Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/69da98-84d6-4081-83da-d2b7230a3df8/1/h_GV4ZwxOfqJX0cTeoIVOjKtT_k.roa
File: h_GV4ZwxOfqJX0cTeoIVOjKtT_k.roa (raw, json)
Hash identifier: yhdLAa+BCuCpF0ixr2pdkOrkLWg4NKbskUTScILUrAM=
Subject key identifier: 87:F1:95:E1:9C:31:39:FA:89:5F:47:13:7A:82:15:3A:32:AD:4F:F9
Certificate issuer: /CN=2ab2530cbea4d43cb3761b42dadfead7e5172228
Certificate serial: 018CC2DAB87D8C6A998CB59BA5A7998901B9
Authority key identifier: 2A:B2:53:0C:BE:A4:D4:3C:B3:76:1B:42:DA:DF:EA:D7:E5:17:22:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KrJTDL6k1DyzdhtC2t_q1-UXIig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/69da98-84d6-4081-83da-d2b7230a3df8/1/h_GV4ZwxOfqJX0cTeoIVOjKtT_k.roa
Signing time: Mon 01 Jan 2024 02:29:23 +0000
ROA not before: Mon 01 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12552
IP address blocks: 185.18.84.0/22 maxlen: 22
2a03:f440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/69da98-84d6-4081-83da-d2b7230a3df8/1/KrJTDL6k1DyzdhtC2t_q1-UXIig.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/69da98-84d6-4081-83da-d2b7230a3df8/1/KrJTDL6k1DyzdhtC2t_q1-UXIig.mft
rsync://rpki.ripe.net/repository/DEFAULT/KrJTDL6k1DyzdhtC2t_q1-UXIig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b8:7d:8c:6a:99:8c:b5:9b:a5:a7:99:89:01:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ab2530cbea4d43cb3761b42dadfead7e5172228
Validity
Not Before: Jan 1 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87f195e19c3139fa895f47137a82153a32ad4ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:41:4b:c2:22:9b:b6:63:a4:91:97:2c:50:80:
e9:56:b7:d3:9c:d0:e0:1d:90:5e:3d:77:f4:c5:73:
c0:58:91:68:96:c3:ea:57:fa:1f:50:db:cc:5b:48:
21:f9:e5:6a:75:48:05:52:08:b9:78:f4:55:f1:8d:
29:5f:4e:33:58:2b:fa:72:42:66:13:82:a7:66:82:
e7:7a:58:19:10:5c:29:d3:52:7f:c6:4e:35:b9:aa:
cf:af:6b:5c:c0:21:34:13:38:6a:ce:12:e9:ac:b6:
74:1d:81:43:3c:bd:38:0d:01:75:05:a6:82:27:e6:
4e:db:7e:1e:da:d7:95:e6:63:d7:57:0a:3d:74:bc:
71:f4:38:37:51:c9:f5:5e:2a:df:34:91:48:2f:eb:
91:f4:84:f5:ac:ce:5c:95:b5:98:57:96:df:d1:7e:
66:c6:6f:28:e8:35:c7:06:13:2c:7a:6d:d2:71:68:
34:b1:6e:68:b5:59:e0:eb:3a:5f:21:d4:f4:a5:10:
68:6a:cb:60:97:85:0f:5e:c6:c2:82:70:3d:a8:81:
06:b5:e5:2a:9c:05:4e:a2:6d:0c:40:73:c2:da:39:
83:ad:13:ef:fa:56:7d:9e:92:91:fe:f0:6a:c4:58:
ff:f9:74:cb:24:b4:eb:bf:69:64:ad:8e:e2:6f:8d:
4d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F1:95:E1:9C:31:39:FA:89:5F:47:13:7A:82:15:3A:32:AD:4F:F9
X509v3 Authority Key Identifier:
keyid:2A:B2:53:0C:BE:A4:D4:3C:B3:76:1B:42:DA:DF:EA:D7:E5:17:22:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrJTDL6k1DyzdhtC2t_q1-UXIig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/69da98-84d6-4081-83da-d2b7230a3df8/1/h_GV4ZwxOfqJX0cTeoIVOjKtT_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/69da98-84d6-4081-83da-d2b7230a3df8/1/KrJTDL6k1DyzdhtC2t_q1-UXIig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.84.0/22
