Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/y7TbNNrLFw7yk9LTJCD0owfPaIg.roa
File: y7TbNNrLFw7yk9LTJCD0owfPaIg.roa (raw, json)
Hash identifier: LvCbbScCPu5lwh4TDkvzB0FbO/mDNbOANBHmqiljARg=
Subject key identifier: CB:B4:DB:34:DA:CB:17:0E:F2:93:D2:D3:24:20:F4:A3:07:CF:68:88
Certificate issuer: /CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Certificate serial: 018CC3B70F9BCC9858AF97C6E8CBDF4C6B22
Authority key identifier: 4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/y7TbNNrLFw7yk9LTJCD0owfPaIg.roa
Signing time: Mon 01 Jan 2024 06:30:03 +0000
ROA not before: Mon 01 Jan 2024 06:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.87.218.0/24 maxlen: 28
185.87.219.0/24 maxlen: 24
2a13:85c0::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0f:9b:cc:98:58:af:97:c6:e8:cb:df:4c:6b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c81273dcb03c3457b79250be109e19a5e74f0fd
Validity
Not Before: Jan 1 06:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbb4db34dacb170ef293d2d32420f4a307cf6888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:57:95:eb:1d:d1:b1:86:21:22:9e:92:53:c8:
c8:3f:0a:58:4f:73:a2:6d:ec:09:ff:b8:64:ef:a1:
f5:26:7a:58:13:35:b5:0c:ca:01:4d:ac:05:86:da:
ff:ca:55:82:9d:aa:21:f5:c4:67:40:ad:f0:77:7b:
38:29:a2:fd:0e:af:30:51:29:af:00:d4:c5:6d:cf:
ff:17:98:28:9c:5e:68:dd:4e:0e:e6:f6:b4:d2:20:
d8:54:55:38:fe:38:3c:a2:08:6f:49:12:6d:6b:b7:
a5:1c:d5:cb:b2:46:77:ec:59:c3:34:dc:0f:e7:ee:
be:a9:45:38:5e:22:20:b2:54:46:f7:8b:af:ee:a1:
28:00:cd:58:7b:43:86:f8:28:fd:78:0f:ed:6c:5f:
b7:0d:c9:37:44:9c:c6:cb:1c:04:e7:4c:42:ba:7f:
bf:5d:d5:de:d2:3e:a4:31:e6:37:89:5c:5a:a4:95:
6b:5f:04:eb:ae:79:d9:d9:f8:48:e7:ed:00:5f:ac:
39:07:71:0b:c5:2d:26:c1:aa:18:ee:7d:aa:cc:33:
39:ee:c0:ae:bd:ae:8a:75:ea:31:ea:af:64:d0:bb:
7d:45:a2:ad:67:7b:15:fd:3a:b1:a2:93:d6:25:91:
df:f8:37:87:81:0a:78:1b:93:09:a1:64:54:a9:6c:
a7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B4:DB:34:DA:CB:17:0E:F2:93:D2:D3:24:20:F4:A3:07:CF:68:88
X509v3 Authority Key Identifier:
keyid:4C:81:27:3D:CB:03:C3:45:7B:79:25:0B:E1:09:E1:9A:5E:74:F0:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIEnPcsDw0V7eSUL4Qnhml508P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/y7TbNNrLFw7yk9LTJCD0owfPaIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/18c7dd-241b-4b92-8ebf-77794fbfd2e4/1/TIEnPcsDw0V7eSUL4Qnhml508P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.218.0/23
IPv6:
2a13:85c0::/40
