Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/400686-8c75-42d0-8bd1-00044757fe8a/1/1-fVxYVA90ENf6TO5BN-RM0zVQDI.roa
File: 1-fVxYVA90ENf6TO5BN-RM0zVQDI.roa (raw, json)
Hash identifier: g7vc0EjqbHOCFrg4mOslwVR90hPyS10ox5oPFIZsjeM=
Subject key identifier: F9:F5:71:61:50:3D:D0:43:5F:E9:33:B9:04:DF:91:33:4C:D5:40:32
Certificate issuer: /CN=bf73a3f21a1944421b4ddba7ecbc8360cca5e6fc
Certificate serial: 018CC26D666A4629830AE86DB6344080088A
Authority key identifier: BF:73:A3:F2:1A:19:44:42:1B:4D:DB:A7:EC:BC:83:60:CC:A5:E6:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v3Oj8hoZREIbTdun7LyDYMyl5vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/400686-8c75-42d0-8bd1-00044757fe8a/1/1-fVxYVA90ENf6TO5BN-RM0zVQDI.roa
Signing time: Mon 01 Jan 2024 00:29:58 +0000
ROA not before: Mon 01 Jan 2024 00:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47581
IP address blocks: 185.146.127.0/24 maxlen: 24
212.58.157.0/24 maxlen: 24
212.58.159.0/24 maxlen: 24
212.58.158.0/24 maxlen: 24
2a07:7b80:106::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/400686-8c75-42d0-8bd1-00044757fe8a/1/v3Oj8hoZREIbTdun7LyDYMyl5vw.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/400686-8c75-42d0-8bd1-00044757fe8a/1/v3Oj8hoZREIbTdun7LyDYMyl5vw.mft
rsync://rpki.ripe.net/repository/DEFAULT/v3Oj8hoZREIbTdun7LyDYMyl5vw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:66:6a:46:29:83:0a:e8:6d:b6:34:40:80:08:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf73a3f21a1944421b4ddba7ecbc8360cca5e6fc
Validity
Not Before: Jan 1 00:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9f57161503dd0435fe933b904df91334cd54032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:53:ca:68:da:10:b5:0f:c6:39:db:7f:f6:22:
aa:7e:5d:12:3d:5d:6a:0a:a7:93:c7:e5:5b:41:87:
2a:65:21:3e:48:38:d5:2c:ed:95:77:1a:c9:eb:3b:
b1:71:80:71:c7:e3:b4:f5:39:a5:12:58:0b:03:70:
8f:b8:2d:31:cd:44:77:4b:57:31:11:b4:b1:cd:8b:
f2:bd:4a:12:21:1f:6d:c0:3d:7b:2a:17:53:b9:78:
c0:79:c1:1c:80:0c:d0:af:52:f1:72:e7:63:ef:57:
b3:3b:ec:a5:65:b8:74:52:c5:77:5d:f4:73:c7:e5:
35:97:1f:68:68:ac:91:27:76:93:cd:f9:fc:e2:1a:
4c:b3:0c:6d:39:65:5c:bc:cb:64:dd:a7:9e:8d:ef:
7f:89:8f:e0:b0:e6:cc:6d:fe:48:5f:82:da:83:5c:
e8:2d:a5:79:d4:6d:42:48:24:8a:ec:0e:8e:19:ed:
4c:fc:3a:59:53:28:b2:fd:a7:72:a0:a8:a2:e2:85:
ac:07:93:68:48:de:15:8a:85:bf:88:3c:18:02:d3:
4d:0d:bf:8b:61:e4:c7:a2:3f:c7:55:6b:b8:17:00:
96:18:d7:c2:41:3c:28:cd:29:88:e7:71:45:68:e4:
97:fd:bd:99:c3:1f:1c:98:f0:2d:0a:01:39:3b:06:
6c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F5:71:61:50:3D:D0:43:5F:E9:33:B9:04:DF:91:33:4C:D5:40:32
X509v3 Authority Key Identifier:
keyid:BF:73:A3:F2:1A:19:44:42:1B:4D:DB:A7:EC:BC:83:60:CC:A5:E6:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v3Oj8hoZREIbTdun7LyDYMyl5vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/400686-8c75-42d0-8bd1-00044757fe8a/1/1-fVxYVA90ENf6TO5BN-RM0zVQDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/400686-8c75-42d0-8bd1-00044757fe8a/1/v3Oj8hoZREIbTdun7LyDYMyl5vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.127.0/24
