Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/_a3RKJld7jV19kGb0_ESWu54ol0.roa
File: _a3RKJld7jV19kGb0_ESWu54ol0.roa (raw, json)
Hash identifier: YGwIoUzfDepUlDtL0ocjZAnKs5m9999N7kDSXDerF4s=
Subject key identifier: FD:AD:D1:28:99:5D:EE:35:75:F6:41:9B:D3:F1:12:5A:EE:78:A2:5D
Certificate issuer: /CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Certificate serial: 018CC86F5A0E0D497D5BFAEECCE4437838C5
Authority key identifier: 73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/_a3RKJld7jV19kGb0_ESWu54ol0.roa
Signing time: Tue 02 Jan 2024 04:29:49 +0000
ROA not before: Tue 02 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57758
IP address blocks: 185.167.204.0/22 maxlen: 24
185.167.207.0/24 maxlen: 24
2a0b:b600:3804::/48 maxlen: 48
2a0b:b600:3c04::/48 maxlen: 48
2a0b:b600:3802::/48 maxlen: 48
2a0b:b602::/32 maxlen: 48
2a0b:b600:110::/44 maxlen: 44
2a0b:b600:3803::/48 maxlen: 48
2a0b:b600:400::/38 maxlen: 48
2a0b:b600:3400::/38 maxlen: 48
2a0b:b600:2000::/38 maxlen: 48
2a0b:b600::/36 maxlen: 36
2a0b:b600:3800::/38 maxlen: 38
2a0b:b600:1400::/38 maxlen: 38
2a0b:b600:1800::/38 maxlen: 38
2a0b:b600:800::/38 maxlen: 38
2a0b:b600:2400::/38 maxlen: 38
2a0b:b600:3400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.mft
rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:5a:0e:0d:49:7d:5b:fa:ee:cc:e4:43:78:38:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f986c7705bd808c1b02ebd754fbfa91807e9b6
Validity
Not Before: Jan 2 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdadd128995dee3575f6419bd3f1125aee78a25d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ee:bc:23:b6:c8:31:e4:3d:59:c4:e6:db:16:
7d:88:27:f7:7d:2d:16:08:bf:32:9c:0b:cf:70:2a:
af:b7:ed:a5:ae:d4:b8:60:50:57:df:98:dc:d9:9c:
6a:83:2b:28:31:b8:f5:1f:4d:d1:b6:ae:fc:d7:36:
1b:2a:71:eb:68:30:2d:ba:bd:71:c1:b7:3a:c1:62:
dc:30:fd:7b:f2:ec:18:b9:d7:3e:5a:94:d7:4e:eb:
2a:48:ad:d4:c2:a2:c2:b6:28:01:bc:98:b5:60:f4:
f1:d9:3d:7e:32:19:2c:8f:53:6a:22:7c:ef:67:0d:
9b:87:20:d1:38:73:bf:ab:16:53:b9:e7:a4:ed:ac:
30:52:0a:9f:d7:86:ed:bd:34:cd:30:1f:34:52:a8:
3f:ed:48:03:58:3f:ae:df:fe:81:a9:a0:d9:b1:42:
96:bd:89:a3:68:36:ea:a1:75:20:d3:25:b6:c0:b8:
ba:61:29:21:08:bf:3f:0a:29:ab:4b:0a:4b:8e:b9:
ba:ff:c2:39:62:29:e4:91:e3:6e:24:cb:a9:84:8c:
ee:b1:3f:be:93:89:36:a9:dc:8c:b9:e6:a1:21:47:
98:2a:ed:fd:34:39:6e:41:18:57:5f:fc:be:5c:82:
41:31:51:5c:75:ce:52:d9:16:1c:10:a8:e4:cb:2a:
6d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:AD:D1:28:99:5D:EE:35:75:F6:41:9B:D3:F1:12:5A:EE:78:A2:5D
X509v3 Authority Key Identifier:
keyid:73:F9:86:C7:70:5B:D8:08:C1:B0:2E:BD:75:4F:BF:A9:18:07:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_mGx3Bb2AjBsC69dU-_qRgH6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/_a3RKJld7jV19kGb0_ESWu54ol0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/db1aca-2659-42a3-a631-9a1295f02f2e/1/c_mGx3Bb2AjBsC69dU-_qRgH6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.204.0/22
