Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/pXUjXXpdd8z3NNb-ZOEhqMnaf8k.roa
File: pXUjXXpdd8z3NNb-ZOEhqMnaf8k.roa (raw, json)
Hash identifier: irm2MfG/c3WJimSo/WCUga15kk8imQadma9Ty+FgCcQ=
Subject key identifier: A5:75:23:5D:7A:5D:77:CC:F7:34:D6:FE:64:E1:21:A8:C9:DA:7F:C9
Certificate issuer: /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial: 018CCA9A152D7284080BDD7CAFEDFE6AFC0D
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/pXUjXXpdd8z3NNb-ZOEhqMnaf8k.roa
Signing time: Tue 02 Jan 2024 14:35:44 +0000
ROA not before: Tue 02 Jan 2024 14:35:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204436
IP address blocks: 185.181.116.0/22 maxlen: 24
91.197.228.0/22 maxlen: 24
2a0a:cb80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.mft
rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:15:2d:72:84:08:0b:dd:7c:af:ed:fe:6a:fc:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Validity
Not Before: Jan 2 14:35:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a575235d7a5d77ccf734d6fe64e121a8c9da7fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5a:50:d9:66:fb:a6:ae:57:32:ad:f9:59:85:
63:be:ac:07:5a:ca:8c:36:f7:f1:7b:ae:3b:d4:3c:
2f:b2:19:b9:02:a6:50:8b:9c:83:d6:7c:61:06:a1:
55:bd:09:fd:0f:a6:92:70:82:1c:ef:73:02:87:59:
3d:a2:2b:44:e9:07:8c:01:8f:4b:59:0e:18:f6:50:
5c:71:b9:f1:55:ce:d2:65:f5:89:30:4e:3d:43:5d:
a0:9f:15:81:f0:8b:ae:59:3a:fa:dc:58:cd:31:24:
4c:1e:dc:d3:30:78:1f:29:d2:81:59:0a:40:7f:55:
21:6a:7d:a8:5e:92:ac:fb:7c:dd:2c:15:73:f6:d0:
92:d8:dd:6f:1c:9e:49:74:68:74:b3:4a:f2:a6:3b:
40:33:05:b1:ca:e0:36:12:3b:96:02:2b:bc:1a:1d:
d8:c4:47:ec:2a:22:a1:60:eb:a0:ed:3c:0c:c3:a5:
7c:e3:7d:34:70:24:db:77:5f:f9:eb:a9:4d:da:08:
d5:ea:2b:a5:67:65:2e:18:1b:67:dd:d9:24:02:42:
7a:ea:f1:91:05:97:a0:33:21:0c:32:77:22:8a:75:
e1:cb:71:c6:a0:a3:6f:59:ab:45:40:45:4a:f7:18:
c4:92:5f:12:67:95:43:65:45:d0:28:2a:28:a7:02:
b6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:75:23:5D:7A:5D:77:CC:F7:34:D6:FE:64:E1:21:A8:C9:DA:7F:C9
X509v3 Authority Key Identifier:
keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/pXUjXXpdd8z3NNb-ZOEhqMnaf8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.228.0/22
185.181.116.0/22
IPv6:
2a0a:cb80::/32
Signature Algorithm: sha256WithRSAEncryption
35:53:5b:5b:8b:f6:69:58:b7:05:7d:42:20:eb:43:ac:43:15:
72:f1:f7:2a:1e:4c:a9:49:07:bc:c5:70:55:e2:4f:92:a7:76:
8c:29:bc:8d:c3:35:b0:21:4d:7f:1b:7b:ed:a0:b6:3e:d0:38:
52:ef:8c:07:2d:70:b7:e2:8f:62:ba:92:5d:5c:b5:66:7a:04:
8d:e2:f3:8d:b6:ce:82:2b:a5:d4:56:46:a0:3e:3c:05:ca:34:
fd:5a:56:1b:45:c3:6b:aa:a5:32:77:77:da:8d:bc:1d:cc:66:
5c:2b:0f:aa:38:52:72:0a:30:b1:3e:8e:ea:2a:20:15:db:2d:
80:cd:2a:36:e6:76:5c:48:b4:36:9e:28:1a:26:28:a2:68:ff:
25:d1:65:31:da:74:e5:55:51:18:cd:22:dd:3e:12:34:3a:29:
10:86:a9:2f:ac:76:db:05:1d:ce:2c:8e:c6:1b:a8:42:5c:b2:
2b:1f:70:f7:50:58:cd:66:63:7c:e2:e2:dc:b8:7d:17:d1:42:
c2:aa:1a:6f:ea:e9:de:67:8f:85:6f:4e:f1:5c:27:c6:1e:61:
d5:8c:8e:41:c8:3e:5a:32:52:06:2a:22:89:1d:c8:b3:37:ca:
82:0e:aa:71:53:cb:ea:d2:3f:4f:db:e0:cd:3c:ef:63:89:56:
42:3b:77:1a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKmhUtcoQIC918r+3+avwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjQwMTAyMTQzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTc1MjM1ZDdhNWQ3N2NjZjczNGQ2ZmU2NGUxMjFhOGM5ZGE3ZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVpQ2Wb7pq5XMq35WYVjvqwHWsqM
Nvfxe6471Dwvshm5AqZQi5yD1nxhBqFVvQn9D6aScIIc73MCh1k9oitE6QeMAY9L
WQ4Y9lBccbnxVc7SZfWJME49Q12gnxWB8IuuWTr63FjNMSRMHtzTMHgfKdKBWQpA
f1Uhan2oXpKs+3zdLBVz9tCS2N1vHJ5JdGh0s0rypjtAMwWxyuA2EjuWAiu8Gh3Y
xEfsKiKhYOug7TwMw6V84300cCTbd1/566lN2gjV6iulZ2UuGBtn3dkkAkJ66vGR
BZegMyEMMnciinXhy3HGoKNvWatFQEVK9xjEkl8SZ5VDZUXQKCoopwK2nwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKV1I116XXfM9zTW/mThIajJ2n/JMB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvcFhValhYcGRkOHozTk5iLVpPRWhxTW5hZjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQA1U1tbi/ZpWLcF
fUIg60OsQxVy8fcqHkypSQe8xXBV4k+Sp3aMKbyNwzWwIU1/G3vtoLY+0DhS74wH
LXC34o9iupJdXLVmegSN4vONts6CK6XUVkagPjwFyjT9WlYbRcNrqqUyd3fajbwd
zGZcKw+qOFJyCjCxPo7qKiAV2y2AzSo25nZcSLQ2nigaJiiiaP8l0WUx2nTlVVEY
zSLdPhI0OikQhqkvrHbbBR3OLI7GG6hCXLIrH3D3UFjNZmN84uLcuH0X0ULCqhpv
6uneZ4+Fb07xXCfGHmHVjI5ByD5aMlIGKiKJHcizN8qCDqpxU8vq0j9P2+DNPO9j
iVZCO3ca
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:10:34 2024 by rpki-client on console-ams.rpki-client.org