Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/B9UzHouo2WIYWe3ocljMaIvkync.roa
File: B9UzHouo2WIYWe3ocljMaIvkync.roa (raw, json)
Hash identifier: 0qV34XrZ2ThcIPyKQEGg0vdPCun5wkwnoYu5cVRYFyQ=
Subject key identifier: 07:D5:33:1E:8B:A8:D9:62:18:59:ED:E8:72:58:CC:68:8B:E4:CA:77
Certificate issuer: /CN=73c69d04583500c5ef81136831237593e0bb86ce
Certificate serial: 018CC34894FAEE368EBB7620A06BB5B36568
Authority key identifier: 73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/B9UzHouo2WIYWe3ocljMaIvkync.roa
Signing time: Mon 01 Jan 2024 04:29:22 +0000
ROA not before: Mon 01 Jan 2024 04:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208476
IP address blocks: 185.244.29.0/24 maxlen: 24
185.244.30.0/24 maxlen: 24
185.244.31.0/24 maxlen: 24
185.244.26.0/24 maxlen: 24
194.5.97.0/24 maxlen: 24
194.5.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:94:fa:ee:36:8e:bb:76:20:a0:6b:b5:b3:65:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73c69d04583500c5ef81136831237593e0bb86ce
Validity
Not Before: Jan 1 04:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07d5331e8ba8d9621859ede87258cc688be4ca77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ef:18:79:a8:b8:51:ba:71:93:ef:b7:47:11:
aa:a3:d7:89:bf:1f:cc:2a:4a:06:f9:a2:9d:1c:b8:
a9:56:e7:7f:ea:14:ce:b5:3e:e7:45:10:e7:5f:3c:
e8:b2:86:5b:fc:74:bd:67:23:56:16:bb:29:1f:0f:
6b:c8:3f:c8:67:91:ce:c6:69:aa:da:7d:2f:cc:ad:
34:02:b7:25:d8:39:2b:08:e0:90:e5:2f:2f:5f:aa:
1f:6b:1a:be:1f:a2:33:d0:cb:5c:9a:2d:c5:44:c9:
0a:11:85:91:bf:ad:1a:78:08:38:66:ac:10:44:f1:
86:21:78:70:8f:53:9b:6f:14:40:60:65:74:ea:7f:
b3:a4:87:94:bd:c4:55:cd:be:8b:20:65:1e:47:7a:
f2:c7:29:10:ad:db:09:0b:00:9f:98:fc:e9:4a:bb:
26:80:79:b9:81:cf:27:b0:2b:33:49:58:21:52:42:
cb:cd:eb:fc:f6:34:4f:06:ac:23:67:cf:3b:e5:95:
43:66:7e:67:bb:26:57:bd:f6:76:04:22:79:7c:ed:
fa:80:bd:4d:4b:08:17:03:79:65:21:60:0b:21:17:
65:de:fa:4f:3a:f9:f1:2b:1c:a8:9a:e8:60:62:17:
02:27:ba:fe:bd:14:b5:4e:69:be:6b:f9:1e:95:43:
60:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D5:33:1E:8B:A8:D9:62:18:59:ED:E8:72:58:CC:68:8B:E4:CA:77
X509v3 Authority Key Identifier:
keyid:73:C6:9D:04:58:35:00:C5:EF:81:13:68:31:23:75:93:E0:BB:86:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8adBFg1AMXvgRNoMSN1k-C7hs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/B9UzHouo2WIYWe3ocljMaIvkync.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6f6ce2-e6ee-4e2a-905d-f9cb0a7b206c/1/c8adBFg1AMXvgRNoMSN1k-C7hs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.26.0/24
