Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/s86ZsgYFMP7MtIKLkRK7tZoZcEU.roa
File: s86ZsgYFMP7MtIKLkRK7tZoZcEU.roa (raw, json)
Hash identifier: 5ztBVi7abHqEz/HPX+0T9p+o/bBpmCy0fVLuzU0qero=
Subject key identifier: B3:CE:99:B2:06:05:30:FE:CC:B4:82:8B:91:12:BB:B5:9A:19:70:45
Certificate issuer: /CN=d6fbd9ed504eef659ecfc919a195cd2a803b60a7
Certificate serial: 018CC2DB4467F789B26E412824A075EE1AE4
Authority key identifier: D6:FB:D9:ED:50:4E:EF:65:9E:CF:C9:19:A1:95:CD:2A:80:3B:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1vvZ7VBO72Wez8kZoZXNKoA7YKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/s86ZsgYFMP7MtIKLkRK7tZoZcEU.roa
Signing time: Mon 01 Jan 2024 02:29:58 +0000
ROA not before: Mon 01 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205169
IP address blocks: 185.227.238.0/24 maxlen: 24
185.227.239.0/24 maxlen: 24
185.227.236.0/24 maxlen: 24
185.227.237.0/24 maxlen: 24
2a0c:d600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/1vvZ7VBO72Wez8kZoZXNKoA7YKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/1vvZ7VBO72Wez8kZoZXNKoA7YKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1vvZ7VBO72Wez8kZoZXNKoA7YKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:44:67:f7:89:b2:6e:41:28:24:a0:75:ee:1a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6fbd9ed504eef659ecfc919a195cd2a803b60a7
Validity
Not Before: Jan 1 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3ce99b2060530feccb4828b9112bbb59a197045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:40:14:47:33:ee:bf:12:fb:cf:9a:9c:68:a4:
d2:37:ec:41:79:70:9d:ca:99:a9:ea:fc:3a:22:b1:
ab:79:fc:7b:9e:90:11:1b:a0:fc:54:e7:f1:5f:aa:
c8:7c:02:4c:8f:d7:43:67:83:40:68:6a:bd:bb:cd:
b7:2f:39:52:60:66:eb:f5:b8:64:8a:d4:54:12:1e:
46:02:46:d2:ee:39:1e:31:41:bf:8f:bf:b8:c1:5a:
6c:86:ae:ea:eb:27:bf:da:68:02:78:18:a8:29:8a:
19:02:40:cf:76:8b:8c:c0:1c:dd:15:a0:8e:b6:f8:
84:e2:12:cf:a5:da:15:b3:c8:dc:f0:4d:33:be:4a:
5d:ce:dd:bf:81:a1:55:d2:9e:06:e7:c2:88:2f:04:
8d:dc:6e:9d:0d:5d:27:18:4a:ab:07:53:aa:1d:7c:
de:cc:5f:33:f4:0c:0d:16:0a:f3:f6:9f:4e:3f:6f:
fa:b2:39:9b:38:da:c7:0b:34:1f:4d:b8:22:0f:d4:
e6:7b:59:9e:4f:41:c9:f2:03:16:ac:8d:5f:17:89:
65:d0:43:24:b9:e9:fc:0d:64:df:b1:8f:f2:1b:15:
e3:7b:6f:01:8f:09:ee:22:b2:03:d0:0f:f5:e1:5e:
3b:2e:ce:80:89:f9:d7:24:68:b0:0f:1a:e5:08:db:
46:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:CE:99:B2:06:05:30:FE:CC:B4:82:8B:91:12:BB:B5:9A:19:70:45
X509v3 Authority Key Identifier:
keyid:D6:FB:D9:ED:50:4E:EF:65:9E:CF:C9:19:A1:95:CD:2A:80:3B:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1vvZ7VBO72Wez8kZoZXNKoA7YKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/s86ZsgYFMP7MtIKLkRK7tZoZcEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4a585a-f0f0-4987-ae03-acccae690e75/1/1vvZ7VBO72Wez8kZoZXNKoA7YKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.236.0/22
