Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/M40iCNL4phMIhOLUADhhGaTx6y0.roa
File: M40iCNL4phMIhOLUADhhGaTx6y0.roa (raw, json)
Hash identifier: rxrysGYVOV9taTrPbWm14+XUPxG5WoCWBghrg0StdlU=
Subject key identifier: 33:8D:22:08:D2:F8:A6:13:08:84:E2:D4:00:38:61:19:A4:F1:EB:2D
Certificate issuer: /CN=b64074aa8449830da9b20b3afb0682d3c032f9fe
Certificate serial: 018CC7957E10BD5BC0993623F300AE7CB021
Authority key identifier: B6:40:74:AA:84:49:83:0D:A9:B2:0B:3A:FB:06:82:D3:C0:32:F9:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tkB0qoRJgw2psgs6-waC08Ay-f4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/M40iCNL4phMIhOLUADhhGaTx6y0.roa
Signing time: Tue 02 Jan 2024 00:31:52 +0000
ROA not before: Tue 02 Jan 2024 00:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43893
IP address blocks: 185.9.164.0/24 maxlen: 24
185.9.166.0/23 maxlen: 23
185.84.240.0/24 maxlen: 24
185.84.242.0/24 maxlen: 24
185.84.248.0/24 maxlen: 24
185.84.249.0/24 maxlen: 24
2001:67c:1001::/48 maxlen: 48
2a03:4bc0:2900::/48 maxlen: 48
2a03:4bc0:1000::/48 maxlen: 48
2a03:4bc0:2200::/48 maxlen: 48
2a03:4bc0:2100::/48 maxlen: 48
2a03:4bc0:2000::/48 maxlen: 48
2a03:4bc0:3160::/48 maxlen: 48
2a03:4bc0:1001::/48 maxlen: 48
2001:67c:1000::/48 maxlen: 48
2001:67c:1000::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/tkB0qoRJgw2psgs6-waC08Ay-f4.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/tkB0qoRJgw2psgs6-waC08Ay-f4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tkB0qoRJgw2psgs6-waC08Ay-f4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:7e:10:bd:5b:c0:99:36:23:f3:00:ae:7c:b0:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b64074aa8449830da9b20b3afb0682d3c032f9fe
Validity
Not Before: Jan 2 00:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=338d2208d2f8a6130884e2d400386119a4f1eb2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a8:b7:e7:83:6a:2f:ef:b3:9d:f2:fd:43:4e:
70:85:85:2e:29:c3:d3:4f:b3:10:28:d7:78:51:00:
05:72:d2:93:49:7b:8d:ca:bb:58:fd:52:e7:b4:97:
46:97:2e:5d:56:20:b2:b9:09:64:06:25:f8:db:bc:
d7:2a:48:7e:e5:6a:92:8d:e4:31:1e:5e:78:18:61:
8c:b6:6b:5d:03:ee:2d:8c:af:c3:b1:60:26:a6:a0:
b4:a0:dd:13:6d:67:c4:fe:b9:98:c2:7b:0e:8c:2f:
de:af:91:7c:b2:c4:c2:91:d7:b0:a9:01:f1:76:11:
97:7f:48:6a:6f:28:4d:61:97:2f:ce:23:f4:ed:15:
ad:be:51:ca:da:1c:8c:11:8f:71:1c:c2:bd:51:1b:
8e:1b:35:6b:b8:81:cc:0c:a7:15:d2:c0:07:81:6d:
d8:32:61:cb:84:6f:8b:d1:b8:a3:68:01:76:25:d6:
f2:12:ba:1d:f8:3c:f0:4c:6c:e7:c3:20:f3:62:b0:
5c:21:b3:3b:7b:c9:92:43:a2:0f:06:47:38:5c:8c:
0f:9f:ec:df:31:d1:1e:37:3d:55:7a:83:db:9e:8b:
52:87:dd:48:4e:b8:e9:f5:53:0c:f0:76:1c:7d:64:
3f:84:a3:e4:e5:a1:f0:f4:76:c9:19:15:80:bb:58:
45:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:8D:22:08:D2:F8:A6:13:08:84:E2:D4:00:38:61:19:A4:F1:EB:2D
X509v3 Authority Key Identifier:
keyid:B6:40:74:AA:84:49:83:0D:A9:B2:0B:3A:FB:06:82:D3:C0:32:F9:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tkB0qoRJgw2psgs6-waC08Ay-f4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/M40iCNL4phMIhOLUADhhGaTx6y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fc7c82-3159-4d54-a0a1-35171aedd313/1/tkB0qoRJgw2psgs6-waC08Ay-f4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.164.0/24
