Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/TiZh5zBiO-g7dbop1oufWMKTu9g.roa
File: TiZh5zBiO-g7dbop1oufWMKTu9g.roa (raw, json)
Hash identifier: V0sayPluiZ+cxNgTGXKjewufghGNoYKIMKuEqp+F4Ug=
Subject key identifier: 4E:26:61:E7:30:62:3B:E8:3B:75:BA:29:D6:8B:9F:58:C2:93:BB:D8
Certificate issuer: /CN=df2e1ce94e88a13f38fe7f943b79416bc07a1df0
Certificate serial: 018CC3B73127950270BB89C49722DC9BF4BD
Authority key identifier: DF:2E:1C:E9:4E:88:A1:3F:38:FE:7F:94:3B:79:41:6B:C0:7A:1D:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3y4c6U6IoT84_n-UO3lBa8B6HfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/TiZh5zBiO-g7dbop1oufWMKTu9g.roa
Signing time: Mon 01 Jan 2024 06:30:11 +0000
ROA not before: Mon 01 Jan 2024 06:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200129
IP address blocks: 185.36.183.0/24 maxlen: 24
185.36.180.0/24 maxlen: 24
185.36.181.0/24 maxlen: 24
185.36.182.0/24 maxlen: 24
2a00:e860:181::/48 maxlen: 48
2a00:e860:182::/48 maxlen: 48
2a00:e860:180::/48 maxlen: 48
2a00:e860:183::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/3y4c6U6IoT84_n-UO3lBa8B6HfA.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/3y4c6U6IoT84_n-UO3lBa8B6HfA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3y4c6U6IoT84_n-UO3lBa8B6HfA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:31:27:95:02:70:bb:89:c4:97:22:dc:9b:f4:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df2e1ce94e88a13f38fe7f943b79416bc07a1df0
Validity
Not Before: Jan 1 06:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e2661e730623be83b75ba29d68b9f58c293bbd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d9:22:96:30:33:0b:fa:88:24:20:ca:d2:86:
b4:4b:74:70:88:95:f9:53:09:34:56:8c:bf:9e:c2:
50:c9:2d:5c:2a:dd:7a:d1:b7:63:1f:5c:19:1d:6e:
4e:18:2f:aa:e2:af:fc:93:c6:5b:c2:7a:4d:7c:82:
c0:69:98:fb:ea:32:c3:2d:98:82:a2:c1:d5:5f:e3:
02:07:9d:20:f6:2b:d0:56:dd:7b:4c:7f:f7:5d:69:
fe:8d:24:1a:34:f8:0b:d6:5e:b5:c4:ce:eb:62:ef:
64:e8:ed:dc:ac:7e:8a:8b:78:dd:50:04:1b:72:4e:
11:a2:7f:16:25:2f:43:47:fd:cc:38:19:47:a7:d5:
c5:89:b9:dd:79:69:7f:15:ef:54:14:33:1f:07:b6:
a7:a3:77:b6:dd:b0:62:6c:06:97:b4:53:a1:46:17:
d9:27:9a:74:8c:98:7f:e1:06:c3:fa:15:a5:56:82:
e6:c7:2e:42:13:60:f7:da:65:92:26:21:c8:20:c6:
17:8c:df:cf:d6:40:f4:5e:07:eb:ee:3f:99:07:f7:
3d:28:35:20:af:e5:27:e6:42:fb:99:c2:24:d6:52:
9a:90:c9:fb:37:7d:0e:d8:7f:9c:af:28:ec:af:61:
ef:8d:6c:88:47:f8:8f:35:1f:ce:7c:04:4e:34:26:
ea:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:26:61:E7:30:62:3B:E8:3B:75:BA:29:D6:8B:9F:58:C2:93:BB:D8
X509v3 Authority Key Identifier:
