Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/RnSLVXXd0mssjQy1emrDUbh2JEU.roa
File: RnSLVXXd0mssjQy1emrDUbh2JEU.roa (raw, json)
Hash identifier: Ln/NwVmSPLPHUUZbTlLAfXE2D527tbo6rHItGpCYK+g=
Subject key identifier: 46:74:8B:55:75:DD:D2:6B:2C:8D:0C:B5:7A:6A:C3:51:B8:76:24:45
Certificate issuer: /CN=1b2646828a9ea7bf8d40b4f9f0ba44ccdcb2cedd
Certificate serial: 018CC3B686E6B8057915289EC087F06F2774
Authority key identifier: 1B:26:46:82:8A:9E:A7:BF:8D:40:B4:F9:F0:BA:44:CC:DC:B2:CE:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GyZGgoqep7-NQLT58LpEzNyyzt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/RnSLVXXd0mssjQy1emrDUbh2JEU.roa
Signing time: Mon 01 Jan 2024 06:29:28 +0000
ROA not before: Mon 01 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212889
IP address blocks: 185.238.70.0/24 maxlen: 24
185.238.71.0/24 maxlen: 24
185.238.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/GyZGgoqep7-NQLT58LpEzNyyzt0.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/GyZGgoqep7-NQLT58LpEzNyyzt0.mft
rsync://rpki.ripe.net/repository/DEFAULT/GyZGgoqep7-NQLT58LpEzNyyzt0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:86:e6:b8:05:79:15:28:9e:c0:87:f0:6f:27:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2646828a9ea7bf8d40b4f9f0ba44ccdcb2cedd
Validity
Not Before: Jan 1 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46748b5575ddd26b2c8d0cb57a6ac351b8762445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9e:4d:f7:2d:7f:0f:ca:ad:83:ab:d1:db:39:
f8:b9:a9:2b:5f:a7:25:c3:83:f9:1e:41:b8:c7:6b:
64:6b:46:56:f7:c0:e8:2d:3c:56:b5:fb:d1:7c:2f:
64:45:d6:6a:2d:83:1d:e5:06:2e:f0:b5:19:52:61:
47:7a:5d:84:b3:a4:33:ad:f4:f7:f7:3f:54:f7:1d:
ca:4d:b8:22:f2:45:a6:79:1e:b9:41:10:ff:76:0c:
3a:d2:c5:ae:74:03:ad:2b:8e:5e:2c:04:00:97:4c:
d9:5d:47:0b:b8:ab:a9:df:99:d4:53:72:31:53:46:
a2:1a:df:18:84:b7:1e:23:64:c4:bd:05:54:ec:18:
e3:55:ea:27:6c:02:e4:0a:b1:88:34:98:06:1b:ea:
e5:1a:ba:30:03:4c:03:cf:70:fd:5d:47:ea:21:27:
74:b5:9f:79:69:9c:09:c3:c8:b5:26:fc:de:98:bf:
46:1d:3d:97:36:94:3d:7a:14:fc:cf:b4:a7:57:07:
0b:a6:01:0d:6d:a5:97:75:ff:a4:cd:79:46:45:2a:
e8:58:89:c7:75:ee:a9:dd:fc:68:ca:7b:24:7b:55:
bd:00:83:da:7c:d3:79:a8:f5:d2:6b:4e:72:14:7e:
f6:67:b9:97:e4:a3:9f:99:ae:88:af:7c:7e:0e:2d:
c4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:74:8B:55:75:DD:D2:6B:2C:8D:0C:B5:7A:6A:C3:51:B8:76:24:45
X509v3 Authority Key Identifier:
keyid:1B:26:46:82:8A:9E:A7:BF:8D:40:B4:F9:F0:BA:44:CC:DC:B2:CE:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GyZGgoqep7-NQLT58LpEzNyyzt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/RnSLVXXd0mssjQy1emrDUbh2JEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/c36836-a2c8-4771-a958-974fcfef263b/1/GyZGgoqep7-NQLT58LpEzNyyzt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.69.0-185.238.71.255
