Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/urYkITw93gbG2YPqH7wsKx18jt4.roa
File: urYkITw93gbG2YPqH7wsKx18jt4.roa (raw, json)
Hash identifier: SOkjtH/5gfkxwOTOPJ0A++l0GB3xn3ZVUV8VPuq1gNQ=
Subject key identifier: BA:B6:24:21:3C:3D:DE:06:C6:D9:83:EA:1F:BC:2C:2B:1D:7C:8E:DE
Certificate issuer: /CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Certificate serial: 018DF9910969E974B643B6C3847848B2F4AC
Authority key identifier: 46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/urYkITw93gbG2YPqH7wsKx18jt4.roa
Signing time: Fri 01 Mar 2024 10:30:48 +0000
ROA not before: Fri 01 Mar 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60607
IP address blocks: 185.28.160.0/24 maxlen: 24
185.28.161.0/24 maxlen: 24
185.28.162.0/24 maxlen: 24
185.28.163.0/24 maxlen: 24
185.160.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/RoFcoV1ypaaW-LzfSG9YAZZncrs.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/RoFcoV1ypaaW-LzfSG9YAZZncrs.mft
rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:91:09:69:e9:74:b6:43:b6:c3:84:78:48:b2:f4:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46815ca15d72a5a696f8bcdf486f5801966772bb
Validity
Not Before: Mar 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bab624213c3dde06c6d983ea1fbc2c2b1d7c8ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d3:3b:e3:0d:45:26:fa:ae:dc:ac:af:41:16:
7d:47:6a:20:6a:6f:2c:19:08:3a:96:e7:06:30:9d:
d8:7e:01:b4:e0:b7:ec:75:5c:0b:5a:72:3b:9b:63:
22:0d:f0:06:0c:3d:fc:32:e0:fa:06:5e:71:15:20:
e6:aa:7d:2f:64:dc:cc:90:c0:00:e2:8d:12:db:52:
f8:46:3a:39:44:f4:1b:a2:0c:5c:c4:9e:dd:e6:18:
dc:5f:79:a4:e8:2a:7e:15:68:3c:b4:48:6b:f9:7c:
ff:18:93:a5:65:05:3b:64:0c:e1:97:44:0f:b9:01:
4c:b8:86:ab:88:dd:4a:e3:43:de:60:be:7f:ac:4d:
b0:ec:75:09:98:5a:85:e4:bd:50:7e:49:8f:98:a6:
5a:6e:40:d2:bc:5d:a3:ba:50:d7:c5:7f:67:65:13:
5a:f3:f5:e9:5d:22:46:14:14:bb:96:8d:fa:9e:9a:
57:81:72:0d:3f:69:c8:f4:dc:31:d5:82:17:f4:bd:
8a:0c:53:f3:9e:47:a6:d9:f5:32:8f:86:8e:c3:e2:
3d:33:89:2c:12:d1:57:56:3c:87:1a:f6:cc:11:16:
9e:b9:68:db:bf:2d:d7:56:b4:69:b0:b4:1f:8c:46:
ae:bd:c8:ff:57:03:08:46:45:cc:56:aa:f9:95:61:
04:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B6:24:21:3C:3D:DE:06:C6:D9:83:EA:1F:BC:2C:2B:1D:7C:8E:DE
X509v3 Authority Key Identifier:
keyid:46:81:5C:A1:5D:72:A5:A6:96:F8:BC:DF:48:6F:58:01:96:67:72:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RoFcoV1ypaaW-LzfSG9YAZZncrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/urYkITw93gbG2YPqH7wsKx18jt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/66bd4b-1e56-4b46-8bab-d38a7660b51e/1/RoFcoV1ypaaW-LzfSG9YAZZncrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.160.0/22
