Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_vPcGF9T6cN0b_1qPEm5ZZ61XqA.roa
File: _vPcGF9T6cN0b_1qPEm5ZZ61XqA.roa (raw, json)
Hash identifier: jG/4XuT2zcmul4n84j8D+bl9YM9mHHIHXuM0u4rHBno=
Subject key identifier: FE:F3:DC:18:5F:53:E9:C3:74:6F:FD:6A:3C:49:B9:65:9E:B5:5E:A0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EB40A8E0EE30CCDA3405C4CED2313989D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_vPcGF9T6cN0b_1qPEm5ZZ61XqA.roa
Signing time: Sat 06 Apr 2024 15:32:54 +0000
ROA not before: Sat 06 Apr 2024 15:32:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203363
IP address blocks: 185.252.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b4:0a:8e:0e:e3:0c:cd:a3:40:5c:4c:ed:23:13:98:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 6 15:32:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fef3dc185f53e9c3746ffd6a3c49b9659eb55ea0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d5:ea:23:df:53:25:c8:39:07:de:26:51:13:
c5:75:49:8c:7e:6b:7a:77:c3:ad:0a:05:84:5d:ca:
f7:a2:c8:3e:dc:9c:41:7f:37:3d:f9:28:4b:81:95:
26:ca:5b:a9:e8:0e:c0:9b:e4:97:15:02:09:44:d9:
53:a4:40:7a:69:8b:db:dd:8c:db:f3:28:35:01:ae:
81:e7:27:ae:ad:3f:e8:5c:7f:25:d2:62:78:7c:f5:
ab:08:a3:e0:ff:99:56:28:e5:95:e8:a2:2d:7f:09:
4f:9f:08:24:0c:db:4f:e9:54:35:ae:8b:29:f5:0d:
15:ea:f0:3f:6c:c7:2c:36:f5:a7:17:77:83:88:27:
a3:81:d4:ee:53:bc:f1:dc:ea:3d:c5:dd:c0:f8:77:
9e:c8:b6:d4:bc:4a:82:ae:a7:53:d4:c6:d7:48:9e:
b2:a3:75:d0:54:83:f8:a5:5a:32:4f:59:38:18:6d:
5a:ae:bc:81:bb:77:ba:95:2c:91:1c:dc:25:39:3e:
c4:c5:23:9c:97:c2:98:5f:b0:08:ec:02:78:d9:23:
fd:5d:d5:04:5a:d5:9b:73:28:97:ad:74:50:a3:68:
69:20:80:d0:3f:a2:6e:ea:ed:7f:ec:0d:b9:3c:6c:
a8:2c:6d:83:f0:9e:10:ed:e4:f1:fa:44:f0:48:85:
e0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F3:DC:18:5F:53:E9:C3:74:6F:FD:6A:3C:49:B9:65:9E:B5:5E:A0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_vPcGF9T6cN0b_1qPEm5ZZ61XqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.163.0/24
Signature Algorithm: sha256WithRSAEncryption
09:5c:02:c4:89:1e:5a:5c:b5:9d:ce:e8:8f:e1:ef:5c:fd:fa:
8c:b3:68:16:5b:50:96:2d:d7:6d:d8:31:e0:81:2b:c4:4a:2f:
14:cc:4d:11:c5:79:a4:7f:73:82:dd:ff:95:ec:79:74:ab:7a:
77:9b:58:d5:01:15:3f:9b:5d:83:70:ce:15:36:71:dc:a8:9a:
6f:ed:0e:80:69:52:34:c1:19:17:b1:7f:08:03:a1:f7:52:af:
dc:0f:42:9c:05:9d:75:87:f4:42:89:c1:35:22:03:76:ee:cd:
d8:e1:da:04:6c:c5:00:5e:41:70:41:cd:26:10:a2:5b:a3:2b:
42:4d:bb:8c:db:00:d2:f4:22:cb:25:45:a9:de:f6:ed:08:07:
37:14:83:16:ea:7a:62:7e:a9:c9:da:c3:5c:bd:1f:99:fc:25:
9a:e3:07:f4:b7:70:d1:22:ae:c5:0d:a6:41:86:14:fc:13:39:
48:7d:b4:1f:46:19:9b:3a:a9:8d:d2:05:f0:97:8b:c4:ef:48:
69:9f:f9:60:2e:f3:36:81:88:50:50:87:76:78:cd:a0:cc:09:
d5:a1:cb:b4:1f:ce:e4:eb:21:08:74:e9:89:41:11:9a:0e:d3:
83:34:d6:33:97:d4:b1:72:b0:b6:88:91:15:f9:32:44:2f:f5:
1f:ec:21:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY60Co4O4wzNo0BcTO0jE5idMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDA2MTUzMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWYzZGMxODVmNTNlOWMzNzQ2ZmZkNmEzYzQ5Yjk2NTllYjU1ZWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dXqI99TJcg5B94mURPFdUmMfmt6
d8OtCgWEXcr3osg+3JxBfzc9+ShLgZUmylup6A7Am+SXFQIJRNlTpEB6aYvb3Yzb
8yg1Aa6B5yeurT/oXH8l0mJ4fPWrCKPg/5lWKOWV6KItfwlPnwgkDNtP6VQ1rosp
9Q0V6vA/bMcsNvWnF3eDiCejgdTuU7zx3Oo9xd3A+HeeyLbUvEqCrqdT1MbXSJ6y
o3XQVIP4pVoyT1k4GG1arryBu3e6lSyRHNwlOT7ExSOcl8KYX7AI7AJ42SP9XdUE
WtWbcyiXrXRQo2hpIIDQP6Ju6u1/7A25PGyoLG2D8J4Q7eTx+kTwSIXg4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP7z3BhfU+nDdG/9ajxJuWWetV6gMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX3ZQY0dGOVQ2Y04wYl8xcVBFbTVaWjYxWHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufyjMA0G
CSqGSIb3DQEBCwUAA4IBAQAJXALEiR5aXLWdzuiP4e9c/fqMs2gWW1CWLddt2DHg
gSvESi8UzE0RxXmkf3OC3f+V7Hl0q3p3m1jVARU/m12DcM4VNnHcqJpv7Q6AaVI0
wRkXsX8IA6H3Uq/cD0KcBZ11h/RCicE1IgN27s3Y4doEbMUAXkFwQc0mEKJboytC
TbuM2wDS9CLLJUWp3vbtCAc3FIMW6npifqnJ2sNcvR+Z/CWa4wf0t3DRIq7FDaZB
hhT8EzlIfbQfRhmbOqmN0gXwl4vE70hpn/lgLvM2gYhQUId2eM2gzAnVocu0H87k
6yEIdOmJQRGaDtODNNYzl9SxcrC2iJEV+TJEL/Uf7CH4
-----END CERTIFICATE-----
Generated at Mon May 20 12:19:55 2024 by rpki-client on console-ams.rpki-client.org