Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/1-J6se5zowrtWItRwtV6xQe6lk2k.roa
File: 1-J6se5zowrtWItRwtV6xQe6lk2k.roa (raw, json)
Hash identifier: XYSY+1SG7aQ0lPBdAc5JVqSBHnpVnHDR9CE5wloK8jA=
Subject key identifier: F8:9E:AC:7B:9C:E8:C2:BB:56:22:D4:70:B5:5E:B1:41:EE:A5:93:69
Certificate issuer: /CN=dbc950098436281cee542a1e74546551e1e55283
Certificate serial: 018CC6B9431F97B6F58142FC0C40E6006C39
Authority key identifier: DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/1-J6se5zowrtWItRwtV6xQe6lk2k.roa
Signing time: Mon 01 Jan 2024 20:31:19 +0000
ROA not before: Mon 01 Jan 2024 20:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8315
IP address blocks: 185.116.72.0/22 maxlen: 24
2a0d:5040::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 22:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:43:1f:97:b6:f5:81:42:fc:0c:40:e6:00:6c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc950098436281cee542a1e74546551e1e55283
Validity
Not Before: Jan 1 20:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f89eac7b9ce8c2bb5622d470b55eb141eea59369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ab:55:08:98:1c:75:b8:35:d3:62:13:c5:d1:
34:a6:66:db:9d:3b:b5:b7:02:ab:8c:1a:59:28:f0:
88:fe:54:1e:09:bc:2b:66:c1:be:e8:45:a7:da:b5:
4e:8d:b6:6b:44:ec:d8:d5:b1:b7:92:45:74:19:97:
07:ee:80:c6:a9:f8:84:97:90:83:39:85:60:29:8b:
08:19:49:00:06:e4:58:d0:f9:9b:cb:fb:a3:b0:68:
e9:3e:32:a6:5c:06:c1:2c:16:5d:62:a3:b3:c5:5b:
df:fa:16:3d:1c:a3:0d:83:2c:42:5d:91:fe:6c:64:
89:63:0f:5a:73:76:00:83:77:e2:5e:79:38:0c:97:
65:2e:dc:ea:06:d9:42:bb:b4:91:b3:b4:aa:ed:9b:
21:0e:00:8b:35:4b:6b:9c:32:20:a3:53:3d:03:81:
55:80:d5:65:92:64:f6:2d:c7:b1:49:40:5d:16:29:
ec:35:3c:28:de:87:37:45:cf:c1:8c:66:52:ca:12:
0c:17:ec:77:e8:4f:1b:35:78:a3:e5:72:6a:e9:f5:
da:ac:f5:8f:4c:78:06:7d:b8:76:a2:be:42:ca:68:
54:be:71:51:3c:29:5b:a1:7a:5c:43:aa:dc:71:07:
4a:52:4c:55:ee:42:de:44:c9:e2:82:bf:e8:30:e8:
95:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:9E:AC:7B:9C:E8:C2:BB:56:22:D4:70:B5:5E:B1:41:EE:A5:93:69
X509v3 Authority Key Identifier:
keyid:DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/1-J6se5zowrtWItRwtV6xQe6lk2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.72.0/22
IPv6:
2a0d:5040::/29
Signature Algorithm: sha256WithRSAEncryption
41:ee:a4:97:84:da:ba:46:3f:9e:43:e2:7f:6c:4b:71:7d:db:
