Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/4bb7f4-9709-4109-b30e-24116cb6e986/1/Am-tfOATkcJfTFLCpyvOuTzLSxY.roa
File: Am-tfOATkcJfTFLCpyvOuTzLSxY.roa (raw, json)
Hash identifier: bZoZrsLfNkzn6o35c+K/Xwhtba5eV2o5JcIPeA8KVII=
Subject key identifier: 02:6F:AD:7C:E0:13:91:C2:5F:4C:52:C2:A7:2B:CE:B9:3C:CB:4B:16
Certificate issuer: /CN=048b0c33776663cb4321a108f2f4d1635b5d2d8a
Certificate serial: 018CC5DC822CB26167DF703BBDA6C700E4C1
Authority key identifier: 04:8B:0C:33:77:66:63:CB:43:21:A1:08:F2:F4:D1:63:5B:5D:2D:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIsMM3dmY8tDIaEI8vTRY1tdLYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/4bb7f4-9709-4109-b30e-24116cb6e986/1/Am-tfOATkcJfTFLCpyvOuTzLSxY.roa
Signing time: Mon 01 Jan 2024 16:30:11 +0000
ROA not before: Mon 01 Jan 2024 16:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204310
IP address blocks: 185.253.175.0/24 maxlen: 24
185.253.172.0/22 maxlen: 22
185.253.172.0/24 maxlen: 24
2a0c:3ec0::/29 maxlen: 29
2a0c:3ec7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/4bb7f4-9709-4109-b30e-24116cb6e986/1/BIsMM3dmY8tDIaEI8vTRY1tdLYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/4bb7f4-9709-4109-b30e-24116cb6e986/1/BIsMM3dmY8tDIaEI8vTRY1tdLYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIsMM3dmY8tDIaEI8vTRY1tdLYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:82:2c:b2:61:67:df:70:3b:bd:a6:c7:00:e4:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048b0c33776663cb4321a108f2f4d1635b5d2d8a
Validity
Not Before: Jan 1 16:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=026fad7ce01391c25f4c52c2a72bceb93ccb4b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c1:69:75:b0:1c:84:f0:2b:02:19:a6:0f:fc:
36:34:03:be:3d:2c:a2:b4:40:a7:97:b8:9f:ac:2c:
56:4c:b6:54:a7:50:35:9a:09:72:18:0c:52:97:68:
60:b9:44:61:19:23:2d:a2:b3:ff:9d:c3:0e:36:e2:
51:88:81:cf:85:91:bc:7d:f3:9c:92:30:dd:7f:4e:
6c:4a:43:aa:fb:29:50:12:58:83:5c:23:7c:63:98:
0b:47:1a:33:ee:39:a4:5b:1d:93:55:8c:c9:86:2d:
59:78:82:2e:cb:77:41:0f:ab:41:02:c1:eb:ef:e1:
c7:2a:c3:69:04:66:56:c9:a9:aa:6f:89:ef:1a:5c:
ac:b5:31:58:fc:11:30:7c:4f:76:8f:f7:b2:ec:d5:
72:21:63:c0:8b:27:1a:04:c6:68:c0:be:ed:56:17:
5b:c7:55:30:9a:74:26:fa:57:d6:d6:e2:31:5d:99:
d8:cc:c8:dd:da:42:f4:47:04:09:20:dc:f9:93:eb:
78:f0:bc:b1:32:f4:13:2d:54:83:7f:11:0f:d9:69:
66:45:1c:ba:e0:37:f1:62:ad:94:c2:1a:43:7d:09:
da:a8:6b:cb:e2:04:78:fa:16:69:28:c6:fd:d1:db:
06:2e:b9:e3:a5:b7:fe:ec:e7:28:70:57:e3:7b:36:
41:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:6F:AD:7C:E0:13:91:C2:5F:4C:52:C2:A7:2B:CE:B9:3C:CB:4B:16
X509v3 Authority Key Identifier:
