Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/bDD8e_UIsjE3n4AHobtMBZ0C0u0.roa
File: bDD8e_UIsjE3n4AHobtMBZ0C0u0.roa (raw, json)
Hash identifier: KEkQrRly42jdz+c6HjCQ9WYKkHJyyCXMi4Bbji0BErI=
Subject key identifier: 6C:30:FC:7B:F5:08:B2:31:37:9F:80:07:A1:BB:4C:05:9D:02:D2:ED
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018CC424F73DC4CF2950E88ADEBA1D040F49
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/bDD8e_UIsjE3n4AHobtMBZ0C0u0.roa
Signing time: Mon 01 Jan 2024 08:30:05 +0000
ROA not before: Mon 01 Jan 2024 08:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209711
IP address blocks: 185.86.155.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 13:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f7:3d:c4:cf:29:50:e8:8a:de:ba:1d:04:0f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 08:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c30fc7bf508b231379f8007a1bb4c059d02d2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c9:55:0a:9d:90:5f:17:c6:f5:18:cc:58:8b:
a0:f9:71:a2:ca:4d:83:7c:0d:10:ac:12:98:2b:47:
95:bc:f3:23:c5:6e:c2:e1:b5:d0:f5:58:e5:93:f5:
e5:b0:7a:3e:f2:fd:a1:d0:c6:d1:d1:58:a5:f1:ba:
d5:13:3a:8f:08:25:97:80:40:ce:63:87:41:0a:7a:
56:f9:50:60:d9:7e:06:bb:10:0d:fb:a4:3f:12:c8:
4d:f8:cc:77:10:7f:59:72:f2:c0:12:50:86:f4:20:
20:ea:e9:df:1d:f4:7d:e6:7a:06:09:35:44:2a:a6:
1d:ab:25:cd:0d:b8:30:9e:75:8c:c4:cd:9f:20:bc:
e6:a6:df:e0:c3:b8:f7:1c:29:b4:63:19:e3:f1:65:
65:21:d0:a8:9f:24:d1:38:a2:02:41:b6:23:77:3c:
91:41:00:f4:34:57:60:63:4c:08:e1:57:29:26:c5:
b7:bd:8a:a1:1f:78:2e:0a:06:83:eb:13:8a:9b:c6:
ea:30:e7:22:bf:af:47:3e:d7:84:d8:c9:7f:a9:c9:
25:d6:e6:c6:38:32:c8:35:27:40:69:5a:91:03:22:
24:f6:b8:94:2d:04:83:55:2d:68:07:ab:8c:51:da:
56:f0:63:aa:af:94:8e:15:74:50:33:d3:ee:06:06:
07:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:30:FC:7B:F5:08:B2:31:37:9F:80:07:A1:BB:4C:05:9D:02:D2:ED
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/bDD8e_UIsjE3n4AHobtMBZ0C0u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.155.0/24
185.98.62.0/24
185.184.25.0-185.184.26.255
Signature Algorithm: sha256WithRSAEncryption
0e:f7:72:95:79:5c:a4:f1:85:73:47:82:7d:66:0e:3b:4c:84:
59:b2:f6:6f:d3:b7:cd:04:c9:d4:eb:6e:90:ab:04:e8:db:42:
5a:0a:c6:87:6d:13:54:15:56:d6:96:fa:94:f0:1a:50:cd:04:
68:14:c3:36:f2:75:dd:52:96:08:86:51:8a:c9:87:6a:f2:3e:
89:fe:68:8b:28:13:70:d7:d6:e4:75:20:c0:7b:03:d1:f6:24:
a2:aa:fd:fc:6b:6d:f4:fb:b6:9b:99:4a:71:97:c0:f9:10:46:
50:1b:c8:ca:eb:13:ce:04:f7:7c:17:bd:64:02:7c:09:91:5e:
38:59:eb:2c:03:8f:50:1a:3d:b8:a5:e6:4c:6c:c6:cc:50:fb:
19:1d:b7:55:75:d6:10:75:8b:6d:6f:6e:15:ab:b5:90:89:3d:
41:f4:dd:41:ea:8c:fc:f5:98:5d:6c:f8:bd:76:37:9e:fd:0c:
1d:bd:65:ee:61:03:e9:aa:ed:61:9c:52:91:57:62:5f:45:0c:
3d:f4:9e:26:f8:7d:93:98:c1:2b:9d:4e:fd:1e:0e:ab:c8:f6:
b2:73:d0:de:bf:ab:15:28:e9:0a:e6:12:7d:c6:eb:4a:ee:cd:
47:e7:01:31:6c:08:84:82:1f:5a:62:a7:b4:12:d0:a1:25:e4:
24:fb:3f:7c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEJPc9xM8pUOiK3rodBA9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzMwZmM3YmY1MDhiMjMxMzc5ZjgwMDdhMWJiNGMwNTlkMDJkMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnslVCp2QXxfG9RjMWIug+XGiyk2D
fA0QrBKYK0eVvPMjxW7C4bXQ9Vjlk/XlsHo+8v2h0MbR0Vil8brVEzqPCCWXgEDO
Y4dBCnpW+VBg2X4GuxAN+6Q/EshN+Mx3EH9ZcvLAElCG9CAg6unfHfR95noGCTVE
KqYdqyXNDbgwnnWMxM2fILzmpt/gw7j3HCm0Yxnj8WVlIdConyTROKICQbYjdzyR
QQD0NFdgY0wI4VcpJsW3vYqhH3guCgaD6xOKm8bqMOciv69HPteE2Ml/qckl1ubG
ODLINSdAaVqRAyIk9riULQSDVS1oB6uMUdpW8GOqr5SOFXRQM9PuBgYHXQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGww/Hv1CLIxN5+AB6G7TAWdAtLtMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvYkREOGVfVUlzakUzbjRBSG9idE1CWjBDMHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAuVabAwQA
uWI+MAwDBAC5uBkDBAC5uBowDQYJKoZIhvcNAQELBQADggEBAA73cpV5XKTxhXNH
gn1mDjtMhFmy9m/Tt80EydTrbpCrBOjbQloKxodtE1QVVtaW+pTwGlDNBGgUwzby
dd1SlgiGUYrJh2ryPon+aIsoE3DX1uR1IMB7A9H2JKKq/fxrbfT7tpuZSnGXwPkQ
RlAbyMrrE84E93wXvWQCfAmRXjhZ6ywDj1AaPbil5kxsxsxQ+xkdt1V11hB1i21v
bhWrtZCJPUH03UHqjPz1mF1s+L12N579DB29Ze5hA+mq7WGcUpFXYl9FDD30nib4
fZOYwSudTv0eDqvI9rJz0N6/qxUo6QrmEn3G60ruzUfnATFsCISCH1pip7QS0KEl
5CT7P3w=
-----END CERTIFICATE-----
Generated at Tue Apr 30 19:58:56 2024 by rpki-client on console-ams.rpki-client.org