Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BuEJ9Khbe3u7H3gpc7HKo7HKPlY.roa
File: BuEJ9Khbe3u7H3gpc7HKo7HKPlY.roa (raw, json)
Hash identifier: 7ZA3BH1JFQ+10Wd+5F/dshCnFz56S5r2w+DXRzO2Cig=
Subject key identifier: 06:E1:09:F4:A8:5B:7B:7B:BB:1F:78:29:73:B1:CA:A3:B1:CA:3E:56
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E1E13DAF6FEA7ECB6FDB40B5B103B7A89
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BuEJ9Khbe3u7H3gpc7HKo7HKPlY.roa
Signing time: Fri 08 Mar 2024 12:40:01 +0000
ROA not before: Fri 08 Mar 2024 12:40:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199239
IP address blocks: 185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1e:13:da:f6:fe:a7:ec:b6:fd:b4:0b:5b:10:3b:7a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 8 12:40:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06e109f4a85b7b7bbb1f782973b1caa3b1ca3e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:72:39:36:ae:71:bf:00:02:f7:67:fd:15:99:
fd:bd:59:2b:c6:2e:40:58:0f:1d:ce:2a:b2:ae:15:
49:08:b3:84:53:b4:9a:84:33:d9:cf:d8:93:54:89:
25:f0:cb:13:56:bd:8f:4b:23:65:11:26:5b:3c:3c:
19:d5:d1:f0:9b:33:26:87:48:96:67:49:d4:41:9c:
36:a7:2a:37:99:a7:a7:ff:da:c7:1c:68:69:ce:18:
85:98:eb:2a:8c:73:b3:8f:70:79:38:2e:54:66:84:
b9:dc:01:05:b7:7e:f0:46:5e:28:ff:72:07:70:6c:
61:cf:34:06:ab:ce:66:b1:52:e1:21:01:24:d3:de:
17:56:71:eb:4c:ba:7d:b6:b0:72:ed:21:05:76:93:
e4:17:3e:19:97:33:f4:69:0d:81:5d:8b:89:ea:32:
ac:7f:ed:04:06:1a:20:78:ff:a0:1e:58:43:90:44:
84:01:e0:b2:4f:9f:81:05:25:20:7f:c1:b1:6b:45:
19:1f:d2:8d:98:6a:78:77:d2:9d:09:f3:32:66:aa:
4f:bd:04:53:25:35:d8:41:d2:a8:df:3d:d0:ba:80:
7c:58:7e:01:58:e9:1d:0a:d0:62:06:7a:47:b8:43:
46:c9:83:05:ad:89:7a:45:2d:b9:f8:41:d5:2c:16:
0d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E1:09:F4:A8:5B:7B:7B:BB:1F:78:29:73:B1:CA:A3:B1:CA:3E:56
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BuEJ9Khbe3u7H3gpc7HKo7HKPlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.173.0/24
185.226.175.0/24
Signature Algorithm: sha256WithRSAEncryption
45:3c:c4:50:c1:7c:7c:02:3a:08:ed:5d:b7:51:94:37:dd:0b:
14:37:55:83:f6:5b:48:a5:ad:ef:57:45:c8:10:c3:8c:ac:50:
ed:82:f3:94:2d:c0:e0:5f:56:68:86:d2:1d:e5:5d:86:79:80:
a6:37:9b:50:13:95:62:ee:76:3a:14:0c:52:b0:88:8f:f8:2d:
b2:b7:31:0f:e2:a3:a3:9b:32:d6:aa:06:da:72:b2:be:0a:bb:
96:bb:05:8f:76:7e:bd:7e:39:17:1a:42:1c:80:15:7c:98:2a:
5a:ec:8b:5c:d0:ad:83:ae:6a:56:be:50:f7:1c:92:d8:f8:b4:
f4:7d:aa:f2:80:8d:dc:9a:e4:28:8a:11:fb:73:5c:8e:e7:e5:
5a:07:c5:ea:da:bf:b5:73:37:ed:15:cc:aa:45:87:f1:9a:c2:
b9:c0:8e:f2:07:19:3e:6d:60:a0:55:33:ed:67:9a:3b:93:f5:
80:32:b7:fe:e0:9b:f6:f7:de:6c:e6:f3:71:a0:2c:b5:b7:6b:
b8:b1:1b:84:dc:05:a0:33:b4:76:a4:cc:ea:96:61:d0:15:02:
5a:b9:d0:a1:2d:56:71:e5:a7:d4:52:c7:92:ef:b1:aa:fd:e8:
d3:67:5c:62:55:68:17:84:c2:f7:69:d7:25:e7:08:3f:d2:5c:
f2:ff:50:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4eE9r2/qfstv20C1sQO3qJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzA4MTI0MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmUxMDlmNGE4NWI3YjdiYmIxZjc4Mjk3M2IxY2FhM2IxY2EzZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXI5Nq5xvwAC92f9FZn9vVkrxi5A
WA8dziqyrhVJCLOEU7SahDPZz9iTVIkl8MsTVr2PSyNlESZbPDwZ1dHwmzMmh0iW
Z0nUQZw2pyo3maen/9rHHGhpzhiFmOsqjHOzj3B5OC5UZoS53AEFt37wRl4o/3IH
cGxhzzQGq85msVLhIQEk094XVnHrTLp9trBy7SEFdpPkFz4ZlzP0aQ2BXYuJ6jKs
f+0EBhogeP+gHlhDkESEAeCyT5+BBSUgf8Gxa0UZH9KNmGp4d9KdCfMyZqpPvQRT
JTXYQdKo3z3QuoB8WH4BWOkdCtBiBnpHuENGyYMFrYl6RS25+EHVLBYNKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAbhCfSoW3t7ux94KXOxyqOxyj5WMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQnVFSjlLaGJlM3U3SDNncGM3SEtvN0hLUGxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueKtAwQA
ueKvMA0GCSqGSIb3DQEBCwUAA4IBAQBFPMRQwXx8AjoI7V23UZQ33QsUN1WD9ltI
pa3vV0XIEMOMrFDtgvOULcDgX1ZohtId5V2GeYCmN5tQE5Vi7nY6FAxSsIiP+C2y
tzEP4qOjmzLWqgbacrK+CruWuwWPdn69fjkXGkIcgBV8mCpa7Itc0K2DrmpWvlD3
HJLY+LT0farygI3cmuQoihH7c1yO5+VaB8Xq2r+1czftFcyqRYfxmsK5wI7yBxk+
bWCgVTPtZ5o7k/WAMrf+4Jv2995s5vNxoCy1t2u4sRuE3AWgM7R2pMzqlmHQFQJa
udChLVZx5afUUseS77Gq/ejTZ1xiVWgXhML3adcl5wg/0lzy/1Dr
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:58:05 2024 by rpki-client on console-ams.rpki-client.org