Signature Algorithm: sha256WithRSAEncryption
5c:07:6e:4c:91:ee:25:c3:bb:6c:94:0d:47:1d:70:0d:da:71:
2c:01:37:11:73:52:34:a5:ab:d2:b6:2b:1e:8f:d7:cb:80:61:
82:2f:f6:6d:20:0b:d1:e6:ee:40:40:bd:99:62:b1:92:44:3f:
58:3f:9f:ca:e9:17:45:79:7d:b9:40:c3:ea:0a:04:34:f7:fc:
e7:08:9e:5c:4d:f6:b6:ff:45:1e:9f:41:51:ce:02:3c:6a:f9:
83:86:57:d6:63:5a:c7:f3:b6:c1:c4:9e:3d:92:27:34:f8:ee:
45:49:31:13:bc:60:12:13:c6:04:f6:10:6c:a3:a8:9b:ca:dc:
b1:35:4a:dd:04:ed:c4:85:34:58:23:7e:2d:df:cf:26:b5:9a:
27:0d:bf:4f:a5:f1:35:8f:9c:0b:59:b3:cc:61:c1:74:ac:bf:
58:76:9c:4e:7d:3a:21:65:92:0c:2a:bb:8a:d3:5e:e7:5a:8e:
d1:db:15:7d:5f:ad:e5:a1:21:52:4d:d2:fa:31:5d:c2:d9:71:
4d:8b:47:4c:a3:19:5a:75:f6:a9:98:d3:b2:b0:00:59:6c:04:
42:7f:4c:75:20:e9:3b:72:ef:d2:9d:2e:89:9e:e2:63:f4:f6:
86:4f:4a:9f:ba:6c:8e:28:98:f3:29:84:80:48:5f:28:9a:24:
36:57:26:04
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDtobmuAV5FSiewIfwbyd0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMjY0NjgyOGE5ZWE3YmY4ZDQwYjRmOWYwYmE0NGNjZGNi
MmNlZGQwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njc0OGI1NTc1ZGRkMjZiMmM4ZDBjYjU3YTZhYzM1MWI4NzYyNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ5N9y1/D8qtg6vR2zn4uakrX6cl
w4P5HkG4x2tka0ZW98DoLTxWtfvRfC9kRdZqLYMd5QYu8LUZUmFHel2Es6QzrfT3
9z9U9x3KTbgi8kWmeR65QRD/dgw60sWudAOtK45eLAQAl0zZXUcLuKup35nUU3Ix
U0aiGt8YhLceI2TEvQVU7BjjVeonbALkCrGINJgGG+rlGrowA0wDz3D9XUfqISd0
tZ95aZwJw8i1JvzemL9GHT2XNpQ9ehT8z7SnVwcLpgENbaWXdf+kzXlGRSroWInH
de6p3fxoynske1W9AIPafNN5qPXSa05yFH72Z7mX5KOfma6Ir3x+Di3EkwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEZ0i1V13dJrLI0MtXpqw1G4diRFMB8GA1UdIwQY
MBaAFBsmRoKKnqe/jUC0+fC6RMzcss7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3laR2dvcWVwNy1OUUxUNThMcEV6Tnl5enQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9jMzY4MzYtYTJjOC00NzcxLWE5NTgt
OTc0ZmNmZWYyNjNiLzEvUm5TTFZYWGQwbXNzalF5MWVtckRVYmgySkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9jMzY4MzYtYTJjOC00NzcxLWE5NTgtOTc0ZmNmZWYyNjNi
LzEvR3laR2dvcWVwNy1OUUxUNThMcEV6Tnl5enQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC57kUD
BAO57kAwDQYJKoZIhvcNAQELBQADggEBAFwHbkyR7iXDu2yUDUcdcA3acSwBNxFz
UjSlq9K2Kx6P18uAYYIv9m0gC9Hm7kBAvZlisZJEP1g/n8rpF0V5fblAw+oKBDT3
/OcInlxN9rb/RR6fQVHOAjxq+YOGV9ZjWsfztsHEnj2SJzT47kVJMRO8YBITxgT2
EGyjqJvK3LE1St0E7cSFNFgjfi3fzya1micNv0+l8TWPnAtZs8xhwXSsv1h2nE59
OiFlkgwqu4rTXudajtHbFX1freWhIVJN0voxXcLZcU2LR0yjGVp19qmY07KwAFls
BEJ/THUg6Tty79KdLome4mP09oZPSp+6bI4omPMphIBIXyiaJDZXJgQ=
-----END CERTIFICATE-----
Generated at Fri May 17 22:05:25 2024 by rpki-client on console-ams.rpki-client.org