Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/Y1jikOAkDGdMFGocyXAdowQOD30.roa
File: Y1jikOAkDGdMFGocyXAdowQOD30.roa (raw, json)
Hash identifier: mvz3mtk/e4beejc30DthzP6pGl02djoyVUs/KAqW36w=
Subject key identifier: 63:58:E2:90:E0:24:0C:67:4C:14:6A:1C:C9:70:1D:A3:04:0E:0F:7D
Certificate issuer: /CN=a647893fb5b348e68a66d55a28f278cbf3931df4
Certificate serial: 018CC56EB9F5404DD53603C76B4EB99A34A1
Authority key identifier: A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/Y1jikOAkDGdMFGocyXAdowQOD30.roa
Signing time: Mon 01 Jan 2024 14:30:17 +0000
ROA not before: Mon 01 Jan 2024 14:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31727
IP address blocks: 185.207.132.0/22 maxlen: 22
185.207.132.0/23 maxlen: 23
185.207.134.0/24 maxlen: 24
185.207.135.0/24 maxlen: 24
185.170.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b9:f5:40:4d:d5:36:03:c7:6b:4e:b9:9a:34:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a647893fb5b348e68a66d55a28f278cbf3931df4
Validity
Not Before: Jan 1 14:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6358e290e0240c674c146a1cc9701da3040e0f7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a9:53:ed:b5:64:ac:ec:6e:61:ad:5a:c3:7b:
71:69:da:71:89:2a:98:bc:da:96:7a:fa:50:b0:1a:
05:8c:90:02:30:e7:ce:47:2d:6d:fc:e1:e7:3d:3e:
51:31:1e:ce:f1:1a:02:af:49:6a:ea:5c:7f:78:1d:
65:ee:21:3d:c9:fc:8d:c9:a6:2b:df:a3:b4:0f:56:
ce:b3:19:f2:36:ec:9e:ff:40:9b:cf:1d:a3:86:b9:
d9:10:d1:b3:40:f0:46:83:b2:30:f3:84:e5:31:7c:
44:db:b1:cd:a1:10:1d:e1:73:7e:9e:c7:ed:23:50:
ef:fb:6e:19:6c:9f:c3:e0:4e:3a:f0:8e:65:35:4d:
e6:d5:36:fe:b7:b2:74:50:dd:f7:86:93:b6:d3:45:
85:d6:c2:c9:b3:ba:27:62:c5:3e:ec:4a:54:84:e1:
a3:60:23:e4:3a:d5:f3:d8:7b:47:d6:9c:9c:5b:ca:
3b:3f:97:6a:ac:9f:0c:ad:8f:0c:3a:c4:cf:e0:6c:
f0:4e:b1:c5:79:7a:19:60:42:e2:75:96:74:0a:01:
ba:96:0f:6b:a8:2a:c0:9d:6b:1c:3b:37:bd:27:d8:
3d:ee:90:c0:cd:5d:44:81:30:56:3c:86:07:ff:66:
57:f2:07:7f:e5:07:cf:db:e0:36:7e:16:fd:aa:34:
7d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:58:E2:90:E0:24:0C:67:4C:14:6A:1C:C9:70:1D:A3:04:0E:0F:7D
X509v3 Authority Key Identifier:
keyid:A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/Y1jikOAkDGdMFGocyXAdowQOD30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.152.0/22
185.207.132.0/22
Signature Algorithm: sha256WithRSAEncryption
