Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/_jGbiXplAbj22NUPEmgjSFrSwHQ.roa
File: _jGbiXplAbj22NUPEmgjSFrSwHQ.roa (raw, json)
Hash identifier: 0rJLRelU+d2tFQMXvfXqEYR+od3TJbna1h9THRiNfCQ=
Subject key identifier: FE:31:9B:89:7A:65:01:B8:F6:D8:D5:0F:12:68:23:48:5A:D2:C0:74
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 018CC3B74331C7FBEBEEEE422AA3E4E2C609
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/_jGbiXplAbj22NUPEmgjSFrSwHQ.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46450
IP address blocks: 185.213.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:43:31:c7:fb:eb:ee:ee:42:2a:a3:e4:e2:c6:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe319b897a6501b8f6d8d50f126823485ad2c074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ed:31:44:d9:2d:e4:e9:30:ab:57:16:02:95:
e5:e4:6d:0a:9b:d0:9d:bd:14:cc:7f:46:eb:79:6d:
d9:dc:0e:5a:9f:6a:87:02:51:81:c9:09:de:a8:11:
64:57:59:37:49:8f:81:c0:eb:4b:95:97:7b:73:34:
dd:39:0c:56:4b:78:c4:8a:9f:33:b3:61:1c:6a:5a:
f7:0e:4f:58:a6:41:72:86:e8:61:22:9a:5a:f0:48:
5f:cc:22:0b:c2:73:aa:c5:b5:0d:3c:96:1c:4e:1b:
d2:d6:c3:aa:e5:e8:a5:4e:e5:ff:30:d8:25:a0:78:
4a:88:ab:5d:d0:21:3e:16:cf:8c:04:c5:0a:d8:9d:
be:c6:9e:2b:93:73:e9:34:5a:37:0b:32:bd:ab:83:
da:32:be:66:35:f1:4c:c0:81:30:16:51:05:50:01:
6e:77:a6:96:77:ac:a8:74:b0:b0:8b:6e:cb:46:73:
f5:5d:ca:85:c2:14:75:2d:20:5e:91:b6:d6:34:22:
1f:58:b2:3c:fa:66:7d:b6:ee:73:c3:07:0c:b5:0d:
9b:fa:ad:66:e0:41:e2:25:dc:49:ce:23:32:db:1b:
98:dd:32:7d:75:8b:66:44:03:db:7c:fd:44:f5:9b:
95:02:48:cb:30:71:76:7a:a6:f2:2f:ec:9b:11:94:
36:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:31:9B:89:7A:65:01:B8:F6:D8:D5:0F:12:68:23:48:5A:D2:C0:74
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/_jGbiXplAbj22NUPEmgjSFrSwHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.193.0/24
Signature Algorithm: sha256WithRSAEncryption
61:e5:53:79:73:e7:45:d7:85:7e:e6:c1:36:b4:d4:1c:bb:42:
dd:43:95:28:3e:1c:2a:8e:27:93:13:8d:87:c9:4d:7a:6c:6b:
b1:2c:9b:4e:2f:f8:10:36:a6:c3:21:7b:98:20:a3:b6:eb:26:
46:37:40:5d:83:67:60:08:74:19:e3:34:b4:0d:58:d6:1c:f2:
bf:2c:65:49:73:02:59:0b:cf:c6:56:dc:dd:80:1b:ee:68:a4:
a2:2b:dc:6e:90:39:26:fe:1d:0f:47:63:3e:40:24:c8:31:3f:
e6:cd:6b:65:f5:4b:2a:67:c0:8e:f6:72:9d:ad:91:0f:94:ff:
f3:bd:e5:7f:44:fb:d5:f5:09:3e:17:8d:00:7e:6c:26:e8:8a:
4f:12:13:da:ce:89:5d:4f:b7:38:d5:ed:1b:15:0f:7c:63:94:
42:75:5e:ee:7b:14:d8:b4:f5:96:62:df:fb:c1:2d:32:e3:ad:
78:74:3f:d4:ad:06:24:77:03:e7:11:09:c2:36:32:f6:6f:09:
12:fe:5b:2c:4d:f9:aa:74:f8:ed:cb:c7:e7:27:fc:f1:89:bd:
46:37:ab:54:04:90:42:39:e9:2f:e2:b0:3b:0b:ca:a8:08:e3:
42:7d:64:48:d4:5c:a8:5c:b1:5b:c2:86:cc:cc:f9:78:63:f4:
64:c8:82:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDt0Mxx/vr7u5CKqPk4sYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTMxOWI4OTdhNjUwMWI4ZjZkOGQ1MGYxMjY4MjM0ODVhZDJjMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu0xRNkt5Okwq1cWApXl5G0Km9Cd
vRTMf0breW3Z3A5an2qHAlGByQneqBFkV1k3SY+BwOtLlZd7czTdOQxWS3jEip8z
s2Ecalr3Dk9YpkFyhuhhIppa8EhfzCILwnOqxbUNPJYcThvS1sOq5eilTuX/MNgl
oHhKiKtd0CE+Fs+MBMUK2J2+xp4rk3PpNFo3CzK9q4PaMr5mNfFMwIEwFlEFUAFu
d6aWd6yodLCwi27LRnP1XcqFwhR1LSBekbbWNCIfWLI8+mZ9tu5zwwcMtQ2b+q1m
4EHiJdxJziMy2xuY3TJ9dYtmRAPbfP1E9ZuVAkjLMHF2eqbyL+ybEZQ2BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP4xm4l6ZQG49tjVDxJoI0ha0sB0MB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvX2pHYmlYcGxBYmoyMk5VUEVtZ2pTRnJTd0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudXBMA0G
CSqGSIb3DQEBCwUAA4IBAQBh5VN5c+dF14V+5sE2tNQcu0LdQ5UoPhwqjieTE42H
yU16bGuxLJtOL/gQNqbDIXuYIKO26yZGN0Bdg2dgCHQZ4zS0DVjWHPK/LGVJcwJZ
C8/GVtzdgBvuaKSiK9xukDkm/h0PR2M+QCTIMT/mzWtl9UsqZ8CO9nKdrZEPlP/z
veV/RPvV9Qk+F40Afmwm6IpPEhPazoldT7c41e0bFQ98Y5RCdV7uexTYtPWWYt/7
wS0y4614dD/UrQYkdwPnEQnCNjL2bwkS/lssTfmqdPjty8fnJ/zxib1GN6tUBJBC
Oekv4rA7C8qoCONCfWRI1FyoXLFbwobMzPl4Y/RkyILA
-----END CERTIFICATE-----
Generated at Fri May 17 18:17:10 2024 by rpki-client on console-fra.rpki-client.org