Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/_BGpGzmDIm7YEve92BwjZ_sIyZA.roa
File: _BGpGzmDIm7YEve92BwjZ_sIyZA.roa (raw, json)
Hash identifier: PE+GVyKpzzR5kCksI0o08q10NkHGpfOiIfsmFswX9+0=
Subject key identifier: FC:11:A9:1B:39:83:22:6E:D8:12:F7:BD:D8:1C:23:67:FB:08:C9:90
Certificate issuer: /CN=537f9bf84b69a09042432dae8377ee0ac8ff1c61
Certificate serial: 018CC8016E1BEE5D8CCE7D502BBD0ECBC11F
Authority key identifier: 53:7F:9B:F8:4B:69:A0:90:42:43:2D:AE:83:77:EE:0A:C8:FF:1C:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U3-b-EtpoJBCQy2ug3fuCsj_HGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/_BGpGzmDIm7YEve92BwjZ_sIyZA.roa
Signing time: Tue 02 Jan 2024 02:29:46 +0000
ROA not before: Tue 02 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.226.0/23 maxlen: 23
2001:67c:29f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/U3-b-EtpoJBCQy2ug3fuCsj_HGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/U3-b-EtpoJBCQy2ug3fuCsj_HGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/U3-b-EtpoJBCQy2ug3fuCsj_HGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:6e:1b:ee:5d:8c:ce:7d:50:2b:bd:0e:cb:c1:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=537f9bf84b69a09042432dae8377ee0ac8ff1c61
Validity
Not Before: Jan 2 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc11a91b3983226ed812f7bdd81c2367fb08c990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:16:a5:d4:84:c4:f9:e2:25:4b:03:82:2f:29:
14:2a:89:22:98:95:0f:ae:d7:62:21:ff:3d:ff:32:
8b:40:1b:5c:18:dc:31:f0:08:60:d4:29:5c:93:68:
c9:d5:3d:7d:10:51:34:50:e9:05:39:a5:38:44:34:
66:fd:b1:3c:5f:4c:e0:2b:e0:06:cb:b6:51:c0:3c:
03:f5:40:35:b4:6f:c4:d3:91:a3:e2:30:5a:d9:25:
4f:1a:8c:dd:54:6b:34:a2:89:2c:00:b4:a8:a6:a7:
9a:71:c0:0e:2f:36:84:b9:c7:af:15:c6:22:af:3f:
99:6c:ab:8b:25:0b:2f:74:07:18:f4:82:96:4d:df:
ec:7c:7c:ec:49:04:4f:48:68:9d:22:a6:c3:13:07:
7b:aa:07:e0:1c:1a:65:1e:c3:48:2c:ec:56:71:c6:
01:b4:77:7b:5d:37:30:33:6c:9b:4c:01:88:78:01:
9e:8c:e3:76:b2:dd:62:fd:32:0b:a8:33:6f:64:52:
68:8c:60:7e:ca:65:66:95:99:49:6a:c2:93:0e:05:
0c:fd:dc:9e:62:dd:31:43:f4:59:d3:14:65:b4:19:
47:24:20:d8:0e:db:40:23:03:a0:56:1e:0c:d3:74:
3a:69:fc:90:82:e8:d7:d8:1f:a0:92:12:b6:17:66:
67:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:11:A9:1B:39:83:22:6E:D8:12:F7:BD:D8:1C:23:67:FB:08:C9:90
X509v3 Authority Key Identifier:
keyid:53:7F:9B:F8:4B:69:A0:90:42:43:2D:AE:83:77:EE:0A:C8:FF:1C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U3-b-EtpoJBCQy2ug3fuCsj_HGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/_BGpGzmDIm7YEve92BwjZ_sIyZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cbc746-416b-4da9-9225-892ec6ff4771/1/U3-b-EtpoJBCQy2ug3fuCsj_HGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.226.0/23
