Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/1-gQeQKPWe6VBKFGaq392MAxQ0ic.roa
File: 1-gQeQKPWe6VBKFGaq392MAxQ0ic.roa (raw, json)
Hash identifier: +DOjpolW4iTHwf6B67O0ExwBXhmJ6QS9NV2deInAC+k=
Subject key identifier: FA:04:1E:40:A3:D6:7B:A5:41:28:51:9A:AB:7F:76:30:0C:50:D2:27
Certificate issuer: /CN=bc4f1e6b011f4d6331a127955a548fa5052580a5
Certificate serial: 018CC94D3D4FEE7D1C363FBECD219076A8B2
Authority key identifier: BC:4F:1E:6B:01:1F:4D:63:31:A1:27:95:5A:54:8F:A5:05:25:80:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vE8eawEfTWMxoSeVWlSPpQUlgKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/1-gQeQKPWe6VBKFGaq392MAxQ0ic.roa
Signing time: Tue 02 Jan 2024 08:32:11 +0000
ROA not before: Tue 02 Jan 2024 08:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44400
IP address blocks: 185.128.164.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/vE8eawEfTWMxoSeVWlSPpQUlgKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/vE8eawEfTWMxoSeVWlSPpQUlgKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/vE8eawEfTWMxoSeVWlSPpQUlgKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:3d:4f:ee:7d:1c:36:3f:be:cd:21:90:76:a8:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4f1e6b011f4d6331a127955a548fa5052580a5
Validity
Not Before: Jan 2 08:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa041e40a3d67ba54128519aab7f76300c50d227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e7:bc:20:55:de:b0:1d:95:ff:1c:9a:bc:44:
f9:fa:02:9d:55:0c:d5:fb:ad:55:27:9d:e9:a1:e5:
82:fc:61:c0:5c:f7:11:bb:e5:6d:94:bb:9e:48:9c:
7b:03:29:80:ff:ce:7e:b0:ef:6c:c0:c8:44:89:cb:
40:90:9d:ff:24:c9:64:83:60:ca:02:de:df:21:f9:
7f:b4:8b:e0:aa:81:f6:c4:7c:f6:d5:6f:50:f6:62:
d3:76:a2:23:60:72:c6:41:66:c3:79:a4:a2:4f:3d:
10:e3:57:df:56:fc:4b:bf:c7:5b:c2:a8:95:ac:5c:
80:6e:57:52:4e:29:4a:2a:66:86:e8:87:84:6d:49:
16:1e:38:a6:07:c8:71:c7:db:e7:5c:7d:b6:b1:06:
28:66:b3:13:25:18:20:26:19:08:61:f3:0a:7b:49:
4c:ac:7f:2c:d4:7c:40:7d:e6:66:49:12:a2:cb:89:
7f:72:14:3a:a1:54:72:49:33:65:b2:7d:a1:7e:1a:
57:82:04:62:a4:46:e4:d9:ad:52:f8:b5:b9:88:b1:
ba:77:4c:ff:d1:85:53:df:9d:87:0a:e2:42:55:c2:
d9:28:d5:c3:b8:7c:51:5e:31:d0:7b:3a:d0:e7:8c:
ad:f7:81:6d:f7:1f:d5:53:e5:63:85:80:0e:f2:fc:
8a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:04:1E:40:A3:D6:7B:A5:41:28:51:9A:AB:7F:76:30:0C:50:D2:27
X509v3 Authority Key Identifier:
keyid:BC:4F:1E:6B:01:1F:4D:63:31:A1:27:95:5A:54:8F:A5:05:25:80:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vE8eawEfTWMxoSeVWlSPpQUlgKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/1-gQeQKPWe6VBKFGaq392MAxQ0ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/66a237-9bc5-4abd-9b8b-c55476759d0c/1/vE8eawEfTWMxoSeVWlSPpQUlgKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.164.0/22
