Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/999r0NWrPfvR3_rZH1SqP_hOOfU.roa
File: 999r0NWrPfvR3_rZH1SqP_hOOfU.roa (raw, json)
Hash identifier: v1n10El5aCqGaEq9W1kjPgP/b/caVobxI/OHO6kE1zI=
Subject key identifier: F7:DF:6B:D0:D5:AB:3D:FB:D1:DF:FA:D9:1F:54:AA:3F:F8:4E:39:F5
Certificate issuer: /CN=23662c9a980ad7584650abaa3545b9ea91d3e35e
Certificate serial: 018CC4938870C66C524B0A77850FFB5953D9
Authority key identifier: 23:66:2C:9A:98:0A:D7:58:46:50:AB:AA:35:45:B9:EA:91:D3:E3:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/999r0NWrPfvR3_rZH1SqP_hOOfU.roa
Signing time: Mon 01 Jan 2024 10:30:52 +0000
ROA not before: Mon 01 Jan 2024 10:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201701
IP address blocks: 185.66.192.0/22 maxlen: 22
185.66.193.0/24 maxlen: 24
185.66.195.0/24 maxlen: 24
185.66.194.0/24 maxlen: 24
2a03:2260:1000::/36 maxlen: 36
2a03:2260:3000::/36 maxlen: 36
2a03:2260:2000::/36 maxlen: 36
2a03:2260::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/I2YsmpgK11hGUKuqNUW56pHT414.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/I2YsmpgK11hGUKuqNUW56pHT414.mft
rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 03:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:88:70:c6:6c:52:4b:0a:77:85:0f:fb:59:53:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23662c9a980ad7584650abaa3545b9ea91d3e35e
Validity
Not Before: Jan 1 10:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7df6bd0d5ab3dfbd1dffad91f54aa3ff84e39f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:32:a7:08:d3:c9:2c:24:03:d8:d6:3f:3a:99:
03:ed:4c:60:92:19:c2:54:04:ef:65:fb:f2:d8:b1:
11:82:67:86:9d:66:1a:70:3b:37:42:74:a8:0d:bc:
c1:a7:36:a4:1b:5b:6b:5c:b4:a6:de:32:25:fc:36:
a1:93:7b:22:9f:74:90:f5:6f:7b:ca:e9:12:be:05:
78:ea:36:f9:15:7f:a6:10:79:ab:8f:86:19:cb:0b:
41:af:41:00:07:92:3f:ea:91:79:3f:c0:ca:6a:3e:
25:8d:3f:8e:4f:16:9f:70:28:8a:17:6a:08:6e:e1:
9c:0b:e8:ad:ee:4c:cd:99:a7:76:e8:43:4c:27:37:
a9:95:0f:d4:09:a2:92:a7:24:65:44:f1:59:8e:bb:
04:c2:e8:53:56:f3:7a:60:46:ae:50:55:5a:4b:aa:
81:96:b4:a4:e4:57:80:b8:b4:37:95:24:07:0c:41:
7e:5e:65:dc:20:a7:03:d8:b3:a1:0c:8d:6f:fb:62:
26:84:2f:38:1c:13:50:c9:83:bb:75:27:c2:09:ca:
e9:e3:d0:2d:fb:a2:c8:93:8b:ed:b3:ea:1d:c7:5b:
f2:de:57:cf:4c:7c:0b:4c:1c:0d:37:05:6b:22:90:
ce:47:2b:f6:d2:b5:39:0a:ce:8d:7a:e8:22:13:28:
da:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:DF:6B:D0:D5:AB:3D:FB:D1:DF:FA:D9:1F:54:AA:3F:F8:4E:39:F5
X509v3 Authority Key Identifier:
keyid:23:66:2C:9A:98:0A:D7:58:46:50:AB:AA:35:45:B9:EA:91:D3:E3:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/999r0NWrPfvR3_rZH1SqP_hOOfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/I2YsmpgK11hGUKuqNUW56pHT414.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.192.0/22
