Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/SLvAp8f-jWr2WFqlkMq0mpOg8RQ.roa
File: SLvAp8f-jWr2WFqlkMq0mpOg8RQ.roa (raw, json)
Hash identifier: 6cvyF6Sv6DaxEBqXKCe49yZy9sWmJECfn0BKG0whtNk=
Subject key identifier: 48:BB:C0:A7:C7:FE:8D:6A:F6:58:5A:A5:90:CA:B4:9A:93:A0:F1:14
Certificate issuer: /CN=8c77013e488a09c709b632246d9405da458c5538
Certificate serial: 018CC79375E6215591ADF3A4ACCE2F57D53A
Authority key identifier: 8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/SLvAp8f-jWr2WFqlkMq0mpOg8RQ.roa
Signing time: Tue 02 Jan 2024 00:29:39 +0000
ROA not before: Tue 02 Jan 2024 00:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57738
IP address blocks: 185.17.12.0/22 maxlen: 24
185.129.172.0/22 maxlen: 24
185.128.244.0/22 maxlen: 24
2a06:d180::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:75:e6:21:55:91:ad:f3:a4:ac:ce:2f:57:d5:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c77013e488a09c709b632246d9405da458c5538
Validity
Not Before: Jan 2 00:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48bbc0a7c7fe8d6af6585aa590cab49a93a0f114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e3:aa:21:97:be:01:0b:13:ae:4e:04:b9:20:
af:05:ef:88:1f:e8:c8:d7:a5:a1:13:f7:ce:8a:49:
d5:04:4c:e3:31:db:d0:18:21:1d:48:a6:2a:0d:29:
ca:ef:68:c8:a4:06:0b:3d:f9:30:fd:0b:ea:9f:fd:
13:ef:68:43:20:f6:74:47:ba:37:18:77:7e:4d:c7:
b6:61:4d:be:61:33:0c:81:00:12:5d:b5:b5:21:51:
f0:42:19:08:97:cd:ff:9a:18:a1:e5:b9:93:0f:57:
01:fc:fc:c9:42:3d:f9:ac:4d:75:a8:dc:1a:4e:b8:
c9:c5:92:a2:94:9b:d4:bd:2b:33:3a:90:11:4d:59:
c8:09:e4:51:00:8b:23:22:2b:b0:0b:67:c0:f4:03:
e6:25:f3:d6:16:b5:d1:c5:45:b1:92:74:53:52:6f:
71:f0:3c:68:49:72:49:54:34:1f:df:a4:89:db:2f:
b5:df:3e:44:22:94:a7:fe:cf:07:53:f8:ba:5b:a6:
7a:69:c2:11:c6:36:51:b7:49:64:63:0f:44:e9:56:
61:9e:7b:5d:b1:f8:da:90:e6:b4:5d:de:be:a2:67:
6d:21:ea:6f:22:b6:47:21:11:6d:40:5b:06:7f:af:
54:04:14:3c:95:07:57:aa:7d:05:c7:1d:00:a5:00:
77:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:BB:C0:A7:C7:FE:8D:6A:F6:58:5A:A5:90:CA:B4:9A:93:A0:F1:14
X509v3 Authority Key Identifier:
keyid:8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/SLvAp8f-jWr2WFqlkMq0mpOg8RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.12.0/22
185.128.244.0/22
185.129.172.0/22
IPv6:
2a06:d180::/29
Signature Algorithm: sha256WithRSAEncryption
2e:61:61:bc:60:6e:74:05:f2:b8:45:0d:24:0d:f8:22:cc:7d:
