Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/r7VHeEf6BPvCUpUnWOu-52asrM4.roa
File: r7VHeEf6BPvCUpUnWOu-52asrM4.roa (raw, json)
Hash identifier: QUYoprGLY+64JxXEWKaIHVW7E6B83D++QZuZHJKKXbc=
Subject key identifier: AF:B5:47:78:47:FA:04:FB:C2:52:95:27:58:EB:BE:E7:66:AC:AC:CE
Certificate issuer: /CN=36b55fb34d29f962545132a025b52644fdffbf6f
Certificate serial: 018CC9BCAE610449492B9940309E474B7467
Authority key identifier: 36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/r7VHeEf6BPvCUpUnWOu-52asrM4.roa
Signing time: Tue 02 Jan 2024 10:33:54 +0000
ROA not before: Tue 02 Jan 2024 10:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.206.123.0/24 maxlen: 24
2a10:ca00:4::/48 maxlen: 48
2a10:ca00:2::/48 maxlen: 48
2a10:ca00:3::/48 maxlen: 48
2a10:ca00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/NrVfs00p-WJUUTKgJbUmRP3_v28.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/NrVfs00p-WJUUTKgJbUmRP3_v28.mft
rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ae:61:04:49:49:2b:99:40:30:9e:47:4b:74:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b55fb34d29f962545132a025b52644fdffbf6f
Validity
Not Before: Jan 2 10:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afb5477847fa04fbc252952758ebbee766acacce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e9:60:80:e2:f3:22:5a:5a:a8:4c:2f:87:76:
26:b2:6f:c1:75:fb:41:93:70:f0:f2:1f:19:f3:e3:
91:69:b3:31:67:8f:67:46:bd:29:42:3d:fd:af:ed:
a4:70:23:fd:22:36:a1:e2:a2:61:a0:60:ab:c8:48:
0b:04:27:b2:b3:a2:3f:cb:52:c4:49:1c:1b:68:e0:
2a:66:d7:d3:41:b4:f5:4e:cf:5f:5c:e3:a9:dc:85:
a5:90:d7:f1:fb:47:2c:e8:69:29:02:79:34:b0:d8:
1e:20:7b:e2:34:a0:9c:ec:ff:98:8c:3f:2f:fe:fd:
2c:2e:7d:34:ae:77:42:ce:38:ac:fc:04:e8:39:4e:
a8:4e:ce:58:7a:68:91:51:c0:0a:3e:cd:9b:30:0e:
1d:13:ef:36:df:e7:37:7f:f6:9d:6c:ac:0a:4b:cd:
08:96:68:14:90:f0:de:e7:81:9c:4f:01:84:6e:09:
ae:be:f2:80:d7:97:f1:01:2b:5a:af:c8:f7:ee:b7:
ae:8f:81:6d:e6:e0:01:08:9e:52:0f:69:65:5c:61:
e1:a3:9c:ff:68:51:54:4f:8e:bc:2d:be:82:1e:72:
f1:c3:fa:30:4d:c7:75:19:01:3e:bb:42:81:4d:47:
0b:5f:3b:33:0d:fc:17:0c:04:69:d5:c6:48:84:70:
9b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B5:47:78:47:FA:04:FB:C2:52:95:27:58:EB:BE:E7:66:AC:AC:CE
X509v3 Authority Key Identifier:
keyid:36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/r7VHeEf6BPvCUpUnWOu-52asrM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/NrVfs00p-WJUUTKgJbUmRP3_v28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.123.0/24
IPv6:
2a10:ca00:1::-2a10:ca00:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
