Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/1-c6XWhlrrM5OTd8N_CTptiro8cY.roa
File: 1-c6XWhlrrM5OTd8N_CTptiro8cY.roa (raw, json)
Hash identifier: rdOYCYMygSoiNTR8fmyW34/WgsfVBvSkx9A2TwKuo84=
Subject key identifier: F9:CE:97:5A:19:6B:AC:CE:4E:4D:DF:0D:FC:24:E9:B6:2A:E8:F1:C6
Certificate issuer: /CN=3b0cd44ebbe3d0d6a072e75103f231606995f6ab
Certificate serial: 018CC348E20BDA6A8F1BF8E6815A64A0D214
Authority key identifier: 3B:0C:D4:4E:BB:E3:D0:D6:A0:72:E7:51:03:F2:31:60:69:95:F6:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwzUTrvj0NagcudRA_IxYGmV9qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/1-c6XWhlrrM5OTd8N_CTptiro8cY.roa
Signing time: Mon 01 Jan 2024 04:29:42 +0000
ROA not before: Mon 01 Jan 2024 04:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206350
IP address blocks: 185.186.206.0/24 maxlen: 24
185.186.207.0/24 maxlen: 24
2a0b:d580:1::/48 maxlen: 48
2a0b:d580:0:16::/64 maxlen: 64
2a0b:d580::/32 maxlen: 32
2a0b:d580:2060::/44 maxlen: 44
2a0b:d580:2020::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/OwzUTrvj0NagcudRA_IxYGmV9qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/OwzUTrvj0NagcudRA_IxYGmV9qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwzUTrvj0NagcudRA_IxYGmV9qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e2:0b:da:6a:8f:1b:f8:e6:81:5a:64:a0:d2:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b0cd44ebbe3d0d6a072e75103f231606995f6ab
Validity
Not Before: Jan 1 04:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9ce975a196bacce4e4ddf0dfc24e9b62ae8f1c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c4:85:b0:4d:83:86:87:65:1c:34:90:01:d4:
8d:15:3d:0b:df:70:fb:15:56:2e:64:3a:0c:fe:37:
8d:c4:ff:11:69:e8:79:29:07:2b:8c:5b:e7:f9:92:
64:3e:b4:1a:c9:0d:d4:ae:6a:cc:4b:6e:6d:07:8f:
3b:4f:5d:e8:67:11:68:24:74:30:5e:af:9e:21:85:
a8:7b:e4:2c:9b:22:63:86:da:ec:38:de:ad:41:a2:
92:42:11:34:40:a3:60:fc:c7:3b:6d:20:d4:45:ec:
b5:f2:9b:fe:4c:31:5d:84:d5:6e:46:c1:71:fa:78:
76:0c:b9:78:73:54:57:7e:99:2c:6f:10:14:37:0b:
29:c5:6b:f8:76:89:8e:b4:a3:09:5e:f5:5c:db:a7:
c2:8c:c8:38:11:04:66:23:fe:8b:3c:89:fd:7d:30:
b7:9c:82:4c:34:ce:97:c8:9f:3d:86:44:06:18:73:
c9:ee:45:6c:f4:ea:92:b1:1b:e9:f9:c6:ae:9a:f8:
58:b7:84:b9:96:48:27:a8:e7:6d:53:19:72:2b:a0:
5a:db:15:34:64:af:71:b6:a9:90:df:36:24:0d:f0:
08:b1:02:e6:73:9d:fe:5e:b7:33:f6:a7:e2:1d:bb:
9f:ac:bf:bc:36:5e:e0:42:56:f6:0a:c3:9a:a4:db:
9a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:CE:97:5A:19:6B:AC:CE:4E:4D:DF:0D:FC:24:E9:B6:2A:E8:F1:C6
X509v3 Authority Key Identifier:
keyid:3B:0C:D4:4E:BB:E3:D0:D6:A0:72:E7:51:03:F2:31:60:69:95:F6:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwzUTrvj0NagcudRA_IxYGmV9qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/1-c6XWhlrrM5OTd8N_CTptiro8cY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/971f08-e57c-408a-b776-f7da3b8732bf/1/OwzUTrvj0NagcudRA_IxYGmV9qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.206.0/23
