Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/xcs9ffwQS8eAsBjO43zEAeZW818.roa
File: xcs9ffwQS8eAsBjO43zEAeZW818.roa (raw, json)
Hash identifier: LYXh6/DGHaQxWrAa8aaeq/ocKORg569JbwCR41GVb7Y=
Subject key identifier: C5:CB:3D:7D:FC:10:4B:C7:80:B0:18:CE:E3:7C:C4:01:E6:56:F3:5F
Certificate issuer: /CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Certificate serial: 018CC727466DB6591F7C3AB68F628C1C7C76
Authority key identifier: BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/xcs9ffwQS8eAsBjO43zEAeZW818.roa
Signing time: Mon 01 Jan 2024 22:31:29 +0000
ROA not before: Mon 01 Jan 2024 22:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201689
IP address blocks: 185.66.228.0/22 maxlen: 22
185.66.229.0/24 maxlen: 24
185.66.230.0/24 maxlen: 24
185.66.231.0/24 maxlen: 24
185.66.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:46:6d:b6:59:1f:7c:3a:b6:8f:62:8c:1c:7c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Validity
Not Before: Jan 1 22:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5cb3d7dfc104bc780b018cee37cc401e656f35f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7b:83:77:0b:98:e5:7e:3d:4d:ba:15:29:20:
4a:7d:e9:1c:36:dd:08:93:db:9a:e2:3c:38:f8:24:
f9:0c:14:ce:e7:2f:a5:61:9b:a6:e3:c2:93:2d:41:
45:09:c5:74:91:7b:26:20:e9:e9:72:78:37:42:f0:
82:35:03:09:05:bd:bb:d2:ba:db:2e:cb:3e:0c:59:
8c:05:33:9a:d1:08:6f:94:cc:75:03:c9:45:03:ed:
08:99:85:c0:b8:fa:b6:7e:7b:79:ba:8e:c2:eb:58:
a9:42:57:55:1f:33:f5:50:79:ef:06:8b:e9:88:5d:
63:54:09:6b:07:74:31:07:e0:89:f6:82:f2:66:81:
08:66:d8:44:fc:e8:c0:fa:a8:fc:ba:39:c9:c1:b6:
9b:2c:d8:e2:83:62:e1:c5:59:60:e7:31:b4:bd:e2:
a3:10:af:24:8e:b2:f7:d5:50:34:bb:de:30:dd:f9:
fb:a0:b6:f5:d9:1d:f4:1a:4d:ae:37:a3:4d:2f:1d:
0f:3a:77:e5:a2:dd:a2:09:f5:06:81:8f:30:bc:9b:
65:ba:fb:32:fa:26:0b:b9:28:67:bc:5f:49:6c:f2:
63:59:41:7d:88:4f:db:29:57:c7:ce:2e:a5:66:ba:
f9:aa:bb:10:db:c1:26:5d:c0:37:e6:7d:fd:f4:3b:
94:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CB:3D:7D:FC:10:4B:C7:80:B0:18:CE:E3:7C:C4:01:E6:56:F3:5F
X509v3 Authority Key Identifier:
keyid:BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/xcs9ffwQS8eAsBjO43zEAeZW818.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.228.0/22
Signature Algorithm: sha256WithRSAEncryption
64:03:21:8d:3a:8c:80:f5:20:dc:8d:89:f2:1d:aa:75:7e:65:
3c:03:83:4d:38:f0:59:90:b2:20:cb:a5:b4:a8:79:f0:05:7f:
bf:6d:0b:56:d6:f5:e6:f5:94:c3:82:21:6b:e9:f8:4e:81:62:
a8:ca:e4:7e:56:a3:99:d5:72:94:1b:3d:67:18:34:6c:48:41:
ff:29:01:78:32:31:d2:fc:21:8f:2c:d1:5f:d5:4f:8e:6a:c5:
c8:5b:a9:17:e9:48:c8:be:01:00:e0:78:e1:d6:06:fc:e2:10:
34:f6:10:9a:d8:4f:88:5e:84:77:06:c7:7e:2a:14:24:b1:3c:
9d:aa:ef:fa:45:52:1f:3d:2c:9a:aa:71:14:cf:f9:27:08:a4:
a0:b8:b4:25:08:e5:f9:42:e9:12:d4:6e:8c:48:72:39:71:97:
3e:04:7f:6e:86:3d:61:43:3b:f5:b9:f4:00:4c:d7:9d:0f:77:
f4:54:fc:d3:13:02:e4:6f:cc:4a:ce:17:86:95:da:da:e0:54:
85:0a:c5:fe:35:0a:bb:f6:21:cb:eb:76:ac:94:92:7f:9c:cc:
7f:3a:16:d8:91:52:44:23:17:ee:b7:7a:d4:b8:4e:0c:d6:92:
cf:a6:2a:e3:54:51:3f:33:f9:3d:b8:2c:0b:80:8c:b1:64:d1:
c9:cc:0a:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ0ZttlkffDq2j2KMHHx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNWRiODExYjVkNWQwNWJlYzM3ZWU5ZDA5YTRlYzUyZWVl
ZDFhZDUwHhcNMjQwMTAxMjIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWNiM2Q3ZGZjMTA0YmM3ODBiMDE4Y2VlMzdjYzQwMWU2NTZmMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHuDdwuY5X49TboVKSBKfekcNt0I
k9ua4jw4+CT5DBTO5y+lYZum48KTLUFFCcV0kXsmIOnpcng3QvCCNQMJBb270rrb
Lss+DFmMBTOa0QhvlMx1A8lFA+0ImYXAuPq2fnt5uo7C61ipQldVHzP1UHnvBovp
iF1jVAlrB3QxB+CJ9oLyZoEIZthE/OjA+qj8ujnJwbabLNjig2LhxVlg5zG0veKj
EK8kjrL31VA0u94w3fn7oLb12R30Gk2uN6NNLx0POnflot2iCfUGgY8wvJtluvsy
+iYLuShnvF9JbPJjWUF9iE/bKVfHzi6lZrr5qrsQ28EmXcA35n399DuU9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXLPX38EEvHgLAYzuN8xAHmVvNfMB8GA1UdIwQY
MBaAFL9duBG11dBb7DfunQmk7FLu7RrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2Mt
NzE1ZjA5ODE3MzQxLzEveGNzOWZmd1FTOGVBc0JqTzQzekVBZVpXODE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2MtNzE1ZjA5ODE3MzQx
LzEvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuULkMA0G
CSqGSIb3DQEBCwUAA4IBAQBkAyGNOoyA9SDcjYnyHap1fmU8A4NNOPBZkLIgy6W0
qHnwBX+/bQtW1vXm9ZTDgiFr6fhOgWKoyuR+VqOZ1XKUGz1nGDRsSEH/KQF4MjHS
/CGPLNFf1U+OasXIW6kX6UjIvgEA4Hjh1gb84hA09hCa2E+IXoR3Bsd+KhQksTyd
qu/6RVIfPSyaqnEUz/knCKSguLQlCOX5QukS1G6MSHI5cZc+BH9uhj1hQzv1ufQA
TNedD3f0VPzTEwLkb8xKzheGldra4FSFCsX+NQq79iHL63aslJJ/nMx/OhbYkVJE
Ixfut3rUuE4M1pLPpirjVFE/M/k9uCwLgIyxZNHJzAra
-----END CERTIFICATE-----
Generated at Sun Jun 23 16:54:42 2024 by rpki-client on console-fra.rpki-client.org