Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/nShEfm5vLYtRnLvmQ1wqdQVBPoE.roa
File: nShEfm5vLYtRnLvmQ1wqdQVBPoE.roa (raw, json)
Hash identifier: Thuyz6pL4FBflP1muIgYBrdk8+pXw0/gOTDu1eOKiR8=
Subject key identifier: 9D:28:44:7E:6E:6F:2D:8B:51:9C:BB:E6:43:5C:2A:75:05:41:3E:81
Certificate issuer: /CN=6b7dfe4b68b20895ededf3a003232a979e17c38c
Certificate serial: 018CC94E469FFE7C0F71288F68597531D7CB
Authority key identifier: 6B:7D:FE:4B:68:B2:08:95:ED:ED:F3:A0:03:23:2A:97:9E:17:C3:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a33-S2iyCJXt7fOgAyMql54Xw4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/nShEfm5vLYtRnLvmQ1wqdQVBPoE.roa
Signing time: Tue 02 Jan 2024 08:33:19 +0000
ROA not before: Tue 02 Jan 2024 08:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212889
IP address blocks: 185.164.22.0/24 maxlen: 24
185.164.23.0/24 maxlen: 24
185.164.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/a33-S2iyCJXt7fOgAyMql54Xw4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/a33-S2iyCJXt7fOgAyMql54Xw4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/a33-S2iyCJXt7fOgAyMql54Xw4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 11:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:46:9f:fe:7c:0f:71:28:8f:68:59:75:31:d7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b7dfe4b68b20895ededf3a003232a979e17c38c
Validity
Not Before: Jan 2 08:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d28447e6e6f2d8b519cbbe6435c2a7505413e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f0:82:0b:bc:55:da:42:e3:9e:34:71:96:c3:
c3:30:67:e8:24:22:92:54:56:1d:cd:cc:5d:ae:a1:
53:8f:c8:73:22:bb:8d:5c:80:3b:66:ba:50:a6:2c:
61:39:ff:28:4b:c8:37:27:62:8b:85:4a:7e:62:95:
45:8b:b4:fd:9e:d4:ba:f2:4c:04:19:88:c7:ef:6f:
2a:00:41:4d:01:4e:fb:40:a1:08:50:21:a1:b5:5f:
6c:e8:c5:39:16:27:ab:69:68:24:0d:a7:6a:2c:11:
b6:68:1a:a6:fd:57:01:5a:42:70:6d:ff:27:eb:9f:
56:8f:16:8e:a0:88:bf:72:ed:85:54:ee:12:4d:23:
de:94:40:30:71:03:fa:e0:b7:57:a2:a9:28:1f:3d:
ef:93:76:54:6c:e3:30:0e:59:02:02:b7:8d:e7:90:
48:b5:56:53:cc:d7:5b:fb:1c:b3:9f:81:01:75:87:
9b:ba:f3:92:3a:e7:d1:79:95:3e:6a:05:7b:b1:b5:
da:d0:99:4b:fc:5f:a1:cb:f9:df:aa:2c:69:7a:74:
e7:5c:94:cf:c3:b2:38:8b:f0:b7:3c:2a:54:49:8a:
94:ac:83:f9:8d:b7:74:c7:61:90:80:3f:ff:57:70:
34:a3:35:95:06:13:1a:ed:9f:5a:0c:f4:7d:42:e0:
0d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:28:44:7E:6E:6F:2D:8B:51:9C:BB:E6:43:5C:2A:75:05:41:3E:81
X509v3 Authority Key Identifier:
keyid:6B:7D:FE:4B:68:B2:08:95:ED:ED:F3:A0:03:23:2A:97:9E:17:C3:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a33-S2iyCJXt7fOgAyMql54Xw4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/nShEfm5vLYtRnLvmQ1wqdQVBPoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/a1bd16-84b4-4612-a7f0-9c76d10ec532/1/a33-S2iyCJXt7fOgAyMql54Xw4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.20.0/24
