Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/x-Yrl-SFkik500bWrRDQb3oNSyE.roa
File: x-Yrl-SFkik500bWrRDQb3oNSyE.roa (raw, json)
Hash identifier: H/EwVY9tCGLK9wuVkXsGdgdwSiael+yVYOPvQPnyiTQ=
Subject key identifier: C7:E6:2B:97:E4:85:92:29:39:D3:46:D6:AD:10:D0:6F:7A:0D:4B:21
Certificate issuer: /CN=865122c0e562e407976823d94e19e2a794f8cb62
Certificate serial: 018CC6B7A957652CA121A775EA603AD77BF7
Authority key identifier: 86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/x-Yrl-SFkik500bWrRDQb3oNSyE.roa
Signing time: Mon 01 Jan 2024 20:29:34 +0000
ROA not before: Mon 01 Jan 2024 20:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205068
IP address blocks: 185.166.164.0/22 maxlen: 22
2a0d:3080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a9:57:65:2c:a1:21:a7:75:ea:60:3a:d7:7b:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=865122c0e562e407976823d94e19e2a794f8cb62
Validity
Not Before: Jan 1 20:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7e62b97e485922939d346d6ad10d06f7a0d4b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7f:72:ca:d6:ad:97:8c:85:b4:97:55:3a:e3:
59:f4:b7:9a:ca:57:d9:9b:8d:f2:1b:27:b4:ba:40:
dd:54:96:59:9d:d8:1f:95:fb:49:14:3c:55:2b:f8:
dc:13:37:25:d2:da:22:9d:d8:29:f4:5a:ce:c2:67:
a1:80:04:8e:77:5e:6d:a4:14:a6:d5:ab:88:e5:79:
1a:ad:6d:33:3a:89:be:24:9a:c1:70:cf:6a:14:b7:
b8:ca:6d:fc:29:e7:62:51:10:3f:de:bb:12:6b:90:
21:20:d4:5c:15:b1:b6:ef:0e:80:40:73:21:80:40:
0e:c5:04:f9:ef:fb:ca:be:02:0b:8d:db:19:ab:63:
bd:4d:3b:ab:31:4c:25:65:5e:c4:e8:cc:7f:e4:2e:
9a:57:4c:4e:ba:64:3b:4c:7f:40:0d:6c:c8:61:8f:
94:b3:50:2b:e6:d2:e8:be:7d:80:0a:4a:8c:cf:1b:
67:31:5e:a7:6f:97:a4:11:01:c0:13:cc:b9:76:d8:
c6:f7:7d:9c:80:7e:54:9b:64:0a:13:bf:4a:59:69:
40:0f:2f:04:d1:9c:97:61:42:7c:a0:ea:d7:47:04:
fb:eb:d1:11:53:6c:93:34:4b:33:0f:17:a0:75:73:
5d:a3:9f:a2:5b:19:71:08:b7:12:2b:b3:b6:68:cc:
a4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E6:2B:97:E4:85:92:29:39:D3:46:D6:AD:10:D0:6F:7A:0D:4B:21
X509v3 Authority Key Identifier:
keyid:86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/x-Yrl-SFkik500bWrRDQb3oNSyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.164.0/22
IPv6:
2a0d:3080::/29
Signature Algorithm: sha256WithRSAEncryption
79:14:03:dd:83:e8:46:f9:5b:c1:34:88:2c:90:f2:5f:b2:22:
9c:93:0a:cf:99:ea:59:20:86:ae:66:dd:63:9c:a3:9e:1c:5b:
