Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/cKvsVtbysPkFqXTULAtcr0gAFJ8.roa
File: cKvsVtbysPkFqXTULAtcr0gAFJ8.roa (raw, json)
Hash identifier: VF3uI847bhCzvw8ySFVKbv6DzJFxkCViZ+MhlEEnWTQ=
Subject key identifier: 70:AB:EC:56:D6:F2:B0:F9:05:A9:74:D4:2C:0B:5C:AF:48:00:14:9F
Certificate issuer: /CN=1c78b1836decab4ff5bdfa5e377a3df87f18fc0f
Certificate serial: 018CC49356D1EF690880D6195169000E89F7
Authority key identifier: 1C:78:B1:83:6D:EC:AB:4F:F5:BD:FA:5E:37:7A:3D:F8:7F:18:FC:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/cKvsVtbysPkFqXTULAtcr0gAFJ8.roa
Signing time: Mon 01 Jan 2024 10:30:39 +0000
ROA not before: Mon 01 Jan 2024 10:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43500
IP address blocks: 212.46.44.0/24 maxlen: 24
185.130.208.0/22 maxlen: 24
195.189.144.0/24 maxlen: 24
2a12:b40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HHixg23sq0_1vfpeN3o9-H8Y_A8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HHixg23sq0_1vfpeN3o9-H8Y_A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:56:d1:ef:69:08:80:d6:19:51:69:00:0e:89:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c78b1836decab4ff5bdfa5e377a3df87f18fc0f
Validity
Not Before: Jan 1 10:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70abec56d6f2b0f905a974d42c0b5caf4800149f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d3:79:61:7a:7e:21:14:4f:84:84:e7:52:5e:
b4:bb:5b:65:2d:14:89:5c:be:78:11:a2:7a:26:3a:
f3:bd:b6:db:0e:fa:23:4a:1f:11:80:27:7d:d3:bf:
c6:f2:42:c2:aa:9a:8e:61:7f:b0:dc:0e:59:9e:be:
c1:9a:b0:38:90:97:4b:bd:90:98:d4:7b:29:67:cd:
f3:09:50:75:21:bc:e8:09:63:27:a0:70:33:86:74:
e1:7e:ea:58:bc:d8:f4:8c:4e:2e:23:1c:52:c2:6a:
75:fb:3e:fa:3c:08:57:db:89:e9:92:b2:ed:b6:bb:
49:84:9b:de:65:de:b2:7c:2d:5c:ee:44:67:b0:23:
aa:56:4b:63:f4:f8:df:e2:b6:56:d2:17:5f:43:d1:
2f:f3:65:89:38:86:4d:94:3d:04:36:28:d0:e1:07:
8c:fd:43:40:85:e3:17:8f:1d:25:dd:47:4d:bf:a2:
38:0a:1c:3b:61:6d:67:96:4a:6c:9a:07:6a:73:7e:
fb:65:81:ee:68:97:b1:57:46:94:30:c4:b0:f2:b6:
1e:32:ae:a4:0a:c9:41:48:b0:8e:00:ec:fb:61:02:
80:8d:c6:98:0f:4f:2f:09:cb:d3:44:43:be:09:b0:
18:65:69:45:fd:b7:d0:5f:90:7b:68:16:c3:0f:9b:
66:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:AB:EC:56:D6:F2:B0:F9:05:A9:74:D4:2C:0B:5C:AF:48:00:14:9F
X509v3 Authority Key Identifier:
keyid:1C:78:B1:83:6D:EC:AB:4F:F5:BD:FA:5E:37:7A:3D:F8:7F:18:FC:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/cKvsVtbysPkFqXTULAtcr0gAFJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HHixg23sq0_1vfpeN3o9-H8Y_A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.208.0/22
195.189.144.0/24
212.46.44.0/24
IPv6:
