Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/80Y7xtFSDGWegp64kfLvuZw7G1s.roa
File: 80Y7xtFSDGWegp64kfLvuZw7G1s.roa (raw, json)
Hash identifier: VGWRq51PeDWISXoPdTXcmIYCESNl/LCDa4mB73a2C3U=
Subject key identifier: F3:46:3B:C6:D1:52:0C:65:9E:82:9E:B8:91:F2:EF:B9:9C:3B:1B:5B
Certificate issuer: /CN=84184ce919023640bb9256c2d8d1a049fa102520
Certificate serial: 018CC80112F24C9E8E10ABE6EE3DC4FB74E7
Authority key identifier: 84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/80Y7xtFSDGWegp64kfLvuZw7G1s.roa
Signing time: Tue 02 Jan 2024 02:29:22 +0000
ROA not before: Tue 02 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64489
IP address blocks: 185.11.68.0/22 maxlen: 22
2a0b:3000::/29 maxlen: 29
2a06:e080::/29 maxlen: 29
2a03:9080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 22:03:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:12:f2:4c:9e:8e:10:ab:e6:ee:3d:c4:fb:74:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84184ce919023640bb9256c2d8d1a049fa102520
Validity
Not Before: Jan 2 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3463bc6d1520c659e829eb891f2efb99c3b1b5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:78:79:b3:11:16:30:8d:1d:d7:df:79:a6:7a:
ae:f2:56:10:84:c3:fd:31:ee:3a:0d:24:7f:b7:40:
67:88:e9:67:1e:5b:90:25:cc:3d:98:8e:71:51:38:
ec:6d:8e:20:cf:13:75:b0:0a:81:9b:a0:d9:88:c8:
5a:5f:9a:3b:d7:79:9a:fc:4d:63:89:2f:c5:d5:6d:
8e:3a:c1:9b:03:ef:b1:38:d5:81:85:3b:4b:6f:aa:
25:21:5b:09:f2:50:f8:8e:77:de:3c:0d:ab:cb:a0:
5c:7f:cd:1d:ac:20:f6:a3:db:cd:d6:50:ec:f6:28:
d5:67:b6:19:39:8a:70:a3:dc:47:da:d2:db:81:a3:
5e:80:17:c1:46:73:25:ec:ac:6a:b2:25:81:34:c8:
7d:26:2c:d5:d6:17:ca:32:e9:c9:32:1b:46:9f:a6:
3b:fd:4d:04:0f:f6:15:61:d2:73:c5:3a:ea:0a:fe:
9a:ae:2d:a0:9d:37:5a:5b:a4:37:62:49:ba:bc:05:
4d:bb:36:41:52:95:fe:de:19:84:f2:f1:ad:7c:f9:
b7:2c:99:b7:be:94:fa:e7:be:5a:ee:1b:e8:a8:f2:
08:70:a4:3f:5f:b3:74:bc:e7:14:d5:6d:33:39:c9:
24:69:9e:07:fd:82:86:00:ab:3b:24:39:db:cf:fc:
4c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:46:3B:C6:D1:52:0C:65:9E:82:9E:B8:91:F2:EF:B9:9C:3B:1B:5B
X509v3 Authority Key Identifier:
keyid:84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/80Y7xtFSDGWegp64kfLvuZw7G1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.68.0/22
IPv6:
2a03:9080::/32
2a06:e080::/29
2a0b:3000::/29
Signature Algorithm: sha256WithRSAEncryption
14:97:2f:e4:8f:a0:0a:a6:3f:c6:25:8e:4d:9d:59:25:47:05:
cb:46:de:b3:52:55:1e:ff:92:07:68:83:cb:00:8a:ab:39:e0:
