Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/9hhZxdUe8XYGXYGnwlpCEI3DnOI.roa
File: 9hhZxdUe8XYGXYGnwlpCEI3DnOI.roa (raw, json)
Hash identifier: dW1bo1QQIZN1EJPSNr8BKFeo/SUZ9T2qHpD/OrJsQFo=
Subject key identifier: F6:18:59:C5:D5:1E:F1:76:06:5D:81:A7:C2:5A:42:10:8D:C3:9C:E2
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E1C5119DC2C7A52D92683DC2121B0
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/9hhZxdUe8XYGXYGnwlpCEI3DnOI.roa
Signing time: Mon 01 Jan 2024 14:29:36 +0000
ROA not before: Mon 01 Jan 2024 14:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 264825
IP address blocks: 185.181.32.0/22 maxlen: 22
185.181.35.0/24 maxlen: 24
185.181.33.0/24 maxlen: 24
185.181.32.0/23 maxlen: 23
185.181.34.0/23 maxlen: 23
185.181.32.0/24 maxlen: 24
185.181.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 04:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1c:51:19:dc:2c:7a:52:d9:26:83:dc:21:21:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f61859c5d51ef176065d81a7c25a42108dc39ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:36:1f:0a:f2:b6:28:4d:b2:f0:f2:01:91:cd:
6d:69:79:e9:29:a9:43:71:af:6b:62:4a:16:0a:32:
2f:34:45:c8:61:74:95:49:bd:e7:15:14:8c:7c:4c:
ad:7a:c2:6e:90:1c:09:25:10:f9:e4:1b:e8:c7:18:
06:d0:82:bb:c5:29:e3:d6:a6:c5:64:44:f6:28:c0:
5f:07:16:9e:ca:44:a4:0c:c5:02:04:e4:10:73:f6:
f4:77:b3:31:3b:51:5e:20:c7:a0:6b:58:f9:50:8a:
e8:07:e9:15:eb:dd:4f:18:f7:7b:8b:a5:2a:9b:48:
f5:95:ab:ef:dd:db:66:46:8e:de:f7:cf:69:5d:5a:
0a:e6:30:e1:dd:d4:2f:5c:3c:43:60:35:90:76:a9:
b2:1f:dd:25:b4:2a:a6:b1:ec:74:da:28:30:7e:8d:
56:67:a2:d6:f0:ef:b9:10:90:14:c5:08:e4:b7:b8:
55:a4:c4:06:52:5d:c8:8a:94:0e:95:05:d5:56:1f:
06:6b:03:3e:cc:38:44:87:f8:bc:aa:e6:21:48:d3:
06:08:80:d1:5a:a7:49:a7:bc:08:6e:00:b3:6a:39:
99:e7:55:dc:93:b8:b7:95:be:8b:4b:74:39:78:20:
58:a9:65:87:38:45:a7:36:55:f3:08:46:34:32:aa:
50:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:18:59:C5:D5:1E:F1:76:06:5D:81:A7:C2:5A:42:10:8D:C3:9C:E2
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/9hhZxdUe8XYGXYGnwlpCEI3DnOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.32.0/22
Signature Algorithm: sha256WithRSAEncryption
72:2c:a9:63:af:32:9b:d4:7a:c6:be:4b:d2:ff:a4:63:72:59:
7b:9b:31:d2:9b:76:33:b6:3e:6e:c9:71:73:ce:1a:f1:d4:20:
08:1b:de:d3:9f:0e:7a:09:b9:a7:93:b2:15:67:4a:f4:fc:a7:
70:c7:dd:7e:8e:0f:70:88:8b:7a:82:3f:1a:d3:11:ea:dc:2e:
ba:5f:3d:9e:0b:c2:cc:9f:37:58:21:d5:09:f4:54:f2:a9:cf:
3f:4f:03:fd:67:ef:02:a8:bd:e5:da:ce:ce:64:1b:7b:f6:5e:
a5:72:c9:75:aa:91:9d:1e:24:b5:29:9d:fa:65:df:c7:58:50:
95:27:b8:cd:1e:c3:eb:37:09:c1:18:0a:84:22:80:2f:28:e0:
da:75:48:85:09:59:0b:1e:cc:ba:91:5b:bb:bc:bf:b6:a9:24:
b2:2a:f6:8a:e8:b2:57:e7:57:fd:f6:6e:2d:01:30:04:dd:6b:
74:7f:79:bd:be:92:1d:ab:a8:43:ef:3c:d3:63:cd:93:5c:f2:
24:94:92:a8:2e:05:70:8a:66:01:09:96:59:ee:99:2c:13:30:
48:3c:52:43:80:9a:0a:aa:f6:42:0d:8e:5f:38:50:67:9a:1e:
fe:dc:f6:43:02:c4:ad:c1:7b:c6:e9:db:19:79:85:75:5e:fc:
9d:a5:ac:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbhxRGdwselLZJoPcISGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjE4NTljNWQ1MWVmMTc2MDY1ZDgxYTdjMjVhNDIxMDhkYzM5Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzYfCvK2KE2y8PIBkc1taXnpKalD
ca9rYkoWCjIvNEXIYXSVSb3nFRSMfEytesJukBwJJRD55BvoxxgG0IK7xSnj1qbF
ZET2KMBfBxaeykSkDMUCBOQQc/b0d7MxO1FeIMega1j5UIroB+kV691PGPd7i6Uq
m0j1lavv3dtmRo7e989pXVoK5jDh3dQvXDxDYDWQdqmyH90ltCqmsex02igwfo1W
Z6LW8O+5EJAUxQjkt7hVpMQGUl3IipQOlQXVVh8GawM+zDhEh/i8quYhSNMGCIDR
WqdJp7wIbgCzajmZ51Xck7i3lb6LS3Q5eCBYqWWHOEWnNlXzCEY0MqpQgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPYYWcXVHvF2Bl2Bp8JaQhCNw5ziMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvOWhoWnhkVWU4WFlHWFlHbndscENFSTNEbk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubUgMA0G
CSqGSIb3DQEBCwUAA4IBAQByLKljrzKb1HrGvkvS/6Rjcll7mzHSm3Yztj5uyXFz
zhrx1CAIG97Tnw56Cbmnk7IVZ0r0/Kdwx91+jg9wiIt6gj8a0xHq3C66Xz2eC8LM
nzdYIdUJ9FTyqc8/TwP9Z+8CqL3l2s7OZBt79l6lcsl1qpGdHiS1KZ36Zd/HWFCV
J7jNHsPrNwnBGAqEIoAvKODadUiFCVkLHsy6kVu7vL+2qSSyKvaK6LJX51f99m4t
ATAE3Wt0f3m9vpIdq6hD7zzTY82TXPIklJKoLgVwimYBCZZZ7pksEzBIPFJDgJoK
qvZCDY5fOFBnmh7+3PZDAsStwXvG6dsZeYV1XvydpayP
-----END CERTIFICATE-----
Generated at Fri May 3 12:41:38 2024 by rpki-client on console-fra.rpki-client.org