Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/g9CPxbprGsI6kpi0B1EkUhba9Xo.roa
File: g9CPxbprGsI6kpi0B1EkUhba9Xo.roa (raw, json)
Hash identifier: RsS2uE+Pn46uhT7E+ZN0Ig21/HZvM8nCfD2n8Kncm2k=
Subject key identifier: 83:D0:8F:C5:BA:6B:1A:C2:3A:92:98:B4:07:51:24:52:16:DA:F5:7A
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 018CC7933CC9179A9470268794173A7B302D
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/g9CPxbprGsI6kpi0B1EkUhba9Xo.roa
Signing time: Tue 02 Jan 2024 00:29:24 +0000
ROA not before: Tue 02 Jan 2024 00:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201500
IP address blocks: 185.137.69.0/24 maxlen: 24
185.174.213.0/24 maxlen: 24
185.174.214.0/24 maxlen: 24
185.174.214.0/23 maxlen: 23
185.174.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3c:c9:17:9a:94:70:26:87:94:17:3a:7b:30:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 2 00:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83d08fc5ba6b1ac23a9298b40751245216daf57a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:36:41:8f:09:7f:3b:57:dc:b5:0e:6a:c4:6b:
96:10:95:22:c4:f3:8c:ac:4b:21:07:48:99:f0:7b:
8f:d9:25:a6:ad:b3:a7:7c:49:c0:89:89:91:72:7e:
6b:87:92:60:af:d3:4f:2c:0c:37:0f:74:fb:d9:10:
6b:2a:a8:7b:16:d5:91:b1:1a:1f:20:cb:06:4f:0c:
b3:85:62:cd:08:c1:15:11:cb:1d:62:33:46:a6:ef:
de:9e:0a:9a:eb:67:00:07:c5:4d:2a:d5:d5:6f:e6:
53:9a:af:39:10:f5:f2:bc:5f:1b:07:05:6c:1a:0f:
64:a2:3a:7d:ae:ce:54:a2:a1:32:17:d3:07:f9:59:
ae:e1:ce:5e:70:22:63:d3:ec:e3:30:91:b1:3b:f0:
4f:45:4b:86:80:dd:cf:ec:cb:bd:ea:c3:c6:ac:9f:
14:2b:54:ca:b2:dc:43:c8:4d:eb:15:06:7d:d5:08:
30:ee:3b:52:3a:f3:2c:c5:14:05:12:61:70:ab:91:
74:4f:21:fc:83:6a:b6:0c:c6:19:e8:72:fc:4b:2a:
42:28:da:09:5c:b3:6d:7b:9e:0c:f5:18:27:13:48:
dd:7c:d0:f6:4d:91:c1:25:90:a7:c5:93:d9:71:e9:
fe:0c:e2:61:f1:ca:4b:98:a9:7b:ff:11:55:be:4e:
8c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D0:8F:C5:BA:6B:1A:C2:3A:92:98:B4:07:51:24:52:16:DA:F5:7A
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/g9CPxbprGsI6kpi0B1EkUhba9Xo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.69.0/24
185.174.213.0-185.174.215.255
Signature Algorithm: sha256WithRSAEncryption
49:bf:80:40:ae:ff:65:33:74:ed:e5:e9:14:0a:47:3f:9f:44:
69:18:02:65:0d:ad:e1:a0:64:cc:8a:35:39:7a:7f:90:a7:6d:
b6:cc:b0:a9:22:6e:fb:dd:22:80:23:e8:be:b7:33:85:c2:8a:
50:77:83:3d:44:5e:76:24:dc:90:bb:c8:71:97:bc:e2:11:a3:
87:9b:36:d1:7c:02:ff:3a:d4:f7:d4:f0:92:50:ef:bb:36:1f:
f9:60:c8:54:c7:4b:6d:5d:9f:6c:76:6a:4e:df:8c:f0:14:a8:
cd:aa:0f:0a:07:1d:3d:a0:28:70:80:c1:0e:55:0a:45:f5:07:
5b:c8:2b:44:21:98:c4:07:9e:cb:67:f8:ab:9d:86:44:99:7c:
5f:8e:68:03:74:06:4f:9f:d9:e7:57:71:b5:d2:09:32:e4:31:
b1:29:2d:9d:d4:e9:d8:58:3b:d4:85:b9:fe:cd:d3:c4:96:64:
c6:ed:0e:2e:77:88:b6:77:aa:97:68:cf:a1:4d:64:8a:5b:48:
da:6e:32:c1:f9:fa:e7:8e:fa:d6:94:8f:20:95:91:6c:95:8e:
04:dc:9f:c4:ad:5f:b2:4a:98:99:a9:84:fd:85:ad:65:90:5b:
79:8f:67:cf:b0:3e:1d:1b:7c:1b:5e:7c:55:20:61:35:0f:87:
1a:b6:00:34
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHkzzJF5qUcCaHlBc6ezAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjQwMTAyMDAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2QwOGZjNWJhNmIxYWMyM2E5Mjk4YjQwNzUxMjQ1MjE2ZGFmNTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTZBjwl/O1fctQ5qxGuWEJUixPOM
rEshB0iZ8HuP2SWmrbOnfEnAiYmRcn5rh5Jgr9NPLAw3D3T72RBrKqh7FtWRsRof
IMsGTwyzhWLNCMEVEcsdYjNGpu/engqa62cAB8VNKtXVb+ZTmq85EPXyvF8bBwVs
Gg9kojp9rs5UoqEyF9MH+Vmu4c5ecCJj0+zjMJGxO/BPRUuGgN3P7Mu96sPGrJ8U
K1TKstxDyE3rFQZ91Qgw7jtSOvMsxRQFEmFwq5F0TyH8g2q2DMYZ6HL8SypCKNoJ
XLNte54M9RgnE0jdfND2TZHBJZCnxZPZcen+DOJh8cpLmKl7/xFVvk6M4QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIPQj8W6axrCOpKYtAdRJFIW2vV6MB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvZzlDUHhicHJHc0k2a3BpMEIxRWtVaGJhOVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAuYlFMAwD
BAC5rtUDBAO5rtAwDQYJKoZIhvcNAQELBQADggEBAEm/gECu/2UzdO3l6RQKRz+f
RGkYAmUNreGgZMyKNTl6f5CnbbbMsKkibvvdIoAj6L63M4XCilB3gz1EXnYk3JC7
yHGXvOIRo4ebNtF8Av861PfU8JJQ77s2H/lgyFTHS21dn2x2ak7fjPAUqM2qDwoH
HT2gKHCAwQ5VCkX1B1vIK0QhmMQHnstn+KudhkSZfF+OaAN0Bk+f2edXcbXSCTLk
MbEpLZ3U6dhYO9SFuf7N08SWZMbtDi53iLZ3qpdoz6FNZIpbSNpuMsH5+ueO+taU
jyCVkWyVjgTcn8StX7JKmJmphP2FrWWQW3mPZ8+wPh0bfBtefFUgYTUPhxq2ADQ=
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:21:52 2024 by rpki-client on console-fra.rpki-client.org