Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/bPYTVvgxPz3yoWW8JLnI4V3s3eY.roa
File: bPYTVvgxPz3yoWW8JLnI4V3s3eY.roa (raw, json)
Hash identifier: cbKtMC2L0rpI+o3ES8zXUlwydPQtMEBO4zQyMigNamo=
Subject key identifier: 6C:F6:13:56:F8:31:3F:3D:F2:A1:65:BC:24:B9:C8:E1:5D:EC:DD:E6
Certificate issuer: /CN=db9b939d7bca13b6d8ccf4d8e78676f3807a0ece
Certificate serial: 018CCA2AA5DF16D07E8FE4700B666ADCA87D
Authority key identifier: DB:9B:93:9D:7B:CA:13:B6:D8:CC:F4:D8:E7:86:76:F3:80:7A:0E:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25uTnXvKE7bYzPTY54Z284B6Ds4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/bPYTVvgxPz3yoWW8JLnI4V3s3eY.roa
Signing time: Tue 02 Jan 2024 12:34:01 +0000
ROA not before: Tue 02 Jan 2024 12:34:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59989
IP address blocks: 185.97.94.0/24 maxlen: 24
185.97.93.0/24 maxlen: 24
185.97.92.0/24 maxlen: 24
185.97.92.0/22 maxlen: 22
185.97.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/25uTnXvKE7bYzPTY54Z284B6Ds4.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/25uTnXvKE7bYzPTY54Z284B6Ds4.mft
rsync://rpki.ripe.net/repository/DEFAULT/25uTnXvKE7bYzPTY54Z284B6Ds4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a5:df:16:d0:7e:8f:e4:70:0b:66:6a:dc:a8:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9b939d7bca13b6d8ccf4d8e78676f3807a0ece
Validity
Not Before: Jan 2 12:34:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cf61356f8313f3df2a165bc24b9c8e15decdde6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:73:ab:53:f2:44:5f:b9:1a:23:cd:87:da:17:
84:a1:b2:8e:45:2d:ce:4e:dc:05:34:d1:7d:96:a6:
cb:19:60:31:bf:e9:8b:fd:fe:6b:ab:e3:45:96:ed:
10:cd:cf:2f:29:d3:98:37:44:1d:6a:3b:63:b6:57:
72:ae:a4:cd:59:e5:b9:b2:9b:78:d9:85:f2:f8:31:
2d:34:37:e8:56:84:9d:de:ad:a2:01:91:b5:a7:25:
3d:2d:e2:b2:1f:70:7f:41:b7:b7:fd:bf:99:ad:a8:
c2:93:6e:15:b5:b9:fd:7d:4c:72:fd:b7:5b:ae:f6:
26:45:d3:7a:64:15:93:52:5f:40:85:aa:a5:40:ce:
e3:13:ed:01:e3:0e:c1:3b:33:ec:0b:a3:d8:b5:8d:
08:15:07:11:de:c1:2e:be:f0:be:a3:31:3a:5f:e9:
04:f5:be:33:2f:d7:87:42:36:72:de:0d:9c:77:37:
09:4d:53:fa:ed:51:ba:96:5a:c7:bd:6b:76:3a:46:
fd:74:7a:61:63:cd:6a:3a:92:04:dd:d9:15:c3:e7:
74:f9:20:a2:96:18:17:90:84:64:e6:77:b5:f6:42:
a9:0d:a1:4b:53:23:e0:b8:6c:b2:13:11:a9:32:b0:
bf:95:91:6b:d4:0c:2e:51:00:cc:dc:fd:74:4a:6b:
9a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F6:13:56:F8:31:3F:3D:F2:A1:65:BC:24:B9:C8:E1:5D:EC:DD:E6
X509v3 Authority Key Identifier:
keyid:DB:9B:93:9D:7B:CA:13:B6:D8:CC:F4:D8:E7:86:76:F3:80:7A:0E:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25uTnXvKE7bYzPTY54Z284B6Ds4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/bPYTVvgxPz3yoWW8JLnI4V3s3eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/938330-ccd8-4e7a-821c-a69c5bc7ed57/1/25uTnXvKE7bYzPTY54Z284B6Ds4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.92.0/22
