Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/cVeqRknXMf9sFoprf2dmZOJzcHI.roa
File: cVeqRknXMf9sFoprf2dmZOJzcHI.roa (raw, json)
Hash identifier: KpIM5wDHQbR17iuVeF2gk7cev0jwnfQFmvEti8nHzH8=
Subject key identifier: 71:57:AA:46:49:D7:31:FF:6C:16:8A:6B:7F:67:66:64:E2:73:70:72
Certificate issuer: /CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Certificate serial: 018CC26D0C12543ED7A15E97D9CAC8E03320
Authority key identifier: 88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/cVeqRknXMf9sFoprf2dmZOJzcHI.roa
Signing time: Mon 01 Jan 2024 00:29:35 +0000
ROA not before: Mon 01 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206011
IP address blocks: 185.199.10.0/24 maxlen: 24
185.199.8.0/24 maxlen: 24
185.199.9.0/24 maxlen: 24
80.244.44.0/22 maxlen: 23
80.244.40.0/21 maxlen: 23
80.244.40.0/22 maxlen: 23
2a0a:9740::/32 maxlen: 32
2a0a:9740:d000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.mft
rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0c:12:54:3e:d7:a1:5e:97:d9:ca:c8:e0:33:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Validity
Not Before: Jan 1 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7157aa4649d731ff6c168a6b7f676664e2737072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:38:4f:23:47:75:bb:fb:39:37:ac:67:ec:a8:
eb:51:ee:85:91:4a:4f:74:6b:73:b5:d6:d1:73:c7:
d7:d7:11:53:39:f1:0f:40:81:d9:1f:d9:d6:20:07:
ab:25:f4:9a:2c:f7:91:09:d6:7c:15:5d:e9:05:25:
73:c5:8f:87:db:d7:81:ef:9b:92:3e:33:6e:80:39:
75:cf:33:eb:27:7f:20:08:30:3e:d8:8e:d4:13:2a:
51:56:ec:27:53:7c:29:52:49:51:48:c6:0b:d2:36:
99:a2:5c:be:3c:17:dd:57:25:5b:55:10:2f:32:41:
67:f4:e7:8b:fc:4f:25:44:33:64:39:a3:57:7a:30:
dd:d3:ed:cc:d5:20:13:36:e3:e2:13:12:e3:3a:67:
e9:ed:bd:86:66:2f:51:3d:4e:a4:4c:73:be:10:0f:
b9:a9:50:31:2b:6b:94:0d:9d:7e:e3:3e:64:85:55:
89:da:2d:ac:c1:a5:eb:0e:b7:41:4e:67:26:22:25:
f3:17:ce:09:5b:42:98:38:57:da:4e:e8:77:64:52:
74:a3:79:ca:c4:ce:6e:9a:14:46:eb:f6:38:36:81:
04:c2:b3:c8:c3:25:d1:e7:e9:86:b3:41:0b:7a:e0:
f9:16:1c:71:bb:ca:34:4a:b4:fa:26:e5:ea:ee:ef:
d6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:57:AA:46:49:D7:31:FF:6C:16:8A:6B:7F:67:66:64:E2:73:70:72
X509v3 Authority Key Identifier:
keyid:88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/cVeqRknXMf9sFoprf2dmZOJzcHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.40.0/21
185.199.8.0-185.199.10.255
IPv6:
2a0a:9740::/32