81:ac:8b:1d:b8:b2:e9:79:c2:19:44:68:1c:71:ec:72:a1:37:
ee:64:11:8f:2b:53:2b:cf:72:da:82:5d:4f:87:37:2b:48:8b:
08:b3:95:67:0b:f2:b0:75:02:63:6d:b6:96:99:cc:ab:c8:e4:
a5:51:a8:4c:9e:1b:e0:10:25:23:80:f1:0f:16:54:57:3d:dc:
c1:e0:4b:48:83:f8:59:83:2d:aa:31:ec:cd:e6:48:d8:92:52:
aa:d1:be:fa:a3:07:f2:dd:9e:63:b1:e0:75:8b:ea:c6:61:70:
ea:bf:66:6c:16:a5:ca:76:61:7a:bc:cf:fd:78:7f:58:d9:0d:
98:b6:c1:83:af:36:d7:63:f1:f3:26:90:c2:ec:67:b2:40:83:
15:e6:12:0c:05:20:63:7d:fb:23:7e:2c:6f:2e:53:33:b5:88:
70:c4:59:e3:0f:8b:4e:74:d3:88:e7:51:51:90:26:66:8c:a4:
0b:40:fb:8b:59:a4:9b:b4:48:2d:c5:63:4f:0e:2d:39:b4:df:
35:3b:02:b7:7b:50:ac:78:e7:4d:f0:f0:ab:d4:cc:2c:73:8a:
a6:58:ea:99
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzIARLyTJ6OEKvm7j3E+3TnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0MTg0Y2U5MTkwMjM2NDBiYjkyNTZjMmQ4ZDFhMDQ5ZmEx
MDI1MjAwHhcNMjQwMTAyMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzQ2M2JjNmQxNTIwYzY1OWU4MjllYjg5MWYyZWZiOTljM2IxYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3h5sxEWMI0d1995pnqu8lYQhMP9
Me46DSR/t0BniOlnHluQJcw9mI5xUTjsbY4gzxN1sAqBm6DZiMhaX5o713ma/E1j
iS/F1W2OOsGbA++xONWBhTtLb6olIVsJ8lD4jnfePA2ry6Bcf80drCD2o9vN1lDs
9ijVZ7YZOYpwo9xH2tLbgaNegBfBRnMl7KxqsiWBNMh9JizV1hfKMunJMhtGn6Y7
/U0ED/YVYdJzxTrqCv6ari2gnTdaW6Q3Ykm6vAVNuzZBUpX+3hmE8vGtfPm3LJm3
vpT6575a7hvoqPIIcKQ/X7N0vOcU1W0zOckkaZ4H/YKGAKs7JDnbz/xMSwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPNGO8bRUgxlnoKeuJHy77mcOxtbMB8GA1UdIwQY
MBaAFIQYTOkZAjZAu5JWwtjRoEn6ECUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEJoTTZSa0NOa0M3a2xiQzJOR2dTZm9RSlNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8yOTIyY2YtMTg2MS00MTlkLTllZWEt
MGE3OWQ1NDk2NWE5LzEvODBZN3h0RlNER1dlZ3A2NGtmTHZ1Wnc3RzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8yOTIyY2YtMTg2MS00MTlkLTllZWEtMGE3OWQ1NDk2NWE5
LzEvaEJoTTZSa0NOa0M3a2xiQzJOR2dTZm9RSlNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQCuQtEMBsE
AgACMBUDBQAqA5CAAwUDKgbggAMFAyoLMAAwDQYJKoZIhvcNAQELBQADggEBABSX
L+SPoAqmP8Yljk2dWSVHBctG3rNSVR7/kgdog8sAiqs54IGsix24sul5whlEaBxx
7HKhN+5kEY8rUyvPctqCXU+HNytIiwizlWcL8rB1AmNttpaZzKvI5KVRqEyeG+AQ
JSOA8Q8WVFc93MHgS0iD+FmDLaox7M3mSNiSUqrRvvqjB/LdnmOx4HWL6sZhcOq/
ZmwWpcp2YXq8z/14f1jZDZi2wYOvNtdj8fMmkMLsZ7JAgxXmEgwFIGN9+yN+LG8u
UzO1iHDEWeMPi05004jnUVGQJmaMpAtA+4tZpJu0SC3FY08OLTm03zU7Ard7UKx4
503w8KvUzCxziqZY6pk=
-----END CERTIFICATE-----
Generated at Mon Jul 1 01:57:01 2024 by rpki-client on console-fra.rpki-client.org