IPv6:
2a03:f440::/32
Signature Algorithm: sha256WithRSAEncryption
66:a1:4e:94:ff:24:a4:fa:24:95:bf:ac:f6:42:46:e5:83:c1:
b8:39:17:47:9d:f6:8f:f6:bd:b9:ef:c4:ed:b2:f8:ba:c0:0b:
b1:b5:df:0d:f2:1a:9c:b2:27:ae:39:e3:cf:04:b6:c9:de:47:
ea:74:f9:41:09:05:fb:7f:2b:db:7a:06:f5:81:65:f3:6e:f2:
35:f4:16:e5:2f:43:12:26:3f:59:58:79:9b:33:6d:b6:ef:e5:
ea:eb:6d:f2:b0:d6:21:75:99:53:dd:08:7d:1a:15:40:37:f7:
10:6f:d6:a3:e1:c2:b0:97:fb:5f:72:d5:2c:8e:6f:72:f8:03:
7b:1a:d2:3d:94:c9:59:a5:ae:c6:3a:59:d5:50:87:b0:5f:b2:
c0:62:6e:57:60:75:09:02:e6:b8:13:8b:a9:93:01:88:ff:5f:
cd:81:30:25:ac:5c:ec:30:c6:6c:ee:cd:9f:fa:a9:af:1f:8e:
57:ab:87:6b:dc:86:04:f8:16:d6:fc:15:6a:74:cd:13:f4:47:
c8:3e:cb:53:b9:3a:44:96:56:9d:6e:0f:41:5f:89:58:e2:07:
99:8a:a6:5e:21:f4:52:5b:7c:b7:ca:0d:75:c7:d3:4d:ac:9c:
45:ef:69:af:78:f5:d0:51:4d:4d:b3:7c:57:00:aa:17:37:16:
62:d8:0e:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2rh9jGqZjLWbpaeZiQG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjI1MzBjYmVhNGQ0M2NiMzc2MWI0MmRhZGZlYWQ3ZTUx
NzIyMjgwHhcNMjQwMTAxMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2YxOTVlMTljMzEzOWZhODk1ZjQ3MTM3YTgyMTUzYTMyYWQ0ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikFLwiKbtmOkkZcsUIDpVrfTnNDg
HZBePXf0xXPAWJFolsPqV/ofUNvMW0gh+eVqdUgFUgi5ePRV8Y0pX04zWCv6ckJm
E4KnZoLnelgZEFwp01J/xk41uarPr2tcwCE0EzhqzhLprLZ0HYFDPL04DQF1BaaC
J+ZO234e2teV5mPXVwo9dLxx9Dg3Ucn1XirfNJFIL+uR9IT1rM5clbWYV5bf0X5m
xm8o6DXHBhMsem3ScWg0sW5otVng6zpfIdT0pRBoastgl4UPXsbCgnA9qIEGteUq
nAVOom0MQHPC2jmDrRPv+lZ9npKR/vBqxFj/+XTLJLTrv2lkrY7ib41NNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIfxleGcMTn6iV9HE3qCFToyrU/5MB8GA1UdIwQY
MBaAFCqyUwy+pNQ8s3YbQtrf6tflFyIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JKVERMNmsxRHl6ZGh0QzJ0X3ExLVVYSWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82OWRhOTgtODRkNi00MDgxLTgzZGEt
ZDJiNzIzMGEzZGY4LzEvaF9HVjRad3hPZnFKWDBjVGVvSVZPakt0VF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS82OWRhOTgtODRkNi00MDgxLTgzZGEtZDJiNzIzMGEzZGY4
LzEvS3JKVERMNmsxRHl6ZGh0QzJ0X3ExLVVYSWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRJUMA0E
AgACMAcDBQAqA/RAMA0GCSqGSIb3DQEBCwUAA4IBAQBmoU6U/ySk+iSVv6z2Qkbl
g8G4ORdHnfaP9r2578Ttsvi6wAuxtd8N8hqcsieuOePPBLbJ3kfqdPlBCQX7fyvb
egb1gWXzbvI19BblL0MSJj9ZWHmbM2227+Xq623ysNYhdZlT3Qh9GhVAN/cQb9aj
4cKwl/tfctUsjm9y+AN7GtI9lMlZpa7GOlnVUIewX7LAYm5XYHUJAua4E4upkwGI
/1/NgTAlrFzsMMZs7s2f+qmvH45Xq4dr3IYE+BbW/BVqdM0T9EfIPstTuTpEllad
bg9BX4lY4geZiqZeIfRSW3y3yg11x9NNrJxF72mvePXQUU1Ns3xXAKoXNxZi2A49
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:00:10 2024 by rpki-client on console-fra.rpki-client.org