08:0d:aa:e1:af:ab:84:6d:4a:47:dd:54:b8:47:a8:64:d8:35:
31:d9:be:df:fb:ba:9c:55:ad:31:19:a4:ae:cb:12:ff:56:6c:
ae:f6:9d:fb:e2:e3:7e:25:2c:00:22:be:5e:de:e7:03:ca:40:
81:2b:28:1e:31:7c:f2:04:2b:cb:5f:74:41:84:8a:3d:bb:dc:
49:e7:ad:c8:f1:15:8c:63:e9:0c:09:d2:df:ce:60:1e:15:63:
95:4a:ac:27:37:06:ae:9b:b4:2e:f3:21:89:d0:47:f1:68:3a:
85:cf:f3:72:4b:1c:15:87:a4:30:35:6d:dd:7b:2b:7d:04:0e:
cb:0a:73:9d:7a:c0:a8:c3:eb:96:4f:98:8a:a0:f7:42:bc:c4:
1c:0c:45:e2:35:b4:50:78:e5:7f:fe:b3:af:a2:2b:dc:a3:7d:
11:67:ef:56:53:6b:2d:76:9d:9b:b8:2e:bb:cd:40:ad:d9:0f:
ae:96:b4:68:5e:fc:18:c8:53:7a:cc:c8:09:ad:f0:0e:54:dc:
73:b8:70:04:51:29:e9:aa:4f:c2:92:4d:c9:18:b1:90:b2:d6:
61:3b:15:87:46:56:e1:da:09:51:c5:b1:1d:ce:62:7f:64:0d:
57:fa:27:d9:eb:bb:71:0d:ca:f6:ef:15:b2:69:90:ea:49:aa:
6d:fc:44:60
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzJvK5hBElJK5lAMJ5HS3RnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YjU1ZmIzNGQyOWY5NjI1NDUxMzJhMDI1YjUyNjQ0ZmRm
ZmJmNmYwHhcNMjQwMTAyMTAzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmI1NDc3ODQ3ZmEwNGZiYzI1Mjk1Mjc1OGViYmVlNzY2YWNhY2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOlggOLzIlpaqEwvh3Ymsm/BdftB
k3Dw8h8Z8+ORabMxZ49nRr0pQj39r+2kcCP9Ijah4qJhoGCryEgLBCeys6I/y1LE
SRwbaOAqZtfTQbT1Ts9fXOOp3IWlkNfx+0cs6GkpAnk0sNgeIHviNKCc7P+YjD8v
/v0sLn00rndCzjis/AToOU6oTs5YemiRUcAKPs2bMA4dE+823+c3f/adbKwKS80I
lmgUkPDe54GcTwGEbgmuvvKA15fxAStar8j37reuj4Ft5uABCJ5SD2llXGHho5z/
aFFUT468Lb6CHnLxw/owTcd1GQE+u0KBTUcLXzszDfwXDARp1cZIhHCb/QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFK+1R3hH+gT7wlKVJ1jrvudmrKzOMB8GA1UdIwQY
MBaAFDa1X7NNKfliVFEyoCW1JkT9/79vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnJWZnMwMHAtV0pVVVRLZ0piVW1SUDNfdjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yYmYwMGItYmZiYy00ZjZiLWExM2Ut
ZjEwZjczYTllY2IzLzEvcjdWSGVFZjZCUHZDVXBVbldPdS01MmFzck00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yYmYwMGItYmZiYy00ZjZiLWExM2UtZjEwZjczYTllY2Iz
LzEvTnJWZnMwMHAtV0pVVVRLZ0piVW1SUDNfdjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAuc57MBoE
AgACMBQwEgMHACoQygAAAQMHACoQygAABDANBgkqhkiG9w0BAQsFAAOCAQEACA2q
4a+rhG1KR91UuEeoZNg1Mdm+3/u6nFWtMRmkrssS/1Zsrvad++LjfiUsACK+Xt7n
A8pAgSsoHjF88gQry190QYSKPbvcSeetyPEVjGPpDAnS385gHhVjlUqsJzcGrpu0
LvMhidBH8Wg6hc/zckscFYekMDVt3XsrfQQOywpznXrAqMPrlk+YiqD3QrzEHAxF
4jW0UHjlf/6zr6Ir3KN9EWfvVlNrLXadm7guu81ArdkPrpa0aF78GMhTeszICa3w
DlTcc7hwBFEp6apPwpJNyRixkLLWYTsVh0ZW4doJUcWxHc5if2QNV/on2eu7cQ3K
9u8VsmmQ6kmqbfxEYA==
-----END CERTIFICATE-----
Generated at Thu May 2 08:24:52 2024 by rpki-client on console-ams.rpki-client.org