Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/WaS6M2hhcTNRLCEtQDDcjBHJ_7A.roa
File: WaS6M2hhcTNRLCEtQDDcjBHJ_7A.roa (raw, json)
Hash identifier: kH4kudVYtsIGlmaiMJBrP/8zibEZ4/EipTi76iPNPKU=
Subject key identifier: 59:A4:BA:33:68:61:71:33:51:2C:21:2D:40:30:DC:8C:11:C9:FF:B0
Certificate issuer: /CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Certificate serial: 018CC50043212A082652FEA6D8F4CDBC9502
Authority key identifier: AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/WaS6M2hhcTNRLCEtQDDcjBHJ_7A.roa
Signing time: Mon 01 Jan 2024 12:29:37 +0000
ROA not before: Mon 01 Jan 2024 12:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21182
IP address blocks: 217.173.192.0/21 maxlen: 21
217.173.200.0/23 maxlen: 23
217.173.206.0/23 maxlen: 23
185.178.158.0/24 maxlen: 24
185.178.156.0/23 maxlen: 23
185.178.156.0/22 maxlen: 22
2a04:9440::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 20:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:43:21:2a:08:26:52:fe:a6:d8:f4:cd:bc:95:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Validity
Not Before: Jan 1 12:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59a4ba3368617133512c212d4030dc8c11c9ffb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bd:14:e5:4a:16:30:ab:51:7c:6f:00:e5:06:
28:04:61:e9:0c:7d:71:d4:49:d8:23:b5:30:41:d2:
21:c7:99:e8:e2:7e:f2:de:7c:3c:96:73:f6:ac:17:
36:f5:05:e3:dd:21:89:eb:52:a7:08:27:08:05:c0:
26:cc:1f:bd:fb:a1:e0:1e:a3:a3:96:63:fe:a6:6a:
21:7b:d9:78:15:35:e4:76:bf:52:87:6c:58:48:4b:
cd:fd:a9:1d:16:66:e7:5e:2a:cb:a1:42:5e:4d:00:
cf:69:23:9e:d6:44:4e:30:37:f0:a7:f3:a5:61:8a:
6a:b1:5b:6b:da:ff:56:3b:d1:b8:eb:3d:44:e6:e8:
4c:1e:5b:33:3c:81:26:4e:2c:11:19:ea:24:4e:25:
55:d2:fa:c9:c2:06:58:98:ef:5a:60:76:4e:24:92:
5c:d6:67:4a:17:04:2a:21:d1:22:84:d3:fa:05:8b:
3e:65:4b:03:ad:74:25:98:0e:ec:15:0b:92:2c:77:
8c:c1:38:57:ca:52:bc:bc:04:c5:1d:ea:7f:4a:e9:
82:1c:5c:a2:55:4a:b2:95:e6:f8:71:ee:5c:e3:c6:
14:3d:bf:d8:f1:29:13:4b:ce:00:55:de:80:a7:46:
6e:e3:2c:0e:43:1c:1f:da:92:84:92:b1:00:0e:c7:
17:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:A4:BA:33:68:61:71:33:51:2C:21:2D:40:30:DC:8C:11:C9:FF:B0
X509v3 Authority Key Identifier:
keyid:AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/WaS6M2hhcTNRLCEtQDDcjBHJ_7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.156.0/22
217.173.192.0-217.173.201.255
217.173.206.0/23
IPv6:
2a04:9440::/30