Signature Algorithm: sha256WithRSAEncryption
67:86:d2:d4:88:a5:1e:d2:bb:e5:66:f3:04:68:24:d7:46:e3:
8f:58:b4:9e:34:8b:7f:f2:2d:47:42:ec:0c:ef:83:e2:a8:5c:
c3:2c:42:ff:dd:13:04:b8:38:2e:c2:1e:4c:b5:31:af:2c:07:
a0:87:e2:e5:be:a2:96:02:23:b0:5d:ac:67:64:bf:0f:79:63:
99:60:9e:fc:b4:ea:d0:c7:9c:13:7b:51:52:c2:c3:67:69:8b:
92:c2:88:35:0a:ca:12:e5:44:95:ec:43:b9:c9:42:de:e3:89:
e3:c9:dc:1c:15:6e:1f:93:b5:eb:84:cd:d2:f5:d6:ad:97:dc:
12:8e:0c:ac:62:24:d2:f0:3d:b1:6b:6d:76:56:18:16:65:e4:
aa:aa:12:a2:16:6b:35:6c:db:f5:84:12:3e:b3:f2:b4:66:fd:
07:1c:32:47:33:31:76:b4:59:b2:59:9f:a7:a9:10:b4:af:99:
9e:55:67:7c:0d:93:a9:c0:ee:11:53:c9:91:e9:d7:ec:98:56:
61:ec:7c:bf:b5:4b:13:a0:a3:66:8a:cb:1e:8e:89:ad:5b:93:
33:1a:9d:e9:18:1f:14:8e:9b:fd:f9:98:bf:e6:f9:3e:49:fa:
73:99:85:87:bd:4e:fa:9c:b7:d5:7a:58:aa:3d:d3:3a:7f:0d:
93:87:1e:68
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJTT1P7n0cNj++zSGQdqiyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNGYxZTZiMDExZjRkNjMzMWExMjc5NTVhNTQ4ZmE1MDUy
NTgwYTUwHhcNMjQwMTAyMDgzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTA0MWU0MGEzZDY3YmE1NDEyODUxOWFhYjdmNzYzMDBjNTBkMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOe8IFXesB2V/xyavET5+gKdVQzV
+61VJ53poeWC/GHAXPcRu+VtlLueSJx7AymA/85+sO9swMhEictAkJ3/JMlkg2DK
At7fIfl/tIvgqoH2xHz21W9Q9mLTdqIjYHLGQWbDeaSiTz0Q41ffVvxLv8dbwqiV
rFyAbldSTilKKmaG6IeEbUkWHjimB8hxx9vnXH22sQYoZrMTJRggJhkIYfMKe0lM
rH8s1HxAfeZmSRKiy4l/chQ6oVRySTNlsn2hfhpXggRipEbk2a1S+LW5iLG6d0z/
0YVT352HCuJCVcLZKNXDuHxRXjHQezrQ54yt94Ft9x/VU+VjhYAO8vyKMwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPoEHkCj1nulQShRmqt/djAMUNInMB8GA1UdIwQY
MBaAFLxPHmsBH01jMaEnlVpUj6UFJYClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkU4ZWF3RWZUV014b1NlVldsU1BwUVVsZ0tVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi82NmEyMzctOWJjNS00YWJkLTliOGIt
YzU1NDc2NzU5ZDBjLzEvMS1nUWVRS1BXZTZWQktGR2FxMzkyTUF4UTBpYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWYvNjZhMjM3LTliYzUtNGFiZC05YjhiLWM1NTQ3Njc1OWQw
Yy8xL3ZFOGVhd0VmVFdNeG9TZVZXbFNQcFFVbGdLVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmApDAN
BgkqhkiG9w0BAQsFAAOCAQEAZ4bS1IilHtK75WbzBGgk10bjj1i0njSLf/ItR0Ls
DO+D4qhcwyxC/90TBLg4LsIeTLUxrywHoIfi5b6ilgIjsF2sZ2S/D3ljmWCe/LTq
0MecE3tRUsLDZ2mLksKINQrKEuVElexDuclC3uOJ48ncHBVuH5O164TN0vXWrZfc
Eo4MrGIk0vA9sWttdlYYFmXkqqoSohZrNWzb9YQSPrPytGb9BxwyRzMxdrRZslmf
p6kQtK+ZnlVnfA2TqcDuEVPJkenX7JhWYex8v7VLE6CjZorLHo6JrVuTMxqd6Rgf
FI6b/fmYv+b5Pkn6c5mFh71O+py31XpYqj3TOn8Nk4ceaA==
-----END CERTIFICATE-----
Generated at Wed May 22 23:35:39 2024 by rpki-client on console-ams.rpki-client.org