Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/0B0zjULO4vtuovXljQRTHkh2KaQ.roa
File: 0B0zjULO4vtuovXljQRTHkh2KaQ.roa (raw, json)
Hash identifier: tyhXd2Ibaym1qAIgjBiAd912WNwuXKI+hgpF26+PnuA=
Subject key identifier: D0:1D:33:8D:42:CE:E2:FB:6E:A2:F5:E5:8D:04:53:1E:48:76:29:A4
Certificate issuer: /CN=b578a461a859ddc986c08a88e9512d5c3d2210e6
Certificate serial: 01916E67808D0E1EA870B2EB1EC2E961E471
Authority key identifier: B5:78:A4:61:A8:59:DD:C9:86:C0:8A:88:E9:51:2D:5C:3D:22:10:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tXikYahZ3cmGwIqI6VEtXD0iEOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/0B0zjULO4vtuovXljQRTHkh2KaQ.roa
Signing time: Tue 20 Aug 2024 06:09:22 +0000
ROA not before: Tue 20 Aug 2024 06:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206862
IP address blocks: 185.173.168.0/22 maxlen: 22
185.173.168.0/24 maxlen: 24
185.173.169.0/24 maxlen: 24
185.173.170.0/24 maxlen: 24
185.173.171.0/24 maxlen: 24
194.53.118.0/23 maxlen: 23
194.53.122.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/tXikYahZ3cmGwIqI6VEtXD0iEOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/tXikYahZ3cmGwIqI6VEtXD0iEOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/tXikYahZ3cmGwIqI6VEtXD0iEOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Oct 2024 14:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6e:67:80:8d:0e:1e:a8:70:b2:eb:1e:c2:e9:61:e4:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b578a461a859ddc986c08a88e9512d5c3d2210e6
Validity
Not Before: Aug 20 06:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d01d338d42cee2fb6ea2f5e58d04531e487629a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c9:a4:77:2c:e9:88:52:54:b7:b9:5c:57:2d:
e1:1f:e5:76:ea:fb:d2:88:c9:7d:f0:1a:fb:0a:b4:
15:81:9b:d0:38:93:45:29:b8:73:70:9a:45:be:95:
74:c4:36:1e:7e:d1:d9:b2:bb:1c:86:d5:3d:ea:dc:
f6:24:8b:54:0e:bd:b5:d9:78:20:04:f6:ce:3d:83:
af:48:b7:f8:45:b9:14:e7:de:b0:66:bc:d5:a1:92:
cd:5b:56:5c:02:63:8d:3f:2f:ac:a2:cf:28:bf:90:
1f:86:e0:67:1a:fe:bb:25:e5:ba:9e:bc:12:07:18:
0b:5a:88:1f:a2:e9:46:b9:4a:e3:35:03:81:1d:f8:
6a:10:18:94:2f:81:b6:48:6b:2a:12:25:46:ff:50:
fa:a2:d7:3a:b5:0f:a5:5c:c5:77:ac:f2:a9:4d:8f:
7a:c5:ef:80:5d:64:40:c7:3d:8d:91:93:dc:08:dd:
16:d1:af:cc:ba:51:de:91:2a:cd:37:06:eb:78:7b:
af:97:9b:6e:ad:e6:a4:58:62:4e:84:3a:e8:e6:73:
dc:c9:28:41:5a:28:dc:54:63:1e:82:55:fa:c4:6d:
16:b7:00:35:44:8c:9e:10:ab:01:1b:5a:33:61:bc:
41:ea:e2:82:f9:6d:a4:97:e7:45:b1:b3:72:df:82:
eb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1D:33:8D:42:CE:E2:FB:6E:A2:F5:E5:8D:04:53:1E:48:76:29:A4
X509v3 Authority Key Identifier:
keyid:B5:78:A4:61:A8:59:DD:C9:86:C0:8A:88:E9:51:2D:5C:3D:22:10:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tXikYahZ3cmGwIqI6VEtXD0iEOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/0B0zjULO4vtuovXljQRTHkh2KaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/tXikYahZ3cmGwIqI6VEtXD0iEOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.168.0/22
