Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/c4Rcu6jnRqBKMW-9AWzWs7TykHs.roa
File: c4Rcu6jnRqBKMW-9AWzWs7TykHs.roa (raw, json)
Hash identifier: hgCRoGPSYli8lZI8eUcDsUDoNmnREuaCkkJ+pJALhp0=
Subject key identifier: 73:84:5C:BB:A8:E7:46:A0:4A:31:6F:BD:01:6C:D6:B3:B4:F2:90:7B
Certificate issuer: /CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Certificate serial: 018E812CDE0A5B4970751252E0BFC1516316
Authority key identifier: 85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/c4Rcu6jnRqBKMW-9AWzWs7TykHs.roa
Signing time: Wed 27 Mar 2024 18:29:45 +0000
ROA not before: Wed 27 Mar 2024 18:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215275
IP address blocks: 185.111.68.0/22 maxlen: 24
2a07:6c44:4020::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:81:2c:de:0a:5b:49:70:75:12:52:e0:bf:c1:51:63:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Validity
Not Before: Mar 27 18:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73845cbba8e746a04a316fbd016cd6b3b4f2907b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e3:92:cc:cf:77:a9:3e:fc:44:d4:d9:da:b3:
ed:84:02:8c:17:81:23:0a:f7:c9:e4:0a:eb:30:6b:
0d:6c:23:2b:62:6b:6f:68:31:ed:7f:85:c3:c0:fd:
26:5f:8e:40:36:4e:cf:a1:3d:ff:7b:f9:b5:3f:25:
b1:4d:e0:70:0e:2c:19:1e:83:2c:8a:79:e8:7f:aa:
b3:8f:9a:cc:9f:42:a8:f4:0a:6c:5d:e4:1a:8c:a3:
a4:ee:33:9a:cb:aa:ba:30:d4:f2:0f:9d:94:cd:15:
74:f4:83:24:b2:97:bf:32:ff:c9:fd:46:50:b5:aa:
56:14:bc:d9:c0:74:e4:2e:18:59:ce:ba:a8:a4:ed:
56:b3:91:4e:f0:e6:78:8d:5b:1b:6d:3a:25:79:27:
4f:53:b8:0a:73:1a:7a:63:98:df:e1:e7:59:77:41:
8f:99:e1:e5:d1:b5:3e:4b:8d:83:ab:ec:c8:3b:24:
b7:cf:b7:e4:d5:de:8c:5b:cc:06:b4:06:2e:f9:f0:
f1:a4:b2:b5:d4:b2:ba:6c:bc:9e:b0:3c:6e:9c:11:
0a:2a:3f:40:97:a8:9e:a4:c7:08:fb:a5:42:0a:79:
a3:b1:26:fa:8d:68:43:78:1d:a4:af:0f:90:38:02:
03:2b:f0:d3:63:4e:95:fa:3d:d9:fb:72:96:8e:c5:
23:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:84:5C:BB:A8:E7:46:A0:4A:31:6F:BD:01:6C:D6:B3:B4:F2:90:7B
X509v3 Authority Key Identifier:
keyid:85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/c4Rcu6jnRqBKMW-9AWzWs7TykHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.68.0/22
IPv6:
2a07:6c44:4020::/44
Signature Algorithm: sha256WithRSAEncryption
95:29:fa:0a:23:d2:f5:11:f8:7a:e0:1d:fc:5d:23:75:73:fe:
94:bc:e7:49:a9:ef:2c:b6:5f:4d:e4:7c:b4:3e:d7:1d:3f:47:
60:e6:92:ab:69:3b:64:e7:7e:9a:64:26:10:3a:e9:89:ca:42:
9b:1e:b0:fa:7a:0d:27:5f:65:3f:12:8d:cc:95:98:9a:70:19:
4c:c8:fc:3e:b9:a5:a2:68:0b:89:69:32:d9:83:59:9d:91:3a:
1b:a8:5e:6d:ee:57:0b:8f:9f:0d:0c:eb:d7:ae:d3:4b:95:10:
3c:e8:1e:94:7c:7d:e4:a2:ac:aa:3a:14:a0:1a:ae:ea:15:6b:
aa:72:74:64:46:3c:68:4c:63:04:12:17:ed:dc:73:95:23:b5:
b2:fd:aa:87:88:74:c4:dc:84:35:81:94:0f:b3:25:ae:0e:5f:
5f:a7:a2:9b:2c:63:7c:4e:c0:ff:d3:05:8c:e2:4a:da:d9:70:
62:20:8d:1c:ba:18:d8:93:68:bb:f4:af:6d:95:27:fe:2d:09:
b3:63:85:3e:00:a6:cd:7d:3a:6a:d2:c0:db:71:fb:6a:d0:02:
d5:01:77:55:16:55:7b:96:79:d4:1f:10:96:94:40:72:fc:64:
98:97:88:41:66:46:ec:a3:f9:1f:25:d2:00:4a:f3:43:ea:3a:
a0:a8:7a:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6BLN4KW0lwdRJS4L/BUWMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjBiNzdkMDM1YjkxMmZmYTQwNmRmZGRmMjllM2EyOTYz
ZTY5MDQwHhcNMjQwMzI3MTgyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg0NWNiYmE4ZTc0NmEwNGEzMTZmYmQwMTZjZDZiM2I0ZjI5MDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteOSzM93qT78RNTZ2rPthAKMF4Ej
CvfJ5ArrMGsNbCMrYmtvaDHtf4XDwP0mX45ANk7PoT3/e/m1PyWxTeBwDiwZHoMs
innof6qzj5rMn0Ko9ApsXeQajKOk7jOay6q6MNTyD52UzRV09IMkspe/Mv/J/UZQ
tapWFLzZwHTkLhhZzrqopO1Ws5FO8OZ4jVsbbToleSdPU7gKcxp6Y5jf4edZd0GP
meHl0bU+S42Dq+zIOyS3z7fk1d6MW8wGtAYu+fDxpLK11LK6bLyesDxunBEKKj9A
l6iepMcI+6VCCnmjsSb6jWhDeB2krw+QOAIDK/DTY06V+j3Z+3KWjsUj/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHOEXLuo50agSjFvvQFs1rO08pB7MB8GA1UdIwQY
MBaAFIUgt30DW5Ev+kBt/d8p46KWPmkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAt
MWFmMjc5NjI1ZmQwLzEvYzRSY3U2am5ScUJLTVctOUFXeldzN1R5a0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAtMWFmMjc5NjI1ZmQw
LzEvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuW9EMA8E
AgACMAkDBwQqB2xEQCAwDQYJKoZIhvcNAQELBQADggEBAJUp+goj0vUR+HrgHfxd
I3Vz/pS850mp7yy2X03kfLQ+1x0/R2DmkqtpO2TnfppkJhA66YnKQpsesPp6DSdf
ZT8SjcyVmJpwGUzI/D65paJoC4lpMtmDWZ2ROhuoXm3uVwuPnw0M69eu00uVEDzo
HpR8feSirKo6FKAaruoVa6pydGRGPGhMYwQSF+3cc5UjtbL9qoeIdMTchDWBlA+z
Ja4OX1+nopssY3xOwP/TBYziStrZcGIgjRy6GNiTaLv0r22VJ/4tCbNjhT4Aps19
OmrSwNtx+2rQAtUBd1UWVXuWedQfEJaUQHL8ZJiXiEFmRuyj+R8l0gBK80PqOqCo
ekw=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:19:01 2024 by rpki-client on console-ams.rpki-client.org