Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/e0184d-64d0-4a15-a277-7ce809353b18/1/jPA2MxhLQ9_KBGVPy2ifCvjNCtY.roa
File: jPA2MxhLQ9_KBGVPy2ifCvjNCtY.roa (raw, json)
Hash identifier: 4tv2ipCypwdiJlThbs9CrYgkFQVD7hlzffqhOkqc25U=
Subject key identifier: 8C:F0:36:33:18:4B:43:DF:CA:04:65:4F:CB:68:9F:0A:F8:CD:0A:D6
Certificate issuer: /CN=80ef67a3dc3d71845e9b1555cff5ad31bb423a94
Certificate serial: 018CC3B694706CCF0D06D0AFA95E7419677E
Authority key identifier: 80:EF:67:A3:DC:3D:71:84:5E:9B:15:55:CF:F5:AD:31:BB:42:3A:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gO9no9w9cYRemxVVz_WtMbtCOpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/e0184d-64d0-4a15-a277-7ce809353b18/1/jPA2MxhLQ9_KBGVPy2ifCvjNCtY.roa
Signing time: Mon 01 Jan 2024 06:29:31 +0000
ROA not before: Mon 01 Jan 2024 06:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206711
IP address blocks: 185.176.36.0/22 maxlen: 22
2a07:ee00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/e0184d-64d0-4a15-a277-7ce809353b18/1/gO9no9w9cYRemxVVz_WtMbtCOpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/e0184d-64d0-4a15-a277-7ce809353b18/1/gO9no9w9cYRemxVVz_WtMbtCOpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/gO9no9w9cYRemxVVz_WtMbtCOpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:94:70:6c:cf:0d:06:d0:af:a9:5e:74:19:67:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80ef67a3dc3d71845e9b1555cff5ad31bb423a94
Validity
Not Before: Jan 1 06:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cf03633184b43dfca04654fcb689f0af8cd0ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:de:cc:ba:10:52:f0:09:4f:f2:a3:46:a9:e7:
44:94:97:93:5f:2c:0e:23:d4:84:4b:1d:d4:4b:09:
04:2f:8b:4e:97:5d:81:36:4e:51:98:f8:f0:ef:63:
84:4a:25:aa:23:52:05:af:9d:d2:f2:33:fd:e8:e5:
60:12:00:14:da:1f:e9:ea:ed:04:d1:83:33:6d:89:
2b:6a:69:ed:89:c0:d7:83:d8:1e:18:ee:75:7b:5e:
9a:9e:31:00:cb:47:8a:5c:a1:61:01:dc:5c:61:bc:
ab:9a:ab:b9:a0:4b:2e:77:c5:e4:65:90:5f:51:d4:
ea:db:2d:44:45:d0:4d:b5:0b:2a:ec:9c:58:d4:42:
b4:ed:cf:36:70:8b:0b:23:de:62:e0:d6:b0:b1:96:
20:00:64:cf:2b:ba:0a:22:d5:6f:93:52:81:c0:99:
fe:08:dd:72:bb:ca:0d:ac:27:5a:15:8a:e1:3e:70:
21:af:b8:f7:bd:1d:b9:0f:00:e9:39:54:ea:8f:d1:
a8:1c:ea:01:ab:a3:59:a4:81:da:fd:3f:a6:e2:e1:
05:65:8e:a6:a1:e1:b9:40:61:e0:da:c9:a0:a3:34:
84:7b:33:29:95:57:34:9a:0e:2d:6b:68:2a:72:53:
70:26:93:44:c9:e5:0b:99:08:fa:71:df:3b:17:9b:
aa:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:F0:36:33:18:4B:43:DF:CA:04:65:4F:CB:68:9F:0A:F8:CD:0A:D6
X509v3 Authority Key Identifier:
keyid:80:EF:67:A3:DC:3D:71:84:5E:9B:15:55:CF:F5:AD:31:BB:42:3A:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gO9no9w9cYRemxVVz_WtMbtCOpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e0184d-64d0-4a15-a277-7ce809353b18/1/jPA2MxhLQ9_KBGVPy2ifCvjNCtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e0184d-64d0-4a15-a277-7ce809353b18/1/gO9no9w9cYRemxVVz_WtMbtCOpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.176.36.0/22
