Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/fbcbf7-ffc0-4392-8203-9c0a9e8b78e1/1/kQvmedxsnFhA0XcOwZ3BmJ4Qepo.roa
File: kQvmedxsnFhA0XcOwZ3BmJ4Qepo.roa (raw, json)
Hash identifier: HRgymgS1qb2pNqB1YnYq909mq6FDgIpyzSVoo6pOL9k=
Subject key identifier: 91:0B:E6:79:DC:6C:9C:58:40:D1:77:0E:C1:9D:C1:98:9E:10:7A:9A
Certificate issuer: /CN=24ecd13ae027f37f03862749347044a262028eb0
Certificate serial: 018CC4935C9C76931F1D5B87AE1A74525574
Authority key identifier: 24:EC:D1:3A:E0:27:F3:7F:03:86:27:49:34:70:44:A2:62:02:8E:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JOzROuAn838DhidJNHBEomICjrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/fbcbf7-ffc0-4392-8203-9c0a9e8b78e1/1/kQvmedxsnFhA0XcOwZ3BmJ4Qepo.roa
Signing time: Mon 01 Jan 2024 10:30:40 +0000
ROA not before: Mon 01 Jan 2024 10:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199370
IP address blocks: 185.16.164.0/24 maxlen: 24
185.16.164.0/23 maxlen: 23
185.16.164.0/22 maxlen: 24
185.16.165.0/24 maxlen: 24
185.16.166.0/24 maxlen: 24
185.16.166.0/23 maxlen: 23
185.16.167.0/24 maxlen: 24
2a03:d6c0::/32 maxlen: 32
2a03:d6c0:c000::/34 maxlen: 34
2a03:d6c0:8000::/34 maxlen: 34
2a03:d6c0:4000::/34 maxlen: 34
2a03:d6c0::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/fbcbf7-ffc0-4392-8203-9c0a9e8b78e1/1/JOzROuAn838DhidJNHBEomICjrA.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/fbcbf7-ffc0-4392-8203-9c0a9e8b78e1/1/JOzROuAn838DhidJNHBEomICjrA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JOzROuAn838DhidJNHBEomICjrA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5c:9c:76:93:1f:1d:5b:87:ae:1a:74:52:55:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24ecd13ae027f37f03862749347044a262028eb0
Validity
Not Before: Jan 1 10:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=910be679dc6c9c5840d1770ec19dc1989e107a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6c:3f:c5:ed:53:58:79:cb:20:a6:9d:cf:ca:
c3:a8:06:02:35:0f:77:39:37:83:55:29:07:4b:a5:
6d:75:5f:97:b5:2c:32:3f:24:63:b0:97:d2:1f:08:
7f:5c:35:57:8f:d3:0e:27:ee:2b:bd:05:64:03:85:
88:33:fc:3f:b4:99:ab:4d:7a:1f:1b:71:61:18:43:
3e:3f:9e:37:a4:12:bc:ce:ce:76:b0:fa:2e:6b:21:
2d:7d:7b:f3:cb:2b:7f:00:e4:a1:55:22:83:fc:8f:
9a:56:2e:a0:32:5b:1e:80:4f:3c:f9:14:f2:c6:70:
7d:a0:05:de:d4:21:2b:80:9c:c7:d9:24:ed:85:e4:
aa:15:10:b2:e0:8e:95:63:f1:3a:82:79:c1:28:c0:
c4:41:17:98:33:ec:7f:eb:ed:04:98:0a:3c:30:a4:
ff:f5:ae:73:34:cb:06:65:53:64:bc:8d:b1:c7:14:
1d:4f:bf:3f:42:0d:b2:65:47:e0:3e:0d:9c:fc:96:
4c:7f:f5:6c:db:13:b5:d4:de:fb:96:76:12:bd:7a:
1e:4b:93:ac:b7:5e:b3:99:3a:7f:a7:bb:1f:42:e6:
ac:39:b6:b7:03:c0:a7:f3:fa:f7:1e:bc:fa:ab:ee:
87:45:42:51:f4:07:cb:cb:04:73:d8:31:cf:f6:67:
c0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0B:E6:79:DC:6C:9C:58:40:D1:77:0E:C1:9D:C1:98:9E:10:7A:9A
X509v3 Authority Key Identifier:
