Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b178bd-b6a5-4610-8c6a-abf4840ea607/1/OI49TSZggWvLCzgJgZZ4EU3itP8.roa
File: OI49TSZggWvLCzgJgZZ4EU3itP8.roa (raw, json)
Hash identifier: Ph+Eq/BHLfN6KACp38LKQjqFlTqybRJUSqvWZXxQFRw=
Subject key identifier: 38:8E:3D:4D:26:60:81:6B:CB:0B:38:09:81:96:78:11:4D:E2:B4:FF
Certificate issuer: /CN=c76bf6b781bcf8c28008a8e8fdde60e7ae3122aa
Certificate serial: 018D6032BDB0877C3C4E76B81182BBFDC1F7
Authority key identifier: C7:6B:F6:B7:81:BC:F8:C2:80:08:A8:E8:FD:DE:60:E7:AE:31:22:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x2v2t4G8-MKACKjo_d5g564xIqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b178bd-b6a5-4610-8c6a-abf4840ea607/1/OI49TSZggWvLCzgJgZZ4EU3itP8.roa
Signing time: Wed 31 Jan 2024 15:45:54 +0000
ROA not before: Wed 31 Jan 2024 15:45:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60597
IP address blocks: 185.14.200.0/24 maxlen: 24
185.14.201.0/24 maxlen: 24
185.14.202.0/24 maxlen: 24
185.14.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/b178bd-b6a5-4610-8c6a-abf4840ea607/1/x2v2t4G8-MKACKjo_d5g564xIqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/b178bd-b6a5-4610-8c6a-abf4840ea607/1/x2v2t4G8-MKACKjo_d5g564xIqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/x2v2t4G8-MKACKjo_d5g564xIqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:60:32:bd:b0:87:7c:3c:4e:76:b8:11:82:bb:fd:c1:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c76bf6b781bcf8c28008a8e8fdde60e7ae3122aa
Validity
Not Before: Jan 31 15:45:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=388e3d4d2660816bcb0b3809819678114de2b4ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:62:59:e1:81:cd:3a:21:ea:b4:57:61:67:7d:
78:bb:a0:40:28:fa:88:d7:7d:1c:81:66:cf:e7:fa:
63:d0:4e:56:97:41:c2:ea:3d:69:84:40:0d:bb:a2:
57:65:20:59:8d:37:d0:23:b9:63:46:67:91:64:11:
9e:4d:a1:5a:00:2f:2f:23:36:de:12:cc:a8:61:8c:
8b:d4:40:25:fe:a2:e9:fc:bb:9e:c2:b8:d5:2f:cf:
59:29:b3:8f:9f:c2:6e:e8:8d:62:64:00:2a:ed:08:
8a:a8:e6:75:e1:80:f3:c9:0e:a8:93:34:1a:a6:fb:
9b:43:ea:32:64:3f:17:d3:b3:38:d6:fc:47:2a:e1:
fc:d3:5d:98:4a:2f:56:17:5c:e4:fb:6a:a2:1d:98:
2c:4e:58:0e:36:dd:48:a6:f3:62:64:f9:8e:3b:59:
95:1b:56:15:cb:fa:66:f5:46:2b:4a:ad:84:b4:dd:
fb:da:35:81:f5:06:8c:be:63:31:fa:8a:9c:1d:ab:
7a:54:fb:e8:55:2e:36:c0:b0:18:9f:79:1c:96:d2:
ef:ed:6d:4c:6f:84:f5:45:9d:ec:d4:60:9a:b4:5c:
b3:19:5f:28:b9:00:aa:b8:6c:25:7c:cc:76:7d:fd:
da:0c:18:8e:78:97:8c:bf:ed:07:cf:9f:29:a6:5b:
62:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8E:3D:4D:26:60:81:6B:CB:0B:38:09:81:96:78:11:4D:E2:B4:FF
X509v3 Authority Key Identifier:
keyid:C7:6B:F6:B7:81:BC:F8:C2:80:08:A8:E8:FD:DE:60:E7:AE:31:22:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x2v2t4G8-MKACKjo_d5g564xIqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b178bd-b6a5-4610-8c6a-abf4840ea607/1/OI49TSZggWvLCzgJgZZ4EU3itP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b178bd-b6a5-4610-8c6a-abf4840ea607/1/x2v2t4G8-MKACKjo_d5g564xIqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.200.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:8b:71:c1:03:c0:43:ae:ef:e9:87:b6:45:0f:10:b6:59:70:
52:ab:82:30:c0:4e:7c:99:d1:48:7c:d3:f0:3d:13:7d:05:e6:
d1:42:08:8a:7f:60:1d:33:40:4e:76:b9:f0:ea:f4:97:77:2d:
a8:05:cf:97:ec:0e:31:08:4e:7d:2e:47:5f:18:f2:c7:d2:7b:
0e:f2:f8:d5:7e:3c:5e:bb:95:8f:a1:61:5a:8b:15:d5:89:cd:
b2:d1:33:23:55:1a:1a:11:72:2c:de:34:39:4c:b3:6a:06:42:
69:39:da:78:8a:d0:d2:a6:0d:fe:d8:47:92:33:b7:3e:0e:f6:
fa:c7:e2:96:16:82:e5:ab:58:b7:81:d7:7e:08:29:2a:d5:af:
91:5b:c9:60:e5:57:cc:2f:90:88:ce:82:88:82:4c:7a:72:bb:
0e:2a:31:13:9f:12:c1:35:0c:85:1c:4d:c5:70:f5:50:f3:0a:
37:cb:50:56:6f:e2:14:00:92:dc:3d:f3:f3:66:98:d5:b7:b7:
7f:e3:c9:1c:dd:34:59:8e:83:c5:55:bf:ca:c9:c9:d7:87:e0:
34:15:ea:40:eb:33:7d:99:63:88:3c:a4:bd:ea:30:70:37:b7:
ab:da:41:18:56:29:fa:e0:f7:8a:ea:12:b9:83:08:66:6a:a9:
67:e5:2a:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1gMr2wh3w8Tna4EYK7/cH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NmJmNmI3ODFiY2Y4YzI4MDA4YThlOGZkZGU2MGU3YWUz
MTIyYWEwHhcNMjQwMTMxMTU0NTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODhlM2Q0ZDI2NjA4MTZiY2IwYjM4MDk4MTk2NzgxMTRkZTJiNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWJZ4YHNOiHqtFdhZ314u6BAKPqI
130cgWbP5/pj0E5Wl0HC6j1phEANu6JXZSBZjTfQI7ljRmeRZBGeTaFaAC8vIzbe
EsyoYYyL1EAl/qLp/LuewrjVL89ZKbOPn8Ju6I1iZAAq7QiKqOZ14YDzyQ6okzQa
pvubQ+oyZD8X07M41vxHKuH8012YSi9WF1zk+2qiHZgsTlgONt1IpvNiZPmOO1mV
G1YVy/pm9UYrSq2EtN372jWB9QaMvmMx+oqcHat6VPvoVS42wLAYn3kcltLv7W1M
b4T1RZ3s1GCatFyzGV8ouQCquGwlfMx2ff3aDBiOeJeMv+0Hz58ppltivwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDiOPU0mYIFryws4CYGWeBFN4rT/MB8GA1UdIwQY
MBaAFMdr9reBvPjCgAio6P3eYOeuMSKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDJ2MnQ0RzgtTUtBQ0tqb19kNWc1NjR4SXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iMTc4YmQtYjZhNS00NjEwLThjNmEt
YWJmNDg0MGVhNjA3LzEvT0k0OVRTWmdnV3ZMQ3pnSmdaWjRFVTNpdFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iMTc4YmQtYjZhNS00NjEwLThjNmEtYWJmNDg0MGVhNjA3
LzEveDJ2MnQ0RzgtTUtBQ0tqb19kNWc1NjR4SXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ7IMA0G
CSqGSIb3DQEBCwUAA4IBAQChi3HBA8BDru/ph7ZFDxC2WXBSq4IwwE58mdFIfNPw
PRN9BebRQgiKf2AdM0BOdrnw6vSXdy2oBc+X7A4xCE59LkdfGPLH0nsO8vjVfjxe
u5WPoWFaixXVic2y0TMjVRoaEXIs3jQ5TLNqBkJpOdp4itDSpg3+2EeSM7c+Dvb6
x+KWFoLlq1i3gdd+CCkq1a+RW8lg5VfML5CIzoKIgkx6crsOKjETnxLBNQyFHE3F
cPVQ8wo3y1BWb+IUAJLcPfPzZpjVt7d/48kc3TRZjoPFVb/KycnXh+A0FepA6zN9
mWOIPKS96jBwN7er2kEYVin64PeK6hK5gwhmaqln5Srt
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:48:30 2024 by rpki-client on console-ams.rpki-client.org