Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/1-bi1HP8bhB3aEmeEaQrHVvU934E.roa
File: 1-bi1HP8bhB3aEmeEaQrHVvU934E.roa (raw, json)
Hash identifier: UFXafmWdERIUoujs4LoYXHoUStHICX0ASZTRnZOltLw=
Subject key identifier: F9:B8:B5:1C:FF:1B:84:1D:DA:12:67:84:69:0A:C7:56:F5:3D:DF:81
Certificate issuer: /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial: 018CC86F58FB88656AB8ACE9D4B7B08F1EE9
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/1-bi1HP8bhB3aEmeEaQrHVvU934E.roa
Signing time: Tue 02 Jan 2024 04:29:49 +0000
ROA not before: Tue 02 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43350
IP address blocks: 185.167.204.0/24 maxlen: 24
185.167.205.0/24 maxlen: 24
185.167.206.0/24 maxlen: 24
2a0b:b600::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.mft
rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 07:03:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:58:fb:88:65:6a:b8:ac:e9:d4:b7:b0:8f:1e:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Validity
Not Before: Jan 2 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9b8b51cff1b841dda126784690ac756f53ddf81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:62:f0:d9:78:25:27:80:c9:35:b4:15:fb:71:
37:e9:77:3d:ea:a8:38:16:23:ff:5d:d4:db:59:d7:
77:6d:d3:1c:18:54:67:38:c8:53:20:1c:dc:72:a6:
03:c0:85:75:ae:89:9c:1b:df:0a:48:63:55:bc:f1:
28:6a:86:ba:f5:64:d4:ae:28:83:f4:8f:f8:0d:aa:
2b:b4:90:72:ad:54:81:01:a6:88:ff:d9:57:b0:24:
65:32:39:e0:fb:14:b6:bd:c9:75:3d:fe:77:08:4b:
a5:b2:ac:15:e5:f6:63:77:0d:de:9c:8b:19:27:33:
9a:3b:f5:d9:d5:dd:80:64:9f:e1:cc:bb:89:20:b9:
df:e7:61:8d:bd:77:04:3c:5c:8c:ba:80:47:88:3a:
2d:ef:23:e9:43:f0:ea:48:56:36:2c:a3:b8:d7:ff:
d0:d4:26:fd:89:a7:6f:3c:57:0a:4d:bc:39:00:6e:
f5:b7:1d:44:17:53:1b:6e:42:c8:06:71:d7:c4:67:
17:7a:1e:44:9b:a9:ad:ee:af:4d:d8:26:db:5c:5e:
bc:ef:32:40:7e:ea:26:3f:3c:a4:fc:74:cd:db:10:
95:04:5c:df:c3:46:6b:49:e8:01:26:32:9a:6f:99:
52:48:d6:25:f9:42:f3:b5:81:2c:b1:4c:c9:e5:a4:
30:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B8:B5:1C:FF:1B:84:1D:DA:12:67:84:69:0A:C7:56:F5:3D:DF:81
X509v3 Authority Key Identifier:
keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/1-bi1HP8bhB3aEmeEaQrHVvU934E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.204.0-185.167.206.255
IPv6:
2a0b:b600::/48
Signature Algorithm: sha256WithRSAEncryption
04:dc:68:20:4d:4a:06:bc:13:9e:0a:05:74:85:77:07:c4:13:
c8:80:a5:c3:a4:ad:18:f1:34:98:b4:ca:ae:3b:83:42:01:a9:
99:05:a7:f4:5c:fd:fa:d7:ba:71:ea:f4:18:99:5c:9a:0c:b4:
70:1b:63:56:89:cf:ae:85:e2:e0:ce:7a:35:98:70:fa:2a:e1:
c4:b3:be:ae:c9:08:88:75:3d:17:49:0e:35:bf:8e:89:ba:cc:
cd:c7:79:50:ff:9a:52:a6:39:2c:27:96:ee:6d:88:83:02:87:
fa:58:7a:2e:da:e3:74:1b:ec:7a:1c:a2:14:63:99:d0:7b:dd:
81:eb:89:93:08:88:3e:cb:24:3b:ce:ae:20:eb:9b:37:d8:e4:
d0:4d:35:35:c5:3f:33:52:5f:9c:eb:26:22:d1:d1:1d:0c:81:
d1:03:2c:53:89:bd:8a:48:ea:cd:51:b9:fe:af:4d:80:1e:23:
0c:6c:6e:13:38:f9:70:a1:ad:f9:3b:b8:5f:b4:96:b0:a2:34:
7a:ad:40:82:cb:f5:66:b1:00:94:4b:f6:03:e5:38:05:1c:76:
ba:44:29:69:09:d5:e4:17:93:f0:dc:91:05:b5:36:38:fe:75:
30:51:7c:9c:78:a6:b9:b5:79:f9:3d:b0:ec:3e:41:13:4d:52:
43:e3:c8:5e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIb1j7iGVquKzp1Lewjx7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjQwMTAyMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI4YjUxY2ZmMWI4NDFkZGExMjY3ODQ2OTBhYzc1NmY1M2RkZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mLw2XglJ4DJNbQV+3E36Xc96qg4
FiP/XdTbWdd3bdMcGFRnOMhTIBzccqYDwIV1romcG98KSGNVvPEoaoa69WTUriiD
9I/4DaortJByrVSBAaaI/9lXsCRlMjng+xS2vcl1Pf53CEulsqwV5fZjdw3enIsZ
JzOaO/XZ1d2AZJ/hzLuJILnf52GNvXcEPFyMuoBHiDot7yPpQ/DqSFY2LKO41//Q
1Cb9iadvPFcKTbw5AG71tx1EF1MbbkLIBnHXxGcXeh5Em6mt7q9N2CbbXF687zJA
fuomPzyk/HTN2xCVBFzfw0ZrSegBJjKab5lSSNYl+ULztYEssUzJ5aQwkQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPm4tRz/G4Qd2hJnhGkKx1b1Pd+BMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEvMS1iaTFIUDhiaEIzYUVtZUVhUXJIVnZVOTM0RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjgvZGIxYWNhLTI2NTktNDJhMy1hNjMxLTlhMTI5NWYwMmYy
ZS8xL2NfbUd4M0JiMkFqQnNDNjlkVS1fcVJnSDZiWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA4BggrBgEFBQcBBwEB/wQpMCcwFAQCAAEwDjAMAwQCuafM
AwQAuafOMA8EAgACMAkDBwAqC7YAAAAwDQYJKoZIhvcNAQELBQADggEBAATcaCBN
Sga8E54KBXSFdwfEE8iApcOkrRjxNJi0yq47g0IBqZkFp/Rc/frXunHq9BiZXJoM
tHAbY1aJz66F4uDOejWYcPoq4cSzvq7JCIh1PRdJDjW/jom6zM3HeVD/mlKmOSwn
lu5tiIMCh/pYei7a43Qb7HocohRjmdB73YHriZMIiD7LJDvOriDrmzfY5NBNNTXF
PzNSX5zrJiLR0R0MgdEDLFOJvYpI6s1Ruf6vTYAeIwxsbhM4+XChrfk7uF+0lrCi
NHqtQILL9WaxAJRL9gPlOAUcdrpEKWkJ1eQXk/DckQW1Njj+dTBRfJx4prm1efk9
sOw+QRNNUkPjyF4=
-----END CERTIFICATE-----
Generated at Sun May 5 11:08:24 2024 by rpki-client on console-fra.rpki-client.org