IPv6:
2a0b:b600::/36
2a0b:b600:1400::-2a0b:b600:1bff:ffff:ffff:ffff:ffff:ffff
2a0b:b600:2000::/37
2a0b:b600:3400::-2a0b:b600:3bff:ffff:ffff:ffff:ffff:ffff
2a0b:b600:3c04::/48
2a0b:b602::/32
Signature Algorithm: sha256WithRSAEncryption
28:a6:af:5a:0e:65:91:f1:1d:60:38:81:4c:69:9d:80:4f:a2:
6a:ab:58:03:05:37:cf:93:25:ab:2e:d3:e3:f4:3e:05:66:9d:
c6:c8:55:31:aa:3d:f5:b3:42:6f:4c:da:50:c9:d6:d4:af:5b:
85:a5:55:c6:fd:21:2b:5e:f7:98:56:d6:1f:fa:ce:c4:06:a6:
c9:c9:c7:39:c1:29:3c:36:24:2a:34:a2:c4:94:df:46:3e:46:
27:fd:54:bb:89:15:16:44:d9:58:fa:cc:fa:0f:f1:de:e8:e4:
1b:b4:66:f3:f7:d3:c9:d5:f1:fc:c8:c1:18:e9:f6:4b:11:60:
83:0b:62:c2:c1:50:0c:1a:be:79:30:7e:3a:0e:c7:b1:91:53:
a5:c7:e8:8a:b4:dd:a4:e5:43:7a:22:94:5e:05:65:1a:ca:c2:
d9:c4:c3:3c:52:ea:c5:67:39:48:9b:a1:2e:03:63:9c:43:57:
e4:ba:52:6f:bb:5c:ac:54:d5:29:13:5d:7f:76:fb:65:d2:6b:
4c:39:3f:9e:47:41:46:3b:42:ed:0d:fc:d4:0e:3e:e3:01:65:
20:64:69:6d:28:d3:f5:34:32:e4:2e:3d:7d:71:54:2e:aa:cc:
50:8f:f1:d8:13:cb:10:c5:f2:bc:a6:7c:0e:79:77:6c:28:4f:
ab:47:92:96
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYzIb1oODUl9W/ruzORDeDjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjk4NmM3NzA1YmQ4MDhjMWIwMmViZDc1NGZiZmE5MTgw
N2U5YjYwHhcNMjQwMTAyMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGFkZDEyODk5NWRlZTM1NzVmNjQxOWJkM2YxMTI1YWVlNzhhMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu68I7bIMeQ9WcTm2xZ9iCf3fS0W
CL8ynAvPcCqvt+2lrtS4YFBX35jc2ZxqgysoMbj1H03Rtq781zYbKnHraDAtur1x
wbc6wWLcMP178uwYudc+WpTXTusqSK3UwqLCtigBvJi1YPTx2T1+Mhksj1NqInzv
Zw2bhyDROHO/qxZTueek7awwUgqf14btvTTNMB80Uqg/7UgDWD+u3/6BqaDZsUKW
vYmjaDbqoXUg0yW2wLi6YSkhCL8/CimrSwpLjrm6/8I5YinkkeNuJMuphIzusT++
k4k2qdyMueahIUeYKu39NDluQRhXX/y+XIJBMVFcdc5S2RYcEKjkyyptbQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFP2t0SiZXe41dfZBm9PxElrueKJdMB8GA1UdIwQY
MBaAFHP5hsdwW9gIwbAuvXVPv6kYB+m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEt
OWExMjk1ZjAyZjJlLzEvX2EzUktKbGQ3alYxOWtHYjBfRVNXdTU0b2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9kYjFhY2EtMjY1OS00MmEzLWE2MzEtOWExMjk1ZjAyZjJl
LzEvY19tR3gzQmIyQWpCc0M2OWRVLV9xUmdINmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjAMBAIAATAGAwQCuafMMEoE
AgACMEQDBgQqC7YAADAQAwYCKgu2ABQDBgIqC7YAGAMGAyoLtgAgMBADBgIqC7YA
NAMGAioLtgA4AwcAKgu2ADwEAwUAKgu2AjANBgkqhkiG9w0BAQsFAAOCAQEAKKav
Wg5lkfEdYDiBTGmdgE+iaqtYAwU3z5Mlqy7T4/Q+BWadxshVMao99bNCb0zaUMnW
1K9bhaVVxv0hK173mFbWH/rOxAamycnHOcEpPDYkKjSixJTfRj5GJ/1Uu4kVFkTZ
WPrM+g/x3ujkG7Rm8/fTydXx/MjBGOn2SxFggwtiwsFQDBq+eTB+Og7HsZFTpcfo
irTdpOVDeiKUXgVlGsrC2cTDPFLqxWc5SJuhLgNjnENX5LpSb7tcrFTVKRNdf3b7
ZdJrTDk/nkdBRjtC7Q381A4+4wFlIGRpbSjT9TQy5C49fXFULqrMUI/x2BPLEMXy
vKZ8Dnl3bChPq0eSlg==
-----END CERTIFICATE-----
Generated at Tue Jun 25 23:54:02 2024 by rpki-client on console-ams.rpki-client.org