Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/r6963khB4nmPvMNXyxxG2Tmy8mI.roa
File: r6963khB4nmPvMNXyxxG2Tmy8mI.roa (raw, json)
Hash identifier: /AsEELgrEuO9I5VqUCmZj65FdBFsA+g73fP6OXXwMJk=
Subject key identifier: AF:AF:7A:DE:48:41:E2:79:8F:BC:C3:57:CB:1C:46:D9:39:B2:F2:62
Certificate issuer: /CN=053360c6e3e892db66b1df6ad47f7818e9deeb8c
Certificate serial: 018CC500047E54406179A93F61606058AFA0
Authority key identifier: 05:33:60:C6:E3:E8:92:DB:66:B1:DF:6A:D4:7F:78:18:E9:DE:EB:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTNgxuPokttmsd9q1H94GOne64w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/r6963khB4nmPvMNXyxxG2Tmy8mI.roa
Signing time: Mon 01 Jan 2024 12:29:21 +0000
ROA not before: Mon 01 Jan 2024 12:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8922
IP address blocks: 185.34.36.0/23 maxlen: 23
185.34.38.0/23 maxlen: 23
2a03:e700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/BTNgxuPokttmsd9q1H94GOne64w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/BTNgxuPokttmsd9q1H94GOne64w.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTNgxuPokttmsd9q1H94GOne64w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 15:21:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:04:7e:54:40:61:79:a9:3f:61:60:60:58:af:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053360c6e3e892db66b1df6ad47f7818e9deeb8c
Validity
Not Before: Jan 1 12:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afaf7ade4841e2798fbcc357cb1c46d939b2f262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7e:31:88:6b:be:48:8a:48:d8:e4:72:f0:71:
ae:b2:d1:47:c4:a8:b4:10:ea:ef:6f:f4:f5:88:27:
6e:81:42:99:32:d5:35:fc:33:c1:6d:1b:a6:d1:91:
16:1b:04:63:cc:0b:0e:9b:b0:6f:2d:c6:d2:f4:c6:
f7:0f:0c:cc:56:3f:25:d8:97:36:ec:4c:5c:cf:68:
94:c4:30:fc:97:ad:65:5b:4d:9f:18:e8:bf:6f:17:
76:c0:75:8d:c2:5f:e2:f6:cc:06:14:3e:f4:c6:c1:
8b:80:60:b6:3a:6f:6a:94:9f:6b:c6:01:d4:f2:0b:
eb:62:12:63:52:55:ec:d6:e8:49:5d:b8:d3:dd:a8:
1b:76:6c:0d:cf:53:cc:61:7b:2c:52:24:30:1f:3d:
ba:74:52:2a:c3:cd:52:54:6b:5c:9a:f2:87:d2:5f:
86:84:c5:86:58:f2:49:24:cf:15:2f:3d:6b:b9:a9:
c1:41:7b:46:52:bb:31:c6:a6:c9:16:87:d7:c4:84:
de:0d:2f:d2:58:cb:3c:7c:e2:52:ce:e3:63:f4:50:
f3:c4:ef:0b:fa:f9:db:5d:c3:4e:e1:1f:80:0b:f6:
6c:44:42:5d:d7:c0:4b:4d:50:5a:e2:4a:1e:6c:c4:
66:d1:1f:83:2e:1d:7d:da:3c:e0:65:a5:fc:8e:78:
9e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AF:7A:DE:48:41:E2:79:8F:BC:C3:57:CB:1C:46:D9:39:B2:F2:62
X509v3 Authority Key Identifier:
keyid:05:33:60:C6:E3:E8:92:DB:66:B1:DF:6A:D4:7F:78:18:E9:DE:EB:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTNgxuPokttmsd9q1H94GOne64w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/r6963khB4nmPvMNXyxxG2Tmy8mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/06dd83-07dc-40fb-923f-d91dce5db93a/1/BTNgxuPokttmsd9q1H94GOne64w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.36.0/22
