Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f7d070-3281-47b7-85c8-8fb624394e7a/1/Os09isWVQz_Gqe-H6b7y5c_6Ql8.roa
File: Os09isWVQz_Gqe-H6b7y5c_6Ql8.roa (raw, json)
Hash identifier: ULqFOq0ILyMUef6kMhMrUc7FI3ViCHVh3G+PkcxwLH8=
Subject key identifier: 3A:CD:3D:8A:C5:95:43:3F:C6:A9:EF:87:E9:BE:F2:E5:CF:FA:42:5F
Certificate issuer: /CN=f9587c5b0d415516d72f5914f5f5fb528a32a12c
Certificate serial: 018CCA2A6067FCD6126618FB4A5A6313A052
Authority key identifier: F9:58:7C:5B:0D:41:55:16:D7:2F:59:14:F5:F5:FB:52:8A:32:A1:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Vh8Ww1BVRbXL1kU9fX7UooyoSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f7d070-3281-47b7-85c8-8fb624394e7a/1/Os09isWVQz_Gqe-H6b7y5c_6Ql8.roa
Signing time: Tue 02 Jan 2024 12:33:43 +0000
ROA not before: Tue 02 Jan 2024 12:33:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36351
IP address blocks: 185.228.36.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f7d070-3281-47b7-85c8-8fb624394e7a/1/1-Vh8Ww1BVRbXL1kU9fX7UooyoSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f7d070-3281-47b7-85c8-8fb624394e7a/1/1-Vh8Ww1BVRbXL1kU9fX7UooyoSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-Vh8Ww1BVRbXL1kU9fX7UooyoSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 04:37:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:60:67:fc:d6:12:66:18:fb:4a:5a:63:13:a0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9587c5b0d415516d72f5914f5f5fb528a32a12c
Validity
Not Before: Jan 2 12:33:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3acd3d8ac595433fc6a9ef87e9bef2e5cffa425f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:86:a8:21:94:9e:a2:a8:82:c3:42:0b:a0:3f:
32:11:f7:34:2e:e1:ff:f9:24:bc:ea:2c:49:e0:3a:
59:c3:5d:7d:0a:9d:97:b0:e5:87:3f:ab:bf:60:ec:
6d:a2:31:94:17:94:dc:8e:6f:b3:24:f4:a2:16:b6:
59:cb:2d:e5:17:69:61:99:39:6c:fd:87:94:2d:98:
a4:1e:6e:aa:08:5d:d8:88:a0:00:a2:d7:b2:8f:5f:
a5:9f:0e:00:07:ec:84:14:06:9e:7f:01:58:d4:35:
88:3c:34:6a:b1:b9:9d:87:e1:40:cf:c9:ea:55:a1:
6c:6a:94:f3:5b:cf:91:53:f6:01:83:0e:70:8d:c5:
e3:af:70:35:84:77:e2:d2:fa:6a:6d:63:cd:ec:7c:
c9:22:cb:21:63:21:9d:9e:93:ef:4e:d0:cd:28:e8:
d9:e2:fa:84:7b:24:f7:4b:43:f5:fd:3e:3e:45:77:
0c:de:9b:e8:f4:a1:e4:8a:f7:1f:52:a2:54:56:bc:
81:d9:0e:f6:f0:bb:a0:ff:86:87:61:66:f5:c3:8e:
ac:fc:01:1e:b1:d9:32:87:29:a9:a4:85:e5:f0:47:
c8:d8:8a:11:b0:53:f3:da:e2:cf:8d:65:48:f0:c5:
5b:63:82:7f:30:34:68:01:92:da:75:0e:82:47:83:
38:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CD:3D:8A:C5:95:43:3F:C6:A9:EF:87:E9:BE:F2:E5:CF:FA:42:5F
X509v3 Authority Key Identifier:
keyid:F9:58:7C:5B:0D:41:55:16:D7:2F:59:14:F5:F5:FB:52:8A:32:A1:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Vh8Ww1BVRbXL1kU9fX7UooyoSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f7d070-3281-47b7-85c8-8fb624394e7a/1/Os09isWVQz_Gqe-H6b7y5c_6Ql8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f7d070-3281-47b7-85c8-8fb624394e7a/1/1-Vh8Ww1BVRbXL1kU9fX7UooyoSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.36.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:07:93:3a:fc:6d:65:98:11:78:f2:35:ce:64:83:d8:ad:21:
c4:e5:c4:6d:91:57:5c:6d:51:6d:f7:32:8a:34:55:64:0b:13:
49:ee:7e:93:65:4f:16:32:71:7f:27:4c:f2:ce:95:a5:2d:c6:
5c:84:9f:b3:fd:1d:6a:53:a2:9a:d1:75:73:d7:b6:0e:6c:fc:
95:5e:e4:f9:b3:e8:e1:36:4e:30:48:f5:16:de:bb:9a:99:d9:
e7:16:08:61:d3:be:26:88:ba:07:79:07:8e:7e:79:96:e8:5a:
81:be:f8:ca:c9:40:00:db:d4:18:aa:e3:41:be:90:fd:e6:88:
00:a7:07:77:d2:80:41:b9:a1:92:fe:c9:e6:49:7f:64:45:4a:
d2:2d:e1:80:2e:5f:72:3e:0c:bc:2e:d9:9b:16:bf:2d:3d:1c:
68:05:da:3a:7e:34:f0:64:60:8e:d8:3f:41:ac:cb:99:bf:1f:
50:42:59:b6:21:eb:b2:62:b2:76:2a:a0:ed:15:cb:30:1e:f0:
ca:51:02:3e:e7:e3:68:44:ff:c1:2d:c6:39:4a:cd:79:45:4f:
6b:32:1d:7e:09:8c:2b:50:ef:42:23:ed:3a:cd:d1:e6:1a:9f:
85:d8:a4:01:1c:fd:a1:0c:34:3f:e2:7b:d0:8c:ca:42:ea:0b:
40:5f:a1:54
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzKKmBn/NYSZhj7SlpjE6BSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NTg3YzViMGQ0MTU1MTZkNzJmNTkxNGY1ZjVmYjUyOGEz
MmExMmMwHhcNMjQwMTAyMTIzMzQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWNkM2Q4YWM1OTU0MzNmYzZhOWVmODdlOWJlZjJlNWNmZmE0MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIaoIZSeoqiCw0ILoD8yEfc0LuH/
+SS86ixJ4DpZw119Cp2XsOWHP6u/YOxtojGUF5Tcjm+zJPSiFrZZyy3lF2lhmTls
/YeULZikHm6qCF3YiKAAoteyj1+lnw4AB+yEFAaefwFY1DWIPDRqsbmdh+FAz8nq
VaFsapTzW8+RU/YBgw5wjcXjr3A1hHfi0vpqbWPN7HzJIsshYyGdnpPvTtDNKOjZ
4vqEeyT3S0P1/T4+RXcM3pvo9KHkivcfUqJUVryB2Q728Lug/4aHYWb1w46s/AEe
sdkyhymppIXl8EfI2IoRsFPz2uLPjWVI8MVbY4J/MDRoAZLadQ6CR4M4MQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDrNPYrFlUM/xqnvh+m+8uXP+kJfMB8GA1UdIwQY
MBaAFPlYfFsNQVUW1y9ZFPX1+1KKMqEsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WaDhXdzFCVlJiWEwxa1U5Zlg3VW9veW9Tdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMvZjdkMDcwLTMyODEtNDdiNy04NWM4
LThmYjYyNDM5NGU3YS8xL09zMDlpc1dWUXpfR3FlLUg2Yjd5NWNfNlFsOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWMvZjdkMDcwLTMyODEtNDdiNy04NWM4LThmYjYyNDM5NGU3
YS8xLzEtVmg4V3cxQlZSYlhMMWtVOWZYN1Vvb3lvU3cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK55CQw
DQYJKoZIhvcNAQELBQADggEBAIoHkzr8bWWYEXjyNc5kg9itIcTlxG2RV1xtUW33
Moo0VWQLE0nufpNlTxYycX8nTPLOlaUtxlyEn7P9HWpToprRdXPXtg5s/JVe5Pmz
6OE2TjBI9Rbeu5qZ2ecWCGHTviaIugd5B45+eZboWoG++MrJQADb1Biq40G+kP3m
iACnB3fSgEG5oZL+yeZJf2RFStIt4YAuX3I+DLwu2ZsWvy09HGgF2jp+NPBkYI7Y
P0Gsy5m/H1BCWbYh67JisnYqoO0VyzAe8MpRAj7n42hE/8EtxjlKzXlFT2syHX4J
jCtQ70Ij7TrN0eYan4XYpAEc/aEMND/ie9CMykLqC0BfoVQ=
-----END CERTIFICATE-----
Generated at Sat Apr 27 13:58:41 2024 by rpki-client on console-ams.rpki-client.org