Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/nMa6bFZciSvcblXzWPXrSujXIak.roa
File: nMa6bFZciSvcblXzWPXrSujXIak.roa (raw, json)
Hash identifier: e2DRpqzJDQ1qqEfNsUg9XX5GEO1J11Wl6D8NnSzD0Lo=
Subject key identifier: 9C:C6:BA:6C:56:5C:89:2B:DC:6E:55:F3:58:F5:EB:4A:E8:D7:21:A9
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 018E5C091D3A8B5E8109219B99C7BD7BAE31
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/nMa6bFZciSvcblXzWPXrSujXIak.roa
Signing time: Wed 20 Mar 2024 13:24:44 +0000
ROA not before: Wed 20 Mar 2024 13:24:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43668
IP address blocks: 185.218.200.0/24 maxlen: 24
185.248.168.0/23 maxlen: 23
185.248.170.0/23 maxlen: 23
185.255.236.0/24 maxlen: 24
185.255.237.0/24 maxlen: 24
185.255.238.0/24 maxlen: 24
185.255.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:09:1d:3a:8b:5e:81:09:21:9b:99:c7:bd:7b:ae:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: Mar 20 13:24:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cc6ba6c565c892bdc6e55f358f5eb4ae8d721a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e4:97:fa:40:2a:d6:ce:05:21:1e:34:7a:ef:
66:00:72:c1:c2:35:3a:4f:fd:d1:87:03:3e:f1:a4:
dd:e4:e9:b8:88:74:4e:03:aa:cf:39:2d:9a:41:56:
e1:fe:9c:d9:7c:c0:3e:71:35:40:a0:d8:aa:e9:a9:
4a:ac:15:a4:49:99:37:92:f9:aa:ee:cd:b8:20:fd:
42:39:3c:75:91:e9:49:f8:b0:7a:8f:9e:fb:30:4b:
c0:9c:13:b6:a1:80:80:b4:e1:60:dd:51:d7:76:84:
0b:3f:ed:85:8c:cd:85:4c:6f:20:e3:6b:80:74:f9:
cf:81:8c:6c:fc:2c:26:a8:6f:d0:fb:89:cc:d5:9c:
06:0f:58:f8:44:dc:b2:6a:1a:e7:77:a9:e4:9b:ba:
5e:be:94:c7:7c:0a:94:7f:75:60:4d:53:1c:66:af:
37:4b:59:2a:95:28:b0:12:98:36:51:e8:ab:a8:d3:
d7:cf:71:76:41:c4:45:7f:32:15:2c:6e:2c:8d:aa:
c5:c7:f3:ce:12:28:67:e5:24:db:eb:b1:50:35:16:
64:89:a3:14:80:7c:fb:4f:01:11:2e:81:db:06:8c:
0b:62:6c:61:64:62:97:38:ae:43:39:76:b9:28:ac:
4a:b1:ed:ab:a3:88:03:82:6a:1a:37:54:7d:b9:c1:
13:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C6:BA:6C:56:5C:89:2B:DC:6E:55:F3:58:F5:EB:4A:E8:D7:21:A9
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/nMa6bFZciSvcblXzWPXrSujXIak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.200.0/24
185.248.168.0/22
185.255.236.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:bb:b8:58:b5:8d:de:a6:62:8d:98:9b:93:fb:9b:d2:3a:2d:
85:f8:d3:28:d7:be:9c:0e:76:7c:da:a8:a6:a6:6f:cb:4e:8e:
12:36:bf:77:b3:b8:22:8b:b8:25:51:07:b7:68:d9:33:b0:2d:
ed:1c:29:b0:44:bd:e1:76:ad:68:be:c2:69:55:53:49:6c:fc:
37:fa:82:09:26:2f:ea:ee:c5:fa:56:c6:b8:5c:3b:10:b4:d3:
ba:ff:e0:4a:b0:cf:f8:a6:46:af:a8:a4:3d:b8:55:ac:fa:d2:
bf:ea:71:39:74:2d:8c:f5:6a:64:61:98:35:33:6e:83:82:f9:
a0:d4:ed:c4:ac:c6:be:21:bf:61:ca:fc:04:70:ff:33:92:a3:
30:a4:08:66:41:8f:5d:58:61:b2:51:0f:a9:7e:1f:34:dd:56:
c8:d0:d6:6a:16:e2:48:20:0d:ed:cb:23:94:bc:d9:24:90:49:
db:68:54:85:83:02:45:9b:e9:4f:c3:79:8a:ad:11:82:9b:54:
75:33:e1:ee:3f:8e:33:fc:57:b9:75:03:1e:86:3a:ca:44:3e:
4f:7d:16:e0:9d:63:50:c9:23:57:4b:8d:2b:26:80:2e:cf:ef:
9e:b5:ab:57:7a:0e:6a:99:8c:2f:9b:0c:b9:7b:5f:25:39:dc:
4e:ad:5c:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5cCR06i16BCSGbmce9e64xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjQwMzIwMTMyNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M2YmE2YzU2NWM4OTJiZGM2ZTU1ZjM1OGY1ZWI0YWU4ZDcyMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuSX+kAq1s4FIR40eu9mAHLBwjU6
T/3RhwM+8aTd5Om4iHROA6rPOS2aQVbh/pzZfMA+cTVAoNiq6alKrBWkSZk3kvmq
7s24IP1COTx1kelJ+LB6j577MEvAnBO2oYCAtOFg3VHXdoQLP+2FjM2FTG8g42uA
dPnPgYxs/CwmqG/Q+4nM1ZwGD1j4RNyyahrnd6nkm7pevpTHfAqUf3VgTVMcZq83
S1kqlSiwEpg2UeirqNPXz3F2QcRFfzIVLG4sjarFx/POEihn5STb67FQNRZkiaMU
gHz7TwERLoHbBowLYmxhZGKXOK5DOXa5KKxKse2ro4gDgmoaN1R9ucETbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJzGumxWXIkr3G5V81j160ro1yGpMB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvbk1hNmJGWmNpU3ZjYmxYeldQWHJTdWpYSWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAudrIAwQC
ufioAwQCuf/sMA0GCSqGSIb3DQEBCwUAA4IBAQAau7hYtY3epmKNmJuT+5vSOi2F
+NMo176cDnZ82qimpm/LTo4SNr93s7gii7glUQe3aNkzsC3tHCmwRL3hdq1ovsJp
VVNJbPw3+oIJJi/q7sX6Vsa4XDsQtNO6/+BKsM/4pkavqKQ9uFWs+tK/6nE5dC2M
9WpkYZg1M26Dgvmg1O3ErMa+Ib9hyvwEcP8zkqMwpAhmQY9dWGGyUQ+pfh803VbI
0NZqFuJIIA3tyyOUvNkkkEnbaFSFgwJFm+lPw3mKrRGCm1R1M+HuP44z/Fe5dQMe
hjrKRD5PfRbgnWNQySNXS40rJoAuz++etatXeg5qmYwvmwy5e18lOdxOrVw7
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:01:28 2024 by rpki-client on console-ams.rpki-client.org