Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/2c4110-eaee-440b-820e-95cae09ff563/1/yIGQtsrKBjoPVr_LbmpIMThHUX0.roa
File: yIGQtsrKBjoPVr_LbmpIMThHUX0.roa (raw, json)
Hash identifier: Niz4jePAoZCsT6FazHDsKag9dChjHfsKXgLRMxp2Wzw=
Subject key identifier: C8:81:90:B6:CA:CA:06:3A:0F:56:BF:CB:6E:6A:48:31:38:47:51:7D
Certificate issuer: /CN=790dc8145755101acc0888aa00bb28b995b9c4f1
Certificate serial: 018CC86F5C12B7ADA1F27CC6DA753E791265
Authority key identifier: 79:0D:C8:14:57:55:10:1A:CC:08:88:AA:00:BB:28:B9:95:B9:C4:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eQ3IFFdVEBrMCIiqALsouZW5xPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/2c4110-eaee-440b-820e-95cae09ff563/1/yIGQtsrKBjoPVr_LbmpIMThHUX0.roa
Signing time: Tue 02 Jan 2024 04:29:50 +0000
ROA not before: Tue 02 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205787
IP address blocks: 185.206.183.0/24 maxlen: 24
185.206.180.0/24 maxlen: 24
185.206.181.0/24 maxlen: 24
185.206.182.0/24 maxlen: 24
2a0b:1640:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/2c4110-eaee-440b-820e-95cae09ff563/1/eQ3IFFdVEBrMCIiqALsouZW5xPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/2c4110-eaee-440b-820e-95cae09ff563/1/eQ3IFFdVEBrMCIiqALsouZW5xPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/eQ3IFFdVEBrMCIiqALsouZW5xPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:5c:12:b7:ad:a1:f2:7c:c6:da:75:3e:79:12:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=790dc8145755101acc0888aa00bb28b995b9c4f1
Validity
Not Before: Jan 2 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c88190b6caca063a0f56bfcb6e6a48313847517d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c8:00:16:54:80:37:35:58:38:4a:1b:27:83:
2e:b7:8b:95:66:07:c4:24:a5:5f:be:2c:1d:31:8a:
a0:57:91:88:3f:d4:ea:55:7b:16:7d:d2:01:61:fb:
49:a7:6d:78:e3:09:74:c1:9e:d1:b4:89:da:e4:d6:
2f:72:e1:1b:86:96:fe:ad:79:5c:89:af:aa:cb:e9:
41:d6:de:ee:4e:81:60:e2:c7:17:6f:e0:b1:41:31:
47:b0:36:ed:7f:60:cf:ab:7e:97:12:6e:5f:e8:90:
59:e0:82:9d:e2:01:d1:91:e8:a2:e5:e1:ed:8b:58:
72:14:bc:1d:41:17:33:c3:67:b4:e7:17:c5:72:db:
17:e1:25:9d:f6:eb:bc:46:55:73:8a:e7:74:91:dc:
64:61:29:55:a6:de:51:ad:1d:90:a0:32:57:1e:a2:
77:eb:b4:70:9f:ba:6e:fc:06:c4:11:8d:a3:dc:b4:
d6:a5:5f:23:7f:4d:b7:3f:d5:f2:95:73:bf:d6:11:
78:7d:9b:5c:4a:b4:04:a7:3f:25:6a:87:5c:35:a9:
89:9e:d4:6c:17:c2:ee:5a:0f:ef:db:5a:5e:3d:67:
41:5b:a1:ec:8e:8e:da:a9:ed:16:c8:fa:78:9c:b0:
2b:d7:20:e3:63:34:99:14:48:97:18:9c:bd:3b:c9:
cc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:81:90:B6:CA:CA:06:3A:0F:56:BF:CB:6E:6A:48:31:38:47:51:7D
X509v3 Authority Key Identifier:
keyid:79:0D:C8:14:57:55:10:1A:CC:08:88:AA:00:BB:28:B9:95:B9:C4:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eQ3IFFdVEBrMCIiqALsouZW5xPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2c4110-eaee-440b-820e-95cae09ff563/1/yIGQtsrKBjoPVr_LbmpIMThHUX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/2c4110-eaee-440b-820e-95cae09ff563/1/eQ3IFFdVEBrMCIiqALsouZW5xPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.180.0/22
