Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/I3ML_1IMrboMbFt-qP7DhSmQtf0.roa
File: I3ML_1IMrboMbFt-qP7DhSmQtf0.roa (raw, json)
Hash identifier: yC0k6L/a9UY0Z4AqOz65/z1a7kAYHCrQ7XpDNaJUOgU=
Subject key identifier: 23:73:0B:FF:52:0C:AD:BA:0C:6C:5B:7E:A8:FE:C3:85:29:90:B5:FD
Certificate issuer: /CN=7c4b917dc9046a065678ae0df4d3e30369c59c69
Certificate serial: 018EB55B77800BA53EA7BC445946479177F7
Authority key identifier: 7C:4B:91:7D:C9:04:6A:06:56:78:AE:0D:F4:D3:E3:03:69:C5:9C:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/I3ML_1IMrboMbFt-qP7DhSmQtf0.roa
Signing time: Sat 06 Apr 2024 21:40:54 +0000
ROA not before: Sat 06 Apr 2024 21:40:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51786
IP address blocks: 185.117.12.0/24 maxlen: 24
185.117.13.0/24 maxlen: 24
2001:67c:458::/48 maxlen: 48
2a06:8280::/44 maxlen: 44
2a06:8280:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/fEuRfckEagZWeK4N9NPjA2nFnGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/fEuRfckEagZWeK4N9NPjA2nFnGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 17:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b5:5b:77:80:0b:a5:3e:a7:bc:44:59:46:47:91:77:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c4b917dc9046a065678ae0df4d3e30369c59c69
Validity
Not Before: Apr 6 21:40:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23730bff520cadba0c6c5b7ea8fec3852990b5fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e0:4e:2a:90:d6:88:43:a1:3a:b7:8f:3d:a1:
07:c2:50:c6:ac:86:e0:e8:35:53:9c:d9:c3:f7:91:
cf:e5:d9:e3:25:f9:9a:64:75:08:90:b1:5c:06:07:
c0:91:23:4e:e1:33:e2:9b:52:59:03:a4:01:db:ee:
60:f7:93:b7:97:25:4f:71:a5:ab:aa:75:b8:e2:82:
0c:08:7a:c2:90:e4:53:1d:37:c4:1a:ad:b5:ce:ae:
8b:8a:ec:3a:9b:d6:8e:21:de:5b:e0:e9:5d:30:b7:
9b:7a:2f:a9:3e:1a:39:4f:61:29:29:ef:09:2f:4e:
50:e8:12:e2:fa:8e:24:0d:32:8e:fa:45:c1:17:5b:
d7:96:4d:c3:fa:5d:39:b2:26:62:9d:7c:fd:7b:e7:
ab:56:14:06:bc:0d:52:a8:e4:3e:ac:20:3e:6b:15:
21:85:49:8e:c9:68:68:19:d0:bf:8e:fc:e1:8b:7f:
79:b5:4c:bb:9e:05:25:c2:c4:e4:52:b0:36:d2:ed:
8a:b0:4d:ba:71:72:cd:0f:29:c1:11:10:42:a4:ae:
72:a9:71:c8:25:d2:a6:5c:2a:16:cc:b0:4e:78:d5:
34:69:61:fd:6d:77:0f:05:26:d8:0e:0c:c2:8d:f4:
f6:d8:86:fa:93:31:0d:d4:aa:58:cd:19:bb:59:25:
ed:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:73:0B:FF:52:0C:AD:BA:0C:6C:5B:7E:A8:FE:C3:85:29:90:B5:FD
X509v3 Authority Key Identifier:
keyid:7C:4B:91:7D:C9:04:6A:06:56:78:AE:0D:F4:D3:E3:03:69:C5:9C:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/I3ML_1IMrboMbFt-qP7DhSmQtf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/fEuRfckEagZWeK4N9NPjA2nFnGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.12.0/23
