Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/K7Lw16lSDn0gGqbARNcE7p-UFwE.roa
File: K7Lw16lSDn0gGqbARNcE7p-UFwE.roa (raw, json)
Hash identifier: TkDsKU6ycqYbgC8MJhrmoFSYHxRcRtVQ53wxHz888cc=
Subject key identifier: 2B:B2:F0:D7:A9:52:0E:7D:20:1A:A6:C0:44:D7:04:EE:9F:94:17:01
Certificate issuer: /CN=2e87c3d5f45fef38c105b93dd44dd24f5bee60e7
Certificate serial: 018CC5005DB235B29F3490080B6582C2520F
Authority key identifier: 2E:87:C3:D5:F4:5F:EF:38:C1:05:B9:3D:D4:4D:D2:4F:5B:EE:60:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LofD1fRf7zjBBbk91E3ST1vuYOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/K7Lw16lSDn0gGqbARNcE7p-UFwE.roa
Signing time: Mon 01 Jan 2024 12:29:44 +0000
ROA not before: Mon 01 Jan 2024 12:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201649
IP address blocks: 185.68.49.0/24 maxlen: 24
185.68.48.0/22 maxlen: 22
185.68.51.0/24 maxlen: 24
185.68.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/LofD1fRf7zjBBbk91E3ST1vuYOc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/LofD1fRf7zjBBbk91E3ST1vuYOc.mft
rsync://rpki.ripe.net/repository/DEFAULT/LofD1fRf7zjBBbk91E3ST1vuYOc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5d:b2:35:b2:9f:34:90:08:0b:65:82:c2:52:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e87c3d5f45fef38c105b93dd44dd24f5bee60e7
Validity
Not Before: Jan 1 12:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bb2f0d7a9520e7d201aa6c044d704ee9f941701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:12:b8:45:68:92:69:b4:be:67:51:58:62:
f9:18:7e:d1:48:68:c0:b0:ae:8a:fb:42:2a:6d:cc:
35:7d:91:aa:05:45:00:60:6c:00:07:3b:47:be:23:
c1:72:2e:17:78:9f:7e:a3:3a:d2:fc:aa:d2:07:8a:
fe:ad:e4:a2:5e:1a:0c:f8:cf:56:d2:91:a7:79:62:
aa:af:77:30:d7:29:41:d2:f8:96:82:fd:74:d5:bd:
73:f3:cb:53:d5:0f:b7:d5:e7:5d:7d:d8:28:76:c4:
3c:9b:fa:38:30:da:60:07:4f:c7:90:78:3a:c5:6d:
f8:ad:7e:57:20:a2:dd:11:57:40:bf:82:a8:d7:f5:
6c:ac:7e:1b:07:3d:9e:6a:22:72:24:8b:74:b2:22:
ba:b9:22:05:a9:88:4d:ee:53:3a:eb:a4:2c:12:8b:
5b:4d:9c:d5:71:da:05:1a:6c:bc:65:cf:24:82:29:
20:94:76:f3:0a:7a:ca:9e:0a:e1:0b:ca:cf:71:41:
c5:d8:d4:b7:dc:47:e9:8e:60:32:40:f5:a7:24:51:
1e:e1:bc:9e:de:0c:89:0c:c1:75:71:98:1b:27:c5:
83:a4:c4:35:d1:0e:ee:4e:aa:a7:2e:8f:ca:b9:6c:
da:99:f1:6a:00:6e:21:98:ac:7a:aa:51:90:8c:b8:
90:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:B2:F0:D7:A9:52:0E:7D:20:1A:A6:C0:44:D7:04:EE:9F:94:17:01
X509v3 Authority Key Identifier:
keyid:2E:87:C3:D5:F4:5F:EF:38:C1:05:B9:3D:D4:4D:D2:4F:5B:EE:60:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LofD1fRf7zjBBbk91E3ST1vuYOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/K7Lw16lSDn0gGqbARNcE7p-UFwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3b58d8-6d94-4302-aa91-7c2bd984d735/1/LofD1fRf7zjBBbk91E3ST1vuYOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.48.0/22