194.53.118.0/23
194.53.122.0/23
Signature Algorithm: sha256WithRSAEncryption
02:b7:33:28:93:f2:d5:26:84:95:1a:54:58:22:25:39:f9:61:
3d:48:3b:4c:12:a9:64:a2:5d:2e:89:e8:53:91:83:4c:33:e7:
6c:92:de:a5:b0:8d:24:4b:72:ad:27:e8:51:4c:8b:e9:d7:1f:
bb:16:2e:67:7b:43:c8:6c:e9:6b:75:ea:3f:96:2c:52:64:ba:
ff:f0:49:a5:85:d8:b7:d9:e9:ae:69:0c:e1:ef:c3:f1:da:e0:
9c:25:f5:b3:e8:fb:32:f3:9f:5a:b5:00:55:87:e0:af:37:33:
ff:27:5b:3b:60:a1:b4:80:07:cc:50:b5:d9:88:5d:2a:25:86:
ce:98:6b:82:8c:78:19:54:4a:bd:ea:78:16:e8:55:e5:e8:53:
69:a7:bf:31:19:19:0d:71:6d:8e:3f:0e:e4:69:64:80:53:88:
3f:6c:fb:24:70:8f:45:f4:69:a6:6c:69:97:cf:86:bf:b9:03:
cb:63:fb:2b:ca:46:62:68:bc:bd:6b:c2:30:32:a2:b7:b1:10:
c1:23:57:2e:dc:90:37:b8:a9:ac:da:cf:41:06:38:0f:4b:a7:
bc:c2:9a:08:36:ee:ad:5e:b9:13:c3:b2:87:f0:48:9d:8f:94:
fa:9d:a3:d2:51:74:21:27:6f:46:1b:6b:b8:27:fe:d9:21:df:
6c:d9:e3:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFuZ4CNDh6ocLLrHsLpYeRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NzhhNDYxYTg1OWRkYzk4NmMwOGE4OGU5NTEyZDVjM2Qy
MjEwZTYwHhcNMjQwODIwMDYwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDFkMzM4ZDQyY2VlMmZiNmVhMmY1ZTU4ZDA0NTMxZTQ4NzYyOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8mkdyzpiFJUt7lcVy3hH+V26vvS
iMl98Br7CrQVgZvQOJNFKbhzcJpFvpV0xDYeftHZsrschtU96tz2JItUDr212Xgg
BPbOPYOvSLf4RbkU596wZrzVoZLNW1ZcAmONPy+sos8ov5AfhuBnGv67JeW6nrwS
BxgLWogfoulGuUrjNQOBHfhqEBiUL4G2SGsqEiVG/1D6otc6tQ+lXMV3rPKpTY96
xe+AXWRAxz2NkZPcCN0W0a/MulHekSrNNwbreHuvl5tureakWGJOhDro5nPcyShB
WijcVGMeglX6xG0WtwA1RIyeEKsBG1ozYbxB6uKC+W2kl+dFsbNy34LrjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNAdM41CzuL7bqL15Y0EUx5IdimkMB8GA1UdIwQY
MBaAFLV4pGGoWd3JhsCKiOlRLVw9IhDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFhpa1lhaFozY21Hd0lxSTZWRXRYRDBpRU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wY2VlMzQtNWFjYy00MmQ1LWE1YmYt
ZmMxYzBjY2JjMGI3LzEvMEIwempVTE80dnR1b3ZYbGpRUlRIa2gyS2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wY2VlMzQtNWFjYy00MmQ1LWE1YmYtZmMxYzBjY2JjMGI3
LzEvdFhpa1lhaFozY21Hd0lxSTZWRXRYRDBpRU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCua2oAwQB
wjV2AwQBwjV6MA0GCSqGSIb3DQEBCwUAA4IBAQACtzMok/LVJoSVGlRYIiU5+WE9
SDtMEqlkol0uiehTkYNMM+dskt6lsI0kS3KtJ+hRTIvp1x+7Fi5ne0PIbOlrdeo/
lixSZLr/8Emlhdi32emuaQzh78Px2uCcJfWz6Psy859atQBVh+CvNzP/J1s7YKG0
gAfMULXZiF0qJYbOmGuCjHgZVEq96ngW6FXl6FNpp78xGRkNcW2OPw7kaWSAU4g/
bPskcI9F9GmmbGmXz4a/uQPLY/srykZiaLy9a8IwMqK3sRDBI1cu3JA3uKms2s9B
BjgPS6e8wpoINu6tXrkTw7KH8Eidj5T6naPSUXQhJ29GG2u4J/7ZId9s2eMV
-----END CERTIFICATE-----
Generated at Sun Oct 6 22:48:39 2024 by rpki-client on console-ams.rpki-client.org