Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/b3jsWEfXDUriMLk8dvmgQlDfA7c.roa
File: b3jsWEfXDUriMLk8dvmgQlDfA7c.roa (raw, json)
Hash identifier: Lqzimu8KgwTNnm81VRbHI43XeOHxzlaUmcN7wk40POs=
Subject key identifier: 6F:78:EC:58:47:D7:0D:4A:E2:30:B9:3C:76:F9:A0:42:50:DF:03:B7
Certificate issuer: /CN=d6c1c2465b4f973fb4b0cb6628a98b3b58896d48
Certificate serial: 018CC425212E58F4201932780010340D8FAF
Authority key identifier: D6:C1:C2:46:5B:4F:97:3F:B4:B0:CB:66:28:A9:8B:3B:58:89:6D:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1sHCRltPlz-0sMtmKKmLO1iJbUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/b3jsWEfXDUriMLk8dvmgQlDfA7c.roa
Signing time: Mon 01 Jan 2024 08:30:16 +0000
ROA not before: Mon 01 Jan 2024 08:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44066
IP address blocks: 185.197.165.0/24 maxlen: 24
185.197.166.0/24 maxlen: 24
185.197.167.0/24 maxlen: 24
2a0a:7bc7::/32 maxlen: 32
2a0a:7bc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/1sHCRltPlz-0sMtmKKmLO1iJbUg.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/1sHCRltPlz-0sMtmKKmLO1iJbUg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1sHCRltPlz-0sMtmKKmLO1iJbUg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 22:03:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:21:2e:58:f4:20:19:32:78:00:10:34:0d:8f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6c1c2465b4f973fb4b0cb6628a98b3b58896d48
Validity
Not Before: Jan 1 08:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f78ec5847d70d4ae230b93c76f9a04250df03b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:25:5c:12:a6:d3:c3:c0:e5:29:44:ea:2c:9f:
d0:cf:32:3d:43:c2:fb:9a:e5:ed:7b:73:f0:60:ba:
76:be:03:8a:29:bc:81:6a:fd:b5:86:ca:77:1e:4c:
2b:fd:42:d1:21:48:34:a1:6c:3c:a8:b3:8b:d8:f9:
4e:45:43:6e:44:91:36:36:1a:12:a7:00:db:f1:7e:
8d:7f:46:c0:c3:d7:e8:f0:03:9d:6d:40:70:3b:8c:
82:be:e9:03:61:7d:0e:cb:d0:33:2a:36:88:8c:24:
38:e8:4d:c5:68:b9:50:9e:09:fc:3c:a0:59:62:8f:
70:f2:91:63:4a:7c:35:f8:0d:7e:0c:42:ff:7d:2a:
1a:ed:55:e1:4a:23:82:d9:e5:b7:a7:5a:b6:ce:9e:
44:d7:cd:7d:22:f4:9c:fe:44:f5:08:2e:aa:84:69:
0f:15:d3:92:ca:53:ff:3c:89:dc:71:7e:82:1d:7a:
4b:a6:48:34:36:19:6e:63:4d:43:5c:59:d0:1c:03:
6d:48:f4:76:ed:80:2a:4e:3d:e3:30:4f:3f:c0:66:
52:04:f3:33:4d:c6:1e:3a:a4:0d:f0:2c:20:e4:3b:
80:50:dd:7b:f2:dc:40:f8:e2:36:cc:81:4f:4f:ab:
af:77:e5:ea:a6:ed:f7:d0:c6:b6:71:5e:43:e4:37:
53:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:78:EC:58:47:D7:0D:4A:E2:30:B9:3C:76:F9:A0:42:50:DF:03:B7
X509v3 Authority Key Identifier:
keyid:D6:C1:C2:46:5B:4F:97:3F:B4:B0:CB:66:28:A9:8B:3B:58:89:6D:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1sHCRltPlz-0sMtmKKmLO1iJbUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/b3jsWEfXDUriMLk8dvmgQlDfA7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/d72574-272a-409d-9d3c-e49a9e06c700/1/1sHCRltPlz-0sMtmKKmLO1iJbUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.165.0-185.197.167.255