IPv6:
2a07:ee00::/32
Signature Algorithm: sha256WithRSAEncryption
8a:c5:4b:1c:03:04:ed:40:ca:78:d3:cf:65:4e:51:20:36:8b:
b9:c1:ca:6c:70:5c:db:fa:e9:77:ea:58:52:d8:eb:96:74:f9:
c7:89:46:14:a6:4e:d1:c9:af:a3:ac:14:05:23:32:de:fb:99:
20:bc:2b:34:c5:d3:d9:9c:24:ea:f6:aa:d0:aa:d4:24:ee:97:
cf:b8:04:68:fd:ef:95:07:0c:29:f5:d8:11:aa:21:5b:f6:61:
ae:9b:ca:03:09:f9:c3:7b:c9:95:74:09:f8:21:f2:0e:5d:f0:
4a:6b:90:12:e2:51:cf:8f:8c:66:72:33:5a:5a:40:44:b4:24:
86:dd:fb:e9:9d:86:ac:ff:c8:c8:51:71:2c:ed:a9:05:cc:2b:
76:67:aa:ca:4b:c2:23:d2:7f:54:61:62:cd:4d:2a:5c:f3:21:
12:8d:a7:21:8c:e5:b6:3b:82:28:10:e5:86:a7:1b:a2:90:d7:
e9:29:1c:30:50:18:85:4a:0a:0f:23:ef:fb:d4:64:e4:ea:d3:
49:45:47:32:58:7e:41:90:d8:83:6e:e5:0d:91:6e:3c:19:2b:
ca:8f:bd:7a:4a:1d:e4:80:7e:81:3b:e3:bb:f8:52:4a:db:28:
50:47:49:99:68:49:ad:b5:a6:ce:06:38:56:d8:ea:44:6a:07:
61:08:63:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtpRwbM8NBtCvqV50GWd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWY2N2EzZGMzZDcxODQ1ZTliMTU1NWNmZjVhZDMxYmI0
MjNhOTQwHhcNMjQwMTAxMDYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2YwMzYzMzE4NGI0M2RmY2EwNDY1NGZjYjY4OWYwYWY4Y2QwYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd7MuhBS8AlP8qNGqedElJeTXywO
I9SESx3USwkEL4tOl12BNk5RmPjw72OESiWqI1IFr53S8jP96OVgEgAU2h/p6u0E
0YMzbYkramnticDXg9geGO51e16anjEAy0eKXKFhAdxcYbyrmqu5oEsud8XkZZBf
UdTq2y1ERdBNtQsq7JxY1EK07c82cIsLI95i4NawsZYgAGTPK7oKItVvk1KBwJn+
CN1yu8oNrCdaFYrhPnAhr7j3vR25DwDpOVTqj9GoHOoBq6NZpIHa/T+m4uEFZY6m
oeG5QGHg2smgozSEezMplVc0mg4ta2gqclNwJpNEyeULmQj6cd87F5uqOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIzwNjMYS0PfygRlT8tonwr4zQrWMB8GA1UdIwQY
MBaAFIDvZ6PcPXGEXpsVVc/1rTG7QjqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ085bm85dzljWVJlbXhWVnpfV3RNYnRDT3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lMDE4NGQtNjRkMC00YTE1LWEyNzct
N2NlODA5MzUzYjE4LzEvalBBMk14aExROV9LQkdWUHkyaWZDdmpOQ3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9lMDE4NGQtNjRkMC00YTE1LWEyNzctN2NlODA5MzUzYjE4
LzEvZ085bm85dzljWVJlbXhWVnpfV3RNYnRDT3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubAkMA0E
AgACMAcDBQAqB+4AMA0GCSqGSIb3DQEBCwUAA4IBAQCKxUscAwTtQMp4089lTlEg
Nou5wcpscFzb+ul36lhS2OuWdPnHiUYUpk7Rya+jrBQFIzLe+5kgvCs0xdPZnCTq
9qrQqtQk7pfPuARo/e+VBwwp9dgRqiFb9mGum8oDCfnDe8mVdAn4IfIOXfBKa5AS
4lHPj4xmcjNaWkBEtCSG3fvpnYas/8jIUXEs7akFzCt2Z6rKS8Ij0n9UYWLNTSpc
8yESjachjOW2O4IoEOWGpxuikNfpKRwwUBiFSgoPI+/71GTk6tNJRUcyWH5BkNiD
buUNkW48GSvKj716Sh3kgH6BO+O7+FJK2yhQR0mZaEmttabOBjhW2OpEagdhCGPn
-----END CERTIFICATE-----
Generated at Sat Sep 21 00:43:21 2024 by rpki-client on console-ams.rpki-client.org