IPv6:
2a0b:d580::/32
Signature Algorithm: sha256WithRSAEncryption
8f:bf:01:5b:dc:d6:43:25:cf:7a:52:86:c8:af:76:cf:e3:fa:
62:44:f8:3d:02:6a:80:01:38:83:ab:f6:e7:e7:91:65:69:59:
e2:a9:a3:59:4e:00:0b:eb:a8:09:34:3b:1e:ef:64:90:1f:b2:
7e:3d:23:5a:b0:5a:70:4e:bd:29:12:97:26:ff:3d:28:0e:44:
15:7d:4e:a5:03:a9:da:bd:9d:2b:08:71:2e:62:56:12:42:b9:
f9:4c:b1:95:65:a8:81:ef:35:a9:bb:f2:a3:9c:93:d8:a6:cf:
55:44:e2:98:23:2e:ef:94:4c:05:4e:e4:38:b1:a9:bb:ed:1e:
fe:27:8e:2e:4a:d8:03:1e:ae:f9:b1:99:3a:c4:d7:4c:09:78:
3b:25:61:88:02:29:6d:bb:25:87:bb:c8:c8:65:ff:cc:cb:ad:
a3:71:b2:bf:6e:23:eb:ee:a8:5f:fc:c8:6c:94:56:ee:66:1d:
c4:79:a5:23:6b:e3:43:e7:4f:c4:69:86:55:70:46:b1:2d:85:
f6:93:24:3d:a0:68:3b:31:01:41:27:34:51:05:cc:d4:e9:20:
9b:5e:99:43:3f:a2:a4:54:a2:53:f5:27:63:3c:0c:2f:5e:22:
ad:fa:94:e2:36:92:63:1e:94:1d:f1:a7:96:90:b2:2d:ee:8e:
eb:91:a3:b5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzDSOIL2mqPG/jmgVpkoNIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMGNkNDRlYmJlM2QwZDZhMDcyZTc1MTAzZjIzMTYwNjk5
NWY2YWIwHhcNMjQwMTAxMDQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWNlOTc1YTE5NmJhY2NlNGU0ZGRmMGRmYzI0ZTliNjJhZThmMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8SFsE2DhodlHDSQAdSNFT0L33D7
FVYuZDoM/jeNxP8Raeh5KQcrjFvn+ZJkPrQayQ3UrmrMS25tB487T13oZxFoJHQw
Xq+eIYWoe+QsmyJjhtrsON6tQaKSQhE0QKNg/Mc7bSDURey18pv+TDFdhNVuRsFx
+nh2DLl4c1RXfpksbxAUNwspxWv4domOtKMJXvVc26fCjMg4EQRmI/6LPIn9fTC3
nIJMNM6XyJ89hkQGGHPJ7kVs9OqSsRvp+caumvhYt4S5lkgnqOdtUxlyK6Ba2xU0
ZK9xtqmQ3zYkDfAIsQLmc53+Xrcz9qfiHbufrL+8Nl7gQlb2CsOapNuaNQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPnOl1oZa6zOTk3fDfwk6bYq6PHGMB8GA1UdIwQY
MBaAFDsM1E6749DWoHLnUQPyMWBplfarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3d6VVRydmowTmFnY3VkUkFfSXhZR21WOXFzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy85NzFmMDgtZTU3Yy00MDhhLWI3NzYt
ZjdkYTNiODczMmJmLzEvMS1jNlhXaGxyck01T1RkOE5fQ1RwdGlybzhjWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWMvOTcxZjA4LWU1N2MtNDA4YS1iNzc2LWY3ZGEzYjg3MzJi
Zi8xL093elVUcnZqME5hZ2N1ZFJBX0l4WUdtVjlxcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbm6zjAN
BAIAAjAHAwUAKgvVgDANBgkqhkiG9w0BAQsFAAOCAQEAj78BW9zWQyXPelKGyK92
z+P6YkT4PQJqgAE4g6v25+eRZWlZ4qmjWU4AC+uoCTQ7Hu9kkB+yfj0jWrBacE69
KRKXJv89KA5EFX1OpQOp2r2dKwhxLmJWEkK5+UyxlWWoge81qbvyo5yT2KbPVUTi
mCMu75RMBU7kOLGpu+0e/ieOLkrYAx6u+bGZOsTXTAl4OyVhiAIpbbslh7vIyGX/
zMuto3Gyv24j6+6oX/zIbJRW7mYdxHmlI2vjQ+dPxGmGVXBGsS2F9pMkPaBoOzEB
QSc0UQXM1Okgm16ZQz+ipFSiU/UnYzwML14irfqU4jaSYx6UHfGnlpCyLe6O65Gj
tQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:21 2024 by rpki-client on console-ams.rpki-client.org