Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/s0NRN3Tw2H8nRJ7bDOnvSMGPAVg.roa
File: s0NRN3Tw2H8nRJ7bDOnvSMGPAVg.roa (raw, json)
Hash identifier: IoceEcWKIhA//L12wwFk8L9DpLgDvvYOXJkrCXe2iDQ=
Subject key identifier: B3:43:51:37:74:F0:D8:7F:27:44:9E:DB:0C:E9:EF:48:C1:8F:01:58
Certificate issuer: /CN=85c3525d68b61116564e16e1dd4e56cb035c9c85
Certificate serial: 018E51A06AADF218A6ACD26FA31D02ECBF05
Authority key identifier: 85:C3:52:5D:68:B6:11:16:56:4E:16:E1:DD:4E:56:CB:03:5C:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/s0NRN3Tw2H8nRJ7bDOnvSMGPAVg.roa
Signing time: Mon 18 Mar 2024 12:54:11 +0000
ROA not before: Mon 18 Mar 2024 12:54:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204119
IP address blocks: 84.38.64.0/21 maxlen: 21
84.38.76.0/22 maxlen: 22
2a00:5080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 17:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:a0:6a:ad:f2:18:a6:ac:d2:6f:a3:1d:02:ec:bf:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85c3525d68b61116564e16e1dd4e56cb035c9c85
Validity
Not Before: Mar 18 12:54:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b343513774f0d87f27449edb0ce9ef48c18f0158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fc:5f:6f:3e:58:ec:38:6f:06:0a:42:fd:1f:
8f:17:59:06:2d:7e:a3:16:dd:58:73:bf:05:45:f4:
5a:ce:c2:6c:19:29:f8:53:3a:7f:f1:e4:7b:64:0d:
a1:75:33:d9:eb:a7:1b:11:5a:ce:aa:7d:1a:f7:82:
2f:70:2b:db:48:fd:a2:9c:da:6d:7d:6b:df:ee:d2:
3d:27:d3:fa:4d:a2:e5:e1:7f:21:ea:ba:8d:f2:76:
96:9a:d2:a1:0d:68:bc:65:f0:b7:38:b4:f4:39:64:
7f:1f:bf:a8:db:42:f8:41:f6:68:69:1a:fc:0a:a1:
97:af:6b:6c:a1:0b:49:4d:69:00:7e:09:3d:e2:78:
92:27:48:53:d0:ca:fe:1a:a2:f6:36:33:f7:dd:90:
c4:f7:87:1c:19:e0:a7:7b:e1:b4:04:63:75:be:17:
01:2f:e8:32:77:87:89:8c:f5:5b:8c:55:c3:3e:4c:
42:f3:0a:5e:6e:d2:c0:5c:fe:a5:c3:65:80:09:bf:
2a:88:cb:f9:0d:ea:c0:77:50:62:3e:b9:10:79:5d:
09:a1:21:b4:5c:73:0f:86:1e:45:5d:44:bc:0f:29:
48:7b:b0:cd:88:a2:78:1d:70:4b:38:31:42:a7:b4:
3e:7e:21:99:7f:e0:2a:9f:70:91:40:dc:32:eb:2f:
63:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:43:51:37:74:F0:D8:7F:27:44:9E:DB:0C:E9:EF:48:C1:8F:01:58
X509v3 Authority Key Identifier:
keyid:85:C3:52:5D:68:B6:11:16:56:4E:16:E1:DD:4E:56:CB:03:5C:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcNSXWi2ERZWThbh3U5WywNcnIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/s0NRN3Tw2H8nRJ7bDOnvSMGPAVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/9fbec1-ebd2-41ba-83d9-694dbfaddb8f/1/hcNSXWi2ERZWThbh3U5WywNcnIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.64.0/21
84.38.76.0/22
IPv6:
2a00:5080::/32