IPv6:
2001:67c:458::/48
2a06:8280::/43
Signature Algorithm: sha256WithRSAEncryption
a9:bf:db:45:b5:67:fa:01:de:b8:13:ba:ef:98:30:33:c2:26:
fb:08:de:86:de:d1:c3:f6:dc:0e:9c:78:3a:13:6f:2c:8a:ec:
e2:7d:06:64:28:56:65:69:92:57:ab:2b:e4:eb:95:f5:b2:52:
27:37:96:ee:bc:a1:4e:c5:10:99:a5:75:c4:12:b6:84:9b:74:
81:a4:3f:f2:c5:7c:58:62:62:96:dc:0e:17:dc:14:6c:f4:93:
d9:a4:70:74:62:c4:15:65:54:29:2a:4c:5f:03:9e:fd:9b:a5:
5a:99:64:18:f8:ca:c7:6b:cb:28:13:ba:35:f4:e7:36:d4:1b:
c3:3a:de:2b:6d:bf:b6:09:56:d1:57:d7:b5:0f:6a:74:63:fb:
1a:0d:c8:ba:3c:ae:10:24:71:7c:a0:85:dc:ae:d8:ca:92:8f:
a3:81:71:ef:d5:ba:7a:0d:c3:ef:99:49:57:63:d1:8a:ed:36:
ef:ca:1d:14:3e:3a:15:41:21:f8:8a:29:f5:17:0d:7c:03:6d:
1b:de:db:71:c1:a1:b8:ca:41:21:08:d8:8b:6f:68:4e:37:00:
15:da:38:65:f3:a2:d3:8c:7f:11:65:23:69:e7:37:39:d7:a9:
9f:fa:5d:d3:27:17:e1:4c:f1:b4:65:b8:0c:45:ae:84:3a:33:
0f:ee:b5:59
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY61W3eAC6U+p7xEWUZHkXf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNGI5MTdkYzkwNDZhMDY1Njc4YWUwZGY0ZDNlMzAzNjlj
NTljNjkwHhcNMjQwNDA2MjE0MDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzczMGJmZjUyMGNhZGJhMGM2YzViN2VhOGZlYzM4NTI5OTBiNWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOBOKpDWiEOhOrePPaEHwlDGrIbg
6DVTnNnD95HP5dnjJfmaZHUIkLFcBgfAkSNO4TPim1JZA6QB2+5g95O3lyVPcaWr
qnW44oIMCHrCkORTHTfEGq21zq6Liuw6m9aOId5b4OldMLebei+pPho5T2EpKe8J
L05Q6BLi+o4kDTKO+kXBF1vXlk3D+l05siZinXz9e+erVhQGvA1SqOQ+rCA+axUh
hUmOyWhoGdC/jvzhi395tUy7ngUlwsTkUrA20u2KsE26cXLNDynBERBCpK5yqXHI
JdKmXCoWzLBOeNU0aWH9bXcPBSbYDgzCjfT22Ib6kzEN1KpYzRm7WSXtZwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCNzC/9SDK26DGxbfqj+w4UpkLX9MB8GA1UdIwQY
MBaAFHxLkX3JBGoGVniuDfTT4wNpxZxpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkV1UmZja0VhZ1pXZUs0TjlOUGpBMm5GbkdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84ZDg1ZDctNDA0OS00YjVhLTliZjct
OTFjNzBmNjFhMDY3LzEvSTNNTF8xSU1yYm9NYkZ0LXFQN0RoU21RdGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84ZDg1ZDctNDA0OS00YjVhLTliZjctOTFjNzBmNjFhMDY3
LzEvZkV1UmZja0VhZ1pXZUs0TjlOUGpBMm5GbkdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBuXUMMBgE
AgACMBIDBwAgAQZ8BFgDBwUqBoKAAAAwDQYJKoZIhvcNAQELBQADggEBAKm/20W1
Z/oB3rgTuu+YMDPCJvsI3obe0cP23A6ceDoTbyyK7OJ9BmQoVmVpklerK+TrlfWy
Uic3lu68oU7FEJmldcQStoSbdIGkP/LFfFhiYpbcDhfcFGz0k9mkcHRixBVlVCkq
TF8Dnv2bpVqZZBj4ysdryygTujX05zbUG8M63ittv7YJVtFX17UPanRj+xoNyLo8
rhAkcXyghdyu2MqSj6OBce/VunoNw++ZSVdj0YrtNu/KHRQ+OhVBIfiKKfUXDXwD
bRve23HBobjKQSEI2ItvaE43ABXaOGXzotOMfxFlI2nnNznXqZ/6XdMnF+FM8bRl
uAxFroQ6Mw/utVk=
-----END CERTIFICATE-----
Generated at Sat Jun 29 00:42:06 2024 by rpki-client on console-fra.rpki-client.org