Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/Sj7kQmGWwis0_Z4aey9WthHGAtk.roa
File: Sj7kQmGWwis0_Z4aey9WthHGAtk.roa (raw, json)
Hash identifier: Viv5kwUsJuVapisMYhoEDTd2iumBrgm7dbMdPz8q7aY=
Subject key identifier: 4A:3E:E4:42:61:96:C2:2B:34:FD:9E:1A:7B:2F:56:B6:11:C6:02:D9
Certificate issuer: /CN=d5f0f4bac5f9a5022fc2dcbc4a3db4cc6b116644
Certificate serial: 018CC26D204D3313407672F7D5C3DEC19A65
Authority key identifier: D5:F0:F4:BA:C5:F9:A5:02:2F:C2:DC:BC:4A:3D:B4:CC:6B:11:66:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1fD0usX5pQIvwty8Sj20zGsRZkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/Sj7kQmGWwis0_Z4aey9WthHGAtk.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50779
IP address blocks: 185.106.12.0/22 maxlen: 24
2a0c:db80::/29 maxlen: 29
2001:67c:2698::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/1fD0usX5pQIvwty8Sj20zGsRZkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/1fD0usX5pQIvwty8Sj20zGsRZkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1fD0usX5pQIvwty8Sj20zGsRZkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:20:4d:33:13:40:76:72:f7:d5:c3:de:c1:9a:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5f0f4bac5f9a5022fc2dcbc4a3db4cc6b116644
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a3ee4426196c22b34fd9e1a7b2f56b611c602d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:44:79:1a:ea:81:5f:51:ec:81:7a:b6:b3:9a:
ba:33:9c:63:a6:c4:73:c1:7c:42:8f:81:3d:34:0f:
5f:5a:87:d5:b7:23:5d:7f:a9:ea:68:91:9d:d9:ba:
30:b2:df:db:1a:ca:54:c4:78:3a:56:56:8e:b3:38:
3c:d0:b8:b7:7a:13:ff:b0:f6:79:be:2c:6c:46:35:
aa:85:b3:3c:85:d0:ee:48:85:27:da:4d:2e:fe:63:
26:d5:cb:67:1c:0c:c1:10:e2:73:c3:3e:29:86:ae:
c2:9f:81:85:b8:b9:d5:9d:d1:57:8d:41:2e:45:81:
9a:e5:e7:93:d9:9a:a6:f9:f6:4d:d8:ca:77:ae:8d:
55:a3:fa:98:56:8a:c3:f0:e6:0b:ba:f2:43:d7:9a:
1a:94:44:7b:0c:a4:d8:d8:0e:29:40:ae:10:70:3c:
dc:18:91:4d:f6:cf:52:d3:73:55:49:6c:80:56:e2:
e5:36:78:f8:94:15:cb:7f:88:95:0d:6f:d3:9c:fe:
2b:28:2c:86:60:bf:b8:ad:6a:31:b0:29:cb:3f:9e:
61:9c:1e:54:f8:3c:58:3a:50:c7:a5:5c:d3:7c:24:
c0:1b:06:5e:82:6a:da:44:e9:6c:71:0a:eb:9c:aa:
68:6b:a4:d2:29:72:2b:df:b4:a7:b0:9e:33:81:71:
b9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3E:E4:42:61:96:C2:2B:34:FD:9E:1A:7B:2F:56:B6:11:C6:02:D9
X509v3 Authority Key Identifier:
keyid:D5:F0:F4:BA:C5:F9:A5:02:2F:C2:DC:BC:4A:3D:B4:CC:6B:11:66:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1fD0usX5pQIvwty8Sj20zGsRZkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/Sj7kQmGWwis0_Z4aey9WthHGAtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a6d572-3043-4d19-9140-992541fdebea/1/1fD0usX5pQIvwty8Sj20zGsRZkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.12.0/22
