Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/j5dl_qSZegCRVIp-ZsJPu9e2wn8.roa
File: j5dl_qSZegCRVIp-ZsJPu9e2wn8.roa (raw, json)
Hash identifier: XEM8iy5hJ0V2M53SNxtmW90+DXerImdLN07EqFlOyhE=
Subject key identifier: 8F:97:65:FE:A4:99:7A:00:91:54:8A:7E:66:C2:4F:BB:D7:B6:C2:7F
Certificate issuer: /CN=7b87f6b9119fa9dcd3e12e7e6bfb706dff978825
Certificate serial: 018CC2DB110706FEA42526ABE63E5FB219D6
Authority key identifier: 7B:87:F6:B9:11:9F:A9:DC:D3:E1:2E:7E:6B:FB:70:6D:FF:97:88:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e4f2uRGfqdzT4S5-a_twbf-XiCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/j5dl_qSZegCRVIp-ZsJPu9e2wn8.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12859
IP address blocks: 185.173.21.0/24 maxlen: 24
185.173.22.0/24 maxlen: 24
185.173.20.0/24 maxlen: 24
2a0b:3100:100::/40 maxlen: 48
2a0b:3100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/e4f2uRGfqdzT4S5-a_twbf-XiCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/e4f2uRGfqdzT4S5-a_twbf-XiCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/e4f2uRGfqdzT4S5-a_twbf-XiCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:11:07:06:fe:a4:25:26:ab:e6:3e:5f:b2:19:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b87f6b9119fa9dcd3e12e7e6bfb706dff978825
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f9765fea4997a0091548a7e66c24fbbd7b6c27f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:bb:35:39:b0:ce:11:22:56:b2:56:cf:6a:66:
80:47:73:35:6f:b5:0b:0a:a8:1a:7c:22:7c:0f:40:
55:a2:3f:dc:b7:ed:f6:66:fc:3d:f4:3d:9e:a8:07:
58:18:51:7a:92:b5:b0:65:7e:bd:58:05:61:13:65:
d7:6a:c3:5c:af:60:63:6f:74:a5:8a:53:02:35:a5:
64:0d:54:87:4e:27:d0:d1:a8:4c:c3:16:72:4f:b6:
93:c3:da:ed:32:56:20:83:a2:87:05:f2:d1:d7:e3:
41:1c:65:2c:1b:a5:04:f0:76:dc:ce:ab:33:a2:72:
b3:ff:c4:c1:51:46:76:f6:72:46:a2:0d:cd:02:7f:
b0:37:d7:6f:c4:ba:a7:49:43:13:67:c5:14:a1:e4:
14:f1:5f:63:ac:e5:65:c8:ae:23:4b:e9:af:51:ab:
e2:3c:95:aa:ac:20:5b:47:90:65:ab:80:cf:6b:05:
bd:3f:a2:12:e1:cc:88:98:b2:f8:13:2d:76:28:ea:
fb:ec:38:16:27:9d:81:8c:2e:30:ef:73:07:2b:9a:
2d:77:d7:b3:ce:a2:0d:ec:da:85:35:08:11:df:5a:
ee:65:a7:b0:12:21:7b:5f:48:62:ba:a4:dc:d9:85:
d7:de:cb:f0:77:20:8e:a8:f5:62:6d:8b:c8:7c:65:
77:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:97:65:FE:A4:99:7A:00:91:54:8A:7E:66:C2:4F:BB:D7:B6:C2:7F
X509v3 Authority Key Identifier:
keyid:7B:87:F6:B9:11:9F:A9:DC:D3:E1:2E:7E:6B:FB:70:6D:FF:97:88:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4f2uRGfqdzT4S5-a_twbf-XiCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/j5dl_qSZegCRVIp-ZsJPu9e2wn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3f3ab1-5959-45a8-bc0f-d78514e9e812/1/e4f2uRGfqdzT4S5-a_twbf-XiCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.20.0-185.173.22.255