34:70:a4:ed:6f:f6:04:f9:90:60:b1:0f:87:48:4a:04:a6:5e:
3d:75:5e:ac:c0:c3:8a:fd:61:74:b9:86:22:13:23:53:9e:2c:
42:78:61:d8:a8:22:64:1c:6c:a8:69:10:3c:4f:40:39:8a:68:
96:9e:c5:79:c8:0d:f7:dd:25:68:e0:49:2c:30:cc:a8:82:bc:
99:6f:a7:79:c0:72:83:c7:07:98:68:11:7e:74:5c:f7:59:34:
a0:ea:c2:2d:8e:78:db:f8:4f:8b:af:6d:6f:ee:37:e2:e5:8f:
b9:62:5e:33:cc:24:68:56:84:0c:7c:9b:a3:47:f6:e5:c0:e5:
7a:b1:04:9a:b7:2c:5a:42:20:38:82:06:3f:fb:08:1c:90:b9:
91:15:39:c9:09:77:65:34:f0:6f:47:95:21:50:ff:2e:af:ad:
11:5e:5d:71:01:b4:4b:2b:7d:af:1f:08:a3:fd:a1:7e:74:d7:
7c:ba:56:ab:20:4e:23:ea:14:a6:e5:1c:01:59:de:48:ac:dc:
8b:1c:ce:8a:bf:39:d2:46:63:1d:c2:d8:4a:fa:f4:ea:7f:d9:
98:b0:48:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGt6lXZSyhIad16mA613v3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NTEyMmMwZTU2MmU0MDc5NzY4MjNkOTRlMTllMmE3OTRm
OGNiNjIwHhcNMjQwMTAxMjAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2U2MmI5N2U0ODU5MjI5MzlkMzQ2ZDZhZDEwZDA2ZjdhMGQ0YjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX9yytatl4yFtJdVOuNZ9LeaylfZ
m43yGye0ukDdVJZZndgflftJFDxVK/jcEzcl0toindgp9FrOwmehgASOd15tpBSm
1auI5XkarW0zOom+JJrBcM9qFLe4ym38KediURA/3rsSa5AhINRcFbG27w6AQHMh
gEAOxQT57/vKvgILjdsZq2O9TTurMUwlZV7E6Mx/5C6aV0xOumQ7TH9ADWzIYY+U
s1Ar5tLovn2ACkqMzxtnMV6nb5ekEQHAE8y5dtjG932cgH5Um2QKE79KWWlADy8E
0ZyXYUJ8oOrXRwT769ERU2yTNEszDxegdXNdo5+iWxlxCLcSK7O2aMykKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMfmK5fkhZIpOdNG1q0Q0G96DUshMB8GA1UdIwQY
MBaAFIZRIsDlYuQHl2gj2U4Z4qeU+MtiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wMjhiODItZmUwMy00MDI1LTk3NjUt
YjhkZDE4ZTQ4ZTg2LzEveC1ZcmwtU0ZraWs1MDBiV3JSRFFiM29OU3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wMjhiODItZmUwMy00MDI1LTk3NjUtYjhkZDE4ZTQ4ZTg2
LzEvaGxFaXdPVmk1QWVYYUNQWlRobmlwNVQ0eTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaakMA0E
AgACMAcDBQMqDTCAMA0GCSqGSIb3DQEBCwUAA4IBAQB5FAPdg+hG+VvBNIgskPJf
siKckwrPmepZIIauZt1jnKOeHFs0cKTtb/YE+ZBgsQ+HSEoEpl49dV6swMOK/WF0
uYYiEyNTnixCeGHYqCJkHGyoaRA8T0A5imiWnsV5yA333SVo4EksMMyogryZb6d5
wHKDxweYaBF+dFz3WTSg6sItjnjb+E+Lr21v7jfi5Y+5Yl4zzCRoVoQMfJujR/bl
wOV6sQSatyxaQiA4ggY/+wgckLmRFTnJCXdlNPBvR5UhUP8ur60RXl1xAbRLK32v
Hwij/aF+dNd8ularIE4j6hSm5RwBWd5IrNyLHM6KvznSRmMdwthK+vTqf9mYsEjA
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:02:44 2024 by rpki-client on console-fra.rpki-client.org