Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/bb520c-cd0d-48d8-96a8-0fbe7bd76ffb/1/_2AlipzAwKoSB0JJJdOdZARd2q0.roa
File: _2AlipzAwKoSB0JJJdOdZARd2q0.roa (raw, json)
Hash identifier: YD/KfUC99imirNkGezI8+89vmxLVgeEMrdP9a+Uz5kI=
Subject key identifier: FF:60:25:8A:9C:C0:C0:AA:12:07:42:49:25:D3:9D:64:04:5D:DA:AD
Certificate issuer: /CN=6c1ce5315a43d5661cdcdcc1b9d7daacfa6990f7
Certificate serial: 018CC50018670748A00EECA3A940CD6B01FB
Authority key identifier: 6C:1C:E5:31:5A:43:D5:66:1C:DC:DC:C1:B9:D7:DA:AC:FA:69:90:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bBzlMVpD1WYc3NzBudfarPppkPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/bb520c-cd0d-48d8-96a8-0fbe7bd76ffb/1/_2AlipzAwKoSB0JJJdOdZARd2q0.roa
Signing time: Mon 01 Jan 2024 12:29:26 +0000
ROA not before: Mon 01 Jan 2024 12:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198551
IP address blocks: 185.200.145.0/24 maxlen: 24
185.200.144.0/22 maxlen: 22
185.200.144.0/24 maxlen: 24
185.200.147.0/24 maxlen: 24
185.200.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/bb520c-cd0d-48d8-96a8-0fbe7bd76ffb/1/bBzlMVpD1WYc3NzBudfarPppkPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/bb520c-cd0d-48d8-96a8-0fbe7bd76ffb/1/bBzlMVpD1WYc3NzBudfarPppkPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/bBzlMVpD1WYc3NzBudfarPppkPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 19:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:18:67:07:48:a0:0e:ec:a3:a9:40:cd:6b:01:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c1ce5315a43d5661cdcdcc1b9d7daacfa6990f7
Validity
Not Before: Jan 1 12:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff60258a9cc0c0aa1207424925d39d64045ddaad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:dd:fb:7c:9a:e4:a1:73:67:a0:96:f2:27:31:
9e:da:13:9d:be:18:ad:b4:24:32:5e:ac:a2:fb:ec:
23:b0:2c:bd:3c:3f:af:92:c2:b9:24:fa:31:48:03:
33:82:80:0d:60:de:86:6f:8b:61:d6:b3:64:5f:32:
e2:62:80:b6:ef:2c:7e:7e:2d:ac:06:b2:3e:bf:1f:
bb:08:56:7f:00:0d:e7:47:d7:ce:fa:66:08:8a:01:
d0:a7:f8:ad:26:fa:95:6a:58:38:f5:fd:d1:3b:ec:
45:b4:11:bc:79:f6:e3:82:15:3f:fe:8f:8b:2b:96:
0d:d7:fa:82:0b:7d:0a:16:64:85:30:1e:5a:52:42:
b8:61:57:62:6c:66:00:62:32:c0:9a:fd:a7:93:c1:
e8:72:a5:f8:02:54:bf:74:e4:7b:64:b7:d8:fd:2f:
1b:89:c9:79:ee:6b:de:4b:6e:3f:7a:e6:5d:b8:35:
0f:ca:ee:1d:c7:2b:ed:1f:0d:aa:f3:28:e1:df:0a:
f9:27:62:c2:d2:3e:79:a9:34:5a:fa:a0:6e:f9:85:
48:3e:c0:c2:7e:71:af:2f:bc:75:bb:e0:d0:d0:ff:
90:00:56:d0:43:9b:e9:04:c8:7f:93:d2:7d:88:c6:
15:e8:61:a1:e7:ea:03:4b:d7:5d:49:50:fa:16:3c:
33:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:60:25:8A:9C:C0:C0:AA:12:07:42:49:25:D3:9D:64:04:5D:DA:AD
X509v3 Authority Key Identifier:
