Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/21hY8cCfUFlK-TNktPrsLthMyxU.roa
File: 21hY8cCfUFlK-TNktPrsLthMyxU.roa (raw, json)
Hash identifier: w/pCZRczGMkAt07Nwmc5r+RSS4VGlqnyMKO3GN58dec=
Subject key identifier: DB:58:58:F1:C0:9F:50:59:4A:F9:33:64:B4:FA:EC:2E:D8:4C:CB:15
Certificate issuer: /CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Certificate serial: 018CC801803ED4D69E70855E0F756778D00F
Authority key identifier: 2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/21hY8cCfUFlK-TNktPrsLthMyxU.roa
Signing time: Tue 02 Jan 2024 02:29:50 +0000
ROA not before: Tue 02 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.107.197.0/24 maxlen: 24
185.107.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:80:3e:d4:d6:9e:70:85:5e:0f:75:67:78:d0:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b237c5affe93543ae2fe6e1ffed182396eb9bb3
Validity
Not Before: Jan 2 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db5858f1c09f50594af93364b4faec2ed84ccb15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b3:c5:41:a0:63:39:bd:5b:74:44:5b:d5:c3:
7c:30:01:ba:09:7d:4e:c0:c9:fb:c2:aa:b4:cf:c8:
15:68:d4:e6:db:b8:d4:19:e6:f2:44:a4:4b:83:6a:
c3:1a:02:cc:bd:96:f2:a3:2e:8a:81:0f:f3:46:d2:
d3:4b:0f:12:b7:df:c6:fc:a2:15:8e:15:2c:39:93:
48:66:7d:d8:10:42:f8:50:40:bb:a1:b8:8c:a0:30:
51:f1:ad:01:5f:3f:08:65:8b:68:20:a4:4b:07:97:
12:7d:01:5f:68:69:a7:3e:03:61:95:4d:19:d0:d6:
2e:f3:b5:bd:b2:bb:ed:87:ba:c0:e8:c5:b0:06:4a:
6a:47:ee:1a:28:29:c4:b9:80:3d:ba:54:b4:50:60:
c5:4a:34:ee:39:3e:7e:29:13:11:e9:96:54:f7:31:
df:55:51:94:e2:5f:c4:dc:e5:90:1b:48:e4:c7:09:
1c:28:83:66:ca:62:08:a5:a8:01:b9:d2:dc:46:2b:
6d:a6:90:fb:85:c9:8e:d8:3d:b4:85:fa:65:5a:ed:
52:55:1b:fe:87:5d:3e:21:47:cb:e1:46:4f:79:42:
08:64:7b:81:8f:bd:9e:8d:59:4f:3f:da:7c:3a:c0:
da:1c:8a:cc:01:8e:77:f7:1e:7f:24:77:17:3e:5b:
43:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:58:58:F1:C0:9F:50:59:4A:F9:33:64:B4:FA:EC:2E:D8:4C:CB:15
X509v3 Authority Key Identifier:
keyid:2B:23:7C:5A:FF:E9:35:43:AE:2F:E6:E1:FF:ED:18:23:96:EB:9B:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyN8Wv_pNUOuL-bh_-0YI5brm7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/21hY8cCfUFlK-TNktPrsLthMyxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/64a053-26ff-48a6-aeda-14702a4d2660/1/KyN8Wv_pNUOuL-bh_-0YI5brm7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.196.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:d9:4c:69:87:e0:09:39:37:0a:24:b0:55:e2:1a:e0:7c:24:
35:d5:e5:1f:a5:9c:0d:cc:bf:b0:16:d2:61:fe:0e:63:b9:af:
ea:68:34:44:7b:34:cf:00:ee:c1:41:a0:84:fd:31:44:f7:e6:
cc:17:78:8e:18:18:e4:7d:57:3c:e2:a0:3e:40:2b:c3:fa:dd:
00:05:02:6a:87:21:09:95:7e:e8:40:d0:e5:5a:00:12:ad:00:
07:5a:69:e9:75:8c:78:11:ed:41:5b:1c:3e:27:45:ab:07:3c:
88:69:2f:72:4e:a9:98:eb:76:a4:09:93:f6:0b:a3:89:8c:ef:
59:19:a2:62:d8:4b:db:c3:72:3a:a8:be:12:ad:ce:0a:f7:4d:
e7:9c:89:2c:83:da:c4:37:73:18:3c:44:c5:3d:31:64:9c:63:
27:cb:8d:0f:e2:13:51:0a:dc:0d:18:9a:ef:7c:6e:4c:ac:0a:
ea:db:f2:40:d9:96:27:86:5b:3b:37:7b:7f:99:8a:e3:be:8f:
ad:d8:2b:47:8c:dc:af:93:d9:df:32:3f:fd:09:ee:f3:68:87:
b3:2b:b3:32:09:3e:2c:85:77:2b:f1:1c:7b:80:55:dc:0b:59:
0f:a5:d3:d0:3f:4f:e8:c7:c8:86:47:be:e1:5e:f5:e2:4d:12:
91:3b:23:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAYA+1NaecIVeD3VneNAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMjM3YzVhZmZlOTM1NDNhZTJmZTZlMWZmZWQxODIzOTZl
YjliYjMwHhcNMjQwMTAyMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjU4NThmMWMwOWY1MDU5NGFmOTMzNjRiNGZhZWMyZWQ4NGNjYjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7PFQaBjOb1bdERb1cN8MAG6CX1O
wMn7wqq0z8gVaNTm27jUGebyRKRLg2rDGgLMvZbyoy6KgQ/zRtLTSw8St9/G/KIV
jhUsOZNIZn3YEEL4UEC7obiMoDBR8a0BXz8IZYtoIKRLB5cSfQFfaGmnPgNhlU0Z
0NYu87W9srvth7rA6MWwBkpqR+4aKCnEuYA9ulS0UGDFSjTuOT5+KRMR6ZZU9zHf
VVGU4l/E3OWQG0jkxwkcKINmymIIpagBudLcRittppD7hcmO2D20hfplWu1SVRv+
h10+IUfL4UZPeUIIZHuBj72ejVlPP9p8OsDaHIrMAY539x5/JHcXPltDywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtYWPHAn1BZSvkzZLT67C7YTMsVMB8GA1UdIwQY
MBaAFCsjfFr/6TVDri/m4f/tGCOW65uzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEt
MTQ3MDJhNGQyNjYwLzEvMjFoWThjQ2ZVRmxLLVROa3RQcnNMdGhNeXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi82NGEwNTMtMjZmZi00OGE2LWFlZGEtMTQ3MDJhNGQyNjYw
LzEvS3lOOFd2X3BOVU91TC1iaF8tMFlJNWJybTdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWvEMA0G
CSqGSIb3DQEBCwUAA4IBAQCg2Uxph+AJOTcKJLBV4hrgfCQ11eUfpZwNzL+wFtJh
/g5jua/qaDREezTPAO7BQaCE/TFE9+bMF3iOGBjkfVc84qA+QCvD+t0ABQJqhyEJ
lX7oQNDlWgASrQAHWmnpdYx4Ee1BWxw+J0WrBzyIaS9yTqmY63akCZP2C6OJjO9Z
GaJi2Evbw3I6qL4Src4K903nnIksg9rEN3MYPETFPTFknGMny40P4hNRCtwNGJrv
fG5MrArq2/JA2ZYnhls7N3t/mYrjvo+t2CtHjNyvk9nfMj/9Ce7zaIezK7MyCT4s
hXcr8Rx7gFXcC1kPpdPQP0/ox8iGR77hXvXiTRKROyP+
-----END CERTIFICATE-----
Generated at Thu May 2 17:35:47 2024 by rpki-client on console-ams.rpki-client.org