69:47:78:61:1a:5e:61:d8:9d:13:cc:d6:cf:60:5f:37:8b:34:
f2:e6:f3:9a:3d:82:9c:27:3e:36:0c:2e:5f:57:e2:1e:2c:c5:
18:c9:37:4e:e3:b7:3d:58:a5:d5:04:ce:86:d8:64:90:30:7f:
75:c1:c2:df:64:84:86:b2:6b:dc:75:80:c6:e0:e1:d5:d6:17:
eb:48:49:3a:43:96:2c:1d:f0:17:0f:3d:33:43:61:60:b3:82:
dc:fc:4d:2c:6c:2a:f5:49:d5:9a:31:fa:f6:b9:f1:3d:2e:d0:
7e:95:d9:c5:99:1a:7b:93:f9:e5:48:7b:48:79:06:bd:f7:47:
b4:d0:77:88:a3:b3:86:fe:c8:15:58:93:58:44:a9:ba:96:70:
87:94:c3:c4:62:52:53:2d:c1:19:25:18:ba:4d:8b:c1:9e:e8:
6d:59:38:9a:be:27:fd:16:f7:1f:8b:12:90:a5:a0:24:28:c3:
fb:b8:a2:2f:df:c6:05:a0:1b:bb:88:e1:34:e8:03:77:d4:34:
ed:76:46:cd:2f:79:e6:99:d2:2e:eb:8e:f3:1f:13:55:09:5d:
dd:4d:cf:ef:6c:d1:17:84:38:8b:19:69:51:00:b8:42:72:05:
89:f6:11:6d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHk3XmIVWRrfOkrM4vV9U6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzcwMTNlNDg4YTA5YzcwOWI2MzIyNDZkOTQwNWRhNDU4
YzU1MzgwHhcNMjQwMTAyMDAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGJiYzBhN2M3ZmU4ZDZhZjY1ODVhYTU5MGNhYjQ5YTkzYTBmMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+OqIZe+AQsTrk4EuSCvBe+IH+jI
16WhE/fOiknVBEzjMdvQGCEdSKYqDSnK72jIpAYLPfkw/Qvqn/0T72hDIPZ0R7o3
GHd+Tce2YU2+YTMMgQASXbW1IVHwQhkIl83/mhih5bmTD1cB/PzJQj35rE11qNwa
TrjJxZKilJvUvSszOpARTVnICeRRAIsjIiuwC2fA9APmJfPWFrXRxUWxknRTUm9x
8DxoSXJJVDQf36SJ2y+13z5EIpSn/s8HU/i6W6Z6acIRxjZRt0lkYw9E6VZhnntd
sfjakOa0Xd6+omdtIepvIrZHIRFtQFsGf69UBBQ8lQdXqn0Fxx0ApQB3OQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEi7wKfH/o1q9lhapZDKtJqToPEUMB8GA1UdIwQY
MBaAFIx3AT5IignHCbYyJG2UBdpFjFU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgt
MDIxMjk1MzNhMzNkLzEvU0x2QXA4Zi1qV3IyV0ZxbGtNcTBtcE9nOFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgtMDIxMjk1MzNhMzNk
LzEvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuREMAwQC
uYD0AwQCuYGsMA0EAgACMAcDBQMqBtGAMA0GCSqGSIb3DQEBCwUAA4IBAQAuYWG8
YG50BfK4RQ0kDfgizH1pR3hhGl5h2J0TzNbPYF83izTy5vOaPYKcJz42DC5fV+Ie
LMUYyTdO47c9WKXVBM6G2GSQMH91wcLfZISGsmvcdYDG4OHV1hfrSEk6Q5YsHfAX
Dz0zQ2Fgs4Lc/E0sbCr1SdWaMfr2ufE9LtB+ldnFmRp7k/nlSHtIeQa990e00HeI
o7OG/sgVWJNYRKm6lnCHlMPEYlJTLcEZJRi6TYvBnuhtWTiavif9FvcfixKQpaAk
KMP7uKIv38YFoBu7iOE06AN31DTtdkbNL3nmmdIu647zHxNVCV3dTc/vbNEXhDiL
GWlRALhCcgWJ9hFt
-----END CERTIFICATE-----
Generated at Mon May 20 17:31:28 2024 by rpki-client on console-ams.rpki-client.org