Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/PgIyGFUqN3u5cPT2ixbaKvZIFjo.roa
File: PgIyGFUqN3u5cPT2ixbaKvZIFjo.roa (raw, json)
Hash identifier: 6q6Xl2C6F5i7bViRHMadZyP1G/8DAfGxobFvva/KrC0=
Subject key identifier: 3E:02:32:18:55:2A:37:7B:B9:70:F4:F6:8B:16:DA:2A:F6:48:16:3A
Certificate issuer: /CN=b93628a36304e3bdc21f853bb3fad43e4861a5c5
Certificate serial: 018CC9BC569B0BE66CD816BA5557D0FCAB9F
Authority key identifier: B9:36:28:A3:63:04:E3:BD:C2:1F:85:3B:B3:FA:D4:3E:48:61:A5:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTYoo2ME473CH4U7s_rUPkhhpcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/PgIyGFUqN3u5cPT2ixbaKvZIFjo.roa
Signing time: Tue 02 Jan 2024 10:33:32 +0000
ROA not before: Tue 02 Jan 2024 10:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204560
IP address blocks: 185.246.140.0/22 maxlen: 22
193.194.102.0/23 maxlen: 23
193.194.104.0/24 maxlen: 24
2a0d:8380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/uTYoo2ME473CH4U7s_rUPkhhpcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/uTYoo2ME473CH4U7s_rUPkhhpcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/uTYoo2ME473CH4U7s_rUPkhhpcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:56:9b:0b:e6:6c:d8:16:ba:55:57:d0:fc:ab:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93628a36304e3bdc21f853bb3fad43e4861a5c5
Validity
Not Before: Jan 2 10:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e023218552a377bb970f4f68b16da2af648163a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:17:6c:90:5a:66:f4:ba:c5:d1:1d:8e:65:34:
75:70:55:ed:ef:f1:a5:d9:49:50:8d:ca:e0:81:24:
70:9a:d1:29:5f:9d:b1:99:b7:0e:49:05:37:e7:2a:
b7:54:21:f4:9c:cb:3a:28:cd:44:26:3f:b5:33:2b:
00:8f:0e:49:04:69:35:98:4a:5e:35:d2:8b:5d:08:
83:6a:20:91:c5:0f:95:2c:bd:5a:6a:d1:67:b0:c2:
be:79:b3:8f:5d:a4:1d:7c:e8:e7:9b:54:56:47:13:
a0:f3:40:3a:ba:42:1f:f9:af:9e:29:86:d5:66:1a:
45:df:af:50:95:94:d6:c8:20:7a:f1:c6:5c:9c:97:
0b:d6:2b:31:0c:a4:92:f1:cf:17:57:38:36:8b:ff:
35:d0:22:dd:b1:ff:01:39:24:ca:9b:09:3d:a1:dc:
70:71:e3:7c:41:f5:fa:10:d1:86:44:97:e4:ff:21:
91:48:e7:00:a8:58:e3:4f:83:26:b7:56:0f:86:15:
85:32:69:5e:6e:a8:42:c5:b3:a2:db:f2:8a:0a:10:
45:83:56:c8:e0:52:c9:d5:eb:92:31:a5:d6:97:dc:
ac:9a:4e:fb:a7:d9:93:04:57:b0:a3:7c:d7:cb:f4:
df:78:94:fe:f9:cc:0d:f6:ee:e4:47:41:f4:8f:9e:
1a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:02:32:18:55:2A:37:7B:B9:70:F4:F6:8B:16:DA:2A:F6:48:16:3A
X509v3 Authority Key Identifier:
keyid:B9:36:28:A3:63:04:E3:BD:C2:1F:85:3B:B3:FA:D4:3E:48:61:A5:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTYoo2ME473CH4U7s_rUPkhhpcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/PgIyGFUqN3u5cPT2ixbaKvZIFjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/uTYoo2ME473CH4U7s_rUPkhhpcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.140.0/22