39:6d:45:e2:1f:21:09:fd:27:53:6e:a2:26:9a:61:38:6a:5d:
fb:ba:a6:d2:33:af:4d:38:22:fb:eb:f5:af:9f:a0:24:4b:ba:
c8:29:19:5c:de:3e:3b:9b:fe:ec:db:1e:10:f5:e1:20:3e:38:
e1:4e:04:09:1a:91:57:86:0e:bf:c3:49:f9:4c:e5:b7:84:70:
48:af:ba:41:98:fd:a2:9a:28:7e:4c:46:77:e5:52:d1:fa:0b:
3c:58:35:63:98:99:63:ac:31:56:d8:63:1a:a0:dc:bf:d8:a6:
7c:a4:b7:f6:36:39:56:3f:2f:3a:40:1c:f4:43:4a:87:17:a4:
62:9b:03:d8:6b:ea:a6:73:73:b6:91:9f:07:af:d0:03:d6:e7:
94:42:56:1e:21:4a:9a:24:89:70:fd:ee:c9:2e:2b:04:8a:17:
3a:5a:e0:9c:11:2d:ef:18:f1:6a:92:f4:ed:8b:41:1c:3d:fa:
5d:2a:5a:aa:cf:df:89:70:74:f9:f8:dd:19:bb:2e:2b:70:c2:
75:1e:41:e9:42:6f:d1:76:1f:1c:ce:d6:04:fb:b6:c0:21:af:
15:28:34:01:af:f3:92:53:b6:67:c4:ba:18:73:32:b0:db:0a:
d0:f0:63:bd:83:b6:bd:0b:9e:56:f9:72:54:7d:e0:47:2a:ec:
6a:a1:e2:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbrn1QE3VNgPHa065mjShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDc4OTNmYjViMzQ4ZTY4YTY2ZDU1YTI4ZjI3OGNiZjM5
MzFkZjQwHhcNMjQwMTAxMTQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzU4ZTI5MGUwMjQwYzY3NGMxNDZhMWNjOTcwMWRhMzA0MGUwZjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5alT7bVkrOxuYa1aw3txadpxiSqY
vNqWevpQsBoFjJACMOfORy1t/OHnPT5RMR7O8RoCr0lq6lx/eB1l7iE9yfyNyaYr
36O0D1bOsxnyNuye/0Cbzx2jhrnZENGzQPBGg7Iw84TlMXxE27HNoRAd4XN+nsft
I1Dv+24ZbJ/D4E468I5lNU3m1Tb+t7J0UN33hpO200WF1sLJs7onYsU+7EpUhOGj
YCPkOtXz2HtH1pycW8o7P5dqrJ8MrY8MOsTP4GzwTrHFeXoZYELidZZ0CgG6lg9r
qCrAnWscOze9J9g97pDAzV1EgTBWPIYH/2ZX8gd/5QfP2+A2fhb9qjR9iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGNY4pDgJAxnTBRqHMlwHaMEDg99MB8GA1UdIwQY
MBaAFKZHiT+1s0jmimbVWijyeMvzkx30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDIt
ZDYyNDQ5NmRkY2M4LzEvWTFqaWtPQWtER2RNRkdvY3lYQWRvd1FPRDMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDItZDYyNDQ5NmRkY2M4
LzEvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuaqYAwQC
uc+EMA0GCSqGSIb3DQEBCwUAA4IBAQA5bUXiHyEJ/SdTbqImmmE4al37uqbSM69N
OCL76/Wvn6AkS7rIKRlc3j47m/7s2x4Q9eEgPjjhTgQJGpFXhg6/w0n5TOW3hHBI
r7pBmP2imih+TEZ35VLR+gs8WDVjmJljrDFW2GMaoNy/2KZ8pLf2NjlWPy86QBz0
Q0qHF6RimwPYa+qmc3O2kZ8Hr9AD1ueUQlYeIUqaJIlw/e7JLisEihc6WuCcES3v
GPFqkvTti0EcPfpdKlqqz9+JcHT5+N0Zuy4rcMJ1HkHpQm/Rdh8cztYE+7bAIa8V
KDQBr/OSU7ZnxLoYczKw2wrQ8GO9g7a9C55W+XJUfeBHKuxqoeJR
-----END CERTIFICATE-----
Generated at Sun Jun 2 06:32:53 2024 by rpki-client on console-ams.rpki-client.org