IPv6:
2a0b:3100::/39
Signature Algorithm: sha256WithRSAEncryption
2f:e9:96:5c:ff:54:d8:0e:af:68:13:bf:91:64:04:d9:3c:fb:
a9:5e:e6:31:76:c4:62:e2:30:da:fa:d7:6d:d8:62:f9:67:9a:
32:b3:2c:91:42:26:2f:27:1c:33:8c:06:92:56:b3:ae:f5:24:
c2:7c:a9:48:70:0e:81:1f:2d:49:b2:a8:1b:6b:f0:2f:38:07:
4a:fa:9e:e1:cb:b1:25:e3:f4:f3:90:7b:a9:72:a9:eb:68:bc:
64:01:2b:e4:8f:b4:40:3d:63:2d:88:68:35:d7:e4:5f:c5:2d:
55:a1:18:5b:4f:d8:b9:c5:0f:e4:8d:1f:5d:e8:56:b4:16:5d:
1b:7f:dd:16:d9:33:d0:fe:70:5b:50:42:d5:45:6d:dc:a2:13:
9a:fc:47:4e:06:7e:7b:94:de:fa:59:97:ce:fd:a8:9e:21:24:
d0:2c:3d:41:c4:fb:a9:e3:f8:c9:dc:d1:f3:a6:0c:d5:96:7d:
5f:3b:1e:c4:41:a4:70:1a:19:fd:2c:12:e9:e9:87:08:19:0a:
52:91:07:3c:bc:94:ef:74:a3:81:05:d2:81:b6:8e:2a:1d:f5:
03:dd:82:ed:b4:91:5e:c9:18:7f:4c:d8:d6:57:53:83:42:88:
ef:b3:2f:49:16:b3:3f:98:80:b2:a8:c5:c8:24:c3:18:1c:56:
da:0b:0d:4f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC2xEHBv6kJSar5j5fshnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiODdmNmI5MTE5ZmE5ZGNkM2UxMmU3ZTZiZmI3MDZkZmY5
Nzg4MjUwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjk3NjVmZWE0OTk3YTAwOTE1NDhhN2U2NmMyNGZiYmQ3YjZjMjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7s1ObDOESJWslbPamaAR3M1b7UL
CqgafCJ8D0BVoj/ct+32Zvw99D2eqAdYGFF6krWwZX69WAVhE2XXasNcr2Bjb3Sl
ilMCNaVkDVSHTifQ0ahMwxZyT7aTw9rtMlYgg6KHBfLR1+NBHGUsG6UE8Hbczqsz
onKz/8TBUUZ29nJGog3NAn+wN9dvxLqnSUMTZ8UUoeQU8V9jrOVlyK4jS+mvUavi
PJWqrCBbR5Blq4DPawW9P6IS4cyImLL4Ey12KOr77DgWJ52BjC4w73MHK5otd9ez
zqIN7NqFNQgR31ruZaewEiF7X0hiuqTc2YXX3svwdyCOqPVibYvIfGV3WQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI+XZf6kmXoAkVSKfmbCT7vXtsJ/MB8GA1UdIwQY
MBaAFHuH9rkRn6nc0+Eufmv7cG3/l4glMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTRmMnVSR2ZxZHpUNFM1LWFfdHdiZi1YaUNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZjNhYjEtNTk1OS00NWE4LWJjMGYt
ZDc4NTE0ZTllODEyLzEvajVkbF9xU1plZ0NSVklwLVpzSlB1OWUyd244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZjNhYjEtNTk1OS00NWE4LWJjMGYtZDc4NTE0ZTllODEy
LzEvZTRmMnVSR2ZxZHpUNFM1LWFfdHdiZi1YaUNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAUBAIAATAOMAwDBAK5rRQD
BAC5rRYwDgQCAAIwCAMGASoLMQAAMA0GCSqGSIb3DQEBCwUAA4IBAQAv6ZZc/1TY
Dq9oE7+RZATZPPupXuYxdsRi4jDa+tdt2GL5Z5oysyyRQiYvJxwzjAaSVrOu9STC
fKlIcA6BHy1Jsqgba/AvOAdK+p7hy7El4/TzkHupcqnraLxkASvkj7RAPWMtiGg1
1+RfxS1VoRhbT9i5xQ/kjR9d6Fa0Fl0bf90W2TPQ/nBbUELVRW3cohOa/EdOBn57
lN76WZfO/aieISTQLD1BxPup4/jJ3NHzpgzVln1fOx7EQaRwGhn9LBLp6YcIGQpS
kQc8vJTvdKOBBdKBto4qHfUD3YLttJFeyRh/TNjWV1ODQojvsy9JFrM/mICyqMXI
JMMYHFbaCw1P
-----END CERTIFICATE-----
Generated at Tue Jun 25 23:45:38 2024 by rpki-client on console-fra.rpki-client.org