cc:4c:3a:d1:ce:a3:88:4a:21:5b:16:6b:c0:59:a4:d2:be:eb:
f0:8c:12:d7:ba:48:f8:e7:fa:e9:cd:0a:28:54:96:9c:ab:c0:
7c:6e:aa:d9:95:d7:03:53:7d:ae:a5:bc:9d:f1:70:49:e7:c1:
b5:cb:1c:43:72:9a:b0:65:b4:67:cf:ca:ef:ad:ef:59:7d:49:
13:19:5d:3e:a5:c3:ec:50:78:80:12:c8:6f:f0:69:74:f3:c0:
d4:01:b2:c0:ad:76:f7:8f:81:b3:94:b7:7d:77:21:3a:9f:33:
e1:3e:e0:28:2e:64:85:20:bb:ba:33:73:34:36:82:a9:27:37:
96:ca:09:78:69:ef:06:e0:d6:52:4a:c0:bd:15:1f:8c:ac:a1:
8c:d2:0a:10:eb:f8:2b:51:a6:58:11:d5:e2:5e:ba:77:bf:d0:
6f:48:66:59:aa:6b:da:20:1b:5d:ae:51:89:c3:4a:57:7d:25:
58:e9:df:e7:b3:07:e8:03:91:5a:20:ae:d7:9d:32:e2:a5:3c:
73:bb:2e:d7:5f:d6:31:e1:99:f6:45:c9:15:25:7b:cf:dd:9e:
da:53:a3:37:eb:f6:8a:42:10:de:1a:26:ac:a2:f1:3b:69:63:
b4:30:bd:0c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzGuUMfl7b1gUL8DEDmAGw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzk1MDA5ODQzNjI4MWNlZTU0MmExZTc0NTQ2NTUxZTFl
NTUyODMwHhcNMjQwMTAxMjAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODllYWM3YjljZThjMmJiNTYyMmQ0NzBiNTVlYjE0MWVlYTU5MzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgatVCJgcdbg102ITxdE0pmbbnTu1
twKrjBpZKPCI/lQeCbwrZsG+6EWn2rVOjbZrROzY1bG3kkV0GZcH7oDGqfiEl5CD
OYVgKYsIGUkABuRY0Pmby/ujsGjpPjKmXAbBLBZdYqOzxVvf+hY9HKMNgyxCXZH+
bGSJYw9ac3YAg3fiXnk4DJdlLtzqBtlCu7SRs7Sq7ZshDgCLNUtrnDIgo1M9A4FV
gNVlkmT2LcexSUBdFinsNTwo3oc3Rc/BjGZSyhIMF+x36E8bNXij5XJq6fXarPWP
THgGfbh2or5CymhUvnFRPClboXpcQ6rccQdKUkxV7kLeRMnigr/oMOiVAQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPierHuc6MK7ViLUcLVesUHupZNpMB8GA1UdIwQY
MBaAFNvJUAmENigc7lQqHnRUZVHh5VKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDkt
ZjQ3ZTE2OTI2NmMyLzEvMS1KNnNlNXpvd3J0V0l0Und0VjZ4UWU2bGsyay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDIvNWFhNDQ4LTY0M2YtNGFlZS05MGQ5LWY0N2UxNjkyNjZj
Mi8xLzI4bFFDWVEyS0J6dVZDb2VkRlJsVWVIbFVvTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArl0SDAN
BAIAAjAHAwUDKg1QQDANBgkqhkiG9w0BAQsFAAOCAQEAQe6kl4TaukY/nkPif2xL
cX3bzEw60c6jiEohWxZrwFmk0r7r8IwS17pI+Of66c0KKFSWnKvAfG6q2ZXXA1N9
rqW8nfFwSefBtcscQ3KasGW0Z8/K763vWX1JExldPqXD7FB4gBLIb/BpdPPA1AGy
wK1294+Bs5S3fXchOp8z4T7gKC5khSC7ujNzNDaCqSc3lsoJeGnvBuDWUkrAvRUf
jKyhjNIKEOv4K1GmWBHV4l66d7/Qb0hmWapr2iAbXa5RicNKV30lWOnf57MH6AOR
WiCu150y4qU8c7su11/WMeGZ9kXJFSV7z92e2lOjN+v2ikIQ3homrKLxO2ljtDC9
DA==
-----END CERTIFICATE-----
Generated at Tue Jun 25 03:15:33 2024 by rpki-client on console-fra.rpki-client.org