Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/CtY1kk6SrmIGR2KvlRbqyX-EhaE.roa
File: CtY1kk6SrmIGR2KvlRbqyX-EhaE.roa (raw, json)
Hash identifier: CiumMJrDIb+dFgkujqGoN/JY0Qu2eBMImM/1k5F435k=
Subject key identifier: 0A:D6:35:92:4E:92:AE:62:06:47:62:AF:95:16:EA:C9:7F:84:85:A1
Certificate issuer: /CN=032873518697c23e9c3e37a646bad121235ad744
Certificate serial: 018CC56E3A2973EEF5D787E48F9FD9D6DB46
Authority key identifier: 03:28:73:51:86:97:C2:3E:9C:3E:37:A6:46:BA:D1:21:23:5A:D7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AyhzUYaXwj6cPjemRrrRISNa10Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/CtY1kk6SrmIGR2KvlRbqyX-EhaE.roa
Signing time: Mon 01 Jan 2024 14:29:44 +0000
ROA not before: Mon 01 Jan 2024 14:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200049
IP address blocks: 185.38.74.0/24 maxlen: 24
185.38.75.0/24 maxlen: 24
185.38.72.0/24 maxlen: 24
185.38.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/AyhzUYaXwj6cPjemRrrRISNa10Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/AyhzUYaXwj6cPjemRrrRISNa10Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/AyhzUYaXwj6cPjemRrrRISNa10Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:3a:29:73:ee:f5:d7:87:e4:8f:9f:d9:d6:db:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=032873518697c23e9c3e37a646bad121235ad744
Validity
Not Before: Jan 1 14:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ad635924e92ae62064762af9516eac97f8485a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:5a:b6:13:47:03:36:25:97:99:4b:f1:a0:84:
d8:b7:a1:18:61:31:cd:aa:69:26:7e:91:83:d7:a6:
ba:ab:15:a9:42:69:70:9f:ac:a8:40:d1:fa:05:3b:
81:84:bd:eb:de:3a:66:2b:a7:12:40:ea:5a:fe:ac:
80:72:e6:70:3d:75:40:8f:9e:21:fd:42:d9:cc:6a:
21:9d:96:cb:d3:a8:3c:af:9c:46:b2:47:bb:3d:9d:
9f:50:8a:58:05:50:ac:19:d6:31:af:61:fd:d5:df:
20:68:6f:1e:c7:e0:31:66:36:9c:f5:6f:03:96:ba:
d0:fb:96:14:e1:8d:1e:f8:52:7f:89:7f:78:ab:04:
7b:3d:c9:89:3f:c0:f7:df:2c:89:99:35:30:92:b2:
cc:21:e9:46:a6:1a:f0:36:9e:d2:6d:08:2f:da:1d:
3b:b8:e1:ce:2d:2f:62:ef:60:89:04:39:1a:29:d6:
a3:d4:44:66:2f:5c:37:b6:ba:d4:55:42:59:2e:3f:
ba:54:33:73:63:4c:f9:01:13:2c:a0:5f:53:70:05:
49:db:3c:b0:bf:6b:96:59:06:64:d0:79:a1:2c:5b:
d6:13:e5:f8:bb:c8:27:13:ed:bf:9a:6d:a9:56:8d:
e3:fc:7f:86:eb:a5:9e:cd:97:ba:f5:6d:8a:9e:54:
58:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D6:35:92:4E:92:AE:62:06:47:62:AF:95:16:EA:C9:7F:84:85:A1
X509v3 Authority Key Identifier:
keyid:03:28:73:51:86:97:C2:3E:9C:3E:37:A6:46:BA:D1:21:23:5A:D7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AyhzUYaXwj6cPjemRrrRISNa10Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/CtY1kk6SrmIGR2KvlRbqyX-EhaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/ebd05e-f607-4bfb-a42b-127008924eed/1/AyhzUYaXwj6cPjemRrrRISNa10Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.72.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:a5:d2:09:71:b9:c6:4e:24:bc:28:d2:6c:eb:2a:44:b4:d1:
c8:cb:0b:08:7d:bc:f2:53:f6:55:70:e5:93:bf:a0:ab:dd:be:
9a:b7:dc:8d:b2:a5:16:21:7c:e3:b8:90:36:cc:7c:bf:7a:67:
13:36:e1:45:3a:6d:05:95:8d:70:f5:c8:d4:24:6b:1f:51:e7:
ad:c5:30:b2:13:ef:36:4c:2c:f9:fe:19:03:37:6c:85:0f:7c:
f2:38:94:02:6e:9e:28:6b:ea:24:a4:81:80:e7:7a:57:86:ee:
27:fe:f9:e7:1d:1f:38:1a:89:0b:08:4b:5f:21:09:53:d7:3f:
83:08:52:64:c7:38:e5:8c:2a:36:4f:ca:a1:40:5c:f0:c9:b2:
e3:79:76:e7:85:7a:4d:64:7f:77:38:81:81:c9:4d:07:d8:ea:
b4:20:25:b5:99:06:a8:f9:9f:16:d1:73:5d:7c:12:81:52:53:
9d:54:f8:b0:f2:63:a9:56:25:fe:ac:58:9f:fc:03:8a:3a:1f:
b6:0c:fc:10:27:8b:65:34:02:2a:b5:b2:ab:3f:d2:46:32:91:
dc:0e:0e:5a:dc:3b:b2:e9:8e:41:3b:94:a4:9a:3c:fc:14:14:
00:f1:98:43:3a:26:6a:f3:cc:07:c7:0a:02:34:f4:1d:37:25:
02:83:8b:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbjopc+7114fkj5/Z1ttGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMjg3MzUxODY5N2MyM2U5YzNlMzdhNjQ2YmFkMTIxMjM1
YWQ3NDQwHhcNMjQwMTAxMTQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQ2MzU5MjRlOTJhZTYyMDY0NzYyYWY5NTE2ZWFjOTdmODQ4NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1q2E0cDNiWXmUvxoITYt6EYYTHN
qmkmfpGD16a6qxWpQmlwn6yoQNH6BTuBhL3r3jpmK6cSQOpa/qyAcuZwPXVAj54h
/ULZzGohnZbL06g8r5xGske7PZ2fUIpYBVCsGdYxr2H91d8gaG8ex+AxZjac9W8D
lrrQ+5YU4Y0e+FJ/iX94qwR7PcmJP8D33yyJmTUwkrLMIelGphrwNp7SbQgv2h07
uOHOLS9i72CJBDkaKdaj1ERmL1w3trrUVUJZLj+6VDNzY0z5ARMsoF9TcAVJ2zyw
v2uWWQZk0HmhLFvWE+X4u8gnE+2/mm2pVo3j/H+G66WezZe69W2KnlRYBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArWNZJOkq5iBkdir5UW6sl/hIWhMB8GA1UdIwQY
MBaAFAMoc1GGl8I+nD43pka60SEjWtdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXloelVZYVh3ajZjUGplbVJyclJJU05hMTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9lYmQwNWUtZjYwNy00YmZiLWE0MmIt
MTI3MDA4OTI0ZWVkLzEvQ3RZMWtrNlNybUlHUjJLdmxSYnF5WC1FaGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9lYmQwNWUtZjYwNy00YmZiLWE0MmItMTI3MDA4OTI0ZWVk
LzEvQXloelVZYVh3ajZjUGplbVJyclJJU05hMTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSZIMA0G
CSqGSIb3DQEBCwUAA4IBAQCjpdIJcbnGTiS8KNJs6ypEtNHIywsIfbzyU/ZVcOWT
v6Cr3b6at9yNsqUWIXzjuJA2zHy/emcTNuFFOm0FlY1w9cjUJGsfUeetxTCyE+82
TCz5/hkDN2yFD3zyOJQCbp4oa+okpIGA53pXhu4n/vnnHR84GokLCEtfIQlT1z+D
CFJkxzjljCo2T8qhQFzwybLjeXbnhXpNZH93OIGByU0H2Oq0ICW1mQao+Z8W0XNd
fBKBUlOdVPiw8mOpViX+rFif/AOKOh+2DPwQJ4tlNAIqtbKrP9JGMpHcDg5a3Duy
6Y5BO5Skmjz8FBQA8ZhDOiZq88wHxwoCNPQdNyUCg4uI
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:12 2024 by rpki-client on console-ams.rpki-client.org