Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/8533c3-29e0-4506-b00d-36c87396923a/1/qB68wWlAfVE0WZem12ITO9mNfz8.roa
File: qB68wWlAfVE0WZem12ITO9mNfz8.roa (raw, json)
Hash identifier: RtR4J4LXdNwVG9AdzOsE/UeU6RzRxSIe/MZPPfyjL18=
Subject key identifier: A8:1E:BC:C1:69:40:7D:51:34:59:97:A6:D7:62:13:3B:D9:8D:7F:3F
Certificate issuer: /CN=d32277ea304b2844a78689b3aa0d9219e3366773
Certificate serial: 018CC8714108BC75CE600B7AD2602B074435
Authority key identifier: D3:22:77:EA:30:4B:28:44:A7:86:89:B3:AA:0D:92:19:E3:36:67:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0yJ36jBLKESnhomzqg2SGeM2Z3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/8533c3-29e0-4506-b00d-36c87396923a/1/qB68wWlAfVE0WZem12ITO9mNfz8.roa
Signing time: Tue 02 Jan 2024 04:31:54 +0000
ROA not before: Tue 02 Jan 2024 04:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205103
IP address blocks: 185.230.68.0/22 maxlen: 24
2a0c:500::/30 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/8533c3-29e0-4506-b00d-36c87396923a/1/0yJ36jBLKESnhomzqg2SGeM2Z3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/8533c3-29e0-4506-b00d-36c87396923a/1/0yJ36jBLKESnhomzqg2SGeM2Z3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/0yJ36jBLKESnhomzqg2SGeM2Z3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:41:08:bc:75:ce:60:0b:7a:d2:60:2b:07:44:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d32277ea304b2844a78689b3aa0d9219e3366773
Validity
Not Before: Jan 2 04:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a81ebcc169407d51345997a6d762133bd98d7f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a8:c9:b8:8f:0d:b4:9b:2b:15:af:7e:ca:0e:
22:77:33:fc:d2:29:47:33:ae:d2:b0:9d:99:f2:69:
ae:85:e4:ed:ea:e0:eb:b5:d6:cd:96:70:b5:9e:a3:
07:aa:a8:6c:44:b2:03:03:8c:0b:fd:15:02:26:06:
0c:ad:94:c9:ad:c3:18:46:2e:48:0c:ff:a2:48:e0:
bf:51:ab:52:28:af:5a:c5:b8:0b:bc:d1:ab:7b:ff:
41:76:fe:0e:0a:73:35:b5:d7:fd:b8:d2:5e:d3:7a:
61:d7:69:ba:5b:de:82:fc:87:84:76:64:69:b4:48:
2b:35:7e:92:41:5b:50:3c:b1:2e:da:a6:2a:60:32:
80:0e:2e:ac:ec:ac:95:34:9b:7d:4b:95:d1:5e:d9:
c5:0a:6f:ab:42:3d:3c:ff:11:59:43:5e:e4:34:4d:
a2:21:40:a8:93:64:a0:d4:95:1d:ff:03:80:37:fa:
5a:4a:1d:b8:00:dd:83:ed:3c:56:e4:b7:96:b5:fd:
c4:ca:a3:1a:2e:25:a5:de:d7:60:e2:9d:29:ac:28:
1d:95:e4:85:01:a9:a0:d0:be:e9:54:01:26:42:95:
da:55:13:16:2d:99:64:be:62:11:b8:b0:00:86:dc:
f5:df:b8:c7:f2:22:db:53:98:62:0d:b9:5c:11:2c:
b9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:1E:BC:C1:69:40:7D:51:34:59:97:A6:D7:62:13:3B:D9:8D:7F:3F
X509v3 Authority Key Identifier:
keyid:D3:22:77:EA:30:4B:28:44:A7:86:89:B3:AA:0D:92:19:E3:36:67:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0yJ36jBLKESnhomzqg2SGeM2Z3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8533c3-29e0-4506-b00d-36c87396923a/1/qB68wWlAfVE0WZem12ITO9mNfz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8533c3-29e0-4506-b00d-36c87396923a/1/0yJ36jBLKESnhomzqg2SGeM2Z3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.68.0/22
