Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/o6vmPgXTbregULZHFX8KnDS9QW4.roa
File: o6vmPgXTbregULZHFX8KnDS9QW4.roa (raw, json)
Hash identifier: pqx5TvJ2he0nk3d3XSgRViqmG2Z4y79dmINwdiP1GaA=
Subject key identifier: A3:AB:E6:3E:05:D3:6E:B7:A0:50:B6:47:15:7F:0A:9C:34:BD:41:6E
Certificate issuer: /CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Certificate serial: 018CC2DB468DA98943915843DC7E073A4AC0
Authority key identifier: 12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/o6vmPgXTbregULZHFX8KnDS9QW4.roa
Signing time: Mon 01 Jan 2024 02:29:59 +0000
ROA not before: Mon 01 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59791
IP address blocks: 185.67.200.0/22 maxlen: 24
185.88.148.0/22 maxlen: 22
2a05:1180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/EjDNjhPIbY74NcGqx9X5U0VcA1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/EjDNjhPIbY74NcGqx9X5U0VcA1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:46:8d:a9:89:43:91:58:43:dc:7e:07:3a:4a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3abe63e05d36eb7a050b647157f0a9c34bd416e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2d:8e:82:91:ca:74:94:c6:c3:59:a5:af:3b:
5b:fa:ad:d7:80:60:ff:89:db:f2:4b:a0:d4:bb:e2:
79:d9:ff:2a:87:e3:e4:be:e5:fd:3b:dd:de:dc:f1:
75:69:4c:cb:e4:38:89:55:ae:cc:83:6f:ed:26:c7:
2e:d0:ce:61:a6:aa:0d:55:a1:bb:40:0e:97:f5:b7:
e6:ee:b1:d1:16:93:b2:69:eb:b5:d3:02:20:b1:2b:
23:3a:c6:ce:5f:c6:f0:ee:7e:c2:0e:a6:c0:2f:ff:
da:44:78:fb:75:dc:e5:01:a2:4e:28:fd:22:56:0a:
1e:34:b5:3c:d4:90:e2:be:e6:41:ca:74:26:06:8d:
fc:a0:6d:88:bd:6e:2c:54:f6:d1:62:65:0d:39:5f:
00:06:60:19:91:6a:fe:b1:14:1c:fb:11:3a:69:3b:
71:d4:ab:75:ff:6d:ff:c2:19:ee:86:23:02:1d:6b:
4b:9b:db:79:2c:94:e0:be:5e:41:2e:f9:c5:d6:32:
c0:ac:da:b6:9b:6e:20:4d:1a:1d:8b:47:96:5d:3a:
9f:74:88:d5:01:f0:1d:b1:8f:51:99:64:f4:53:4b:
de:6d:5a:a9:c8:fe:6d:58:c6:e2:ee:1d:6d:7d:76:
9e:89:43:bf:fa:86:cf:92:f4:8c:2e:97:8d:5e:ed:
9c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AB:E6:3E:05:D3:6E:B7:A0:50:B6:47:15:7F:0A:9C:34:BD:41:6E
X509v3 Authority Key Identifier:
keyid:12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/o6vmPgXTbregULZHFX8KnDS9QW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/EjDNjhPIbY74NcGqx9X5U0VcA1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.200.0/22
185.88.148.0/22
IPv6:
2a05:1180::/29
Signature Algorithm: sha256WithRSAEncryption
86:2f:3e:d4:59:97:1f:b7:48:06:59:98:88:b6:99:5a:4e:e9:
d4:28:38:32:6e:46:cc:2c:54:78:05:4b:ce:f7:af:19:01:ad:
89:1a:e7:9a:e1:82:00:50:3f:a9:a7:e4:69:5a:10:a7:f8:d7:
31:da:6f:c2:96:6f:7b:98:71:73:81:b0:49:e8:02:ae:7a:77:
30:d8:9b:0f:f3:1f:77:e1:0b:4b:87:2b:c4:a8:96:30:fb:6f:
74:b2:aa:d1:89:8c:62:a1:d7:e0:04:a9:ef:8c:39:95:99:7b:
15:0c:89:88:42:22:e9:b9:99:2d:a4:cb:8a:a9:19:a0:1f:1b:
7c:97:18:29:7a:63:35:4c:0f:b4:72:7a:cf:7d:a1:c7:b9:14:
98:71:48:d0:69:ca:6b:5d:19:60:a9:a4:f9:a4:c7:cc:cb:14:
a7:86:36:6c:3f:13:5f:27:11:71:57:d9:31:81:83:15:c1:ff:
74:fb:41:ab:7d:d6:5f:7b:9c:ab:25:e8:4d:00:55:4f:41:1a:
31:42:82:24:0b:3b:ef:88:8d:3f:ac:91:a2:a2:43:b4:21:7b:
1c:0a:e4:e7:77:95:eb:23:88:ae:d6:26:a4:81:31:d9:93:4c:
d5:6f:52:07:23:56:72:32:05:fe:23:93:4f:e0:05:83:48:bf:
98:fe:87:5a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC20aNqYlDkVhD3H4HOkrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzBjZDhlMTNjODZkOGVmODM1YzFhYWM3ZDVmOTUzNDU1
YzAzNWMwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2FiZTYzZTA1ZDM2ZWI3YTA1MGI2NDcxNTdmMGE5YzM0YmQ0MTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyC2OgpHKdJTGw1mlrztb+q3XgGD/
idvyS6DUu+J52f8qh+PkvuX9O93e3PF1aUzL5DiJVa7Mg2/tJscu0M5hpqoNVaG7
QA6X9bfm7rHRFpOyaeu10wIgsSsjOsbOX8bw7n7CDqbAL//aRHj7ddzlAaJOKP0i
VgoeNLU81JDivuZBynQmBo38oG2IvW4sVPbRYmUNOV8ABmAZkWr+sRQc+xE6aTtx
1Kt1/23/whnuhiMCHWtLm9t5LJTgvl5BLvnF1jLArNq2m24gTRodi0eWXTqfdIjV
AfAdsY9RmWT0U0vebVqpyP5tWMbi7h1tfXaeiUO/+obPkvSMLpeNXu2c/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKOr5j4F0263oFC2RxV/Cpw0vUFuMB8GA1UdIwQY
MBaAFBIwzY4TyG2O+DXBqsfV+VNFXANcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQt
MDFmYjQ2YTQzM2UxLzEvbzZ2bVBnWFRicmVnVUxaSEZYOEtuRFM5UVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQtMDFmYjQ2YTQzM2Ux
LzEvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUPIAwQC
uViUMA0EAgACMAcDBQMqBRGAMA0GCSqGSIb3DQEBCwUAA4IBAQCGLz7UWZcft0gG
WZiItplaTunUKDgybkbMLFR4BUvO968ZAa2JGuea4YIAUD+pp+RpWhCn+Ncx2m/C
lm97mHFzgbBJ6AKuencw2JsP8x934QtLhyvEqJYw+290sqrRiYxiodfgBKnvjDmV
mXsVDImIQiLpuZktpMuKqRmgHxt8lxgpemM1TA+0cnrPfaHHuRSYcUjQacprXRlg
qaT5pMfMyxSnhjZsPxNfJxFxV9kxgYMVwf90+0GrfdZfe5yrJehNAFVPQRoxQoIk
CzvviI0/rJGiokO0IXscCuTnd5XrI4iu1iakgTHZk0zVb1IHI1ZyMgX+I5NP4AWD
SL+Y/oda
-----END CERTIFICATE-----
Generated at Sun May 26 08:37:43 2024 by rpki-client on console-ams.rpki-client.org