Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7c38f4-5dae-4d2c-8208-1d19499d098f/1/cBylqcMgTEpanrdwj5HWMP8y3Q0.roa
File: cBylqcMgTEpanrdwj5HWMP8y3Q0.roa (raw, json)
Hash identifier: pav/yTW+j/cxBi/35F9D+Y/dLWxh0k9+/Q5IZecHMIk=
Subject key identifier: 70:1C:A5:A9:C3:20:4C:4A:5A:9E:B7:70:8F:91:D6:30:FF:32:DD:0D
Certificate issuer: /CN=0c9bc1b14f0d9653f514ec167771b77559ac63cc
Certificate serial: 018CC64AFC186DD985582F1AC0D86168110C
Authority key identifier: 0C:9B:C1:B1:4F:0D:96:53:F5:14:EC:16:77:71:B7:75:59:AC:63:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJvBsU8NllP1FOwWd3G3dVmsY8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7c38f4-5dae-4d2c-8208-1d19499d098f/1/cBylqcMgTEpanrdwj5HWMP8y3Q0.roa
Signing time: Mon 01 Jan 2024 18:30:52 +0000
ROA not before: Mon 01 Jan 2024 18:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200689
IP address blocks: 178.255.116.0/22 maxlen: 22
185.98.164.0/22 maxlen: 22
2a0d:20c0::/29 maxlen: 29
2a06:d00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7c38f4-5dae-4d2c-8208-1d19499d098f/1/DJvBsU8NllP1FOwWd3G3dVmsY8w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7c38f4-5dae-4d2c-8208-1d19499d098f/1/DJvBsU8NllP1FOwWd3G3dVmsY8w.mft
rsync://rpki.ripe.net/repository/DEFAULT/DJvBsU8NllP1FOwWd3G3dVmsY8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 08:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:fc:18:6d:d9:85:58:2f:1a:c0:d8:61:68:11:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c9bc1b14f0d9653f514ec167771b77559ac63cc
Validity
Not Before: Jan 1 18:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=701ca5a9c3204c4a5a9eb7708f91d630ff32dd0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0a:04:b2:ba:40:99:18:0b:fe:e6:78:f3:3b:
f1:35:be:a5:bd:45:aa:2f:f7:a3:47:74:51:e4:fc:
91:34:94:3d:ea:af:1c:c3:74:57:2b:fc:70:4e:5a:
f1:f7:27:55:6f:43:28:00:f6:ba:15:08:8d:4a:f1:
60:25:60:9e:dd:ef:e4:44:c3:34:54:c7:6f:96:94:
33:f6:86:4a:a4:ad:8d:aa:09:56:36:27:cd:7f:14:
93:d2:bd:34:6a:47:af:30:95:08:4a:54:e4:f7:e1:
e6:00:cb:68:4d:d9:a0:ef:28:a1:98:fe:37:40:21:
45:6c:04:05:3a:b0:08:c7:13:d4:ab:4c:f9:e7:92:
28:b9:d6:7e:e7:50:ac:34:54:0f:e8:bd:8a:0f:cb:
65:d1:93:32:bb:f9:7b:21:5a:21:64:4d:56:fe:00:
3e:90:2e:8b:b3:39:f7:d0:f4:63:fb:06:e6:96:13:
3d:79:6c:fc:56:85:f0:45:69:43:2e:89:8f:c9:72:
44:31:5f:ae:1e:02:c6:05:21:dd:3c:d1:7b:08:17:
73:c3:67:ee:9a:38:7e:1b:24:16:26:cc:5b:df:52:
a7:b3:00:ad:87:a4:a7:ee:8e:73:76:0a:68:c5:41:
49:69:39:03:42:a7:c6:9d:27:7d:d9:a4:3c:28:6c:
3e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:1C:A5:A9:C3:20:4C:4A:5A:9E:B7:70:8F:91:D6:30:FF:32:DD:0D
X509v3 Authority Key Identifier:
keyid:0C:9B:C1:B1:4F:0D:96:53:F5:14:EC:16:77:71:B7:75:59:AC:63:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJvBsU8NllP1FOwWd3G3dVmsY8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7c38f4-5dae-4d2c-8208-1d19499d098f/1/cBylqcMgTEpanrdwj5HWMP8y3Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7c38f4-5dae-4d2c-8208-1d19499d098f/1/DJvBsU8NllP1FOwWd3G3dVmsY8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.116.0/22