IPv6:
2a03:e700::/32
Signature Algorithm: sha256WithRSAEncryption
5a:f5:c1:1f:48:55:1b:93:63:7b:e7:1c:a2:35:0e:1a:13:d7:
dd:93:81:af:b3:d3:7b:d2:49:51:9d:36:7f:4a:47:08:e2:34:
29:0f:e4:20:5e:8e:3c:8f:8d:9f:e2:79:53:b5:0f:cc:7c:32:
2e:cd:b6:38:18:93:67:77:9b:75:f4:bb:49:63:3f:2f:8e:03:
fb:fe:d7:2a:df:80:95:6f:5a:9a:6a:f8:d6:1b:3b:12:29:68:
a2:40:36:aa:eb:3b:e2:33:f4:5d:91:e3:ce:cf:ad:58:53:7c:
93:25:8b:2e:45:e0:67:9f:a4:6c:5c:90:a5:7b:3f:20:d7:ec:
64:a5:d5:19:77:fe:cb:60:d7:15:5c:a4:e4:35:7f:c9:e1:80:
a2:57:ac:00:c1:17:56:51:ae:6f:2c:b1:ac:f6:7f:1e:90:0c:
ed:03:0d:19:1f:7b:4c:61:8e:6f:67:f2:82:57:02:fa:47:c5:
a5:f4:ed:e1:36:99:c0:0e:57:06:e7:bf:65:e3:9e:e5:bb:e7:
3b:af:03:fb:d6:19:d8:29:f3:7c:2c:59:05:3f:38:2f:33:cc:
a7:f8:24:d4:f8:74:77:6a:80:71:21:b4:7e:24:5e:49:9b:5c:
3c:af:3d:91:42:b6:68:aa:d9:fb:f2:9f:b3:14:1f:4a:18:09:
a1:da:d5:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAAR+VEBheak/YWBgWK+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzM2MGM2ZTNlODkyZGI2NmIxZGY2YWQ0N2Y3ODE4ZTlk
ZWViOGMwHhcNMjQwMTAxMTIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmFmN2FkZTQ4NDFlMjc5OGZiY2MzNTdjYjFjNDZkOTM5YjJmMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn4xiGu+SIpI2ORy8HGustFHxKi0
EOrvb/T1iCdugUKZMtU1/DPBbRum0ZEWGwRjzAsOm7BvLcbS9Mb3DwzMVj8l2Jc2
7Excz2iUxDD8l61lW02fGOi/bxd2wHWNwl/i9swGFD70xsGLgGC2Om9qlJ9rxgHU
8gvrYhJjUlXs1uhJXbjT3agbdmwNz1PMYXssUiQwHz26dFIqw81SVGtcmvKH0l+G
hMWGWPJJJM8VLz1ruanBQXtGUrsxxqbJFofXxITeDS/SWMs8fOJSzuNj9FDzxO8L
+vnbXcNO4R+AC/ZsREJd18BLTVBa4koebMRm0R+DLh192jzgZaX8jnieqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFK+vet5IQeJ5j7zDV8scRtk5svJiMB8GA1UdIwQY
MBaAFAUzYMbj6JLbZrHfatR/eBjp3uuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlROZ3h1UG9rdHRtc2Q5cTFIOTRHT25lNjR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wNmRkODMtMDdkYy00MGZiLTkyM2Yt
ZDkxZGNlNWRiOTNhLzEvcjY5NjNraEI0bm1Qdk1OWHl4eEcyVG15OG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wNmRkODMtMDdkYy00MGZiLTkyM2YtZDkxZGNlNWRiOTNh
LzEvQlROZ3h1UG9rdHRtc2Q5cTFIOTRHT25lNjR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSIkMA0E
AgACMAcDBQAqA+cAMA0GCSqGSIb3DQEBCwUAA4IBAQBa9cEfSFUbk2N75xyiNQ4a
E9fdk4Gvs9N70klRnTZ/SkcI4jQpD+QgXo48j42f4nlTtQ/MfDIuzbY4GJNnd5t1
9LtJYz8vjgP7/tcq34CVb1qaavjWGzsSKWiiQDaq6zviM/RdkePOz61YU3yTJYsu
ReBnn6RsXJClez8g1+xkpdUZd/7LYNcVXKTkNX/J4YCiV6wAwRdWUa5vLLGs9n8e
kAztAw0ZH3tMYY5vZ/KCVwL6R8Wl9O3hNpnADlcG579l457lu+c7rwP71hnYKfN8
LFkFPzgvM8yn+CTU+HR3aoBxIbR+JF5Jm1w8rz2RQrZoqtn78p+zFB9KGAmh2tXr
-----END CERTIFICATE-----
Generated at Thu May 9 22:21:50 2024 by rpki-client on console-fra.rpki-client.org