212.58.157.0-212.58.159.255
IPv6:
2a07:7b80:106::/48
Signature Algorithm: sha256WithRSAEncryption
8b:f0:a3:37:6a:11:17:90:c9:f9:bb:3e:8c:36:10:14:3c:d0:
59:77:e5:59:0c:37:62:41:fa:8f:8e:a8:b4:ca:d3:29:87:d1:
0e:19:9c:03:f0:6b:5e:bb:39:14:6f:b2:4d:cb:1b:05:82:2e:
20:f0:77:65:fd:35:fe:31:55:30:d1:15:28:f6:a6:5e:ee:d3:
53:d2:c8:02:c5:9f:56:e1:8c:d2:71:ab:22:a7:f6:94:50:72:
07:21:19:dc:13:0d:77:76:ac:f7:3b:e9:79:1f:cf:8d:d0:d7:
b7:7c:08:af:dc:03:d4:ba:0c:2e:7e:ed:16:b2:23:51:36:04:
67:8c:74:54:53:c6:49:28:08:fc:2f:84:dc:0f:e8:7b:23:1c:
dd:05:69:61:0d:73:93:bf:9a:95:6c:b1:72:b3:ad:34:bb:28:
69:da:3b:09:aa:04:41:45:44:da:13:bc:a1:28:19:55:c2:72:
38:27:84:22:07:75:7a:d7:3a:8d:fb:fa:a9:75:99:7c:ef:77:
04:fc:4a:f1:1a:98:76:50:fd:d8:29:34:f6:69:43:3d:82:e0:
d6:e8:3e:eb:df:24:8d:95:2b:4e:4d:48:52:07:62:a9:da:72:
e5:13:fa:a5:dc:9e:43:70:6c:ec:44:e2:bc:65:3b:88:ee:61:
c3:25:d5:3d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzCbWZqRimDCuhttjRAgAiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNzNhM2YyMWExOTQ0NDIxYjRkZGJhN2VjYmM4MzYwY2Nh
NWU2ZmMwHhcNMjQwMTAxMDAyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWY1NzE2MTUwM2RkMDQzNWZlOTMzYjkwNGRmOTEzMzRjZDU0MDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklPKaNoQtQ/GOdt/9iKqfl0SPV1q
CqeTx+VbQYcqZSE+SDjVLO2VdxrJ6zuxcYBxx+O09TmlElgLA3CPuC0xzUR3S1cx
EbSxzYvyvUoSIR9twD17KhdTuXjAecEcgAzQr1Lxcudj71ezO+ylZbh0UsV3XfRz
x+U1lx9oaKyRJ3aTzfn84hpMswxtOWVcvMtk3aeeje9/iY/gsObMbf5IX4Lag1zo
LaV51G1CSCSK7A6OGe1M/DpZUyiy/adyoKii4oWsB5NoSN4VioW/iDwYAtNNDb+L
YeTHoj/HVWu4FwCWGNfCQTwozSmI53FFaOSX/b2Zwx8cmPAtCgE5OwZsnwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPn1cWFQPdBDX+kzuQTfkTNM1UAyMB8GA1UdIwQY
MBaAFL9zo/IaGURCG03bp+y8g2DMpeb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjNPajhob1pSRUliVGR1bjdMeURZTXlsNXZ3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS80MDA2ODYtOGM3NS00MmQwLThiZDEt
MDAwNDQ3NTdmZThhLzEvMS1mVnhZVkE5MEVOZjZUTzVCTi1STTB6VlFESS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzEvNDAwNjg2LThjNzUtNDJkMC04YmQxLTAwMDQ0NzU3ZmU4
YS8xL3YzT2o4aG9aUkVJYlRkdW43THlEWU15bDV2dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA+BggrBgEFBQcBBwEB/wQvMC0wGgQCAAEwFAMEALmSfzAM
AwQA1DqdAwQF1DqAMA8EAgACMAkDBwAqB3uAAQYwDQYJKoZIhvcNAQELBQADggEB
AIvwozdqEReQyfm7Pow2EBQ80Fl35VkMN2JB+o+OqLTK0ymH0Q4ZnAPwa167ORRv
sk3LGwWCLiDwd2X9Nf4xVTDRFSj2pl7u01PSyALFn1bhjNJxqyKn9pRQcgchGdwT
DXd2rPc76Xkfz43Q17d8CK/cA9S6DC5+7RayI1E2BGeMdFRTxkkoCPwvhNwP6Hsj
HN0FaWENc5O/mpVssXKzrTS7KGnaOwmqBEFFRNoTvKEoGVXCcjgnhCIHdXrXOo37
+ql1mXzvdwT8SvEamHZQ/dgpNPZpQz2C4NboPuvfJI2VK05NSFIHYqnacuUT+qXc
nkNwbOxE4rxlO4juYcMl1T0=
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:03:54 2024 by rpki-client on console-fra.rpki-client.org