keyid:6C:1C:E5:31:5A:43:D5:66:1C:DC:DC:C1:B9:D7:DA:AC:FA:69:90:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bBzlMVpD1WYc3NzBudfarPppkPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/bb520c-cd0d-48d8-96a8-0fbe7bd76ffb/1/_2AlipzAwKoSB0JJJdOdZARd2q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/bb520c-cd0d-48d8-96a8-0fbe7bd76ffb/1/bBzlMVpD1WYc3NzBudfarPppkPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.144.0/22
Signature Algorithm: sha256WithRSAEncryption
56:37:6b:50:65:58:17:25:39:ec:33:83:9f:5e:29:bb:6c:79:
7a:64:d1:16:c9:d3:b9:80:f9:9e:b9:2e:25:c5:1d:91:98:db:
55:33:db:57:ed:e7:0e:23:f2:7b:44:13:f0:18:22:80:eb:fe:
60:7e:96:7b:16:5d:a4:2b:23:b0:d3:27:0f:96:b2:d1:fe:5d:
3f:98:bc:45:f6:b8:ee:8a:8b:cc:9a:fd:73:60:6a:e8:e7:28:
4d:eb:de:0b:a7:b2:a3:da:a9:a7:96:dc:ec:2c:8a:88:93:d0:
7d:ab:7c:bb:9e:56:e6:e3:2a:ea:3c:07:a3:e8:da:33:24:28:
47:e1:ca:ad:2e:e8:42:63:34:09:4b:2d:e9:ab:dc:19:2b:1b:
1b:91:31:98:d9:fc:8b:36:15:5b:84:e3:24:b7:29:3a:21:2f:
b9:c8:2c:c1:11:9c:b3:ef:b8:bd:9f:f4:5f:f7:11:ec:b6:06:
20:9a:7b:4f:38:1a:13:e7:04:f2:25:70:02:3d:b6:9a:63:99:
c1:f8:b5:bc:59:e4:02:4a:11:ad:f5:c1:55:14:42:81:cb:4f:
0b:7b:86:8d:c7:35:20:d0:7f:1d:79:53:1e:bd:42:b6:45:a4:
5d:e7:16:41:83:f0:cd:81:52:5d:dd:36:4a:8a:8c:e5:fa:3d:
e2:f1:02:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABhnB0igDuyjqUDNawH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMWNlNTMxNWE0M2Q1NjYxY2RjZGNjMWI5ZDdkYWFjZmE2
OTkwZjcwHhcNMjQwMTAxMTIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYwMjU4YTljYzBjMGFhMTIwNzQyNDkyNWQzOWQ2NDA0NWRkYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd37fJrkoXNnoJbyJzGe2hOdvhit
tCQyXqyi++wjsCy9PD+vksK5JPoxSAMzgoANYN6Gb4th1rNkXzLiYoC27yx+fi2s
BrI+vx+7CFZ/AA3nR9fO+mYIigHQp/itJvqValg49f3RO+xFtBG8efbjghU//o+L
K5YN1/qCC30KFmSFMB5aUkK4YVdibGYAYjLAmv2nk8HocqX4AlS/dOR7ZLfY/S8b
icl57mveS24/euZduDUPyu4dxyvtHw2q8yjh3wr5J2LC0j55qTRa+qBu+YVIPsDC
fnGvL7x1u+DQ0P+QAFbQQ5vpBMh/k9J9iMYV6GGh5+oDS9ddSVD6FjwzZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP9gJYqcwMCqEgdCSSXTnWQEXdqtMB8GA1UdIwQY
MBaAFGwc5TFaQ9VmHNzcwbnX2qz6aZD3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkJ6bE1WcEQxV1ljM056QnVkZmFyUHBwa1BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9iYjUyMGMtY2QwZC00OGQ4LTk2YTgt
MGZiZTdiZDc2ZmZiLzEvXzJBbGlwekF3S29TQjBKSkpkT2RaQVJkMnEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9iYjUyMGMtY2QwZC00OGQ4LTk2YTgtMGZiZTdiZDc2ZmZi
LzEvYkJ6bE1WcEQxV1ljM056QnVkZmFyUHBwa1BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuciQMA0G
CSqGSIb3DQEBCwUAA4IBAQBWN2tQZVgXJTnsM4OfXim7bHl6ZNEWydO5gPmeuS4l
xR2RmNtVM9tX7ecOI/J7RBPwGCKA6/5gfpZ7Fl2kKyOw0ycPlrLR/l0/mLxF9rju
iovMmv1zYGro5yhN694Lp7Kj2qmnltzsLIqIk9B9q3y7nlbm4yrqPAej6NozJChH
4cqtLuhCYzQJSy3pq9wZKxsbkTGY2fyLNhVbhOMktyk6IS+5yCzBEZyz77i9n/Rf
9xHstgYgmntPOBoT5wTyJXACPbaaY5nB+LW8WeQCShGt9cFVFEKBy08Le4aNxzUg
0H8deVMevUK2RaRd5xZBg/DNgVJd3TZKiozl+j3i8QIe
-----END CERTIFICATE-----
Generated at Mon May 20 01:00:35 2024 by rpki-client on console-fra.rpki-client.org