Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Cpj4CS5Syfv8p1MkSDbM2HHOQIA.roa
File: Cpj4CS5Syfv8p1MkSDbM2HHOQIA.roa (raw, json)
Hash identifier: QYdoLyP1ugdtttBATb01GlyvniZSmhwbFfG0SubmXXY=
Subject key identifier: 0A:98:F8:09:2E:52:C9:FB:FC:A7:53:24:48:36:CC:D8:71:CE:40:80
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CC94E02F2C2F26937BB6BAD78BDC49ABF
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Cpj4CS5Syfv8p1MkSDbM2HHOQIA.roa
Signing time: Tue 02 Jan 2024 08:33:02 +0000
ROA not before: Tue 02 Jan 2024 08:33:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41494
IP address blocks: 185.1.36.0/24 maxlen: 24
185.86.67.0/24 maxlen: 24
195.95.178.0/24 maxlen: 24
2a05:b680:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:02:f2:c2:f2:69:37:bb:6b:ad:78:bd:c4:9a:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 2 08:33:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a98f8092e52c9fbfca753244836ccd871ce4080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5d:2f:6d:24:ac:19:00:88:87:23:20:45:1a:
fc:56:74:c4:29:0c:4a:6d:0d:07:4e:af:8f:9f:7b:
e9:37:aa:4c:5e:55:fd:12:54:06:16:86:e5:5e:3f:
48:ae:4b:3d:b6:d1:c4:18:c0:34:41:a4:a8:52:99:
cd:d5:f6:76:1f:ba:ef:b9:24:8b:cd:2e:c8:85:a8:
f0:b1:e8:48:6c:25:71:28:26:0c:1c:ce:73:46:8a:
68:af:78:8e:b1:70:7c:84:05:3c:27:af:16:63:9a:
d5:f3:8d:e3:38:83:d5:35:4b:be:b9:6c:5a:23:81:
fd:eb:99:ed:eb:d6:0d:de:49:fc:bb:6b:39:35:77:
75:56:00:de:7d:a6:67:75:fa:ab:40:9d:b3:0d:73:
54:64:4c:aa:bd:57:e5:3f:fb:4d:60:fa:d5:4c:9f:
65:4b:10:19:1b:6f:e2:92:20:e7:dc:45:7e:8a:de:
ef:4d:b9:db:ac:43:51:6a:cf:47:e5:fa:fa:79:22:
d8:7a:c1:8c:0d:55:33:9d:09:f6:02:10:4f:0e:66:
5b:6f:0f:12:cf:43:fe:e4:c5:20:1a:f9:1d:6f:25:
d6:8a:52:a0:bf:42:fb:83:60:bc:df:71:90:0f:00:
79:53:83:e6:aa:2c:70:30:a2:e8:ea:ab:ef:ab:e9:
25:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:98:F8:09:2E:52:C9:FB:FC:A7:53:24:48:36:CC:D8:71:CE:40:80
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Cpj4CS5Syfv8p1MkSDbM2HHOQIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.36.0/24
185.86.67.0/24
195.95.178.0/24
IPv6:
2a05:b680:11::/48
Signature Algorithm: sha256WithRSAEncryption
93:ee:e7:f5:a8:05:44:f0:57:50:8f:9a:66:91:50:8a:a1:32:
61:7f:be:91:3a:19:68:c8:c9:3f:00:5a:2f:e5:18:14:dc:2c:
2a:c0:7b:4f:15:9a:de:9c:b3:72:42:16:62:14:d9:8d:c4:f2:
4c:47:84:9b:0f:10:b6:bb:e4:e1:96:7b:92:9b:76:cf:b0:8b:
45:d6:3e:bb:03:06:4c:f7:6e:57:78:46:4e:31:b8:1e:43:e6:
65:fc:59:f2:25:4c:99:86:af:7c:a8:85:b5:9f:89:64:cb:e3:
e5:0d:91:15:9a:58:84:6e:cd:63:b0:a8:7a:bb:4e:10:e3:53:
5e:68:1b:5c:5d:43:3c:61:67:0d:b9:d0:bc:52:4e:eb:19:63:
9e:0a:c0:e4:83:4a:c5:ce:1b:a4:fd:d2:6c:51:42:8a:6e:99:
8a:22:fb:79:ec:c7:08:59:ff:dd:b9:ee:57:7b:64:72:b0:2f:
4e:8a:a0:e8:04:a8:88:3d:55:76:06:fc:07:4a:b4:b1:1e:aa:
88:e2:d6:7a:72:fb:6b:d5:dd:33:c8:6a:d4:e5:33:0b:c3:ca:
be:84:72:a9:f4:90:1d:5f:ec:91:47:a5:0d:84:99:66:94:40:
a8:e0:f9:f3:75:23:26:31:77:0a:76:82:d1:ac:07:70:2c:6b:
c8:3e:c3:38
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzJTgLywvJpN7trrXi9xJq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTAyMDgzMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTk4ZjgwOTJlNTJjOWZiZmNhNzUzMjQ0ODM2Y2NkODcxY2U0MDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk10vbSSsGQCIhyMgRRr8VnTEKQxK
bQ0HTq+Pn3vpN6pMXlX9ElQGFoblXj9Irks9ttHEGMA0QaSoUpnN1fZ2H7rvuSSL
zS7IhajwsehIbCVxKCYMHM5zRopor3iOsXB8hAU8J68WY5rV843jOIPVNUu+uWxa
I4H965nt69YN3kn8u2s5NXd1VgDefaZndfqrQJ2zDXNUZEyqvVflP/tNYPrVTJ9l
SxAZG2/ikiDn3EV+it7vTbnbrENRas9H5fr6eSLYesGMDVUznQn2AhBPDmZbbw8S
z0P+5MUgGvkdbyXWilKgv0L7g2C833GQDwB5U4PmqixwMKLo6qvvq+klLQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAqY+AkuUsn7/KdTJEg2zNhxzkCAMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvQ3BqNENTNVN5ZnY4cDFNa1NEYk0ySEhPUUlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAuQEkAwQA
uVZDAwQAw1+yMA8EAgACMAkDBwAqBbaAABEwDQYJKoZIhvcNAQELBQADggEBAJPu
5/WoBUTwV1CPmmaRUIqhMmF/vpE6GWjIyT8AWi/lGBTcLCrAe08Vmt6cs3JCFmIU
2Y3E8kxHhJsPELa75OGWe5Kbds+wi0XWPrsDBkz3bld4Rk4xuB5D5mX8WfIlTJmG
r3yohbWfiWTL4+UNkRWaWIRuzWOwqHq7ThDjU15oG1xdQzxhZw250LxSTusZY54K
wOSDSsXOG6T90mxRQopumYoi+3nsxwhZ/9257ld7ZHKwL06KoOgEqIg9VXYG/AdK
tLEeqoji1npy+2vV3TPIatTlMwvDyr6Ecqn0kB1f7JFHpQ2EmWaUQKjg+fN1IyYx
dwp2gtGsB3Asa8g+wzg=
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:14:34 2024 by rpki-client on console-ams.rpki-client.org