keyid:04:8B:0C:33:77:66:63:CB:43:21:A1:08:F2:F4:D1:63:5B:5D:2D:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIsMM3dmY8tDIaEI8vTRY1tdLYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/4bb7f4-9709-4109-b30e-24116cb6e986/1/Am-tfOATkcJfTFLCpyvOuTzLSxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/4bb7f4-9709-4109-b30e-24116cb6e986/1/BIsMM3dmY8tDIaEI8vTRY1tdLYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.172.0/22
IPv6:
2a0c:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
80:1d:0e:11:72:85:6e:4f:c3:01:a4:5c:9a:97:43:42:db:af:
22:89:9f:18:49:e1:d5:76:be:64:c6:70:0b:62:e7:f1:42:8e:
c9:f5:77:47:e5:f8:20:72:35:0f:d8:75:f3:e8:85:1e:e2:23:
5f:5f:ec:87:b9:1e:6c:1a:41:c1:30:df:d0:3a:1d:6b:7a:82:
5a:a8:47:78:38:5b:48:ca:50:73:07:f3:42:5b:5a:7d:ce:b6:
3e:b7:77:08:fa:c5:6c:fd:4d:66:e0:3c:a7:55:47:32:9b:af:
3d:66:22:41:10:37:bd:f1:ae:81:d4:3c:e8:44:6a:b4:ed:3b:
59:19:7f:00:09:96:62:0f:a4:72:7c:3f:56:c0:d2:41:31:41:
68:4a:0b:b5:09:23:76:0e:01:c0:30:ad:5d:30:19:6d:5e:ab:
7d:77:35:d4:b7:7c:6d:b5:d5:ac:88:51:0b:f1:04:40:9c:d7:
1b:d1:13:5d:20:e5:25:f9:fb:3f:43:3d:83:ca:50:f7:b8:49:
31:d5:3b:29:04:67:58:b2:0f:79:04:9d:81:ed:dd:c8:47:ee:
af:71:23:7e:80:f2:ad:84:bc:72:74:a8:e3:06:f5:c0:7c:92:
74:b6:eb:25:7a:4d:f1:66:7b:67:87:63:32:23:47:d0:12:37:
9a:bd:9d:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3IIssmFn33A7vabHAOTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OGIwYzMzNzc2NjYzY2I0MzIxYTEwOGYyZjRkMTYzNWI1
ZDJkOGEwHhcNMjQwMTAxMTYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjZmYWQ3Y2UwMTM5MWMyNWY0YzUyYzJhNzJiY2ViOTNjY2I0YjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMFpdbAchPArAhmmD/w2NAO+PSyi
tECnl7ifrCxWTLZUp1A1mglyGAxSl2hguURhGSMtorP/ncMONuJRiIHPhZG8ffOc
kjDdf05sSkOq+ylQEliDXCN8Y5gLRxoz7jmkWx2TVYzJhi1ZeIIuy3dBD6tBAsHr
7+HHKsNpBGZWyamqb4nvGlystTFY/BEwfE92j/ey7NVyIWPAiycaBMZowL7tVhdb
x1UwmnQm+lfW1uIxXZnYzMjd2kL0RwQJINz5k+t48LyxMvQTLVSDfxEP2WlmRRy6
4DfxYq2UwhpDfQnaqGvL4gR4+hZpKMb90dsGLrnjpbf+7OcocFfjezZBrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAJvrXzgE5HCX0xSwqcrzrk8y0sWMB8GA1UdIwQY
MBaAFASLDDN3ZmPLQyGhCPL00WNbXS2KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQklzTU0zZG1ZOHRESWFFSTh2VFJZMXRkTFlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80YmI3ZjQtOTcwOS00MTA5LWIzMGUt
MjQxMTZjYjZlOTg2LzEvQW0tdGZPQVRrY0pmVEZMQ3B5dk91VHpMU3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80YmI3ZjQtOTcwOS00MTA5LWIzMGUtMjQxMTZjYjZlOTg2
LzEvQklzTU0zZG1ZOHRESWFFSTh2VFJZMXRkTFlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf2sMA0E
AgACMAcDBQMqDD7AMA0GCSqGSIb3DQEBCwUAA4IBAQCAHQ4RcoVuT8MBpFyal0NC
268iiZ8YSeHVdr5kxnALYufxQo7J9XdH5fggcjUP2HXz6IUe4iNfX+yHuR5sGkHB
MN/QOh1reoJaqEd4OFtIylBzB/NCW1p9zrY+t3cI+sVs/U1m4DynVUcym689ZiJB
EDe98a6B1DzoRGq07TtZGX8ACZZiD6RyfD9WwNJBMUFoSgu1CSN2DgHAMK1dMBlt
Xqt9dzXUt3xttdWsiFEL8QRAnNcb0RNdIOUl+fs/Qz2DylD3uEkx1TspBGdYsg95
BJ2B7d3IR+6vcSN+gPKthLxydKjjBvXAfJJ0tuslek3xZntnh2MyI0fQEjeavZ0q
-----END CERTIFICATE-----
Generated at Wed May 15 18:08:23 2024 by rpki-client on console-fra.rpki-client.org