Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/1XsxMMavXz4EynBf7K8KojYHxY4.roa
File: 1XsxMMavXz4EynBf7K8KojYHxY4.roa (raw, json)
Hash identifier: n3j0AYSYJyz1T1/zM2FXPpTspN2VsC+17hm+rsWglNs=
Subject key identifier: D5:7B:31:30:C6:AF:5F:3E:04:CA:70:5F:EC:AF:0A:A2:36:07:C5:8E
Certificate issuer: /CN=b1ffee7dbf7f4566ea9e30546b2c2a2e7336f2f4
Certificate serial: 018CCA9A02EC4D210AF2978D4500B0E4D5E2
Authority key identifier: B1:FF:EE:7D:BF:7F:45:66:EA:9E:30:54:6B:2C:2A:2E:73:36:F2:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sf_ufb9_RWbqnjBUaywqLnM28vQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/1XsxMMavXz4EynBf7K8KojYHxY4.roa
Signing time: Tue 02 Jan 2024 14:35:40 +0000
ROA not before: Tue 02 Jan 2024 14:35:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.144.16.0/22 maxlen: 24
2a04:2f81::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/sf_ufb9_RWbqnjBUaywqLnM28vQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/sf_ufb9_RWbqnjBUaywqLnM28vQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sf_ufb9_RWbqnjBUaywqLnM28vQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:02:ec:4d:21:0a:f2:97:8d:45:00:b0:e4:d5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1ffee7dbf7f4566ea9e30546b2c2a2e7336f2f4
Validity
Not Before: Jan 2 14:35:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d57b3130c6af5f3e04ca705fecaf0aa23607c58e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6d:23:df:11:18:f0:69:73:71:7e:e0:b1:9c:
44:6c:b5:3d:31:fd:91:79:4d:f9:1c:a7:8e:20:b9:
1e:32:30:3c:15:f4:23:af:26:61:7b:82:bd:1a:99:
03:31:25:b4:c6:42:6c:5d:aa:19:df:ff:f0:02:65:
7c:5c:79:9d:0a:f6:33:24:fb:43:35:5c:6b:8f:1d:
4d:b0:97:2a:13:3f:12:87:e5:ed:93:a9:d2:37:0f:
8b:bc:83:54:bf:ef:99:3f:90:16:44:fa:dd:42:cb:
ab:7f:6a:de:13:c6:67:99:a0:b0:63:1a:60:fe:64:
82:9e:64:f9:68:b3:a2:c4:67:57:46:6d:7f:b3:08:
6c:0a:d2:2f:8c:c5:03:61:e8:0c:8d:2b:87:06:35:
25:3d:6f:70:c7:41:d5:1f:96:ef:62:0f:bc:5d:aa:
2b:07:78:06:be:03:f8:63:c3:e4:99:3b:d8:a8:fd:
bd:44:45:82:b2:f3:03:02:f5:fd:6d:2b:09:90:fe:
7b:9c:28:e8:9d:2c:1f:de:2f:5f:6f:9e:18:af:a0:
05:aa:59:c0:7d:db:cc:0d:db:a4:b6:95:44:94:8b:
20:5a:7e:86:db:3f:47:de:6c:7e:eb:5e:6f:8c:d4:
7e:8a:4a:54:14:53:9c:68:89:d0:13:2c:31:94:ce:
7e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7B:31:30:C6:AF:5F:3E:04:CA:70:5F:EC:AF:0A:A2:36:07:C5:8E
X509v3 Authority Key Identifier:
keyid:B1:FF:EE:7D:BF:7F:45:66:EA:9E:30:54:6B:2C:2A:2E:73:36:F2:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sf_ufb9_RWbqnjBUaywqLnM28vQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/1XsxMMavXz4EynBf7K8KojYHxY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fcbb2-c3c0-4b1e-8ad5-7f5f78346d6f/1/sf_ufb9_RWbqnjBUaywqLnM28vQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.16.0/22