Signature Algorithm: sha256WithRSAEncryption
dd:b5:a8:99:05:1a:fb:95:e6:ee:23:9f:e7:b5:68:1e:29:5a:
6c:5e:f7:ec:54:4a:35:e9:98:dc:44:30:b9:d4:2c:67:1d:4e:
42:35:22:bc:dd:d3:9d:11:90:59:00:b7:97:26:aa:39:d2:be:
9e:46:c5:7b:ab:61:96:e3:f0:77:d6:5f:f9:c2:50:f1:1f:8f:
bb:7a:29:c8:24:74:b6:72:da:06:77:d1:1b:54:42:13:73:92:
f3:e8:d4:20:fe:13:62:c6:38:f9:90:69:af:48:f5:ad:39:9e:
e3:88:ad:d1:8e:e8:da:4a:8f:1b:c7:7c:5c:39:3b:68:43:9f:
4a:32:ac:47:36:72:15:19:32:4b:9b:17:7a:51:72:80:ef:cb:
ed:6b:eb:58:2e:42:e9:66:5c:c6:c3:4d:c7:51:b3:22:a3:a5:
ca:9c:21:19:d9:7a:6a:28:13:a4:86:0e:00:3c:3d:9e:f6:6f:
a4:4f:1b:b2:e7:9d:c9:bf:39:8d:db:85:1e:80:40:7a:13:bc:
42:fe:4d:07:a5:aa:7f:56:00:54:cf:14:e8:2c:1e:df:67:78:
68:29:8f:63:fc:e0:3b:db:ca:b4:83:49:81:ec:97:cb:39:69:
2f:0f:fe:01:ab:e7:c7:71:68:78:24:0d:38:90:1a:be:7c:f4:
ae:55:c0:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAF2yNbKfNJAIC2WCwlIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODdjM2Q1ZjQ1ZmVmMzhjMTA1YjkzZGQ0NGRkMjRmNWJl
ZTYwZTcwHhcNMjQwMTAxMTIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmIyZjBkN2E5NTIwZTdkMjAxYWE2YzA0NGQ3MDRlZTlmOTQxNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfESuEVokmm0vmdRWGL5GH7RSGjA
sK6K+0Iqbcw1fZGqBUUAYGwABztHviPBci4XeJ9+ozrS/KrSB4r+reSiXhoM+M9W
0pGneWKqr3cw1ylB0viWgv101b1z88tT1Q+31eddfdgodsQ8m/o4MNpgB0/HkHg6
xW34rX5XIKLdEVdAv4Ko1/VsrH4bBz2eaiJyJIt0siK6uSIFqYhN7lM666QsEotb
TZzVcdoFGmy8Zc8kgikglHbzCnrKngrhC8rPcUHF2NS33EfpjmAyQPWnJFEe4bye
3gyJDMF1cZgbJ8WDpMQ10Q7uTqqnLo/KuWzamfFqAG4hmKx6qlGQjLiQEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCuy8NepUg59IBqmwETXBO6flBcBMB8GA1UdIwQY
MBaAFC6Hw9X0X+84wQW5PdRN0k9b7mDnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9mRDFmUmY3empCQmJrOTFFM1NUMXZ1WU9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYjU4ZDgtNmQ5NC00MzAyLWFhOTEt
N2MyYmQ5ODRkNzM1LzEvSzdMdzE2bFNEbjBnR3FiQVJOY0U3cC1VRndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zYjU4ZDgtNmQ5NC00MzAyLWFhOTEtN2MyYmQ5ODRkNzM1
LzEvTG9mRDFmUmY3empCQmJrOTFFM1NUMXZ1WU9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUQwMA0G
CSqGSIb3DQEBCwUAA4IBAQDdtaiZBRr7lebuI5/ntWgeKVpsXvfsVEo16ZjcRDC5
1CxnHU5CNSK83dOdEZBZALeXJqo50r6eRsV7q2GW4/B31l/5wlDxH4+7einIJHS2
ctoGd9EbVEITc5Lz6NQg/hNixjj5kGmvSPWtOZ7jiK3RjujaSo8bx3xcOTtoQ59K
MqxHNnIVGTJLmxd6UXKA78vta+tYLkLpZlzGw03HUbMio6XKnCEZ2XpqKBOkhg4A
PD2e9m+kTxuy553JvzmN24UegEB6E7xC/k0Hpap/VgBUzxToLB7fZ3hoKY9j/OA7
28q0g0mB7JfLOWkvD/4Bq+fHcWh4JA04kBq+fPSuVcAF
-----END CERTIFICATE-----
Generated at Mon Jul 1 15:53:19 2024 by rpki-client on console-ams.rpki-client.org