193.194.102.0-193.194.104.255
IPv6:
2a0d:8380::/29
Signature Algorithm: sha256WithRSAEncryption
1f:f6:a6:2b:60:73:5c:54:58:d7:82:28:11:ab:15:7b:2d:bb:
3b:d6:14:e0:e9:e3:4b:bb:82:5d:b9:bc:7d:e2:ed:10:34:d2:
6c:57:4f:4d:fa:07:3d:ab:0e:d0:4c:41:cf:76:b5:00:0e:2d:
d6:51:87:5c:5e:a0:1d:ed:81:5a:e2:81:43:a8:47:4c:3b:75:
c4:50:89:68:29:5f:1d:96:9b:49:8c:f7:8d:95:bb:71:36:ca:
f5:27:56:6f:ab:11:68:97:66:e4:9d:f2:41:d6:b0:80:9e:80:
db:d5:6e:9e:0d:9e:b1:e2:78:75:44:b8:f1:98:43:53:ee:80:
18:a5:9b:f3:82:90:2b:ca:12:85:24:9f:a1:f7:13:03:4a:ca:
09:79:bb:c5:51:f0:df:78:d3:23:ec:56:0a:67:73:21:a0:f1:
c5:05:e9:98:ad:c4:53:10:18:74:95:c5:47:ed:89:82:1a:0a:
cf:1d:7c:06:4a:d5:e5:b5:f0:d5:a3:65:1a:62:9c:cd:ea:9a:
35:9a:b9:e7:b7:6e:82:a8:9f:61:e0:9c:7d:8d:6f:59:1d:a9:
1a:20:3d:76:35:8b:17:55:33:69:57:e5:72:1c:39:5b:5f:2c:
30:62:1d:18:a3:32:a4:5b:78:eb:f5:9f:42:35:db:a4:df:e9:
8d:f4:1b:a1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzJvFabC+Zs2Ba6VVfQ/KufMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MzYyOGEzNjMwNGUzYmRjMjFmODUzYmIzZmFkNDNlNDg2
MWE1YzUwHhcNMjQwMTAyMTAzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTAyMzIxODU1MmEzNzdiYjk3MGY0ZjY4YjE2ZGEyYWY2NDgxNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhdskFpm9LrF0R2OZTR1cFXt7/Gl
2UlQjcrggSRwmtEpX52xmbcOSQU35yq3VCH0nMs6KM1EJj+1MysAjw5JBGk1mEpe
NdKLXQiDaiCRxQ+VLL1aatFnsMK+ebOPXaQdfOjnm1RWRxOg80A6ukIf+a+eKYbV
ZhpF369QlZTWyCB68cZcnJcL1isxDKSS8c8XVzg2i/810CLdsf8BOSTKmwk9odxw
ceN8QfX6ENGGRJfk/yGRSOcAqFjjT4Mmt1YPhhWFMmlebqhCxbOi2/KKChBFg1bI
4FLJ1euSMaXWl9ysmk77p9mTBFewo3zXy/TfeJT++cwN9u7kR0H0j54ahwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFD4CMhhVKjd7uXD09osW2ir2SBY6MB8GA1UdIwQY
MBaAFLk2KKNjBOO9wh+FO7P61D5IYaXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVRZb28yTUU0NzNDSDRVN3NfclVQa2hocGNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hOWJiY2UtZDNjNy00MjIxLTlmNmIt
ODdkM2VjN2YwNDEwLzEvUGdJeUdGVXFOM3U1Y1BUMml4YmFLdlpJRmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hOWJiY2UtZDNjNy00MjIxLTlmNmItODdkM2VjN2YwNDEw
LzEvdVRZb28yTUU0NzNDSDRVN3NfclVQa2hocGNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCufaMMAwD
BAHBwmYDBADBwmgwDQQCAAIwBwMFAyoNg4AwDQYJKoZIhvcNAQELBQADggEBAB/2
pitgc1xUWNeCKBGrFXstuzvWFODp40u7gl25vH3i7RA00mxXT036Bz2rDtBMQc92
tQAOLdZRh1xeoB3tgVrigUOoR0w7dcRQiWgpXx2Wm0mM942Vu3E2yvUnVm+rEWiX
ZuSd8kHWsICegNvVbp4NnrHieHVEuPGYQ1PugBilm/OCkCvKEoUkn6H3EwNKygl5
u8VR8N940yPsVgpncyGg8cUF6ZitxFMQGHSVxUftiYIaCs8dfAZK1eW18NWjZRpi
nM3qmjWauee3boKon2HgnH2Nb1kdqRogPXY1ixdVM2lX5XIcOVtfLDBiHRijMqRb
eOv1n0I126Tf6Y30G6E=
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:59:58 2024 by rpki-client on console-fra.rpki-client.org