185.244.29.0-185.244.31.255
194.5.97.0/24
194.5.99.0/24
Signature Algorithm: sha256WithRSAEncryption
23:3f:7c:28:a0:06:83:1d:a4:c1:88:7c:d7:7a:ea:4f:96:01:
1f:86:59:e4:69:35:2b:1e:72:9c:a8:98:4f:81:b7:61:36:8f:
91:36:0a:eb:29:ba:04:a2:a0:37:95:f1:13:16:82:31:3e:a5:
be:95:35:5c:58:80:9a:4e:ad:e7:1d:c9:60:7b:68:94:69:ac:
50:7e:f1:bb:19:57:28:ae:b7:3d:bc:66:28:40:54:5b:09:c2:
c8:e5:5a:11:3e:0c:40:f4:ed:45:da:19:7b:bc:d8:86:2b:17:
46:9b:a4:b1:15:94:fb:d9:2c:df:c7:64:70:14:08:a9:a2:62:
10:d9:9b:0f:24:94:71:54:d2:b4:6e:e9:06:b0:1c:67:a6:36:
ee:96:6c:72:fa:2a:ca:3a:91:4c:18:f4:8d:6a:86:90:ee:e1:
c4:dc:69:c5:04:c0:7d:cb:6b:b4:e0:87:ad:52:0a:d3:36:cc:
98:20:20:07:67:f0:e3:71:0f:2a:4f:ed:a5:fe:4c:fd:9e:a3:
32:4c:f2:b8:d1:3b:3e:53:0d:11:83:8d:43:26:60:e4:6b:77:
c4:c6:a9:4c:50:fc:53:d2:b9:3e:9e:73:de:b8:54:78:47:82:
de:4e:69:de:25:1e:a9:65:0c:18:89:1e:ef:3e:96:d7:99:4a:
d9:ab:70:c6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDSJT67jaOu3YgoGu1s2VoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczYzY5ZDA0NTgzNTAwYzVlZjgxMTM2ODMxMjM3NTkzZTBi
Yjg2Y2UwHhcNMjQwMTAxMDQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2Q1MzMxZThiYThkOTYyMTg1OWVkZTg3MjU4Y2M2ODhiZTRjYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO8Yeai4Ubpxk++3RxGqo9eJvx/M
KkoG+aKdHLipVud/6hTOtT7nRRDnXzzosoZb/HS9ZyNWFrspHw9ryD/IZ5HOxmmq
2n0vzK00Arcl2DkrCOCQ5S8vX6ofaxq+H6Iz0Mtcmi3FRMkKEYWRv60aeAg4ZqwQ
RPGGIXhwj1ObbxRAYGV06n+zpIeUvcRVzb6LIGUeR3ryxykQrdsJCwCfmPzpSrsm
gHm5gc8nsCszSVghUkLLzev89jRPBqwjZ8875ZVDZn5nuyZXvfZ2BCJ5fO36gL1N
SwgXA3llIWALIRdl3vpPOvnxKxyomuhgYhcCJ7r+vRS1Tmm+a/kelUNgMQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAfVMx6LqNliGFnt6HJYzGiL5Mp3MB8GA1UdIwQY
MBaAFHPGnQRYNQDF74ETaDEjdZPgu4bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQt
ZjljYjBhN2IyMDZjLzEvQjlVekhvdW8yV0lZV2Uzb2Nsak1hSXZreW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ZjZjZTItZTZlZS00ZTJhLTkwNWQtZjljYjBhN2IyMDZj
LzEvYzhhZEJGZzFBTVh2Z1JOb01TTjFrLUM3aHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAufQaMAwD
BAC59B0DBAW59AADBADCBWEDBADCBWMwDQYJKoZIhvcNAQELBQADggEBACM/fCig
BoMdpMGIfNd66k+WAR+GWeRpNSsecpyomE+Bt2E2j5E2CuspugSioDeV8RMWgjE+
pb6VNVxYgJpOrecdyWB7aJRprFB+8bsZVyiutz28ZihAVFsJwsjlWhE+DED07UXa
GXu82IYrF0abpLEVlPvZLN/HZHAUCKmiYhDZmw8klHFU0rRu6QawHGemNu6WbHL6
Kso6kUwY9I1qhpDu4cTcacUEwH3La7Tgh61SCtM2zJggIAdn8ONxDypP7aX+TP2e
ozJM8rjROz5TDRGDjUMmYORrd8TGqUxQ/FPSuT6ec964VHhHgt5Oad4lHqllDBiJ
Hu8+lteZStmrcMY=
-----END CERTIFICATE-----
Generated at Wed May 15 16:32:32 2024 by rpki-client on console-ams.rpki-client.org