Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/aFb7cLOJEFgsroeeYkTawE-803g.roa
File: aFb7cLOJEFgsroeeYkTawE-803g.roa (raw, json)
Hash identifier: TAUXrgnmvlwdzFG9JtBAyxMvs0E54AasFY+A9NUCGQE=
Subject key identifier: 68:56:FB:70:B3:89:10:58:2C:AE:87:9E:62:44:DA:C0:4F:BC:D3:78
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 018CC49239DE3D0D95803FF0B382DFA57A04
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/aFb7cLOJEFgsroeeYkTawE-803g.roa
Signing time: Mon 01 Jan 2024 10:29:26 +0000
ROA not before: Mon 01 Jan 2024 10:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39679
IP address blocks: 185.6.138.0/24 maxlen: 24
185.234.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:39:de:3d:0d:95:80:3f:f0:b3:82:df:a5:7a:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Jan 1 10:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6856fb70b38910582cae879e6244dac04fbcd378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ff:47:f6:3c:26:3f:f5:2e:9a:6e:04:4d:8b:
6d:49:9f:af:30:9c:10:00:5b:c3:c3:3b:20:88:ed:
f8:62:4d:0d:6f:8c:9e:cc:c1:68:b5:bc:ff:e2:e6:
ea:40:02:b0:84:56:fd:ce:22:41:82:f4:80:c4:83:
5f:88:ce:80:76:aa:53:a9:56:4e:35:a8:5a:c8:91:
c6:7b:97:99:aa:ae:89:4c:4e:13:8d:ac:5e:ba:12:
3d:02:a2:27:bb:fa:34:b0:4a:49:bf:6f:72:ce:11:
25:79:63:1c:bd:6c:46:b1:17:02:27:ce:5d:25:11:
b8:20:80:23:f2:e9:1b:df:3a:ee:ce:28:4c:ae:c7:
e5:93:94:12:8d:31:bc:9d:8b:80:aa:45:f2:f1:f5:
2c:81:12:7d:2e:f5:7f:bf:fb:76:6f:e7:a3:03:74:
f2:e8:80:7a:28:58:69:3b:be:cd:3c:79:26:8e:fc:
4c:ee:bd:ad:b5:c5:72:c1:83:68:fb:f9:d6:89:41:
4b:f3:42:f9:b2:88:b9:dc:40:8b:9a:0d:70:4d:dc:
6f:8b:a5:f2:1e:84:09:06:51:78:4d:53:e3:82:9a:
2c:67:bb:08:09:a6:ec:e6:a6:c7:d6:43:ac:38:d3:
f3:51:0c:e9:42:bd:3e:df:cd:da:de:67:dc:69:70:
fc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:56:FB:70:B3:89:10:58:2C:AE:87:9E:62:44:DA:C0:4F:BC:D3:78
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/aFb7cLOJEFgsroeeYkTawE-803g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.138.0/24
185.234.180.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:1f:7b:77:fd:2f:21:35:ef:b7:32:f3:e4:29:e5:72:27:96:
77:13:23:1c:b7:fa:1c:5e:47:a4:d6:b8:e1:d4:e5:d7:fa:c5:
f6:73:1f:d5:d1:37:b4:12:ef:a4:aa:2c:94:db:88:c6:de:7d:
7d:df:ae:2e:1b:5b:ac:21:59:f1:7a:74:1f:2c:8c:58:cf:81:
25:21:49:85:3c:f7:c6:1c:d6:3a:da:c3:90:d2:9a:fb:cf:31:
f5:61:e5:0b:98:e5:42:fa:26:70:cf:73:d3:31:73:96:a9:5f:
b9:90:f6:87:62:94:f9:3b:e8:ca:c5:ec:05:7b:94:54:87:d8:
bd:e1:f7:28:c7:27:a6:d9:3f:a2:47:59:c2:c5:53:7b:a6:87:
c5:76:5a:6e:27:cb:24:d8:db:1b:0f:3b:f0:fb:03:aa:64:30:
ba:b8:21:29:52:13:a4:76:37:82:16:3a:9e:6f:f6:e0:f0:41:
65:f3:41:c0:05:f7:88:09:12:ee:fa:22:84:fa:4b:fd:21:a3:
56:ad:cd:95:b9:65:db:f4:fb:98:88:90:93:53:ff:da:f4:b3:
6d:6d:85:ab:3e:b9:61:f5:a5:af:31:45:5f:e7:f8:11:90:61:
f5:63:4a:c4:2a:91:43:7c:eb:9e:bf:bc:8f:b5:3b:9c:40:6a:
b6:ab:b9:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEkjnePQ2VgD/ws4LfpXoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjQwMTAxMTAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODU2ZmI3MGIzODkxMDU4MmNhZTg3OWU2MjQ0ZGFjMDRmYmNkMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf9H9jwmP/Uumm4ETYttSZ+vMJwQ
AFvDwzsgiO34Yk0Nb4yezMFotbz/4ubqQAKwhFb9ziJBgvSAxINfiM6AdqpTqVZO
NahayJHGe5eZqq6JTE4TjaxeuhI9AqInu/o0sEpJv29yzhEleWMcvWxGsRcCJ85d
JRG4IIAj8ukb3zruzihMrsflk5QSjTG8nYuAqkXy8fUsgRJ9LvV/v/t2b+ejA3Ty
6IB6KFhpO77NPHkmjvxM7r2ttcVywYNo+/nWiUFL80L5soi53ECLmg1wTdxvi6Xy
HoQJBlF4TVPjgposZ7sICabs5qbH1kOsONPzUQzpQr0+383a3mfcaXD8awIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGhW+3CziRBYLK6HnmJE2sBPvNN4MB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvYUZiN2NMT0pFRmdzcm9lZVlrVGF3RS04MDNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQaKAwQA
ueq0MA0GCSqGSIb3DQEBCwUAA4IBAQCjH3t3/S8hNe+3MvPkKeVyJ5Z3EyMct/oc
Xkek1rjh1OXX+sX2cx/V0Te0Eu+kqiyU24jG3n19364uG1usIVnxenQfLIxYz4El
IUmFPPfGHNY62sOQ0pr7zzH1YeULmOVC+iZwz3PTMXOWqV+5kPaHYpT5O+jKxewF
e5RUh9i94fcoxyem2T+iR1nCxVN7pofFdlpuJ8sk2NsbDzvw+wOqZDC6uCEpUhOk
djeCFjqeb/bg8EFl80HABfeICRLu+iKE+kv9IaNWrc2VuWXb9PuYiJCTU//a9LNt
bYWrPrlh9aWvMUVf5/gRkGH1Y0rEKpFDfOuev7yPtTucQGq2q7nG
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:13:01 2024 by rpki-client on console-ams.rpki-client.org