Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/08e57c-d716-4705-9561-03adfbc68c91/1/v8eYGROBOuqVHKJMoSputpB-TjA.roa
File: v8eYGROBOuqVHKJMoSputpB-TjA.roa (raw, json)
Hash identifier: 3ujKUog3f+PcZbikM0usOUo+FM65HUnj+H0hosBX1lY=
Subject key identifier: BF:C7:98:19:13:81:3A:EA:95:1C:A2:4C:A1:2A:6E:B6:90:7E:4E:30
Certificate issuer: /CN=037f532fa262f5c6bd9615bcd79d6edd43f2e075
Certificate serial: 018CC94C0D040B9B15425CEE4CE431AEF13F
Authority key identifier: 03:7F:53:2F:A2:62:F5:C6:BD:96:15:BC:D7:9D:6E:DD:43:F2:E0:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A39TL6Ji9ca9lhW8151u3UPy4HU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/08e57c-d716-4705-9561-03adfbc68c91/1/v8eYGROBOuqVHKJMoSputpB-TjA.roa
Signing time: Tue 02 Jan 2024 08:30:53 +0000
ROA not before: Tue 02 Jan 2024 08:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206449
IP address blocks: 185.186.111.0/24 maxlen: 24
185.186.108.0/24 maxlen: 24
185.186.109.0/24 maxlen: 24
185.186.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/08e57c-d716-4705-9561-03adfbc68c91/1/A39TL6Ji9ca9lhW8151u3UPy4HU.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/08e57c-d716-4705-9561-03adfbc68c91/1/A39TL6Ji9ca9lhW8151u3UPy4HU.mft
rsync://rpki.ripe.net/repository/DEFAULT/A39TL6Ji9ca9lhW8151u3UPy4HU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 13:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:0d:04:0b:9b:15:42:5c:ee:4c:e4:31:ae:f1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037f532fa262f5c6bd9615bcd79d6edd43f2e075
Validity
Not Before: Jan 2 08:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfc7981913813aea951ca24ca12a6eb6907e4e30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:92:17:a2:db:01:fd:a9:fd:18:f4:f8:3e:aa:
49:42:e0:d1:f5:00:ea:0d:6f:3c:9f:bc:66:a4:1e:
98:14:0e:9d:76:ae:ae:a0:dc:7c:68:9c:4a:14:c5:
5a:7b:0e:b4:40:aa:8a:b7:3e:04:f8:a2:31:90:78:
80:2c:80:e6:df:53:31:2a:08:b7:3c:27:17:f1:f3:
9e:30:60:68:2e:0e:fd:25:13:f8:aa:af:db:51:10:
18:bc:fa:30:4c:e3:94:65:0f:1c:7a:b8:9a:bb:43:
8e:2e:2e:f6:32:15:f2:3d:9c:2b:f9:ca:a5:e3:99:
c9:5e:92:b3:5d:74:ca:70:45:e1:da:20:a8:dd:31:
39:fb:eb:14:80:08:64:a7:89:76:51:bb:ef:dc:49:
eb:98:01:e6:74:0e:bf:9b:11:00:a0:7e:f4:55:e5:
95:ce:3c:f0:5f:ad:66:7c:67:00:3d:2d:37:d1:f0:
a5:8b:a5:2a:5a:a8:70:93:0c:3e:d1:a5:3a:4e:5e:
84:68:2c:d2:1b:1e:70:52:1e:93:0f:6f:cb:fe:12:
43:6f:2b:af:73:2a:c3:d6:ff:24:6c:af:ff:10:54:
ee:59:e9:9f:f8:8d:4b:5d:a8:72:88:9d:13:2a:5f:
63:c6:a5:ef:ab:2d:d3:9b:77:16:49:0a:c3:cc:4c:
d8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C7:98:19:13:81:3A:EA:95:1C:A2:4C:A1:2A:6E:B6:90:7E:4E:30
X509v3 Authority Key Identifier:
keyid:03:7F:53:2F:A2:62:F5:C6:BD:96:15:BC:D7:9D:6E:DD:43:F2:E0:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A39TL6Ji9ca9lhW8151u3UPy4HU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/08e57c-d716-4705-9561-03adfbc68c91/1/v8eYGROBOuqVHKJMoSputpB-TjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/08e57c-d716-4705-9561-03adfbc68c91/1/A39TL6Ji9ca9lhW8151u3UPy4HU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:d6:ce:bb:a4:ba:1a:0d:08:0e:1c:cb:c2:5b:e8:80:12:f8:
b6:fd:a3:59:3b:2e:bb:4f:4f:83:e2:a2:bc:13:2a:f3:95:ee:
6c:6e:f5:8b:43:fd:45:5f:02:e0:d9:51:76:31:69:bc:5d:4f:
c9:f6:2f:1f:4d:cb:b8:50:04:14:9b:58:54:bc:0c:86:cc:25:
c2:3b:63:46:fc:10:9d:d8:f8:f6:e8:d8:d9:b3:9a:42:d4:67:
36:e6:7d:c4:6f:0e:7d:c6:0a:50:ea:d2:66:b0:5d:5a:56:ab:
ea:8c:cf:ae:ee:56:70:99:55:99:dd:7e:60:dd:b0:79:65:f4:
36:9a:54:e7:86:ed:d5:6a:17:9f:bf:09:ef:5f:b8:0d:f7:a6:
fc:49:10:9a:b2:e7:9e:96:8b:da:4c:c6:4d:e8:37:93:b5:b2:
96:4f:c1:56:12:2c:9c:cb:57:8f:bf:dc:db:6c:86:91:fc:b9:
93:e2:45:c4:79:2e:48:fe:83:c4:b8:95:a5:3e:5f:3f:2a:3d:
30:83:6d:4d:f4:52:a0:f8:51:19:67:d5:dd:19:a2:28:38:ca:
c8:a3:11:70:68:e1:8e:7d:43:5e:a8:74:10:ca:47:55:31:56:
fe:bd:9f:36:3a:64:d4:20:ce:50:25:df:bc:3e:ce:36:d8:c8:
3d:49:41:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTA0EC5sVQlzuTOQxrvE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzN2Y1MzJmYTI2MmY1YzZiZDk2MTViY2Q3OWQ2ZWRkNDNm
MmUwNzUwHhcNMjQwMTAyMDgzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmM3OTgxOTEzODEzYWVhOTUxY2EyNGNhMTJhNmViNjkwN2U0ZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZIXotsB/an9GPT4PqpJQuDR9QDq
DW88n7xmpB6YFA6ddq6uoNx8aJxKFMVaew60QKqKtz4E+KIxkHiALIDm31MxKgi3
PCcX8fOeMGBoLg79JRP4qq/bURAYvPowTOOUZQ8ceriau0OOLi72MhXyPZwr+cql
45nJXpKzXXTKcEXh2iCo3TE5++sUgAhkp4l2Ubvv3EnrmAHmdA6/mxEAoH70VeWV
zjzwX61mfGcAPS030fCli6UqWqhwkww+0aU6Tl6EaCzSGx5wUh6TD2/L/hJDbyuv
cyrD1v8kbK//EFTuWemf+I1LXahyiJ0TKl9jxqXvqy3Tm3cWSQrDzEzY5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/HmBkTgTrqlRyiTKEqbraQfk4wMB8GA1UdIwQY
MBaAFAN/Uy+iYvXGvZYVvNedbt1D8uB1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTM5VEw2Smk5Y2E5bGhXODE1MXUzVVB5NEhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wOGU1N2MtZDcxNi00NzA1LTk1NjEt
MDNhZGZiYzY4YzkxLzEvdjhlWUdST0JPdXFWSEtKTW9TcHV0cEItVGpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8wOGU1N2MtZDcxNi00NzA1LTk1NjEtMDNhZGZiYzY4Yzkx
LzEvQTM5VEw2Smk5Y2E5bGhXODE1MXUzVVB5NEhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubpsMA0G
CSqGSIb3DQEBCwUAA4IBAQCg1s67pLoaDQgOHMvCW+iAEvi2/aNZOy67T0+D4qK8
Eyrzle5sbvWLQ/1FXwLg2VF2MWm8XU/J9i8fTcu4UAQUm1hUvAyGzCXCO2NG/BCd
2Pj26NjZs5pC1Gc25n3Ebw59xgpQ6tJmsF1aVqvqjM+u7lZwmVWZ3X5g3bB5ZfQ2
mlTnhu3VahefvwnvX7gN96b8SRCasueelovaTMZN6DeTtbKWT8FWEiycy1ePv9zb
bIaR/LmT4kXEeS5I/oPEuJWlPl8/Kj0wg21N9FKg+FEZZ9XdGaIoOMrIoxFwaOGO
fUNeqHQQykdVMVb+vZ82OmTUIM5QJd+8Ps422Mg9SUHP
-----END CERTIFICATE-----
Generated at Mon May 27 16:13:45 2024 by rpki-client on console-ams.rpki-client.org