IPv6:
2001:67c:29f0::/48
Signature Algorithm: sha256WithRSAEncryption
1f:9e:9e:f6:bd:f6:65:5f:63:e1:3b:45:75:c6:f4:e5:7b:bd:
01:c7:ec:60:32:b9:c1:2d:af:22:60:87:bb:7f:5e:e4:1b:e2:
5f:f9:5c:55:3b:74:f3:6f:a6:4f:e3:74:30:e7:3f:48:23:03:
a4:65:1e:71:c1:5b:03:f5:86:34:c0:af:8e:0b:31:0d:e8:0d:
f6:d1:71:8f:89:c0:81:de:a4:db:05:0f:6b:77:a2:70:33:4f:
b4:e2:2e:1b:7b:04:64:30:d2:d6:3a:b3:0f:af:ed:a6:9d:1e:
80:18:4c:a5:98:0b:c9:96:31:f4:96:66:71:fc:88:e7:0c:54:
ec:db:39:bc:fb:c9:5d:21:86:56:81:9c:42:ec:d9:95:82:fc:
2d:b0:f6:9b:4c:ad:84:9c:82:ac:48:83:3d:d7:16:ff:0f:54:
bb:9b:22:60:ce:9e:94:6c:61:e0:90:09:06:ae:3d:49:70:d8:
5e:b2:2f:6e:0f:97:9d:6b:76:fb:9c:70:ad:6c:e9:4e:ec:ed:
fa:32:50:b8:47:57:40:f3:8a:5e:db:3a:4e:84:1e:8c:f8:b6:
22:2e:8b:f6:66:44:25:01:ab:86:ff:24:02:c6:94:3d:9c:b3:
98:16:21:f6:a9:b2:b9:19:b7:4f:56:84:73:46:6b:c5:09:c6:
95:42:ce:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAW4b7l2Mzn1QK70Oy8EfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzN2Y5YmY4NGI2OWEwOTA0MjQzMmRhZTgzNzdlZTBhYzhm
ZjFjNjEwHhcNMjQwMTAyMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzExYTkxYjM5ODMyMjZlZDgxMmY3YmRkODFjMjM2N2ZiMDhjOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxal1ITE+eIlSwOCLykUKokimJUP
rtdiIf89/zKLQBtcGNwx8Ahg1Clck2jJ1T19EFE0UOkFOaU4RDRm/bE8X0zgK+AG
y7ZRwDwD9UA1tG/E05Gj4jBa2SVPGozdVGs0ooksALSopqeaccAOLzaEucevFcYi
rz+ZbKuLJQsvdAcY9IKWTd/sfHzsSQRPSGidIqbDEwd7qgfgHBplHsNILOxWccYB
tHd7XTcwM2ybTAGIeAGejON2st1i/TILqDNvZFJojGB+ymVmlZlJasKTDgUM/dye
Yt0xQ/RZ0xRltBlHJCDYDttAIwOgVh4M03Q6afyQgujX2B+gkhK2F2ZnAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPwRqRs5gyJu2BL3vdgcI2f7CMmQMB8GA1UdIwQY
MBaAFFN/m/hLaaCQQkMtroN37grI/xxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTMtYi1FdHBvSkJDUXkydWczZnVDc2pfSEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYmM3NDYtNDE2Yi00ZGE5LTkyMjUt
ODkyZWM2ZmY0NzcxLzEvX0JHcEd6bURJbTdZRXZlOTJCd2paX3NJeVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYmM3NDYtNDE2Yi00ZGE5LTkyMjUtODkyZWM2ZmY0Nzcx
LzEvVTMtYi1FdHBvSkJDUXkydWczZnVDc2pfSEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuQHiMA8E
AgACMAkDBwAgAQZ8KfAwDQYJKoZIhvcNAQELBQADggEBAB+enva99mVfY+E7RXXG
9OV7vQHH7GAyucEtryJgh7t/XuQb4l/5XFU7dPNvpk/jdDDnP0gjA6RlHnHBWwP1
hjTAr44LMQ3oDfbRcY+JwIHepNsFD2t3onAzT7TiLht7BGQw0tY6sw+v7aadHoAY
TKWYC8mWMfSWZnH8iOcMVOzbObz7yV0hhlaBnELs2ZWC/C2w9ptMrYScgqxIgz3X
Fv8PVLubImDOnpRsYeCQCQauPUlw2F6yL24Pl51rdvuccK1s6U7s7foyULhHV0Dz
il7bOk6EHoz4tiIui/ZmRCUBq4b/JALGlD2cs5gWIfapsrkZt09WhHNGa8UJxpVC
zk4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:31:34 2024 by rpki-client on console-fra.rpki-client.org