IPv6:
2a0a:7bc0::/32
2a0a:7bc7::/32
Signature Algorithm: sha256WithRSAEncryption
6d:64:ad:71:dd:06:de:4f:3c:67:21:d4:29:65:6d:2f:cc:1b:
ab:43:c2:09:e4:37:54:c0:a6:da:28:fe:52:6f:df:f3:54:db:
bc:4f:8f:b5:58:09:7a:14:36:01:c4:fc:b2:0a:0f:d4:53:75:
9a:8f:f6:ac:b0:08:dd:e8:47:23:1d:61:15:76:21:41:ee:67:
1c:8f:1a:95:d5:ca:fa:42:41:92:48:2f:fe:a1:b5:c3:25:98:
80:56:cf:c6:c4:d0:50:cc:88:01:ca:d2:b7:b0:7f:c2:19:1a:
b3:42:49:24:48:34:34:23:51:db:ce:0f:ec:91:81:6f:35:37:
ad:0d:27:b8:08:d4:0e:77:38:76:b0:20:29:59:fe:eb:58:88:
3d:a8:fb:5f:ca:9a:96:5a:89:80:64:39:ac:25:4f:fc:4d:6d:
09:87:25:a2:6a:b8:23:0b:9e:95:c5:04:eb:5d:71:b6:6c:27:
7a:91:e2:c3:4a:f4:be:e1:88:00:35:61:4f:62:34:3a:97:c8:
b6:a4:c8:26:58:04:76:6f:0b:c4:fb:bd:bd:ed:0b:7c:01:c4:
7a:df:21:32:e1:bd:57:2c:70:fc:cc:8a:84:c5:8a:86:c2:23:
94:8f:83:a9:45:4c:38:e4:fd:61:fd:7e:65:cc:f3:61:5a:21:
96:8d:d7:9d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEJSEuWPQgGTJ4ABA0DY+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YzFjMjQ2NWI0Zjk3M2ZiNGIwY2I2NjI4YTk4YjNiNTg4
OTZkNDgwHhcNMjQwMTAxMDgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjc4ZWM1ODQ3ZDcwZDRhZTIzMGI5M2M3NmY5YTA0MjUwZGYwM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSVcEqbTw8DlKUTqLJ/QzzI9Q8L7
muXte3PwYLp2vgOKKbyBav21hsp3Hkwr/ULRIUg0oWw8qLOL2PlORUNuRJE2NhoS
pwDb8X6Nf0bAw9fo8AOdbUBwO4yCvukDYX0Oy9AzKjaIjCQ46E3FaLlQngn8PKBZ
Yo9w8pFjSnw1+A1+DEL/fSoa7VXhSiOC2eW3p1q2zp5E1819IvSc/kT1CC6qhGkP
FdOSylP/PInccX6CHXpLpkg0NhluY01DXFnQHANtSPR27YAqTj3jME8/wGZSBPMz
TcYeOqQN8Cwg5DuAUN178txA+OI2zIFPT6uvd+Xqpu330Ma2cV5D5DdT0wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG947FhH1w1K4jC5PHb5oEJQ3wO3MB8GA1UdIwQY
MBaAFNbBwkZbT5c/tLDLZiipiztYiW1IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXNIQ1JsdFBsei0wc010bUtLbUxPMWlKYlVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9kNzI1NzQtMjcyYS00MDlkLTlkM2Mt
ZTQ5YTllMDZjNzAwLzEvYjNqc1dFZlhEVXJpTUxrOGR2bWdRbERmQTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9kNzI1NzQtMjcyYS00MDlkLTlkM2MtZTQ5YTllMDZjNzAw
LzEvMXNIQ1JsdFBsei0wc010bUtLbUxPMWlKYlVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAUBAIAATAOMAwDBAC5xaUD
BAO5xaAwFAQCAAIwDgMFACoKe8ADBQAqCnvHMA0GCSqGSIb3DQEBCwUAA4IBAQBt
ZK1x3QbeTzxnIdQpZW0vzBurQ8IJ5DdUwKbaKP5Sb9/zVNu8T4+1WAl6FDYBxPyy
Cg/UU3Waj/assAjd6EcjHWEVdiFB7mccjxqV1cr6QkGSSC/+obXDJZiAVs/GxNBQ
zIgBytK3sH/CGRqzQkkkSDQ0I1Hbzg/skYFvNTetDSe4CNQOdzh2sCApWf7rWIg9
qPtfypqWWomAZDmsJU/8TW0JhyWiargjC56VxQTrXXG2bCd6keLDSvS+4YgANWFP
YjQ6l8i2pMgmWAR2bwvE+7297Qt8AcR63yEy4b1XLHD8zIqExYqGwiOUj4OpRUw4
5P1h/X5lzPNhWiGWjded
-----END CERTIFICATE-----
Generated at Sun May 5 06:22:39 2024 by rpki-client on console-fra.rpki-client.org