185.9.166.0/23
185.84.240.0/24
185.84.242.0/24
185.84.248.0/23
IPv6:
2001:67c:1000::/47
2a03:4bc0:1000::/47
2a03:4bc0:2000::/48
2a03:4bc0:2100::/48
2a03:4bc0:2200::/48
2a03:4bc0:2900::/48
2a03:4bc0:3160::/48
Signature Algorithm: sha256WithRSAEncryption
15:20:9f:cd:80:9e:a3:2b:8b:fc:2b:09:3a:e3:13:60:84:43:
dc:fa:b5:f3:93:cf:62:62:ac:88:f1:19:f4:3b:8a:75:99:5f:
c4:ed:c3:22:5e:6a:09:8b:31:b1:a4:52:2c:bb:73:12:aa:05:
3b:be:3a:a6:ba:cc:ff:9b:71:6a:20:27:74:15:ec:a5:31:3d:
e9:e5:f1:33:cb:86:a5:10:fe:cd:cc:a6:54:0e:5c:a0:3f:ea:
fe:0d:fd:e4:9f:eb:7e:df:c4:7d:c4:46:59:ab:9a:ed:f0:74:
aa:a7:01:12:79:76:69:0f:5e:2c:1d:90:1e:ab:fe:7a:c9:30:
f5:68:63:41:c3:7a:ff:b2:f5:61:08:01:da:0a:80:ef:e8:80:
19:e8:35:a9:e6:b2:17:af:6c:3f:21:7b:4b:88:82:72:dc:cc:
b0:29:11:59:16:bc:0d:15:4c:09:06:05:c8:d4:51:2c:18:ad:
5a:22:0b:06:60:96:42:5a:8f:4c:87:45:7a:e7:06:4b:d6:1c:
91:8a:fd:9a:42:70:33:8e:0a:f4:7d:33:c5:76:4b:2b:0e:0c:
fa:2c:9f:1c:33:65:7e:9e:19:0d:cc:69:0e:30:37:e7:bd:89:
f9:68:98:bf:45:18:1d:aa:8c:90:34:3d:67:3c:03:25:c4:4c:
cb:19:23:15
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYzHlX4QvVvAmTYj8wCufLAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NDA3NGFhODQ0OTgzMGRhOWIyMGIzYWZiMDY4MmQzYzAz
MmY5ZmUwHhcNMjQwMTAyMDAzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzhkMjIwOGQyZjhhNjEzMDg4NGUyZDQwMDM4NjExOWE0ZjFlYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6i354NqL++znfL9Q05whYUuKcPT
T7MQKNd4UQAFctKTSXuNyrtY/VLntJdGly5dViCyuQlkBiX427zXKkh+5WqSjeQx
Hl54GGGMtmtdA+4tjK/DsWAmpqC0oN0TbWfE/rmYwnsOjC/er5F8ssTCkdewqQHx
dhGXf0hqbyhNYZcvziP07RWtvlHK2hyMEY9xHMK9URuOGzVruIHMDKcV0sAHgW3Y
MmHLhG+L0bijaAF2JdbyErod+DzwTGznwyDzYrBcIbM7e8mSQ6IPBkc4XIwPn+zf
MdEeNz1VeoPbnotSh91ITrjp9VMM8HYcfWQ/hKPk5aHw9HbJGRWAu1hFFQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFDONIgjS+KYTCITi1AA4YRmk8estMB8GA1UdIwQY
MBaAFLZAdKqESYMNqbILOvsGgtPAMvn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGtCMHFvUkpndzJwc2dzNi13YUMwOEF5LWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9mYzdjODItMzE1OS00ZDU0LWEwYTEt
MzUxNzFhZWRkMzEzLzEvTTQwaUNOTDRwaE1JaE9MVUFEaGhHYVR4NnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9mYzdjODItMzE1OS00ZDU0LWEwYTEtMzUxNzFhZWRkMzEz
LzEvdGtCMHFvUkpndzJwc2dzNi13YUMwOEF5LWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTAkBAIAATAeAwQAuQmkAwQB
uQmmAwQAuVTwAwQAuVTyAwQBuVT4MEUEAgACMD8DBwEgAQZ8EAADBwEqA0vAEAAD
BwAqA0vAIAADBwAqA0vAIQADBwAqA0vAIgADBwAqA0vAKQADBwAqA0vAMWAwDQYJ
KoZIhvcNAQELBQADggEBABUgn82AnqMri/wrCTrjE2CEQ9z6tfOTz2JirIjxGfQ7
inWZX8TtwyJeagmLMbGkUiy7cxKqBTu+Oqa6zP+bcWogJ3QV7KUxPenl8TPLhqUQ
/s3MplQOXKA/6v4N/eSf637fxH3ERlmrmu3wdKqnARJ5dmkPXiwdkB6r/nrJMPVo
Y0HDev+y9WEIAdoKgO/ogBnoNanmshevbD8he0uIgnLczLApEVkWvA0VTAkGBcjU
USwYrVoiCwZglkJaj0yHRXrnBkvWHJGK/ZpCcDOOCvR9M8V2SysODPosnxwzZX6e
GQ3MaQ4wN+e9iflomL9FGB2qjJA0PWc8AyXETMsZIxU=
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:01:01 2024 by rpki-client on console-fra.rpki-client.org