc:ae:
31:39:86:2c:cc:76:ab:0e:cb:12:14:6b:be:06:b4:a0:22:ba:
a5:29:62:77:7c:48:4e:96:c2:77:ad:56:ce:92:08:f9:98:79:
b9:5c:8b:85:5c:03:35:52:14:c0:9b:c3:b8:60:b4:4e:3d:86:
51:a7:f6:64
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY9TWMIYcriBROPRRqwlu02FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YzFjMjQ2NWI0Zjk3M2ZiNGIwY2I2NjI4YTk4YjNiNTg4
OTZkNDgwHhcNMjQwNTA3MTM1NzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDI1NzRmMjgxNDhmYzQ3MmMwYWJiMDFkMDM4MDcyMjkwNmVhOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0AWQBmzbHWJ9yZOp3cAhzio18cg
yKJXmfJCUwxhCeni7TuZghO/emxy/QC5hBkDQS+H1khQhhp2NKOijbrXXc7D2zFu
i+yDHfGezORvEsGtRHDv5I/Bh1Odcv/pF6EkP5iBBDrinvmWg1vioJvQCTTOeW1d
xoa0BWk8Pl/V+/SaZsgmMlo4gYlqeWe3RlPwwFvcVkog7BRxM/vjhSnWzlVZfVDe
c2ZcHtJhFmMkMTo8igCuI9bcNszUGOuRt4TXrBX8WOFTdNyOz9biTsG4MnkNw2ln
0zUE9P1PSrseo9ga4gr9oC5GV6GLpePhbgBq7gm6rhKxOE5NE4q+gChSxwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKQldPKBSPxHLAq7AdA4ByKQbqnUMB8GA1UdIwQY
MBaAFNbBwkZbT5c/tLDLZiipiztYiW1IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXNIQ1JsdFBsei0wc010bUtLbUxPMWlKYlVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9kNzI1NzQtMjcyYS00MDlkLTlkM2Mt
ZTQ5YTllMDZjNzAwLzEvcENWMDhvRklfRWNzQ3JzQjBEZ0hJcEJ1cWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9kNzI1NzQtMjcyYS00MDlkLTlkM2MtZTQ5YTllMDZjNzAw
LzEvMXNIQ1JsdFBsei0wc010bUtLbUxPMWlKYlVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCucWkMBQE
AgACMA4DBQAqCnvAAwUAKgp7xzANBgkqhkiG9w0BAQsFAAOCAQEAEH/njfjMOQhw
n2+4iZo3Xfi7w7xwE7srbCrOA7lEUwOUsVd4SaVCpP/dTq4Lv/Vs+m1LFm+Llh7h
PA38gXhsQB6oDfn6gZZ8UGlDbsprujKqQUoW2Nrh6nBOItXdlfTqcSq6yrVL6zUq
/k80pIAkso0/FIM+w7NiFsYB5/7RV4TydixFm7ZPd1Yc/+KzzvAIzzYyD07RrfDV
KbiNk92pQqtYBoRokhTu5E5koVM06mYpOSfYG7p3uWkLj+mEFsZdlzrJpdyuMTmG
LMx2qw7LEhRrvga0oCK6pSlid3xITpbCd61WzpII+Zh5uVyLhVwDNVIUwJvDuGC0
Tj2GUaf2ZA==
-----END CERTIFICATE-----
Generated at Tue Jun 25 20:16:20 2024 by rpki-client on console-fra.rpki-client.org