Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/36e6f0-eb2c-4cf8-8565-b363bb6caa02/1/RHYorYmxGEi6EtMAmdNMSaP2RWY.roa
File: RHYorYmxGEi6EtMAmdNMSaP2RWY.roa (raw, json)
Hash identifier: BWIqEsnrM9NrAhkPBGH5oUpzrTh29axC0vKhZEdgr7I=
Subject key identifier: 44:76:28:AD:89:B1:18:48:BA:12:D3:00:99:D3:4C:49:A3:F6:45:66
Certificate issuer: /CN=fa23aeb6a5d9a34b83607777776fb8764fb76f00
Certificate serial: 018CCA99E44BA0FA83FA261162248B5A841F
Authority key identifier: FA:23:AE:B6:A5:D9:A3:4B:83:60:77:77:77:6F:B8:76:4F:B7:6F:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-iOutqXZo0uDYHd3d2-4dk-3bwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/36e6f0-eb2c-4cf8-8565-b363bb6caa02/1/RHYorYmxGEi6EtMAmdNMSaP2RWY.roa
Signing time: Tue 02 Jan 2024 14:35:32 +0000
ROA not before: Tue 02 Jan 2024 14:35:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61200
IP address blocks: 185.16.21.0/24 maxlen: 24
185.16.20.0/22 maxlen: 22
185.16.20.0/24 maxlen: 24
185.16.20.0/23 maxlen: 23
185.16.23.0/24 maxlen: 24
185.16.22.0/23 maxlen: 23
185.16.22.0/24 maxlen: 24
2a03:cbc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/36e6f0-eb2c-4cf8-8565-b363bb6caa02/1/1-iOutqXZo0uDYHd3d2-4dk-3bwA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/36e6f0-eb2c-4cf8-8565-b363bb6caa02/1/1-iOutqXZo0uDYHd3d2-4dk-3bwA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-iOutqXZo0uDYHd3d2-4dk-3bwA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:e4:4b:a0:fa:83:fa:26:11:62:24:8b:5a:84:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa23aeb6a5d9a34b83607777776fb8764fb76f00
Validity
Not Before: Jan 2 14:35:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=447628ad89b11848ba12d30099d34c49a3f64566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e0:24:a8:5c:e0:38:6a:b2:4e:12:4a:c1:c5:
4a:ad:39:9a:dd:f1:d3:2b:b6:92:7a:33:86:ba:5c:
b7:3a:2e:cc:cd:52:f0:fc:14:ec:b0:f3:74:64:f0:
7e:a1:d6:5a:9c:ea:97:8d:74:29:e4:34:30:79:21:
b9:2a:d8:f1:2e:6d:53:48:1a:7c:b3:a8:3e:77:f0:
e8:c7:b2:37:ad:ea:a3:be:a0:03:7c:42:3e:81:50:
9d:8c:9c:33:f2:96:06:d6:e9:81:37:77:ac:51:12:
1d:ec:10:f4:06:fc:b1:48:70:20:d1:ef:21:88:71:
19:06:41:e0:77:a3:08:a8:7d:cd:0c:dd:c1:c2:35:
24:90:2f:61:45:e6:55:8d:3f:0c:e4:e7:ac:e1:20:
50:ca:40:cb:e5:a4:89:d8:b5:8b:2e:42:ed:eb:82:
b2:ac:0c:9f:d3:30:cc:dd:89:0d:f3:00:5b:23:84:
89:84:03:37:15:ea:a6:c9:4e:83:6b:60:8f:2c:09:
8f:f8:dd:39:63:c4:fb:36:01:c4:91:83:9f:65:19:
ad:22:86:b5:2c:d0:66:5b:e0:4f:27:d8:29:6b:9a:
60:b8:aa:37:82:88:b6:26:f9:2d:8e:3d:c3:7e:eb:
5a:cf:db:0e:3d:61:eb:d0:df:34:b7:04:74:8b:b2:
cf:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:76:28:AD:89:B1:18:48:BA:12:D3:00:99:D3:4C:49:A3:F6:45:66
X509v3 Authority Key Identifier:
keyid:FA:23:AE:B6:A5:D9:A3:4B:83:60:77:77:77:6F:B8:76:4F:B7:6F:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-iOutqXZo0uDYHd3d2-4dk-3bwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/36e6f0-eb2c-4cf8-8565-b363bb6caa02/1/RHYorYmxGEi6EtMAmdNMSaP2RWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/36e6f0-eb2c-4cf8-8565-b363bb6caa02/1/1-iOutqXZo0uDYHd3d2-4dk-3bwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.20.0/22
IPv6:
2a03:cbc0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:57:d1:94:5c:98:df:a8:06:8b:60:80:12:7d:14:08:93:29:
8a:92:84:40:9e:bc:1c:33:ab:08:c8:bb:0f:6c:3f:99:39:e7:
f8:c4:0e:fc:07:83:dd:59:bc:58:33:5f:2e:43:98:1d:80:92:
a9:f9:8e:3e:3f:8a:81:0c:3d:8d:a1:50:bb:35:9b:21:46:71:
75:cc:fb:18:36:b4:f2:cc:fe:72:ef:a1:f0:d5:a2:48:b4:04:
8e:12:06:39:70:20:11:0c:7c:bd:3f:9f:de:64:67:94:a2:f0:
10:16:c8:f0:9f:36:13:36:c2:0e:1d:91:c1:cf:b2:cd:90:dd:
25:20:47:c9:30:74:32:b7:00:a2:d6:fc:37:84:58:4f:8a:f0:
32:d8:44:31:c5:75:9e:03:1c:ca:48:29:43:15:be:3d:ed:d5:
c1:5e:dc:47:cf:94:b1:e0:a1:98:32:fb:a4:f3:21:b5:23:cd:
46:70:18:3a:9d:9a:cf:9b:be:70:8c:f4:c9:56:1a:81:69:ee:
0e:f9:36:53:76:f3:a9:47:40:f9:81:a8:ad:01:d3:56:8a:a3:
35:4e:6f:da:99:92:69:42:65:08:f8:49:f7:f4:45:54:53:c6:
90:bd:c4:c1:fa:fc:5d:5e:84:c8:94:64:32:d9:01:94:82:f5:
b0:a0:42:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKmeRLoPqD+iYRYiSLWoQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMjNhZWI2YTVkOWEzNGI4MzYwNzc3Nzc3NmZiODc2NGZi
NzZmMDAwHhcNMjQwMTAyMTQzNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc2MjhhZDg5YjExODQ4YmExMmQzMDA5OWQzNGM0OWEzZjY0NTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOAkqFzgOGqyThJKwcVKrTma3fHT
K7aSejOGuly3Oi7MzVLw/BTssPN0ZPB+odZanOqXjXQp5DQweSG5KtjxLm1TSBp8
s6g+d/Dox7I3reqjvqADfEI+gVCdjJwz8pYG1umBN3esURId7BD0BvyxSHAg0e8h
iHEZBkHgd6MIqH3NDN3BwjUkkC9hReZVjT8M5Oes4SBQykDL5aSJ2LWLLkLt64Ky
rAyf0zDM3YkN8wBbI4SJhAM3FeqmyU6Da2CPLAmP+N05Y8T7NgHEkYOfZRmtIoa1
LNBmW+BPJ9gpa5pguKo3goi2Jvktjj3Dfutaz9sOPWHr0N80twR0i7LPEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFER2KK2JsRhIuhLTAJnTTEmj9kVmMB8GA1UdIwQY
MBaAFPojrral2aNLg2B3d3dvuHZPt28AMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1pT3V0cVhabzB1RFlIZDNkMi00ZGstM2J3QS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvMzZlNmYwLWViMmMtNGNmOC04NTY1
LWIzNjNiYjZjYWEwMi8xL1JIWW9yWW14R0VpNkV0TUFtZE5NU2FQMlJXWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmMvMzZlNmYwLWViMmMtNGNmOC04NTY1LWIzNjNiYjZjYWEw
Mi8xLzEtaU91dHFYWm8wdURZSGQzZDItNGRrLTNid0EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5EBQw
DQQCAAIwBwMFAyoDy8AwDQYJKoZIhvcNAQELBQADggEBAF5X0ZRcmN+oBotggBJ9
FAiTKYqShECevBwzqwjIuw9sP5k55/jEDvwHg91ZvFgzXy5DmB2Akqn5jj4/ioEM
PY2hULs1myFGcXXM+xg2tPLM/nLvofDVoki0BI4SBjlwIBEMfL0/n95kZ5Si8BAW
yPCfNhM2wg4dkcHPss2Q3SUgR8kwdDK3AKLW/DeEWE+K8DLYRDHFdZ4DHMpIKUMV
vj3t1cFe3EfPlLHgoZgy+6TzIbUjzUZwGDqdms+bvnCM9MlWGoFp7g75NlN286lH
QPmBqK0B01aKozVOb9qZkmlCZQj4Sff0RVRTxpC9xMH6/F1ehMiUZDLZAZSC9bCg
Ql4=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:15:45 2024 by rpki-client on console-ams.rpki-client.org