185.160.198.0/24
Signature Algorithm: sha256WithRSAEncryption
35:12:ff:c9:aa:36:eb:bb:f7:9f:aa:9b:9e:80:26:f3:48:4d:
fb:6a:c0:a1:4f:d3:f9:e7:ab:75:a6:a5:5d:fc:bf:40:13:cd:
7d:e9:ec:91:fa:0c:37:23:51:59:ba:95:15:2d:0b:64:5a:d6:
67:d4:af:1e:03:ac:37:20:47:88:80:8c:52:22:28:9a:35:29:
50:de:a3:89:5a:31:c1:fc:ef:6b:ca:d0:5e:2c:28:e0:fd:f1:
14:4b:06:1d:c8:ba:05:28:e7:f1:80:8d:e1:d9:89:11:00:12:
74:d7:98:bb:db:c8:6a:46:04:04:bb:1e:80:4e:18:d6:07:19:
ab:29:a2:c1:50:e9:52:59:b6:d7:eb:30:af:44:e1:0e:0b:5b:
86:d0:83:84:fb:34:eb:d4:03:78:0d:e3:25:45:f1:10:e3:c0:
08:9b:f0:30:53:ea:26:18:cb:eb:91:b1:4f:3c:68:c8:d3:a6:
52:90:49:9c:f1:7c:56:8f:f4:30:f3:29:57:9d:4b:2b:63:4a:
b3:89:7d:63:74:de:1d:c8:43:05:9d:fa:12:38:5e:d2:b3:fe:
e8:56:f3:cb:5e:1e:13:a9:e0:57:9f:3b:6f:a7:c3:e9:17:9a:
ba:2c:de:59:99:18:63:2e:d6:a1:ed:fc:10:cd:61:06:78:11:
11:77:2d:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY35kQlp6XS2Q7bDhHhIsvSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ODE1Y2ExNWQ3MmE1YTY5NmY4YmNkZjQ4NmY1ODAxOTY2
NzcyYmIwHhcNMjQwMzAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWI2MjQyMTNjM2RkZTA2YzZkOTgzZWExZmJjMmMyYjFkN2M4ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNM74w1FJvqu3KyvQRZ9R2ogam8s
GQg6lucGMJ3YfgG04LfsdVwLWnI7m2MiDfAGDD38MuD6Bl5xFSDmqn0vZNzMkMAA
4o0S21L4Rjo5RPQbogxcxJ7d5hjcX3mk6Cp+FWg8tEhr+Xz/GJOlZQU7ZAzhl0QP
uQFMuIariN1K40PeYL5/rE2w7HUJmFqF5L1QfkmPmKZabkDSvF2julDXxX9nZRNa
8/XpXSJGFBS7lo36nppXgXINP2nI9Nwx1YIX9L2KDFPznkem2fUyj4aOw+I9M4ks
EtFXVjyHGvbMERaeuWjbvy3XVrRpsLQfjEauvcj/VwMIRkXMVqr5lWEErwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLq2JCE8Pd4GxtmD6h+8LCsdfI7eMB8GA1UdIwQY
MBaAFEaBXKFdcqWmlvi830hvWAGWZ3K7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm9GY29WMXlwYWFXLUx6ZlNHOVlBWlpuY3JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NmJkNGItMWU1Ni00YjQ2LThiYWIt
ZDM4YTc2NjBiNTFlLzEvdXJZa0lUdzkzZ2JHMllQcUg3d3NLeDE4anQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NmJkNGItMWU1Ni00YjQ2LThiYWItZDM4YTc2NjBiNTFl
LzEvUm9GY29WMXlwYWFXLUx6ZlNHOVlBWlpuY3JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRygAwQA
uaDGMA0GCSqGSIb3DQEBCwUAA4IBAQA1Ev/Jqjbru/efqpuegCbzSE37asChT9P5
56t1pqVd/L9AE8196eyR+gw3I1FZupUVLQtkWtZn1K8eA6w3IEeIgIxSIiiaNSlQ
3qOJWjHB/O9rytBeLCjg/fEUSwYdyLoFKOfxgI3h2YkRABJ015i728hqRgQEux6A
ThjWBxmrKaLBUOlSWbbX6zCvROEOC1uG0IOE+zTr1AN4DeMlRfEQ48AIm/AwU+om
GMvrkbFPPGjI06ZSkEmc8XxWj/Qw8ylXnUsrY0qziX1jdN4dyEMFnfoSOF7Ss/7o
VvPLXh4TqeBXnztvp8PpF5q6LN5ZmRhjLtah7fwQzWEGeBERdy1v
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:33:22 2024 by rpki-client on console-ams.rpki-client.org