Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/jKzMb9avMXgs6uMUgPmV7rpqpm0.roa
File: jKzMb9avMXgs6uMUgPmV7rpqpm0.roa (raw, json)
Hash identifier: joMnt05iYR1ctEtXmByLja6Y8+IjIEJfTBFy7BJreWM=
Subject key identifier: 8C:AC:CC:6F:D6:AF:31:78:2C:EA:E3:14:80:F9:95:EE:BA:6A:A6:6D
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B4AEFDC0308BF7687B5246C02D867
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/jKzMb9avMXgs6uMUgPmV7rpqpm0.roa
Signing time: Tue 02 Jan 2024 12:34:43 +0000
ROA not before: Tue 02 Jan 2024 12:34:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 185.182.50.0/24 maxlen: 24
185.119.253.0/24 maxlen: 24
185.177.81.0/24 maxlen: 24
185.236.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:4a:ef:dc:03:08:bf:76:87:b5:24:6c:02:d8:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8caccc6fd6af31782ceae31480f995eeba6aa66d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:df:72:ab:6c:5a:40:14:00:77:6f:ca:58:ea:
00:88:05:72:b7:5d:ec:97:99:a8:c4:e4:d6:9f:c6:
3f:61:17:c9:cd:e9:39:1a:08:2e:3f:8f:cd:f4:bb:
65:6a:ba:1a:60:ec:eb:7e:56:89:25:54:49:df:1c:
1b:f9:22:11:bb:64:2a:ee:dc:9a:3e:e2:83:3b:d9:
77:1b:61:09:8f:41:9b:d1:16:b0:c4:ae:fb:19:8d:
3c:f5:73:0d:a1:a4:be:18:35:14:c3:a9:80:45:d0:
11:ab:aa:8f:76:e6:3d:7e:27:11:bf:10:11:49:68:
92:75:ea:c7:fc:dc:72:36:e7:6d:48:56:92:b3:51:
06:6b:d1:13:2b:e3:82:a5:29:ea:0f:a8:6f:dc:1d:
1e:47:56:45:09:3c:f3:ec:2b:f1:5e:f3:37:0d:73:
a8:92:87:a7:4a:fa:d2:d4:b9:4c:da:5f:f4:91:ca:
14:08:64:2f:b1:6f:f8:64:a4:00:f8:6d:1f:5d:69:
fe:b9:6a:1b:bb:8d:16:8a:07:c3:7f:d5:de:b0:30:
f2:bf:e4:e5:18:1c:e6:4a:26:71:e4:d4:80:28:85:
74:48:e8:aa:ca:0c:99:a9:3b:10:ee:f6:28:87:55:
73:cb:ad:89:fa:f8:3c:1b:16:3b:ca:ee:0d:b1:b9:
de:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AC:CC:6F:D6:AF:31:78:2C:EA:E3:14:80:F9:95:EE:BA:6A:A6:6D
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/jKzMb9avMXgs6uMUgPmV7rpqpm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.253.0/24
185.177.81.0/24
185.182.50.0/24
185.236.82.0/24
Signature Algorithm: sha256WithRSAEncryption
15:43:92:7f:a1:90:4a:48:e3:b2:c2:27:c9:ac:17:91:b5:3f:
35:6c:e5:1d:3b:4c:44:c1:32:fa:21:e5:a6:7a:3b:56:bf:e9:
8c:19:a7:95:d1:eb:c4:93:58:97:ce:b4:1d:0a:7b:e9:ae:7b:
71:5f:aa:be:18:c3:a2:c8:a2:14:fb:19:1f:26:16:76:07:75:
3e:76:ec:33:a0:56:d9:7d:82:12:e6:20:fc:e6:af:c8:a5:e0:
b2:0f:85:1f:5a:f5:ff:78:ef:4b:ad:cd:53:c2:5f:88:c4:55:
b4:0d:dc:75:0e:89:f6:e4:d9:9f:70:69:19:b9:9d:f4:6b:bc:
23:9a:eb:27:2e:59:8b:a3:ce:6f:17:a1:22:1a:c1:05:06:43:
a9:d7:4f:d0:15:3f:25:df:f1:28:6c:e4:16:2d:4d:5b:45:83:
b8:a3:a8:00:65:24:41:e9:5b:74:1d:42:c3:d1:55:7c:c6:40:
d3:b7:ca:ac:5b:84:ad:e4:0c:1e:1f:d5:45:68:13:83:b4:44:
89:ad:26:6d:c9:a1:66:5f:85:06:9b:78:c1:21:ce:48:05:6b:
c4:25:e3:a2:f5:30:7d:f3:65:7d:fd:20:6b:a4:e2:8c:57:41:
04:30:16:4a:f3:d1:52:e2:1c:53:ca:1d:14:17:27:1a:db:5e:
59:1e:b9:74
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKK0rv3AMIv3aHtSRsAthnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2FjY2M2ZmQ2YWYzMTc4MmNlYWUzMTQ4MGY5OTVlZWJhNmFhNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd9yq2xaQBQAd2/KWOoAiAVyt13s
l5moxOTWn8Y/YRfJzek5GgguP4/N9LtlaroaYOzrflaJJVRJ3xwb+SIRu2Qq7tya
PuKDO9l3G2EJj0Gb0RawxK77GY089XMNoaS+GDUUw6mARdARq6qPduY9ficRvxAR
SWiSderH/NxyNudtSFaSs1EGa9ETK+OCpSnqD6hv3B0eR1ZFCTzz7CvxXvM3DXOo
koenSvrS1LlM2l/0kcoUCGQvsW/4ZKQA+G0fXWn+uWobu40WigfDf9XesDDyv+Tl
GBzmSiZx5NSAKIV0SOiqygyZqTsQ7vYoh1Vzy62J+vg8GxY7yu4NsbnemwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIyszG/WrzF4LOrjFID5le66aqZtMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvakt6TWI5YXZNWGdzNnVNVWdQbVY3cnBxcG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuXf9AwQA
ubFRAwQAubYyAwQAuexSMA0GCSqGSIb3DQEBCwUAA4IBAQAVQ5J/oZBKSOOywifJ
rBeRtT81bOUdO0xEwTL6IeWmejtWv+mMGaeV0evEk1iXzrQdCnvprntxX6q+GMOi
yKIU+xkfJhZ2B3U+duwzoFbZfYIS5iD85q/IpeCyD4UfWvX/eO9Lrc1Twl+IxFW0
Ddx1Don25NmfcGkZuZ30a7wjmusnLlmLo85vF6EiGsEFBkOp10/QFT8l3/EobOQW
LU1bRYO4o6gAZSRB6Vt0HULD0VV8xkDTt8qsW4St5AweH9VFaBODtESJrSZtyaFm
X4UGm3jBIc5IBWvEJeOi9TB982V9/SBrpOKMV0EEMBZK89FS4hxTyh0UFyca215Z
Hrl0
-----END CERTIFICATE-----
Generated at Sun Apr 28 05:48:53 2024 by rpki-client on console-ams.rpki-client.org