Signature Algorithm: sha256WithRSAEncryption
18:c5:d9:93:42:b9:cc:d0:b4:c8:4a:29:6b:64:aa:af:9e:fd:
cb:f7:33:b4:be:59:b7:88:32:57:e2:a6:ee:b3:e2:be:b7:d0:
b7:d5:c9:ef:e6:5d:d8:68:f3:0f:35:84:bf:d3:c7:a6:24:0a:
2a:2c:80:c9:af:b1:32:e8:8c:c4:92:b8:b7:dc:35:76:a3:01:
bd:4f:44:5b:60:7c:f9:48:10:a8:d3:37:7e:80:66:44:58:2e:
b6:a9:f3:23:01:dc:98:e6:91:fb:75:a8:85:fd:b0:1b:67:b0:
cd:c2:16:fe:3f:88:bf:88:34:f0:ca:9d:46:c9:7a:94:dc:db:
c4:e0:c9:6a:e2:59:3f:c4:19:d0:72:6d:96:22:d1:c8:95:e0:
04:ef:f4:cb:0e:59:88:e4:b7:fe:1d:c7:67:61:1f:55:70:62:
ba:c3:a5:a2:2f:38:ef:75:ee:5d:f0:fe:2a:3b:14:a6:db:50:
7c:9b:a0:67:5c:df:f9:8b:cf:93:31:08:e1:99:37:9a:c7:a9:
dc:f7:d3:d0:7b:95:97:58:70:4b:d9:67:e7:d3:06:48:92:8d:
1d:83:72:ce:a5:44:ed:a8:61:fd:b8:85:89:ac:df:fd:a1:8c:
b1:f1:f1:31:18:d2:61:ea:12:ea:09:de:58:e1:41:01:8d:70:
4c:6e:e5:4c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzCbQwSVD7XoV6X2crI4DMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MmZhMDE5MDJmNGU4YzM0N2YyMTE2ZTQ2NDVkYTFhNmI0
ZTA5NjIwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTU3YWE0NjQ5ZDczMWZmNmMxNjhhNmI3ZjY3NjY2NGUyNzM3MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiThPI0d1u/s5N6xn7KjrUe6FkUpP
dGtztdbRc8fX1xFTOfEPQIHZH9nWIAerJfSaLPeRCdZ8FV3pBSVzxY+H29eB75uS
PjNugDl1zzPrJ38gCDA+2I7UEypRVuwnU3wpUklRSMYL0jaZoly+PBfdVyVbVRAv
MkFn9OeL/E8lRDNkOaNXejDd0+3M1SATNuPiExLjOmfp7b2GZi9RPU6kTHO+EA+5
qVAxK2uUDZ1+4z5khVWJ2i2swaXrDrdBTmcmIiXzF84JW0KYOFfaTuh3ZFJ0o3nK
xM5umhRG6/Y4NoEEwrPIwyXR5+mGs0ELeuD5Fhxxu8o0SrT6JuXq7u/W0wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHFXqkZJ1zH/bBaKa39nZmTic3ByMB8GA1UdIwQY
MBaAFIgvoBkC9OjDR/IRbkZF2hprTgliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAt
NWMyZDI2NTcwNWUwLzEvY1ZlcVJrblhNZjlzRm9wcmYyZG1aT0p6Y0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAtNWMyZDI2NTcwNWUw
LzEvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDUPQoMAwD
BAO5xwgDBAC5xwowDQQCAAIwBwMFACoKl0AwDQYJKoZIhvcNAQELBQADggEBABjF
2ZNCuczQtMhKKWtkqq+e/cv3M7S+WbeIMlfipu6z4r630LfVye/mXdho8w81hL/T
x6YkCiosgMmvsTLojMSSuLfcNXajAb1PRFtgfPlIEKjTN36AZkRYLrap8yMB3Jjm
kft1qIX9sBtnsM3CFv4/iL+INPDKnUbJepTc28TgyWriWT/EGdBybZYi0ciV4ATv
9MsOWYjkt/4dx2dhH1VwYrrDpaIvOO917l3w/io7FKbbUHyboGdc3/mLz5MxCOGZ
N5rHqdz309B7lZdYcEvZZ+fTBkiSjR2Dcs6lRO2oYf24hYms3/2hjLHx8TEY0mHq
EuoJ3ljhQQGNcExu5Uw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:02:17 2024 by rpki-client on console-ams.rpki-client.org