Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/BAz8aShy0KTEjAHKmZdgZHyYGQU.roa
File: BAz8aShy0KTEjAHKmZdgZHyYGQU.roa (raw, json)
Hash identifier: QbEgUHVKzK/GBYfshTM6VaSzB/z8w4xPIpPkKtWAW5g=
Subject key identifier: 04:0C:FC:69:28:72:D0:A4:C4:8C:01:CA:99:97:60:64:7C:98:19:05
Certificate issuer: /CN=745b6c3c9abdedb96eb1ef3f7f7fa70057522c7f
Certificate serial: 018CC3490F511CFBE2A11082628587A23EC5
Authority key identifier: 74:5B:6C:3C:9A:BD:ED:B9:6E:B1:EF:3F:7F:7F:A7:00:57:52:2C:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dFtsPJq97bluse8_f3-nAFdSLH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/BAz8aShy0KTEjAHKmZdgZHyYGQU.roa
Signing time: Mon 01 Jan 2024 04:29:54 +0000
ROA not before: Mon 01 Jan 2024 04:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62217
IP address blocks: 185.184.156.0/24 maxlen: 24
185.184.157.0/24 maxlen: 24
185.184.158.0/24 maxlen: 24
185.184.156.0/22 maxlen: 22
185.184.159.0/24 maxlen: 24
2a0b:3880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/dFtsPJq97bluse8_f3-nAFdSLH8.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/dFtsPJq97bluse8_f3-nAFdSLH8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dFtsPJq97bluse8_f3-nAFdSLH8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 16:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:0f:51:1c:fb:e2:a1:10:82:62:85:87:a2:3e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=745b6c3c9abdedb96eb1ef3f7f7fa70057522c7f
Validity
Not Before: Jan 1 04:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=040cfc692872d0a4c48c01ca999760647c981905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7c:b9:a7:d3:aa:25:15:fc:51:9f:58:8c:a1:
90:08:9c:9e:d2:94:74:3f:6c:e8:69:c0:bf:ed:41:
bb:ad:42:4d:d0:7e:bc:21:ea:96:63:e2:98:eb:18:
a4:96:35:64:f2:c9:73:91:04:57:7c:1d:76:dc:e4:
f7:09:7d:1c:61:7a:9c:d4:d3:08:d1:96:c3:2e:c7:
e3:e0:f3:3f:db:fa:74:38:30:c2:17:3f:ce:4f:50:
68:0d:ca:d6:99:55:9b:56:2c:2d:c0:fd:cb:fd:62:
20:f8:a3:9b:99:5b:ec:b1:b9:45:79:de:e5:3b:e3:
63:ca:ca:ad:2b:66:cc:22:2b:33:9f:89:2e:9e:d1:
3a:b5:61:33:99:8b:48:ac:1b:55:66:16:99:a8:c4:
a8:a1:bd:78:4b:5a:ef:87:31:46:4e:ff:56:e5:b2:
50:9b:c0:a1:98:64:ef:47:fa:20:db:07:2e:f5:3c:
f3:55:b3:26:e3:de:90:f3:9e:a6:42:bb:ed:ba:aa:
d0:e5:f5:3e:38:2b:27:8e:c7:77:f6:a9:66:96:4f:
a2:91:5b:1d:9e:1b:6e:9c:b7:25:fc:dc:4b:a0:27:
79:fd:ce:75:42:04:23:4f:7c:70:14:ea:a6:af:9f:
3b:d9:fd:00:b8:41:a9:c3:17:54:07:af:7d:ea:da:
74:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0C:FC:69:28:72:D0:A4:C4:8C:01:CA:99:97:60:64:7C:98:19:05
X509v3 Authority Key Identifier:
keyid:74:5B:6C:3C:9A:BD:ED:B9:6E:B1:EF:3F:7F:7F:A7:00:57:52:2C:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dFtsPJq97bluse8_f3-nAFdSLH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/BAz8aShy0KTEjAHKmZdgZHyYGQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/71d52f-7e07-49d1-b99b-f70d5ef875c3/1/dFtsPJq97bluse8_f3-nAFdSLH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.156.0/22