IPv6:
2a0b:1640:1::/48
Signature Algorithm: sha256WithRSAEncryption
5d:a1:64:2f:5a:97:c7:06:78:c1:b3:27:c4:56:a7:8c:32:04:
0b:ec:88:cd:9a:90:67:8e:65:3c:e7:f3:16:55:a2:4d:db:25:
55:0c:3b:2a:09:12:1a:1f:b8:b3:39:7c:07:54:52:64:07:f5:
05:8c:ef:11:96:66:51:a6:5f:4c:ff:bc:91:a2:92:25:51:5a:
12:90:0b:90:bd:16:d7:a3:6f:b7:cb:8a:c5:1d:4c:a7:3d:14:
15:cb:33:77:57:25:24:a6:3b:58:f5:0e:05:94:a1:bd:49:d5:
56:45:24:59:8a:ce:10:eb:fb:20:47:90:e4:ef:63:ed:7f:73:
91:cf:cc:39:b4:55:24:96:1d:26:c8:7f:31:3e:0d:83:2c:7f:
0a:c7:00:ca:30:2f:a4:fe:b6:b7:fb:3f:df:c2:6c:2a:05:36:
a8:8d:40:ee:35:16:f8:d5:0b:ad:a7:f8:e1:b0:a8:7b:ab:4d:
e3:28:04:e4:4a:2a:8b:4d:ea:c8:65:72:f9:a7:da:ca:89:29:
b5:86:9d:ec:ca:4f:6e:0a:87:32:b6:c0:5b:2d:ec:ba:fc:3d:
26:b3:86:e0:95:9f:bf:8a:c1:28:a4:f1:a3:75:6f:3d:4f:1f:
fd:97:5a:a6:4f:67:57:91:d4:72:6d:14:0c:45:a2:2f:ae:7c:
36:df:02:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIb1wSt62h8nzG2nU+eRJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MGRjODE0NTc1NTEwMWFjYzA4ODhhYTAwYmIyOGI5OTVi
OWM0ZjEwHhcNMjQwMTAyMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODgxOTBiNmNhY2EwNjNhMGY1NmJmY2I2ZTZhNDgzMTM4NDc1MTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsgAFlSANzVYOEobJ4Mut4uVZgfE
JKVfviwdMYqgV5GIP9TqVXsWfdIBYftJp2144wl0wZ7RtIna5NYvcuEbhpb+rXlc
ia+qy+lB1t7uToFg4scXb+CxQTFHsDbtf2DPq36XEm5f6JBZ4IKd4gHRkeii5eHt
i1hyFLwdQRczw2e05xfFctsX4SWd9uu8RlVziud0kdxkYSlVpt5RrR2QoDJXHqJ3
67Rwn7pu/AbEEY2j3LTWpV8jf023P9XylXO/1hF4fZtcSrQEpz8laodcNamJntRs
F8LuWg/v21pePWdBW6Hsjo7aqe0WyPp4nLAr1yDjYzSZFEiXGJy9O8nMuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMiBkLbKygY6D1a/y25qSDE4R1F9MB8GA1UdIwQY
MBaAFHkNyBRXVRAazAiIqgC7KLmVucTxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVEzSUZGZFZFQnJNQ0lpcUFMc291Wlc1eFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8yYzQxMTAtZWFlZS00NDBiLTgyMGUt
OTVjYWUwOWZmNTYzLzEveUlHUXRzcktCam9QVnJfTGJtcElNVGhIVVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8yYzQxMTAtZWFlZS00NDBiLTgyMGUtOTVjYWUwOWZmNTYz
LzEvZVEzSUZGZFZFQnJNQ0lpcUFMc291Wlc1eFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuc60MA8E
AgACMAkDBwAqCxZAAAEwDQYJKoZIhvcNAQELBQADggEBAF2hZC9al8cGeMGzJ8RW
p4wyBAvsiM2akGeOZTzn8xZVok3bJVUMOyoJEhofuLM5fAdUUmQH9QWM7xGWZlGm
X0z/vJGikiVRWhKQC5C9Ftejb7fLisUdTKc9FBXLM3dXJSSmO1j1DgWUob1J1VZF
JFmKzhDr+yBHkOTvY+1/c5HPzDm0VSSWHSbIfzE+DYMsfwrHAMowL6T+trf7P9/C
bCoFNqiNQO41FvjVC62n+OGwqHurTeMoBORKKotN6shlcvmn2sqJKbWGnezKT24K
hzK2wFst7Lr8PSazhuCVn7+KwSik8aN1bz1PH/2XWqZPZ1eR1HJtFAxFoi+ufDbf
Agg=
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:35:00 2024 by rpki-client on console-ams.rpki-client.org