IPv6:
2a03:2260::/30
Signature Algorithm: sha256WithRSAEncryption
77:02:08:56:93:64:f2:67:b4:f8:7a:27:84:4a:da:df:9d:87:
64:b4:2f:f9:1a:6c:2f:8e:ec:f8:02:82:65:16:16:31:ae:19:
68:ea:fb:04:92:3e:d9:d9:a9:55:f1:3e:2e:44:b8:a6:fe:a7:
38:6f:3f:55:5d:1b:b8:1d:ae:92:f6:93:35:77:e9:01:46:3f:
b5:62:41:68:8c:4f:d5:07:cc:07:9e:c2:af:9e:19:89:da:df:
4b:c7:a5:4c:b1:7e:1a:ea:40:7c:e5:5f:80:da:07:04:f0:5e:
d8:39:5c:fb:a6:45:d9:43:10:2e:06:88:c5:6f:58:76:c8:70:
60:3f:84:49:a3:e3:ca:ce:82:31:2f:64:68:47:7d:5e:a6:28:
bc:2b:21:1d:79:d7:81:e3:41:66:72:6b:dc:a1:a5:bf:69:53:
09:65:51:f0:03:fc:68:36:59:f2:cf:d0:45:50:08:d1:ad:6a:
c8:e4:e9:fe:be:a4:c1:af:de:42:5e:08:ea:73:e5:ce:6e:6d:
35:f0:c2:95:e2:bb:18:56:1b:0b:67:89:27:94:c7:97:ef:66:
a6:a2:d5:2d:cc:5b:e9:44:64:75:6f:9d:95:9d:18:3e:77:48:
4f:4a:7f:21:2f:c2:8c:2b:8f:17:c5:07:e4:a1:b0:57:cd:01:
77:47:6a:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk4hwxmxSSwp3hQ/7WVPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNjYyYzlhOTgwYWQ3NTg0NjUwYWJhYTM1NDViOWVhOTFk
M2UzNWUwHhcNMjQwMTAxMTAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2RmNmJkMGQ1YWIzZGZiZDFkZmZhZDkxZjU0YWEzZmY4NGUzOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjKnCNPJLCQD2NY/OpkD7UxgkhnC
VATvZfvy2LERgmeGnWYacDs3QnSoDbzBpzakG1trXLSm3jIl/Dahk3sin3SQ9W97
yukSvgV46jb5FX+mEHmrj4YZywtBr0EAB5I/6pF5P8DKaj4ljT+OTxafcCiKF2oI
buGcC+it7kzNmad26ENMJzeplQ/UCaKSpyRlRPFZjrsEwuhTVvN6YEauUFVaS6qB
lrSk5FeAuLQ3lSQHDEF+XmXcIKcD2LOhDI1v+2ImhC84HBNQyYO7dSfCCcrp49At
+6LIk4vts+odx1vy3lfPTHwLTBwNNwVrIpDORyv20rU5Cs6NeugiEyjaPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPffa9DVqz370d/62R9Uqj/4Tjn1MB8GA1UdIwQY
MBaAFCNmLJqYCtdYRlCrqjVFueqR0+NeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTJZc21wZ0sxMWhHVUt1cU5VVzU2cEhUNDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wMTc1ZTYtNDI3Yi00ZWY5LThlYjEt
ODIzMmUzNTBkNDU4LzEvOTk5cjBOV3JQZnZSM19yWkgxU3FQX2hPT2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wMTc1ZTYtNDI3Yi00ZWY5LThlYjEtODIzMmUzNTBkNDU4
LzEvSTJZc21wZ0sxMWhHVUt1cU5VVzU2cEhUNDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuULAMA0E
AgACMAcDBQIqAyJgMA0GCSqGSIb3DQEBCwUAA4IBAQB3AghWk2TyZ7T4eieEStrf
nYdktC/5Gmwvjuz4AoJlFhYxrhlo6vsEkj7Z2alV8T4uRLim/qc4bz9VXRu4Ha6S
9pM1d+kBRj+1YkFojE/VB8wHnsKvnhmJ2t9Lx6VMsX4a6kB85V+A2gcE8F7YOVz7
pkXZQxAuBojFb1h2yHBgP4RJo+PKzoIxL2RoR31epii8KyEdedeB40FmcmvcoaW/
aVMJZVHwA/xoNlnyz9BFUAjRrWrI5On+vqTBr95CXgjqc+XObm018MKV4rsYVhsL
Z4knlMeX72amotUtzFvpRGR1b52VnRg+d0hPSn8hL8KMK48XxQfkobBXzQF3R2qI
-----END CERTIFICATE-----
Generated at Fri May 10 06:28:02 2024 by rpki-client on console-fra.rpki-client.org