Signature Algorithm: sha256WithRSAEncryption
2b:3b:2a:d9:c7:ef:9d:7b:83:57:b6:c7:79:1f:6c:d0:36:91:
48:be:0f:be:e7:3e:ce:48:25:d5:1a:70:38:01:c7:ab:fa:2c:
3b:48:41:dd:d5:93:1a:98:bd:20:d2:20:00:04:84:0d:88:4d:
7a:34:be:1b:06:88:7c:37:ef:6b:60:4a:49:3f:2a:c5:9e:c7:
c8:92:d8:cd:f8:58:41:14:61:1e:d6:70:a1:74:52:03:19:07:
b6:8e:23:dd:2b:20:00:f3:b9:9b:56:40:c5:12:c0:b8:6f:84:
fd:7b:a8:2b:b5:e3:11:88:4d:6f:20:a8:5a:2d:cf:42:62:c2:
2a:a5:eb:a4:7f:f2:7b:c5:89:54:bb:83:b7:8f:b0:1e:ca:02:
93:02:a4:6a:09:f3:ed:1c:f4:b6:c5:39:bb:14:8c:b9:59:f3:
c0:c7:25:ae:24:25:fb:81:af:01:ff:6b:6d:8a:8a:a7:0c:83:
c4:76:74:28:70:fc:e2:b5:fa:bf:21:3e:e5:65:e2:2e:9a:da:
42:3d:3f:58:71:88:9b:87:cf:71:eb:99:c0:73:3c:17:fd:14:
28:9d:c1:8c:44:c8:e2:ab:62:fd:9e:36:ef:e4:a8:a3:60:ec:
81:8b:49:c3:cc:99:45:b7:be:60:d7:3e:b0:ca:5b:a7:3d:86:
f5:1c:55:d4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY5RoGqt8himrNJvox0C7L8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YzM1MjVkNjhiNjExMTY1NjRlMTZlMWRkNGU1NmNiMDM1
YzljODUwHhcNMjQwMzE4MTI1NDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzQzNTEzNzc0ZjBkODdmMjc0NDllZGIwY2U5ZWY0OGMxOGYwMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/xfbz5Y7DhvBgpC/R+PF1kGLX6j
Ft1Yc78FRfRazsJsGSn4Uzp/8eR7ZA2hdTPZ66cbEVrOqn0a94IvcCvbSP2inNpt
fWvf7tI9J9P6TaLl4X8h6rqN8naWmtKhDWi8ZfC3OLT0OWR/H7+o20L4QfZoaRr8
CqGXr2tsoQtJTWkAfgk94niSJ0hT0Mr+GqL2NjP33ZDE94ccGeCne+G0BGN1vhcB
L+gyd4eJjPVbjFXDPkxC8wpebtLAXP6lw2WACb8qiMv5DerAd1BiPrkQeV0JoSG0
XHMPhh5FXUS8DylIe7DNiKJ4HXBLODFCp7Q+fiGZf+Aqn3CRQNwy6y9jiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLNDUTd08Nh/J0Se2wzp70jBjwFYMB8GA1UdIwQY
MBaAFIXDUl1othEWVk4W4d1OVssDXJyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGNOU1hXaTJFUlpXVGhiaDNVNVd5d05jbklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi85ZmJlYzEtZWJkMi00MWJhLTgzZDkt
Njk0ZGJmYWRkYjhmLzEvczBOUk4zVHcySDhuUko3YkRPbnZTTUdQQVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi85ZmJlYzEtZWJkMi00MWJhLTgzZDktNjk0ZGJmYWRkYjhm
LzEvaGNOU1hXaTJFUlpXVGhiaDNVNVd5d05jbklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDVCZAAwQC
VCZMMA0EAgACMAcDBQAqAFCAMA0GCSqGSIb3DQEBCwUAA4IBAQArOyrZx++de4NX
tsd5H2zQNpFIvg++5z7OSCXVGnA4Acer+iw7SEHd1ZMamL0g0iAABIQNiE16NL4b
Boh8N+9rYEpJPyrFnsfIktjN+FhBFGEe1nChdFIDGQe2jiPdKyAA87mbVkDFEsC4
b4T9e6grteMRiE1vIKhaLc9CYsIqpeukf/J7xYlUu4O3j7AeygKTAqRqCfPtHPS2
xTm7FIy5WfPAxyWuJCX7ga8B/2ttioqnDIPEdnQocPzitfq/IT7lZeIumtpCPT9Y
cYibh89x65nAczwX/RQoncGMRMjiq2L9njbv5KijYOyBi0nDzJlFt75g1z6wylun
PYb1HFXU
-----END CERTIFICATE-----
Generated at Sat Jun 29 01:03:54 2024 by rpki-client on console-ams.rpki-client.org