Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/1-xPryruqfMjZac8YXwCj-MoBlvg.roa
File: 1-xPryruqfMjZac8YXwCj-MoBlvg.roa (raw, json)
Hash identifier: +0oMQ/D2PFNJTfEypwY0GL6LXrW8H7XkzS8xCliVBxQ=
Subject key identifier: FB:13:EB:CA:BB:AA:7C:C8:D9:69:CF:18:5F:00:A3:F8:CA:01:96:F8
Certificate issuer: /CN=95571d88b53965a7d081f3b1d8289cbc28775b88
Certificate serial: 018CC79494E970E4E5A1CCA29FA422CF8ACF
Authority key identifier: 95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/1-xPryruqfMjZac8YXwCj-MoBlvg.roa
Signing time: Tue 02 Jan 2024 00:30:52 +0000
ROA not before: Tue 02 Jan 2024 00:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202077
IP address blocks: 185.68.136.0/22 maxlen: 24
2a03:2b20::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.mft
rsync://rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 03:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:94:e9:70:e4:e5:a1:cc:a2:9f:a4:22:cf:8a:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95571d88b53965a7d081f3b1d8289cbc28775b88
Validity
Not Before: Jan 2 00:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb13ebcabbaa7cc8d969cf185f00a3f8ca0196f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:af:a8:3e:04:b9:4e:de:41:33:9b:74:a1:56:
1a:31:1f:80:15:7d:bc:c3:81:c3:bb:2e:61:11:d1:
e5:5e:10:59:9a:e3:8d:81:d8:27:63:be:8b:3b:4e:
b3:c0:7b:4b:ce:e2:fe:62:b8:b3:d1:8e:0b:9a:a2:
37:43:6e:8c:b6:cb:b4:ab:87:bc:2c:41:e9:36:29:
ad:2a:08:b3:a2:87:4a:3a:c1:b3:ce:1f:ac:4b:09:
40:e5:41:bd:19:dc:e9:ec:d1:b1:e0:e4:cd:be:0b:
d7:18:93:7d:54:4e:2b:39:df:fa:88:38:c3:53:88:
c7:b2:45:a5:da:58:3e:cb:96:0a:da:94:81:20:1b:
a6:f0:6f:2e:24:82:5a:34:5f:ed:77:4d:2d:26:57:
76:0b:9c:e6:fc:c8:e6:46:20:5c:5c:c6:1a:61:95:
ee:3b:93:98:0a:30:ab:5b:40:5d:f5:e9:75:27:45:
b8:a3:8c:58:98:02:6a:44:e6:87:60:c3:b8:50:61:
6c:86:fc:16:69:42:8e:2c:d4:31:cf:50:89:a6:87:
20:39:de:a8:38:48:4e:bb:0c:50:3e:d4:2e:ab:84:
ba:d3:60:91:62:b9:60:f7:c9:59:f7:22:7f:8d:c3:
d1:91:fd:89:91:46:58:3e:39:d5:8f:d8:76:7b:a2:
5c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:13:EB:CA:BB:AA:7C:C8:D9:69:CF:18:5F:00:A3:F8:CA:01:96:F8
X509v3 Authority Key Identifier:
keyid:95:57:1D:88:B5:39:65:A7:D0:81:F3:B1:D8:28:9C:BC:28:77:5B:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lVcdiLU5ZafQgfOx2CicvCh3W4g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/1-xPryruqfMjZac8YXwCj-MoBlvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b3f993-d03b-4b13-81af-aa6229698461/1/lVcdiLU5ZafQgfOx2CicvCh3W4g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.136.0/22
IPv6:
2a03:2b20::/32