185.98.164.0/22
IPv6:
2a06:d00::/29
2a0d:20c0::/29
Signature Algorithm: sha256WithRSAEncryption
43:e2:cf:9f:71:36:d1:14:37:9a:7a:49:94:45:b0:67:2d:a7:
02:a5:21:b4:f2:04:da:cb:6e:72:48:48:94:4a:99:51:28:82:
79:d1:15:2b:72:09:18:4e:2f:09:0a:63:df:10:57:d0:9f:0c:
db:27:bd:33:4c:1a:64:3b:89:d3:a5:89:11:3c:a3:fd:22:1a:
8b:c7:59:c5:e3:36:e7:9c:c6:35:1e:37:fb:89:56:20:93:f6:
2e:f0:56:65:31:d3:30:b2:68:24:84:d2:f6:97:da:1d:e4:03:
0f:49:d3:1a:b9:0f:bf:ba:db:1d:48:53:e1:d1:9b:59:75:1f:
7e:28:1b:4d:e0:7a:bd:e7:2f:39:d0:21:d8:ff:5b:e9:e7:66:
fc:35:9a:23:36:f0:ed:ae:40:f3:0c:6a:80:40:a4:11:11:c7:
db:f0:96:3d:41:6d:07:6d:af:5b:39:f6:8f:7c:b8:75:3b:91:
c2:66:44:16:84:2b:cd:d0:e3:de:91:dd:37:6f:37:82:20:0d:
bc:55:6c:ca:b8:56:03:3a:bb:39:5b:97:55:7f:98:6c:26:4e:
9c:20:88:67:2c:d8:d9:ff:92:54:cb:8e:90:4e:3f:25:14:c6:
81:c5:fd:81:14:06:45:59:9e:05:c9:d3:cb:a7:a1:6e:f9:ee:
18:2e:ce:c7
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzGSvwYbdmFWC8awNhhaBEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOWJjMWIxNGYwZDk2NTNmNTE0ZWMxNjc3NzFiNzc1NTlh
YzYzY2MwHhcNMjQwMTAxMTgzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDFjYTVhOWMzMjA0YzRhNWE5ZWI3NzA4ZjkxZDYzMGZmMzJkZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQoEsrpAmRgL/uZ48zvxNb6lvUWq
L/ejR3RR5PyRNJQ96q8cw3RXK/xwTlrx9ydVb0MoAPa6FQiNSvFgJWCe3e/kRMM0
VMdvlpQz9oZKpK2NqglWNifNfxST0r00akevMJUISlTk9+HmAMtoTdmg7yihmP43
QCFFbAQFOrAIxxPUq0z555IoudZ+51CsNFQP6L2KD8tl0ZMyu/l7IVohZE1W/gA+
kC6Lszn30PRj+wbmlhM9eWz8VoXwRWlDLomPyXJEMV+uHgLGBSHdPNF7CBdzw2fu
mjh+GyQWJsxb31KnswCth6Sn7o5zdgpoxUFJaTkDQqfGnSd92aQ8KGw+7QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHAcpanDIExKWp63cI+R1jD/Mt0NMB8GA1UdIwQY
MBaAFAybwbFPDZZT9RTsFndxt3VZrGPMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREp2QnNVOE5sbFAxRk93V2QzRzNkVm1zWTh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YzM4ZjQtNWRhZS00ZDJjLTgyMDgt
MWQxOTQ5OWQwOThmLzEvY0J5bHFjTWdURXBhbnJkd2o1SFdNUDh5M1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YzM4ZjQtNWRhZS00ZDJjLTgyMDgtMWQxOTQ5OWQwOThm
LzEvREp2QnNVOE5sbFAxRk93V2QzRzNkVm1zWTh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCsv90AwQC
uWKkMBQEAgACMA4DBQMqBg0AAwUDKg0gwDANBgkqhkiG9w0BAQsFAAOCAQEAQ+LP
n3E20RQ3mnpJlEWwZy2nAqUhtPIE2stuckhIlEqZUSiCedEVK3IJGE4vCQpj3xBX
0J8M2ye9M0waZDuJ06WJETyj/SIai8dZxeM255zGNR43+4lWIJP2LvBWZTHTMLJo
JITS9pfaHeQDD0nTGrkPv7rbHUhT4dGbWXUffigbTeB6vecvOdAh2P9b6edm/DWa
Izbw7a5A8wxqgECkERHH2/CWPUFtB22vWzn2j3y4dTuRwmZEFoQrzdDj3pHdN283
giANvFVsyrhWAzq7OVuXVX+YbCZOnCCIZyzY2f+SVMuOkE4/JRTGgcX9gRQGRVme
BcnTy6ehbvnuGC7Oxw==
-----END CERTIFICATE-----
Generated at Thu May 9 12:47:38 2024 by rpki-client on console-ams.rpki-client.org