IPv6:
2a0c:d600::/29
Signature Algorithm: sha256WithRSAEncryption
cc:72:f0:5b:1e:3e:c9:33:c1:bb:bf:9c:6a:66:5b:b3:41:e0:
e4:90:5f:d4:d5:50:55:91:72:6a:b2:c9:67:ee:8e:12:18:77:
5f:72:fe:a6:80:f3:13:79:1e:e1:ac:82:eb:db:db:ab:a0:37:
03:e7:dd:cb:ae:74:bf:a0:c9:da:00:de:ed:00:15:63:3d:4e:
ec:bd:a1:51:0a:cd:d8:43:91:ae:e7:dc:ac:2d:ef:e5:c5:c5:
39:6a:1e:59:8f:88:db:7f:44:a1:4b:a8:0c:3f:0a:17:9b:d8:
4f:a8:24:79:22:97:26:52:28:59:15:7c:50:26:a6:50:58:5d:
77:7a:58:26:71:ee:e6:94:f3:a8:66:aa:90:fa:25:2e:5a:c0:
38:77:74:05:90:5e:db:c1:b1:94:6d:6e:4f:c1:78:cd:11:82:
ab:b8:0b:41:ac:97:c0:83:63:f6:1e:e3:61:cf:c9:60:73:46:
f6:36:e2:9b:5f:84:83:6c:19:c1:24:57:c7:65:28:3e:d3:02:
56:dc:45:13:ef:a8:c1:09:b9:a1:35:4f:f4:c1:a1:c9:b7:f4:
80:44:3f:a1:f6:ec:5f:84:38:d5:d9:c4:be:e1:7b:39:67:87:
35:e9:18:e2:09:3d:c5:18:79:39:54:7f:c6:70:d8:98:1a:24:
d2:ec:de:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC20Rn94mybkEoJKB17hrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZmJkOWVkNTA0ZWVmNjU5ZWNmYzkxOWExOTVjZDJhODAz
YjYwYTcwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2NlOTliMjA2MDUzMGZlY2NiNDgyOGI5MTEyYmJiNTlhMTk3MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkAURzPuvxL7z5qcaKTSN+xBeXCd
ypmp6vw6IrGrefx7npARG6D8VOfxX6rIfAJMj9dDZ4NAaGq9u823LzlSYGbr9bhk
itRUEh5GAkbS7jkeMUG/j7+4wVpshq7q6ye/2mgCeBioKYoZAkDPdouMwBzdFaCO
tviE4hLPpdoVs8jc8E0zvkpdzt2/gaFV0p4G58KILwSN3G6dDV0nGEqrB1OqHXze
zF8z9AwNFgrz9p9OP2/6sjmbONrHCzQfTbgiD9Tme1meT0HJ8gMWrI1fF4ll0EMk
uen8DWTfsY/yGxXje28BjwnuIrID0A/14V47Ls6AifnXJGiwDxrlCNtG+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLPOmbIGBTD+zLSCi5ESu7WaGXBFMB8GA1UdIwQY
MBaAFNb72e1QTu9lns/JGaGVzSqAO2CnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXZ2WjdWQk83MldlejhrWm9aWE5Lb0E3WUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80YTU4NWEtZjBmMC00OTg3LWFlMDMt
YWNjY2FlNjkwZTc1LzEvczg2WnNnWUZNUDdNdElLTGtSSzd0Wm9aY0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80YTU4NWEtZjBmMC00OTg3LWFlMDMtYWNjY2FlNjkwZTc1
LzEvMXZ2WjdWQk83MldlejhrWm9aWE5Lb0E3WUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuePsMA0E
AgACMAcDBQMqDNYAMA0GCSqGSIb3DQEBCwUAA4IBAQDMcvBbHj7JM8G7v5xqZluz
QeDkkF/U1VBVkXJqssln7o4SGHdfcv6mgPMTeR7hrILr29uroDcD593LrnS/oMna
AN7tABVjPU7svaFRCs3YQ5Gu59ysLe/lxcU5ah5Zj4jbf0ShS6gMPwoXm9hPqCR5
IpcmUihZFXxQJqZQWF13elgmce7mlPOoZqqQ+iUuWsA4d3QFkF7bwbGUbW5PwXjN
EYKruAtBrJfAg2P2HuNhz8lgc0b2NuKbX4SDbBnBJFfHZSg+0wJW3EUT76jBCbmh
NU/0waHJt/SARD+h9uxfhDjV2cS+4Xs5Z4c16RjiCT3FGHk5VH/GcNiYGiTS7N4e
-----END CERTIFICATE-----
Generated at Sun May 19 06:32:11 2024 by rpki-client on console-ams.rpki-client.org