Signature Algorithm: sha256WithRSAEncryption
29:f2:cf:28:9e:6d:46:b4:47:04:0a:28:3c:c0:13:17:7f:c1:
a9:81:3c:2b:89:ae:11:ef:5d:6e:3a:2d:4b:be:61:c1:01:68:
3b:f9:45:47:85:13:cb:8f:de:49:40:fb:90:f3:47:0a:3e:d9:
01:aa:d9:09:77:68:d6:ca:aa:e2:49:16:91:25:53:1f:29:d8:
e5:b9:28:35:37:20:72:de:9c:d5:bd:3a:11:6f:6a:99:36:0d:
9d:dc:52:49:b7:93:99:e6:b1:c6:ba:bb:bf:ab:ea:00:22:58:
9b:2e:20:6b:4b:1e:ab:c2:ab:2b:f5:38:42:de:37:32:13:a5:
ef:7d:07:42:f5:aa:99:b8:6b:36:1e:d0:82:85:09:49:b5:e7:
ae:4a:75:c5:5c:fb:41:bf:29:10:e5:9a:80:9d:a7:af:0e:0c:
53:12:46:85:54:28:7d:f4:ff:f1:43:f6:f2:1a:36:a4:88:2f:
44:1d:ad:80:18:71:27:31:3e:0c:dd:ae:5e:fd:1b:6d:d3:41:
46:66:42:d5:1f:b0:bd:60:70:dd:f8:f4:fb:d6:d2:0a:45:14:
5d:a4:df:f6:46:9c:13:c9:f7:2d:60:cd:8e:b0:a1:3e:8f:02:
43:94:29:46:9d:51:39:91:28:a2:c9:4c:3d:d6:47:6c:81:00:
d1:2c:8f:45
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzHlJTpcOTlocyin6Qiz4rPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NTcxZDg4YjUzOTY1YTdkMDgxZjNiMWQ4Mjg5Y2JjMjg3
NzViODgwHhcNMjQwMTAyMDAzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjEzZWJjYWJiYWE3Y2M4ZDk2OWNmMTg1ZjAwYTNmOGNhMDE5NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6+oPgS5Tt5BM5t0oVYaMR+AFX28
w4HDuy5hEdHlXhBZmuONgdgnY76LO06zwHtLzuL+Yriz0Y4LmqI3Q26Mtsu0q4e8
LEHpNimtKgizoodKOsGzzh+sSwlA5UG9Gdzp7NGx4OTNvgvXGJN9VE4rOd/6iDjD
U4jHskWl2lg+y5YK2pSBIBum8G8uJIJaNF/td00tJld2C5zm/MjmRiBcXMYaYZXu
O5OYCjCrW0Bd9el1J0W4o4xYmAJqROaHYMO4UGFshvwWaUKOLNQxz1CJpocgOd6o
OEhOuwxQPtQuq4S602CRYrlg98lZ9yJ/jcPRkf2JkUZYPjnVj9h2e6JczQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPsT68q7qnzI2WnPGF8Ao/jKAZb4MB8GA1UdIwQY
MBaAFJVXHYi1OWWn0IHzsdgonLwod1uIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFZjZGlMVTVaYWZRZ2ZPeDJDaWN2Q2gzVzRnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iM2Y5OTMtZDAzYi00YjEzLTgxYWYt
YWE2MjI5Njk4NDYxLzEvMS14UHJ5cnVxZk1qWmFjOFlYd0NqLU1vQmx2Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTUvYjNmOTkzLWQwM2ItNGIxMy04MWFmLWFhNjIyOTY5ODQ2
MS8xL2xWY2RpTFU1WmFmUWdmT3gyQ2ljdkNoM1c0Zy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlEiDAN
BAIAAjAHAwUAKgMrIDANBgkqhkiG9w0BAQsFAAOCAQEAKfLPKJ5tRrRHBAooPMAT
F3/BqYE8K4muEe9dbjotS75hwQFoO/lFR4UTy4/eSUD7kPNHCj7ZAarZCXdo1sqq
4kkWkSVTHynY5bkoNTcgct6c1b06EW9qmTYNndxSSbeTmeaxxrq7v6vqACJYmy4g
a0seq8KrK/U4Qt43MhOl730HQvWqmbhrNh7QgoUJSbXnrkp1xVz7Qb8pEOWagJ2n
rw4MUxJGhVQoffT/8UP28ho2pIgvRB2tgBhxJzE+DN2uXv0bbdNBRmZC1R+wvWBw
3fj0+9bSCkUUXaTf9kacE8n3LWDNjrChPo8CQ5QpRp1ROZEooslMPdZHbIEA0SyP
RQ==
-----END CERTIFICATE-----
Generated at Wed May 29 09:36:36 2024 by rpki-client on console-fra.rpki-client.org