Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/scIMp8TC2aWlNMYlAmlCkACdZio.roa
File: scIMp8TC2aWlNMYlAmlCkACdZio.roa (raw, json)
Hash identifier: N+KCUQJrGX2A5U9nbmiKqQxqFETd3GKfhkwcRTOeBfo=
Subject key identifier: B1:C2:0C:A7:C4:C2:D9:A5:A5:34:C6:25:02:69:42:90:00:9D:66:2A
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 018CC801F14104D3D42A5DC3DCA1EBE26190
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/scIMp8TC2aWlNMYlAmlCkACdZio.roa
Signing time: Tue 02 Jan 2024 02:30:19 +0000
ROA not before: Tue 02 Jan 2024 02:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35219
IP address blocks: 185.185.228.0/24 maxlen: 24
185.64.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 04:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:f1:41:04:d3:d4:2a:5d:c3:dc:a1:eb:e2:61:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 2 02:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1c20ca7c4c2d9a5a534c62502694290009d662a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9d:70:87:ab:1c:ca:e5:4d:85:3a:f0:ce:aa:
bf:59:84:c5:ce:4c:bd:5f:99:70:4b:f2:1d:15:26:
71:f8:95:0b:47:f5:5f:53:f4:8b:b3:1e:9a:da:03:
eb:e4:3b:ac:42:c6:3a:5c:ce:7a:11:fd:ad:bd:65:
9f:e3:af:87:1a:5c:0d:64:0d:4d:d6:76:b1:ba:e8:
8b:73:be:bf:c9:96:12:04:10:5d:02:63:70:5b:0b:
2f:23:30:7d:d2:53:9f:bb:8b:8e:ea:de:61:dc:d4:
df:d0:26:4c:2a:d0:60:b6:2e:62:13:b7:8e:0d:78:
dd:b2:28:cd:6e:89:05:73:8b:92:2b:0c:e1:28:bc:
11:a7:7d:85:42:d0:7c:66:c6:65:f0:92:69:23:17:
23:8b:e9:e7:f5:68:e0:5d:e5:30:40:fc:15:1e:7e:
e7:39:c7:0e:08:e9:f3:cf:ac:da:3c:49:e6:2d:ca:
fd:9e:d5:97:1e:66:1b:e7:7f:ad:a4:4a:73:af:e2:
18:66:52:21:ef:dd:26:b1:42:f9:54:52:75:31:c5:
8d:5a:7e:84:f8:41:d8:62:ed:fe:19:ef:dc:11:54:
e2:3a:6e:ec:b0:25:ef:cf:c5:31:43:92:76:92:90:
f8:0d:fb:ac:3e:56:ab:e5:29:a5:47:4c:d1:9f:9a:
4b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C2:0C:A7:C4:C2:D9:A5:A5:34:C6:25:02:69:42:90:00:9D:66:2A
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/scIMp8TC2aWlNMYlAmlCkACdZio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.64.0/22
185.185.228.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:d7:65:7a:0e:3d:39:63:ca:7f:91:1b:49:63:3d:36:17:8c:
b9:dd:6c:cb:e9:1d:58:ed:43:dd:ba:a1:55:02:8b:49:42:46:
d9:24:03:3c:8a:6e:f6:34:10:65:77:97:64:36:a4:04:1d:55:
5e:7b:cd:f8:20:18:84:25:21:32:43:a3:cc:5d:17:03:b0:d6:
ad:b8:04:6d:1b:46:7e:8a:0a:cd:26:82:fe:87:1b:94:39:59:
05:a0:9f:7c:29:7e:af:78:66:f3:1c:98:bf:cd:6e:fb:f0:67:
43:d9:03:02:67:81:cb:a0:5d:4f:01:05:43:4f:76:d2:73:a4:
e6:fe:49:00:9c:c6:e9:c5:e2:e4:f3:71:98:9e:0e:be:c4:d8:
52:e4:a4:fb:04:82:51:6b:69:ed:05:ad:a9:e0:f3:b6:0f:85:
c5:71:2b:2f:9b:12:b4:0b:c6:60:15:1c:97:73:93:da:4e:5a:
2d:55:b2:55:41:1c:c8:3f:65:0e:57:63:89:89:5c:22:f2:98:
63:94:fa:29:5e:76:a7:7b:0d:ba:1b:5e:9d:d2:5d:60:7e:eb:
94:aa:92:71:ca:d7:31:a6:24:43:67:e8:cc:a7:2a:1a:bb:a6:
a1:50:1a:19:6e:22:91:2a:0b:4a:48:56:cb:52:fe:fb:44:72:
e9:11:46:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAfFBBNPUKl3D3KHr4mGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjQwMTAyMDIzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWMyMGNhN2M0YzJkOWE1YTUzNGM2MjUwMjY5NDI5MDAwOWQ2NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp1wh6scyuVNhTrwzqq/WYTFzky9
X5lwS/IdFSZx+JULR/VfU/SLsx6a2gPr5DusQsY6XM56Ef2tvWWf46+HGlwNZA1N
1naxuuiLc76/yZYSBBBdAmNwWwsvIzB90lOfu4uO6t5h3NTf0CZMKtBgti5iE7eO
DXjdsijNbokFc4uSKwzhKLwRp32FQtB8ZsZl8JJpIxcji+nn9WjgXeUwQPwVHn7n
OccOCOnzz6zaPEnmLcr9ntWXHmYb53+tpEpzr+IYZlIh790msUL5VFJ1McWNWn6E
+EHYYu3+Ge/cEVTiOm7ssCXvz8UxQ5J2kpD4DfusPlar5SmlR0zRn5pLvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLHCDKfEwtmlpTTGJQJpQpAAnWYqMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvc2NJTXA4VEMyYVdsTk1ZbEFtbENrQUNkWmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUBAAwQA
ubnkMA0GCSqGSIb3DQEBCwUAA4IBAQC312V6Dj05Y8p/kRtJYz02F4y53WzL6R1Y
7UPduqFVAotJQkbZJAM8im72NBBld5dkNqQEHVVee834IBiEJSEyQ6PMXRcDsNat
uARtG0Z+igrNJoL+hxuUOVkFoJ98KX6veGbzHJi/zW778GdD2QMCZ4HLoF1PAQVD
T3bSc6Tm/kkAnMbpxeLk83GYng6+xNhS5KT7BIJRa2ntBa2p4PO2D4XFcSsvmxK0
C8ZgFRyXc5PaTlotVbJVQRzIP2UOV2OJiVwi8phjlPopXnanew26G16d0l1gfuuU
qpJxytcxpiRDZ+jMpyoau6ahUBoZbiKRKgtKSFbLUv77RHLpEUa9
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:26:51 2024 by rpki-client on console-ams.rpki-client.org