Signature Algorithm: sha256WithRSAEncryption
5b:30:46:48:9e:64:d5:99:d1:7a:53:8d:f6:23:5a:3f:f5:a3:
f8:bc:5d:4e:31:09:3e:e6:ac:4e:eb:fe:e0:f9:bd:8b:c2:e5:
65:c1:82:0c:fb:53:05:eb:35:4a:2f:b7:96:ee:bc:c5:42:e4:
27:3a:3b:b2:55:fc:86:79:d3:68:54:4b:78:9b:63:81:73:db:
94:52:9c:d5:6b:21:18:56:15:48:c3:cd:cb:55:f7:3a:2d:b9:
15:20:df:b0:22:37:95:d5:65:4c:b5:be:cb:8c:cc:5e:ef:49:
ff:ce:7b:61:ec:fc:0b:14:17:8b:14:3c:ba:99:ff:76:62:ff:
e2:f2:69:3c:46:31:f2:55:a1:9a:c6:08:01:1c:77:b9:20:1c:
09:fc:e5:69:7b:c3:9e:3d:b5:df:c5:40:43:87:fa:fd:ad:0d:
69:d4:98:8c:1e:00:0b:47:7c:e0:44:60:87:68:b0:74:16:12:
b2:d6:62:e7:e7:cf:5f:b1:7b:95:bc:49:4e:52:92:3e:bd:76:
e7:33:28:2b:d3:6f:1e:ab:31:60:cb:48:5e:5f:d9:78:d6:38:
d4:7e:34:79:54:e5:78:7a:9e:b2:de:71:13:e3:95:2e:8b:c2:
e9:fa:b4:2d:b4:ef:92:12:fd:d4:69:2f:47:44:94:59:1e:6d:
a4:a8:9d:eb
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzFAEMhKggmUv6m2PTNvJUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWM4MDBhYTFiNzhhMTdhNDNlMTlmZDk5MzgzNTVkMDQx
MWU5NGEwHhcNMjQwMTAxMTIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWE0YmEzMzY4NjE3MTMzNTEyYzIxMmQ0MDMwZGM4YzExYzlmZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL0U5UoWMKtRfG8A5QYoBGHpDH1x
1EnYI7UwQdIhx5no4n7y3nw8lnP2rBc29QXj3SGJ61KnCCcIBcAmzB+9+6HgHqOj
lmP+pmohe9l4FTXkdr9Sh2xYSEvN/akdFmbnXirLoUJeTQDPaSOe1kROMDfwp/Ol
YYpqsVtr2v9WO9G46z1E5uhMHlszPIEmTiwRGeokTiVV0vrJwgZYmO9aYHZOJJJc
1mdKFwQqIdEihNP6BYs+ZUsDrXQlmA7sFQuSLHeMwThXylK8vATFHep/SumCHFyi
VUqyleb4ce5c48YUPb/Y8SkTS84AVd6Ap0Zu4ywOQxwf2pKEkrEADscXKQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFFmkujNoYXEzUSwhLUAw3IwRyf+wMB8GA1UdIwQY
MBaAFKscgAqht4oXpD4Z/Zk4NV0EEelKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMt
NTBjYmNiNWIxOWMyLzEvV2FTNk0yaGhjVE5STENFdFFERGNqQkhKXzdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMy
LzEvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCubKcMAwD
BAbZrcADBAHZrcgDBAHZrc4wDQQCAAIwBwMFAioElEAwDQYJKoZIhvcNAQELBQAD
ggEBAFswRkieZNWZ0XpTjfYjWj/1o/i8XU4xCT7mrE7r/uD5vYvC5WXBggz7UwXr
NUovt5buvMVC5Cc6O7JV/IZ502hUS3ibY4Fz25RSnNVrIRhWFUjDzctV9zotuRUg
37AiN5XVZUy1vsuMzF7vSf/Oe2Hs/AsUF4sUPLqZ/3Zi/+LyaTxGMfJVoZrGCAEc
d7kgHAn85Wl7w549td/FQEOH+v2tDWnUmIweAAtHfOBEYIdosHQWErLWYufnz1+x
e5W8SU5Skj69duczKCvTbx6rMWDLSF5f2XjWONR+NHlU5Xh6nrLecRPjlS6Lwun6
tC2075IS/dRpL0dElFkebaSones=
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:25:37 2024 by rpki-client on console-ams.rpki-client.org