IPv6:
2a0c:500::/30
Signature Algorithm: sha256WithRSAEncryption
01:78:bd:8c:bb:4c:9f:7e:22:a2:64:4a:b4:c0:a9:29:13:0e:
8a:5e:7f:bb:a2:13:78:6c:38:fc:f2:62:98:d0:12:03:79:28:
3b:03:af:3c:de:7f:4a:73:34:cc:34:9b:55:2a:b3:1e:3e:fd:
ad:2c:cb:9a:2a:25:f5:00:9e:97:78:78:55:a9:d1:0e:3c:19:
d5:04:96:80:ab:c6:93:f5:f8:3b:de:d1:3c:88:7c:65:65:45:
6a:55:79:c2:36:c5:c8:30:b3:bb:e7:38:f0:19:69:36:7d:f5:
74:f6:94:55:c0:3d:7b:66:f1:07:bb:34:cb:f2:d9:0a:35:bf:
c7:72:48:79:fc:b2:dd:b4:57:ec:5d:a3:88:84:03:7c:7f:1a:
2e:a4:a4:68:99:d8:79:0e:22:ca:aa:6c:95:99:33:4b:e5:47:
2c:1b:88:8a:86:a0:bb:02:28:2e:1b:d2:bd:d5:a8:ca:94:ea:
9a:26:99:fa:09:97:54:d4:8d:ed:32:f5:cc:8e:36:aa:48:a4:
8e:1f:d8:55:6e:db:ab:d4:90:6a:bc:b5:e1:57:3f:3e:7e:74:
49:81:00:c8:7c:13:6e:bb:26:62:b5:e7:5c:4c:e1:cb:b2:9a:
f1:fe:b6:90:4d:bb:40:76:2a:0f:26:c1:57:00:2c:ac:b5:8d:
23:6d:77:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcUEIvHXOYAt60mArB0Q1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMjI3N2VhMzA0YjI4NDRhNzg2ODliM2FhMGQ5MjE5ZTMz
NjY3NzMwHhcNMjQwMTAyMDQzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODFlYmNjMTY5NDA3ZDUxMzQ1OTk3YTZkNzYyMTMzYmQ5OGQ3ZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6jJuI8NtJsrFa9+yg4idzP80ilH
M67SsJ2Z8mmuheTt6uDrtdbNlnC1nqMHqqhsRLIDA4wL/RUCJgYMrZTJrcMYRi5I
DP+iSOC/UatSKK9axbgLvNGre/9Bdv4OCnM1tdf9uNJe03ph12m6W96C/IeEdmRp
tEgrNX6SQVtQPLEu2qYqYDKADi6s7KyVNJt9S5XRXtnFCm+rQj08/xFZQ17kNE2i
IUCok2Sg1JUd/wOAN/paSh24AN2D7TxW5LeWtf3EyqMaLiWl3tdg4p0prCgdleSF
Aamg0L7pVAEmQpXaVRMWLZlkvmIRuLAAhtz137jH8iLbU5hiDblcESy5CQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKgevMFpQH1RNFmXptdiEzvZjX8/MB8GA1UdIwQY
MBaAFNMid+owSyhEp4aJs6oNkhnjNmdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHlKMzZqQkxLRVNuaG9tenFnMlNHZU0yWjNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84NTMzYzMtMjllMC00NTA2LWIwMGQt
MzZjODczOTY5MjNhLzEvcUI2OHdXbEFmVkUwV1plbTEySVRPOW1OZno4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84NTMzYzMtMjllMC00NTA2LWIwMGQtMzZjODczOTY5MjNh
LzEvMHlKMzZqQkxLRVNuaG9tenFnMlNHZU0yWjNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueZEMA0E
AgACMAcDBQIqDAUAMA0GCSqGSIb3DQEBCwUAA4IBAQABeL2Mu0yffiKiZEq0wKkp
Ew6KXn+7ohN4bDj88mKY0BIDeSg7A6883n9KczTMNJtVKrMePv2tLMuaKiX1AJ6X
eHhVqdEOPBnVBJaAq8aT9fg73tE8iHxlZUVqVXnCNsXIMLO75zjwGWk2ffV09pRV
wD17ZvEHuzTL8tkKNb/Hckh5/LLdtFfsXaOIhAN8fxoupKRomdh5DiLKqmyVmTNL
5UcsG4iKhqC7AiguG9K91ajKlOqaJpn6CZdU1I3tMvXMjjaqSKSOH9hVbtur1JBq
vLXhVz8+fnRJgQDIfBNuuyZitedcTOHLsprx/raQTbtAdioPJsFXACystY0jbXdl
-----END CERTIFICATE-----
Generated at Sat Dec 28 02:54:09 2024 by rpki-client on console-ams.rpki-client.org