185.164.22.0/23
Signature Algorithm: sha256WithRSAEncryption
79:21:2e:27:02:19:ae:5f:87:6e:98:30:a0:79:d4:c9:9d:d8:
ad:ea:14:d4:c6:16:87:60:32:5d:66:0a:24:48:40:e4:43:f8:
92:da:40:78:b0:ac:b6:5c:23:7c:f1:97:7a:58:2d:be:77:37:
ac:d8:04:a8:8e:16:22:df:3e:5e:4d:e5:a3:99:55:87:cc:b5:
77:ce:d7:d9:da:25:dc:b4:24:c2:7e:74:62:5d:56:3f:65:51:
29:84:36:cb:ba:4d:51:a1:ec:d8:d9:a5:1a:be:be:e7:48:95:
7c:41:4d:88:e1:48:28:2c:31:3a:22:6d:35:36:78:7f:fa:87:
b8:ed:84:da:01:c4:01:af:af:73:8b:c2:4b:bc:ee:5a:d9:ba:
22:d1:f8:2d:f6:50:9e:92:8c:9b:5c:b6:22:a2:c7:36:c3:ee:
11:0c:36:2a:68:67:37:5e:ca:7f:bf:20:a3:bf:29:ff:69:84:
48:9a:5a:7d:b6:e0:d8:60:99:a9:e4:b8:8d:57:c6:91:a9:52:
3d:89:3c:a8:36:14:c0:61:6c:a1:af:76:8f:05:f3:68:ed:31:
06:dc:dd:c5:08:6d:a7:fb:85:87:68:2d:3e:60:5f:31:2d:8f:
87:ee:5f:81:36:d0:54:55:65:43:6e:2f:fe:52:c9:24:f3:90:
aa:32:c4:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTkaf/nwPcSiPaFl1MdfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiN2RmZTRiNjhiMjA4OTVlZGVkZjNhMDAzMjMyYTk3OWUx
N2MzOGMwHhcNMjQwMTAyMDgzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDI4NDQ3ZTZlNmYyZDhiNTE5Y2JiZTY0MzVjMmE3NTA1NDEzZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvCCC7xV2kLjnjRxlsPDMGfoJCKS
VFYdzcxdrqFTj8hzIruNXIA7ZrpQpixhOf8oS8g3J2KLhUp+YpVFi7T9ntS68kwE
GYjH728qAEFNAU77QKEIUCGhtV9s6MU5FieraWgkDadqLBG2aBqm/VcBWkJwbf8n
659WjxaOoIi/cu2FVO4STSPelEAwcQP64LdXoqkoHz3vk3ZUbOMwDlkCAreN55BI
tVZTzNdb+xyzn4EBdYebuvOSOufReZU+agV7sbXa0JlL/F+hy/nfqixpenTnXJTP
w7I4i/C3PCpUSYqUrIP5jbd0x2GQgD//V3A0ozWVBhMa7Z9aDPR9QuAN6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ0oRH5uby2LUZy75kNcKnUFQT6BMB8GA1UdIwQY
MBaAFGt9/ktosgiV7e3zoAMjKpeeF8OMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTMzLVMyaXlDSlh0N2ZPZ0F5TXFsNTRYdzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9hMWJkMTYtODRiNC00NjEyLWE3ZjAt
OWM3NmQxMGVjNTMyLzEvblNoRWZtNXZMWXRSbkx2bVExd3FkUVZCUG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9hMWJkMTYtODRiNC00NjEyLWE3ZjAtOWM3NmQxMGVjNTMy
LzEvYTMzLVMyaXlDSlh0N2ZPZ0F5TXFsNTRYdzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuaQUAwQB
uaQWMA0GCSqGSIb3DQEBCwUAA4IBAQB5IS4nAhmuX4dumDCgedTJndit6hTUxhaH
YDJdZgokSEDkQ/iS2kB4sKy2XCN88Zd6WC2+dzes2ASojhYi3z5eTeWjmVWHzLV3
ztfZ2iXctCTCfnRiXVY/ZVEphDbLuk1RoezY2aUavr7nSJV8QU2I4UgoLDE6Im01
Nnh/+oe47YTaAcQBr69zi8JLvO5a2boi0fgt9lCekoybXLYiosc2w+4RDDYqaGc3
Xsp/vyCjvyn/aYRImlp9tuDYYJmp5LiNV8aRqVI9iTyoNhTAYWyhr3aPBfNo7TEG
3N3FCG2n+4WHaC0+YF8xLY+H7l+BNtBUVWVDbi/+Uskk85CqMsQ4
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:35:11 2024 by rpki-client on console-ams.rpki-client.org