keyid:24:EC:D1:3A:E0:27:F3:7F:03:86:27:49:34:70:44:A2:62:02:8E:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOzROuAn838DhidJNHBEomICjrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/fbcbf7-ffc0-4392-8203-9c0a9e8b78e1/1/kQvmedxsnFhA0XcOwZ3BmJ4Qepo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/fbcbf7-ffc0-4392-8203-9c0a9e8b78e1/1/JOzROuAn838DhidJNHBEomICjrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.164.0/22
IPv6:
2a03:d6c0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:19:f5:cb:07:06:8b:9e:21:75:cd:83:70:f4:b2:5e:59:ee:
34:04:40:9c:73:d4:af:2f:ae:0f:38:7d:ac:76:3b:20:be:0a:
c5:0b:da:c2:61:bf:79:14:db:51:ad:e7:3f:f5:2f:17:5f:44:
8d:27:bf:ba:ad:fe:c4:ed:9a:fc:b9:c8:fc:0f:10:7f:76:93:
ed:26:25:34:db:d6:94:eb:b5:9f:ff:07:16:ba:76:07:43:2e:
dc:2d:d8:1f:96:75:fa:c9:a6:4f:55:41:2e:c3:06:66:00:f5:
9f:e6:88:86:48:18:66:5c:57:9e:94:00:9f:2e:11:d0:e0:d6:
9c:cd:f6:a1:75:41:80:db:3e:3c:7d:7e:49:eb:50:91:f6:a3:
f4:7e:07:d8:be:ce:98:04:bf:2f:0e:e5:ab:93:a1:e5:0b:25:
27:60:d2:be:c5:43:33:c4:1f:93:b8:be:ea:cf:10:04:7d:87:
2e:4b:75:fd:21:68:ec:32:31:0f:e6:08:ee:b2:7c:95:02:27:
ce:03:c6:73:17:35:58:26:6b:dd:5a:e1:db:a4:0a:a9:b4:19:
ad:03:31:9b:40:d0:e1:5a:c8:fd:82:81:e2:dc:c0:67:64:97:
be:ef:f8:a7:72:9a:11:42:82:d7:a7:0c:b9:f6:17:7d:3a:ef:
23:c6:0f:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk1ycdpMfHVuHrhp0UlV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZWNkMTNhZTAyN2YzN2YwMzg2Mjc0OTM0NzA0NGEyNjIw
MjhlYjAwHhcNMjQwMTAxMTAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTBiZTY3OWRjNmM5YzU4NDBkMTc3MGVjMTlkYzE5ODllMTA3YTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWw/xe1TWHnLIKadz8rDqAYCNQ93
OTeDVSkHS6VtdV+XtSwyPyRjsJfSHwh/XDVXj9MOJ+4rvQVkA4WIM/w/tJmrTXof
G3FhGEM+P543pBK8zs52sPouayEtfXvzyyt/AOShVSKD/I+aVi6gMlsegE88+RTy
xnB9oAXe1CErgJzH2STtheSqFRCy4I6VY/E6gnnBKMDEQReYM+x/6+0EmAo8MKT/
9a5zNMsGZVNkvI2xxxQdT78/Qg2yZUfgPg2c/JZMf/Vs2xO11N77lnYSvXoeS5Os
t16zmTp/p7sfQuasOba3A8Cn8/r3Hrz6q+6HRUJR9AfLywRz2DHP9mfA4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJEL5nncbJxYQNF3DsGdwZieEHqaMB8GA1UdIwQY
MBaAFCTs0TrgJ/N/A4YnSTRwRKJiAo6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk96Uk91QW44MzhEaGlkSk5IQkVvbUlDanJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9mYmNiZjctZmZjMC00MzkyLTgyMDMt
OWMwYTllOGI3OGUxLzEva1F2bWVkeHNuRmhBMFhjT3daM0JtSjRRZXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9mYmNiZjctZmZjMC00MzkyLTgyMDMtOWMwYTllOGI3OGUx
LzEvSk96Uk91QW44MzhEaGlkSk5IQkVvbUlDanJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRCkMA0E
AgACMAcDBQAqA9bAMA0GCSqGSIb3DQEBCwUAA4IBAQCbGfXLBwaLniF1zYNw9LJe
We40BECcc9SvL64POH2sdjsgvgrFC9rCYb95FNtRrec/9S8XX0SNJ7+6rf7E7Zr8
ucj8DxB/dpPtJiU029aU67Wf/wcWunYHQy7cLdgflnX6yaZPVUEuwwZmAPWf5oiG
SBhmXFeelACfLhHQ4NaczfahdUGA2z48fX5J61CR9qP0fgfYvs6YBL8vDuWrk6Hl
CyUnYNK+xUMzxB+TuL7qzxAEfYcuS3X9IWjsMjEP5gjusnyVAifOA8ZzFzVYJmvd
WuHbpAqptBmtAzGbQNDhWsj9goHi3MBnZJe+7/incpoRQoLXpwy59hd9Ou8jxg/b
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:26:45 2024 by rpki-client on console-ams.rpki-client.org