Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/cn0muSg0dETqGdHX56l5mplfnbY.roa
File: cn0muSg0dETqGdHX56l5mplfnbY.roa (raw, json)
Hash identifier: r5ykVEQ6BosqsqCg0i+nMKhNaiboDhMcm+C3jdM96Xg=
Subject key identifier: 72:7D:26:B9:28:34:74:44:EA:19:D1:D7:E7:A9:79:9A:99:5F:9D:B6
Certificate issuer: /CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Certificate serial: 018CCA29030F57EF9072F4E03F25E040D83D
Authority key identifier: 77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/cn0muSg0dETqGdHX56l5mplfnbY.roa
Signing time: Tue 02 Jan 2024 12:32:14 +0000
ROA not before: Tue 02 Jan 2024 12:32:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199269
IP address blocks: 185.22.164.0/22 maxlen: 22
185.22.164.0/23 maxlen: 23
185.22.166.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:03:0f:57:ef:90:72:f4:e0:3f:25:e0:40:d8:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Validity
Not Before: Jan 2 12:32:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=727d26b928347444ea19d1d7e7a9799a995f9db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:23:11:3d:88:d1:19:b2:2e:a0:c1:dd:6e:87:
50:18:fa:54:66:4b:10:9a:25:ea:8e:0c:81:aa:5e:
9c:4f:3c:fc:e9:8f:a9:b5:28:ec:c1:ab:b7:18:fb:
d4:a5:58:15:da:11:e4:98:4a:bc:53:76:f3:b3:40:
9d:74:33:28:2d:11:74:fc:45:76:40:b6:56:25:b9:
82:03:f0:05:0f:b6:7c:29:7b:5c:59:23:17:e2:2a:
18:25:5b:a2:27:04:f6:1e:d5:c5:f6:04:24:e6:58:
ea:63:80:57:39:53:0a:c3:1c:bb:a0:98:08:b7:80:
00:a5:b8:fa:a4:c0:16:9e:be:9f:14:58:32:8f:13:
da:9a:1b:e5:f2:f0:9a:70:73:e8:9b:1a:60:35:4d:
8b:7c:df:29:76:b2:2f:11:45:d6:30:25:bf:ea:04:
ba:55:f1:6b:46:96:39:55:22:1b:d0:a4:ae:95:5a:
2e:bf:de:39:b1:a6:38:71:71:29:11:df:1e:72:4c:
de:47:8b:a4:28:5d:01:c2:20:e3:66:e8:cd:a8:ac:
bb:db:ae:e8:a3:f5:6c:33:d1:ff:63:4a:97:e2:84:
d0:70:f7:26:b6:d7:97:ac:fe:ba:5d:9b:53:8c:ea:
f5:a7:c6:16:23:d2:fd:b5:49:56:96:55:c2:99:09:
60:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7D:26:B9:28:34:74:44:EA:19:D1:D7:E7:A9:79:9A:99:5F:9D:B6
X509v3 Authority Key Identifier:
keyid:77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/cn0muSg0dETqGdHX56l5mplfnbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.164.0/22
Signature Algorithm: sha256WithRSAEncryption
14:03:7d:16:15:f3:2d:d5:50:ce:91:b1:fd:50:a3:c8:60:cc:
47:a4:b4:a2:39:ae:ff:6f:ed:47:84:16:cf:93:8d:29:3d:32:
04:52:0d:f1:22:97:51:2f:f4:85:c8:f4:8b:de:a9:66:27:23:
23:27:a2:c5:53:7b:18:26:5a:78:a7:1f:5c:e8:39:3c:04:ac:
f1:20:92:79:63:05:ae:2e:5d:61:e3:2b:f1:fb:9f:3c:ef:6c:
d6:aa:a9:5c:45:32:d9:ad:f8:f5:90:7f:d6:be:9d:e1:9e:41:
70:f8:1e:97:ae:f6:89:3c:18:a7:b7:a8:bb:39:92:69:88:c0:
e6:fa:8a:2d:dd:69:cd:97:0a:70:e8:9d:15:60:ae:0a:8d:e4:
15:d5:8b:25:c9:94:bd:79:08:fb:cf:d7:2a:bf:ea:82:40:a4:
97:a6:b2:5c:23:d0:81:0f:f0:77:9a:e0:0f:dd:33:0b:bd:8e:
a4:fd:00:ff:93:5a:8b:81:8e:ae:33:6e:08:40:59:42:28:0b:
3b:b3:5b:9b:7b:49:c4:f4:2f:1f:76:e8:64:82:5c:7c:f2:c3:
d5:c1:0b:33:c7:4a:c8:25:d8:b5:9b:78:7e:27:6f:8d:24:0e:
3c:3e:85:65:7c:2d:85:0f:2e:20:94:ac:ca:88:7e:02:af:5a:
b4:96:db:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKQMPV++QcvTgPyXgQNg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjhjZjQ1NGIwOTYyZDE2YTQ4NTU4MDhmZDNhYmMxNTg1
MmJiZDgwHhcNMjQwMTAyMTIzMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdkMjZiOTI4MzQ3NDQ0ZWExOWQxZDdlN2E5Nzk5YTk5NWY5ZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySMRPYjRGbIuoMHdbodQGPpUZksQ
miXqjgyBql6cTzz86Y+ptSjswau3GPvUpVgV2hHkmEq8U3bzs0CddDMoLRF0/EV2
QLZWJbmCA/AFD7Z8KXtcWSMX4ioYJVuiJwT2HtXF9gQk5ljqY4BXOVMKwxy7oJgI
t4AApbj6pMAWnr6fFFgyjxPamhvl8vCacHPomxpgNU2LfN8pdrIvEUXWMCW/6gS6
VfFrRpY5VSIb0KSulVouv945saY4cXEpEd8eckzeR4ukKF0BwiDjZujNqKy7267o
o/VsM9H/Y0qX4oTQcPcmtteXrP66XZtTjOr1p8YWI9L9tUlWllXCmQlgfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJ9JrkoNHRE6hnR1+epeZqZX522MB8GA1UdIwQY
MBaAFHe4z0VLCWLRakhVgI/Tq8FYUrvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYt
YTRmYzllMjQ1OGVjLzEvY24wbXVTZzBkRVRxR2RIWDU2bDVtcGxmbmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYtYTRmYzllMjQ1OGVj
LzEvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRakMA0G
CSqGSIb3DQEBCwUAA4IBAQAUA30WFfMt1VDOkbH9UKPIYMxHpLSiOa7/b+1HhBbP
k40pPTIEUg3xIpdRL/SFyPSL3qlmJyMjJ6LFU3sYJlp4px9c6Dk8BKzxIJJ5YwWu
Ll1h4yvx+58872zWqqlcRTLZrfj1kH/Wvp3hnkFw+B6XrvaJPBint6i7OZJpiMDm
+oot3WnNlwpw6J0VYK4KjeQV1YslyZS9eQj7z9cqv+qCQKSXprJcI9CBD/B3muAP
3TMLvY6k/QD/k1qLgY6uM24IQFlCKAs7s1ube0nE9C8fduhkglx88sPVwQszx0rI
Jdi1m3h+J2+NJA48PoVlfC2FDy4glKzKiH4Cr1q0ltt/
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:22:14 2024 by rpki-client on console-fra.rpki-client.org