Signature Algorithm: sha256WithRSAEncryption
be:f5:65:34:e4:84:ce:da:9d:83:1a:78:64:a0:8a:97:c1:6a:
a5:2a:6e:2c:af:fb:6c:88:e6:c2:7c:ec:6b:2c:b0:24:32:d5:
50:4c:db:c0:ab:d1:51:f8:ca:7b:79:9b:47:1b:ad:8f:71:16:
22:d6:6b:07:8c:72:87:6f:3d:ce:1b:24:a5:cf:c8:db:e1:de:
90:38:93:9f:99:db:dc:6b:8c:6d:06:dc:a1:26:86:03:6f:f5:
88:7f:ee:42:58:c4:2c:86:51:19:29:88:b2:de:a0:fe:fb:e3:
c2:20:6a:55:4c:5b:de:6c:8d:88:a5:39:0f:1f:02:e3:54:c1:
5b:2c:6a:d4:3f:bd:ca:6f:ac:17:8c:98:09:df:0f:a8:1d:a4:
73:5a:fa:ef:50:84:9c:6e:ac:58:95:24:54:2c:22:ad:8f:61:
6e:03:d3:be:c4:f7:5d:65:7b:30:4b:7e:4e:9f:fa:bf:22:39:
86:6e:5a:22:1c:07:99:dc:57:8e:cd:6d:93:7e:db:c2:65:b6:
7a:37:f6:e6:62:1f:0b:97:6e:c9:eb:dc:8a:47:ef:66:bb:b8:
8a:01:65:30:d9:3f:76:78:79:73:7b:51:27:f5:11:c5:2b:d2:
ad:9e:15:48:eb:5c:e9:a6:cf:b0:b6:eb:cf:13:d5:4a:1f:84:
18:2c:2f:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKqXfFtB+j+RwC2Zq3Kh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWI5MzlkN2JjYTEzYjZkOGNjZjRkOGU3ODY3NmYzODA3
YTBlY2UwHhcNMjQwMTAyMTIzNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y2MTM1NmY4MzEzZjNkZjJhMTY1YmMyNGI5YzhlMTVkZWNkZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinOrU/JEX7kaI82H2heEobKORS3O
TtwFNNF9lqbLGWAxv+mL/f5rq+NFlu0Qzc8vKdOYN0QdajtjtldyrqTNWeW5spt4
2YXy+DEtNDfoVoSd3q2iAZG1pyU9LeKyH3B/Qbe3/b+ZrajCk24Vtbn9fUxy/bdb
rvYmRdN6ZBWTUl9AhaqlQM7jE+0B4w7BOzPsC6PYtY0IFQcR3sEuvvC+ozE6X+kE
9b4zL9eHQjZy3g2cdzcJTVP67VG6llrHvWt2Okb9dHphY81qOpIE3dkVw+d0+SCi
lhgXkIRk5ne19kKpDaFLUyPguGyyExGpMrC/lZFr1AwuUQDM3P10Smua8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGz2E1b4MT898qFlvCS5yOFd7N3mMB8GA1UdIwQY
MBaAFNubk517yhO22Mz02OeGdvOAeg7OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjV1VG5YdktFN2JZelBUWTU0WjI4NEI2RHM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS85MzgzMzAtY2NkOC00ZTdhLTgyMWMt
YTY5YzViYzdlZDU3LzEvYlBZVFZ2Z3hQejN5b1dXOEpMbkk0VjNzM2VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS85MzgzMzAtY2NkOC00ZTdhLTgyMWMtYTY5YzViYzdlZDU3
LzEvMjV1VG5YdktFN2JZelBUWTU0WjI4NEI2RHM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWFcMA0G
CSqGSIb3DQEBCwUAA4IBAQC+9WU05ITO2p2DGnhkoIqXwWqlKm4sr/tsiObCfOxr
LLAkMtVQTNvAq9FR+Mp7eZtHG62PcRYi1msHjHKHbz3OGySlz8jb4d6QOJOfmdvc
a4xtBtyhJoYDb/WIf+5CWMQshlEZKYiy3qD+++PCIGpVTFvebI2IpTkPHwLjVMFb
LGrUP73Kb6wXjJgJ3w+oHaRzWvrvUIScbqxYlSRULCKtj2FuA9O+xPddZXswS35O
n/q/IjmGbloiHAeZ3FeOzW2TftvCZbZ6N/bmYh8Ll27J69yKR+9mu7iKAWUw2T92
eHlze1En9RHFK9KtnhVI61zpps+wtuvPE9VKH4QYLC/h
-----END CERTIFICATE-----
Generated at Sat May 18 19:15:53 2024 by rpki-client on console-ams.rpki-client.org