Signature Algorithm: sha256WithRSAEncryption
0d:9e:f8:08:af:60:7a:d0:0c:ce:83:e7:c3:26:ca:c0:3a:7e:
36:60:eb:0e:7e:ff:89:d1:5e:ef:57:b8:bd:78:82:0c:bd:f2:
a1:4f:3a:0e:66:30:0d:ad:b3:e9:6d:fb:bb:b9:6f:b8:b9:6b:
ab:c6:7b:bc:1b:3a:de:2f:42:4a:55:9f:ac:a2:be:a5:86:2a:
54:7c:86:5d:61:56:aa:79:fe:79:81:42:be:ea:4d:ee:27:85:
31:48:21:b9:39:99:c2:fe:91:27:c0:11:15:8d:79:36:4a:03:
c6:3f:c7:84:5f:72:16:e1:e7:c4:51:ab:e4:77:d9:10:57:f8:
ce:cf:ff:c4:48:97:5e:fb:1d:1a:37:d8:b5:5a:ee:de:95:37:
e5:20:45:ea:c1:70:15:03:d0:7e:17:85:c9:b9:95:11:7c:d9:
a6:a5:ce:8b:f3:ba:55:cb:5e:d5:44:55:bf:dc:f4:c5:24:70:
77:f4:43:aa:99:4f:5a:e9:8c:77:21:9a:ac:fc:57:d8:d1:ea:
41:16:2e:c9:49:aa:cb:46:0b:49:20:f1:b0:02:9b:e9:8c:33:
c8:09:cb:4c:2e:66:c1:04:2a:ed:2c:2c:06:55:89:64:0f:44:
24:7e:52:36:09:d0:34:94:89:4e:47:75:d4:51:a6:41:7c:5f:
e0:ba:56:15
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzDtw+bzJhYr5fG6MvfTGsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODEyNzNkY2IwM2MzNDU3Yjc5MjUwYmUxMDllMTlhNWU3
NGYwZmQwHhcNMjQwMTAxMDYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmI0ZGIzNGRhY2IxNzBlZjI5M2QyZDMyNDIwZjRhMzA3Y2Y2ODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFeV6x3RsYYhIp6SU8jIPwpYT3Oi
bewJ/7hk76H1JnpYEzW1DMoBTawFhtr/ylWCnaoh9cRnQK3wd3s4KaL9Dq8wUSmv
ANTFbc//F5gonF5o3U4O5va00iDYVFU4/jg8oghvSRJta7elHNXLskZ37FnDNNwP
5+6+qUU4XiIgslRG94uv7qEoAM1Ye0OG+Cj9eA/tbF+3Dck3RJzGyxwE50xCun+/
XdXe0j6kMeY3iVxapJVrXwTrrnnZ2fhI5+0AX6w5B3ELxS0mwaoY7n2qzDM57sCu
va6Kdeox6q9k0Lt9RaKtZ3sV/TqxopPWJZHf+DeHgQp4G5MJoWRUqWynjQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMu02zTayxcO8pPS0yQg9KMHz2iIMB8GA1UdIwQY
MBaAFEyBJz3LA8NFe3klC+EJ4ZpedPD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYt
Nzc3OTRmYmZkMmU0LzEveTdUYk5OckxGdzd5azlMVEpDRDBvd2ZQYUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xOGM3ZGQtMjQxYi00YjkyLThlYmYtNzc3OTRmYmZkMmU0
LzEvVElFblBjc0R3MFY3ZVNVTDRRbmhtbDUwOFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuVfaMA4E
AgACMAgDBgAqE4XAADANBgkqhkiG9w0BAQsFAAOCAQEADZ74CK9getAMzoPnwybK
wDp+NmDrDn7/idFe71e4vXiCDL3yoU86DmYwDa2z6W37u7lvuLlrq8Z7vBs63i9C
SlWfrKK+pYYqVHyGXWFWqnn+eYFCvupN7ieFMUghuTmZwv6RJ8ARFY15NkoDxj/H
hF9yFuHnxFGr5HfZEFf4zs//xEiXXvsdGjfYtVru3pU35SBF6sFwFQPQfheFybmV
EXzZpqXOi/O6Vcte1URVv9z0xSRwd/RDqplPWumMdyGarPxX2NHqQRYuyUmqy0YL
SSDxsAKb6YwzyAnLTC5mwQQq7SwsBlWJZA9EJH5SNgnQNJSJTkd11FGmQXxf4LpW
FQ==
-----END CERTIFICATE-----
Generated at Thu May 2 17:36:59 2024 by rpki-client on console-ams.rpki-client.org