IPv6:
2a0b:3880::/32
Signature Algorithm: sha256WithRSAEncryption
bc:93:83:16:f1:93:04:76:b4:94:db:a2:89:eb:4d:73:38:30:
37:9f:b3:69:6c:91:1c:4f:2c:ca:8a:ea:7a:3f:b3:2b:83:04:
32:d3:59:bf:ec:aa:d9:15:fe:47:8b:ef:04:d8:e3:f1:3c:57:
59:d0:1a:cd:81:4b:f9:be:7b:ff:4f:54:4f:83:7e:68:56:2b:
fe:6d:3a:b9:70:b4:71:3a:6e:d7:da:d5:7e:ed:aa:ad:2e:02:
75:31:37:b0:16:50:85:7b:94:c6:9a:48:ac:a8:44:2a:b0:59:
1f:78:54:31:ae:c6:e3:fe:3c:99:07:a5:f6:ef:3d:bd:12:a3:
8d:7f:90:99:4b:70:7d:fb:e4:bb:08:d0:a3:58:a7:6d:52:7e:
3a:42:68:88:17:b0:78:61:ae:c6:be:ac:1a:b1:41:f3:73:98:
87:a2:20:66:80:c4:eb:9a:3c:07:19:f9:e9:52:f9:df:eb:99:
4d:d2:76:88:b0:a7:ab:26:3c:be:44:45:e4:1b:4b:d9:b6:4f:
f8:13:72:6e:3b:65:d9:78:0a:9a:ea:81:ae:31:12:47:cd:5c:
b1:c8:f0:39:cb:b1:78:d6:dc:6e:cf:20:f6:c9:d3:2f:8e:68:
5f:d0:20:a1:27:a9:25:d6:c8:eb:85:5d:0b:c6:86:9e:85:f6:
e4:27:e2:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSQ9RHPvioRCCYoWHoj7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NWI2YzNjOWFiZGVkYjk2ZWIxZWYzZjdmN2ZhNzAwNTc1
MjJjN2YwHhcNMjQwMTAxMDQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDBjZmM2OTI4NzJkMGE0YzQ4YzAxY2E5OTk3NjA2NDdjOTgxOTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3y5p9OqJRX8UZ9YjKGQCJye0pR0
P2zoacC/7UG7rUJN0H68IeqWY+KY6xikljVk8slzkQRXfB123OT3CX0cYXqc1NMI
0ZbDLsfj4PM/2/p0ODDCFz/OT1BoDcrWmVWbViwtwP3L/WIg+KObmVvssblFed7l
O+NjysqtK2bMIiszn4kuntE6tWEzmYtIrBtVZhaZqMSoob14S1rvhzFGTv9W5bJQ
m8ChmGTvR/og2wcu9TzzVbMm496Q856mQrvtuqrQ5fU+OCsnjsd39qlmlk+ikVsd
nhtunLcl/NxLoCd5/c51QgQjT3xwFOqmr5872f0AuEGpwxdUB6996tp0xQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAQM/GkoctCkxIwBypmXYGR8mBkFMB8GA1UdIwQY
MBaAFHRbbDyave25brHvP39/pwBXUix/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEZ0c1BKcTk3Ymx1c2U4X2YzLW5BRmRTTEg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83MWQ1MmYtN2UwNy00OWQxLWI5OWIt
ZjcwZDVlZjg3NWMzLzEvQkF6OGFTaHkwS1RFakFIS21aZGdaSHlZR1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83MWQ1MmYtN2UwNy00OWQxLWI5OWItZjcwZDVlZjg3NWMz
LzEvZEZ0c1BKcTk3Ymx1c2U4X2YzLW5BRmRTTEg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubicMA0E
AgACMAcDBQAqCziAMA0GCSqGSIb3DQEBCwUAA4IBAQC8k4MW8ZMEdrSU26KJ601z
ODA3n7NpbJEcTyzKiup6P7MrgwQy01m/7KrZFf5Hi+8E2OPxPFdZ0BrNgUv5vnv/
T1RPg35oViv+bTq5cLRxOm7X2tV+7aqtLgJ1MTewFlCFe5TGmkisqEQqsFkfeFQx
rsbj/jyZB6X27z29EqONf5CZS3B9++S7CNCjWKdtUn46QmiIF7B4Ya7GvqwasUHz
c5iHoiBmgMTrmjwHGfnpUvnf65lN0naIsKerJjy+REXkG0vZtk/4E3JuO2XZeAqa
6oGuMRJHzVyxyPA5y7F41txuzyD2ydMvjmhf0CChJ6kl1sjrhV0LxoaehfbkJ+Lr
-----END CERTIFICATE-----
Generated at Wed May 29 00:59:52 2024 by rpki-client on console-fra.rpki-client.org