IPv6:
2001:67c:2698::/48
2a0c:db80::/29
Signature Algorithm: sha256WithRSAEncryption
1b:c5:96:8f:0b:fd:15:d2:12:c2:30:c5:72:d3:79:57:80:28:
8e:70:d6:f9:eb:ce:58:93:b4:89:c2:b6:14:ca:3c:7e:7e:56:
77:c0:31:3b:9d:cc:52:f5:c4:e3:55:d6:4c:d2:7b:cb:2c:bc:
10:4a:26:6b:12:40:cd:5a:e4:15:03:3b:e7:7c:04:55:2d:0d:
29:cd:51:84:73:8d:b8:82:14:80:e7:82:0f:c9:90:28:df:51:
43:63:a7:8e:89:7f:e9:72:b3:a9:e0:02:01:9b:2a:95:5f:d2:
33:07:5c:2f:84:12:ef:54:d6:2a:6f:0b:e7:09:87:53:ea:ca:
0e:03:21:22:be:da:16:4c:b3:e8:5c:ef:1c:c6:06:68:73:eb:
8b:77:31:e9:1c:2f:ef:99:41:0b:e8:41:ff:69:a1:2a:e6:3e:
e5:ea:7b:dc:86:3c:cd:6e:e3:49:73:ff:43:e8:75:a2:6b:1b:
61:6b:30:7e:83:e7:d1:d8:43:2d:f7:e0:f2:06:fa:64:bb:21:
eb:b6:42:b5:83:19:2c:5b:e2:39:31:d2:4d:76:67:d5:99:71:
57:91:1b:d8:b8:17:50:68:63:9f:90:e5:b9:28:d7:69:bc:02:
7a:ed:8d:12:d2:c5:e2:6a:4f:63:74:a9:3f:77:df:f5:78:0b:
2d:8e:b7:d6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzCbSBNMxNAdnL31cPewZplMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZjBmNGJhYzVmOWE1MDIyZmMyZGNiYzRhM2RiNGNjNmIx
MTY2NDQwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTNlZTQ0MjYxOTZjMjJiMzRmZDllMWE3YjJmNTZiNjExYzYwMmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkR5GuqBX1HsgXq2s5q6M5xjpsRz
wXxCj4E9NA9fWofVtyNdf6nqaJGd2bowst/bGspUxHg6VlaOszg80Li3ehP/sPZ5
vixsRjWqhbM8hdDuSIUn2k0u/mMm1ctnHAzBEOJzwz4phq7Cn4GFuLnVndFXjUEu
RYGa5eeT2Zqm+fZN2Mp3ro1Vo/qYVorD8OYLuvJD15oalER7DKTY2A4pQK4QcDzc
GJFN9s9S03NVSWyAVuLlNnj4lBXLf4iVDW/TnP4rKCyGYL+4rWoxsCnLP55hnB5U
+DxYOlDHpVzTfCTAGwZegmraROlscQrrnKpoa6TSKXIr37SnsJ4zgXG5SwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEo+5EJhlsIrNP2eGnsvVrYRxgLZMB8GA1UdIwQY
MBaAFNXw9LrF+aUCL8LcvEo9tMxrEWZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZEMHVzWDVwUUl2d3R5OFNqMjB6R3NSWmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hNmQ1NzItMzA0My00ZDE5LTkxNDAt
OTkyNTQxZmRlYmVhLzEvU2o3a1FtR1d3aXMwX1o0YWV5OVd0aEhHQXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hNmQ1NzItMzA0My00ZDE5LTkxNDAtOTkyNTQxZmRlYmVh
LzEvMWZEMHVzWDVwUUl2d3R5OFNqMjB6R3NSWmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuWoMMBYE
AgACMBADBwAgAQZ8JpgDBQMqDNuAMA0GCSqGSIb3DQEBCwUAA4IBAQAbxZaPC/0V
0hLCMMVy03lXgCiOcNb5685Yk7SJwrYUyjx+flZ3wDE7ncxS9cTjVdZM0nvLLLwQ
SiZrEkDNWuQVAzvnfARVLQ0pzVGEc424ghSA54IPyZAo31FDY6eOiX/pcrOp4AIB
myqVX9IzB1wvhBLvVNYqbwvnCYdT6soOAyEivtoWTLPoXO8cxgZoc+uLdzHpHC/v
mUEL6EH/aaEq5j7l6nvchjzNbuNJc/9D6HWiaxthazB+g+fR2EMt9+DyBvpkuyHr
tkK1gxksW+I5MdJNdmfVmXFXkRvYuBdQaGOfkOW5KNdpvAJ67Y0S0sXiak9jdKk/
d9/1eAstjrfW
-----END CERTIFICATE-----
Generated at Tue May 21 20:18:22 2024 by rpki-client on console-ams.rpki-client.org