IPv6:
2a04:2f81::/42
Signature Algorithm: sha256WithRSAEncryption
83:5d:2b:33:2e:12:74:72:87:65:8c:d3:f1:38:a6:00:8d:b4:
b0:d8:bb:c9:89:96:cc:01:79:f3:c3:d2:46:25:c3:93:de:c1:
e1:80:61:06:6b:dc:b5:dc:26:5b:66:a9:be:bb:f0:a4:37:93:
91:6e:92:8d:9c:55:bf:1e:63:a7:89:ea:71:af:82:51:71:f5:
e7:8c:97:55:20:4d:32:a0:69:52:7c:39:ff:a0:06:02:d1:dd:
b0:62:f1:93:2e:0d:21:09:06:ff:7e:a2:52:39:d9:92:15:56:
42:bb:d4:72:b5:4b:28:78:72:50:15:8d:9f:39:91:3c:43:25:
1b:f5:b6:f8:8e:47:f3:42:7e:64:6c:1b:39:5b:a7:73:10:ce:
3c:4d:4c:90:9a:e4:e1:58:8c:e5:57:96:44:16:a1:42:66:ba:
b0:17:4d:86:7a:7f:3e:f0:a7:e6:25:e9:b9:1e:75:02:6e:3c:
01:67:0d:36:da:47:04:25:9f:25:a1:8a:06:c0:24:2c:e8:fd:
e2:69:3a:08:e9:8e:d0:50:81:a9:e2:07:cb:5d:ca:87:6f:f0:
8e:7b:50:d5:97:c1:be:c9:7e:d1:4f:2d:6c:1e:bd:73:01:1e:
7a:36:ea:93:1f:c4:4e:0c:c3:9a:c4:e9:ad:54:d9:4f:62:28:
c4:8f:41:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKmgLsTSEK8peNRQCw5NXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZmZlZTdkYmY3ZjQ1NjZlYTllMzA1NDZiMmMyYTJlNzMz
NmYyZjQwHhcNMjQwMTAyMTQzNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTdiMzEzMGM2YWY1ZjNlMDRjYTcwNWZlY2FmMGFhMjM2MDdjNThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW0j3xEY8GlzcX7gsZxEbLU9Mf2R
eU35HKeOILkeMjA8FfQjryZhe4K9GpkDMSW0xkJsXaoZ3//wAmV8XHmdCvYzJPtD
NVxrjx1NsJcqEz8Sh+Xtk6nSNw+LvINUv++ZP5AWRPrdQsurf2reE8ZnmaCwYxpg
/mSCnmT5aLOixGdXRm1/swhsCtIvjMUDYegMjSuHBjUlPW9wx0HVH5bvYg+8Xaor
B3gGvgP4Y8PkmTvYqP29REWCsvMDAvX9bSsJkP57nCjonSwf3i9fb54Yr6AFqlnA
fdvMDduktpVElIsgWn6G2z9H3mx+615vjNR+ikpUFFOcaInQEywxlM5+EwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNV7MTDGr18+BMpwX+yvCqI2B8WOMB8GA1UdIwQY
MBaAFLH/7n2/f0Vm6p4wVGssKi5zNvL0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZfdWZiOV9SV2JxbmpCVWF5d3FMbk0yOHZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZmNiYjItYzNjMC00YjFlLThhZDUt
N2Y1Zjc4MzQ2ZDZmLzEvMVhzeE1NYXZYejRFeW5CZjdLOEtvallIeFk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZmNiYjItYzNjMC00YjFlLThhZDUtN2Y1Zjc4MzQ2ZDZm
LzEvc2ZfdWZiOV9SV2JxbmpCVWF5d3FMbk0yOHZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuZAQMA8E
AgACMAkDBwYqBC+BAAAwDQYJKoZIhvcNAQELBQADggEBAINdKzMuEnRyh2WM0/E4
pgCNtLDYu8mJlswBefPD0kYlw5PeweGAYQZr3LXcJltmqb678KQ3k5Fuko2cVb8e
Y6eJ6nGvglFx9eeMl1UgTTKgaVJ8Of+gBgLR3bBi8ZMuDSEJBv9+olI52ZIVVkK7
1HK1Syh4clAVjZ85kTxDJRv1tviOR/NCfmRsGzlbp3MQzjxNTJCa5OFYjOVXlkQW
oUJmurAXTYZ6fz7wp+Yl6bkedQJuPAFnDTbaRwQlnyWhigbAJCzo/eJpOgjpjtBQ
ganiB8tdyodv8I57UNWXwb7JftFPLWwevXMBHno26pMfxE4Mw5rE6a1U2U9iKMSP
QWA=
-----END CERTIFICATE-----
Generated at Thu May 2 18:06:31 2024 by rpki-client on console-fra.rpki-client.org