2a12:b40::/29
Signature Algorithm: sha256WithRSAEncryption
28:cb:ee:b2:a7:f4:bc:d6:ef:61:3b:c6:53:0c:a2:3b:21:db:
32:38:6c:c5:4e:66:a2:a8:9d:0b:7b:47:21:b7:65:e9:02:0c:
45:3b:08:8d:dc:c5:a4:8e:98:ed:e1:43:f0:f2:94:18:7b:92:
41:f4:8f:f6:c2:81:fb:6f:fc:e6:28:d6:e2:f5:5c:de:83:ff:
90:09:84:5c:6e:a2:ac:ec:60:1f:24:a5:35:e1:fa:d2:8f:97:
44:bf:51:ca:62:09:68:8f:c4:cc:a2:bc:9f:e5:41:c6:ab:fd:
a6:63:b8:9e:4c:12:d9:a4:f3:11:cd:49:cc:2c:c7:c5:b8:0d:
86:91:a9:49:86:d0:a1:60:be:a0:89:2a:90:34:e3:9a:66:25:
ff:8d:7e:97:40:76:65:eb:1d:99:bc:1b:c5:fc:7e:11:52:cc:
b2:56:28:d2:10:e9:94:d2:33:fd:dc:a7:93:4e:21:ef:f5:16:
eb:20:27:40:60:f7:e1:f8:f0:7e:ef:a7:c3:36:1e:f0:89:f6:
f0:8b:9d:62:09:c6:69:6b:f7:38:f9:6a:b4:13:7f:c9:f3:d7:
e0:04:db:2e:de:02:11:3b:d1:a9:28:63:d3:4b:18:48:5b:1f:
c8:2d:69:46:40:b7:64:d3:87:00:3f:b7:47:44:ef:51:11:bb:
0d:45:b8:4c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEk1bR72kIgNYZUWkADon3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzhiMTgzNmRlY2FiNGZmNWJkZmE1ZTM3N2EzZGY4N2Yx
OGZjMGYwHhcNMjQwMTAxMTAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGFiZWM1NmQ2ZjJiMGY5MDVhOTc0ZDQyYzBiNWNhZjQ4MDAxNDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9N5YXp+IRRPhITnUl60u1tlLRSJ
XL54EaJ6JjrzvbbbDvojSh8RgCd907/G8kLCqpqOYX+w3A5Znr7BmrA4kJdLvZCY
1HspZ83zCVB1IbzoCWMnoHAzhnThfupYvNj0jE4uIxxSwmp1+z76PAhX24npkrLt
trtJhJveZd6yfC1c7kRnsCOqVktj9Pjf4rZW0hdfQ9Ev82WJOIZNlD0ENijQ4QeM
/UNAheMXjx0l3UdNv6I4Chw7YW1nlkpsmgdqc377ZYHuaJexV0aUMMSw8rYeMq6k
CslBSLCOAOz7YQKAjcaYD08vCcvTREO+CbAYZWlF/bfQX5B7aBbDD5tmjQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHCr7FbW8rD5Bal01CwLXK9IABSfMB8GA1UdIwQY
MBaAFBx4sYNt7KtP9b36Xjd6Pfh/GPwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhpeGcyM3NxMF8xdmZwZU4zbzktSDhZX0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9jNjE1MmQtMWM5MC00MGNjLWEyMDYt
ZWMzY2IzNmQxMDI2LzEvY0t2c1Z0YnlzUGtGcVhUVUxBdGNyMGdBRko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9jNjE1MmQtMWM5MC00MGNjLWEyMDYtZWMzY2IzNmQxMDI2
LzEvSEhpeGcyM3NxMF8xdmZwZU4zbzktSDhZX0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuYLQAwQA
w72QAwQA1C4sMA0EAgACMAcDBQMqEgtAMA0GCSqGSIb3DQEBCwUAA4IBAQAoy+6y
p/S81u9hO8ZTDKI7IdsyOGzFTmaiqJ0Le0cht2XpAgxFOwiN3MWkjpjt4UPw8pQY
e5JB9I/2woH7b/zmKNbi9Vzeg/+QCYRcbqKs7GAfJKU14frSj5dEv1HKYgloj8TM
oryf5UHGq/2mY7ieTBLZpPMRzUnMLMfFuA2GkalJhtChYL6giSqQNOOaZiX/jX6X
QHZl6x2ZvBvF/H4RUsyyVijSEOmU0jP93KeTTiHv9RbrICdAYPfh+PB+76fDNh7w
ifbwi51iCcZpa/c4+Wq0E3/J89fgBNsu3gIRO9GpKGPTSxhIWx/ILWlGQLdk04cA
P7dHRO9REbsNRbhM
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:45:44 2024 by rpki-client on console-ams.rpki-client.org