keyid:DF:2E:1C:E9:4E:88:A1:3F:38:FE:7F:94:3B:79:41:6B:C0:7A:1D:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3y4c6U6IoT84_n-UO3lBa8B6HfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/TiZh5zBiO-g7dbop1oufWMKTu9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/78d8f4-3e0f-4bbe-9214-5374c7e0ffa1/1/3y4c6U6IoT84_n-UO3lBa8B6HfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.180.0/22
IPv6:
2a00:e860:180::/46
Signature Algorithm: sha256WithRSAEncryption
7a:42:d3:13:cd:5f:c8:a9:c2:d7:66:80:29:7f:0e:d0:9c:77:
5b:e4:ae:a0:6d:58:36:ff:9d:c3:a7:fa:17:34:49:3b:77:fc:
4f:50:71:6b:56:a2:70:0c:d4:60:b1:7f:f6:44:e6:96:3b:84:
65:87:17:14:28:cf:f3:8f:82:ab:1d:55:40:43:bc:37:87:82:
ee:6d:ba:b3:b7:03:5c:7a:02:a5:2c:9a:35:9c:34:73:5e:cc:
0a:fd:90:63:4c:7a:0b:58:c3:7e:7d:16:96:f4:93:2e:f1:4a:
a8:99:fe:42:f1:73:f9:80:57:b9:e3:35:d6:84:7c:ec:b0:ba:
38:7f:94:f8:88:e8:15:57:13:20:fc:18:97:01:51:f9:01:71:
8b:27:91:67:b8:40:69:16:c9:2a:81:e4:a4:99:4e:1a:61:34:
12:b6:12:7b:be:8c:28:c1:0e:c7:90:45:92:4b:48:63:d0:62:
8b:1e:3f:66:f1:0d:b4:2b:16:0f:1b:4b:60:02:f2:f7:38:5c:
c9:fb:7d:ba:a1:d0:5b:b3:36:8d:2f:3b:a4:73:3b:cb:7d:3d:
1e:ff:e5:11:bc:ea:ef:e6:b9:46:e6:c6:1f:b2:08:de:fc:37:
54:e2:03:ae:31:00:5d:23:02:1c:c8:8f:f4:f7:2b:04:5b:ee:
5b:ac:b4:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDtzEnlQJwu4nElyLcm/S9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMmUxY2U5NGU4OGExM2YzOGZlN2Y5NDNiNzk0MTZiYzA3
YTFkZjAwHhcNMjQwMTAxMDYzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTI2NjFlNzMwNjIzYmU4M2I3NWJhMjlkNjhiOWY1OGMyOTNiYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotkiljAzC/qIJCDK0oa0S3RwiJX5
Uwk0Voy/nsJQyS1cKt160bdjH1wZHW5OGC+q4q/8k8ZbwnpNfILAaZj76jLDLZiC
osHVX+MCB50g9ivQVt17TH/3XWn+jSQaNPgL1l61xM7rYu9k6O3crH6Ki3jdUAQb
ck4Ron8WJS9DR/3MOBlHp9XFibndeWl/Fe9UFDMfB7ano3e23bBibAaXtFOhRhfZ
J5p0jJh/4QbD+hWlVoLmxy5CE2D32mWSJiHIIMYXjN/P1kD0Xgfr7j+ZB/c9KDUg
r+Un5kL7mcIk1lKakMn7N30O2H+cryjsr2HvjWyIR/iPNR/OfARONCbqKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE4mYecwYjvoO3W6KdaLn1jCk7vYMB8GA1UdIwQY
MBaAFN8uHOlOiKE/OP5/lDt5QWvAeh3wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3k0YzZVNklvVDg0X24tVU8zbEJhOEI2SGZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi83OGQ4ZjQtM2UwZi00YmJlLTkyMTQt
NTM3NGM3ZTBmZmExLzEvVGlaaDV6QmlPLWc3ZGJvcDFvdWZXTUtUdTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi83OGQ4ZjQtM2UwZi00YmJlLTkyMTQtNTM3NGM3ZTBmZmEx
LzEvM3k0YzZVNklvVDg0X24tVU8zbEJhOEI2SGZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuSS0MA8E
AgACMAkDBwIqAOhgAYAwDQYJKoZIhvcNAQELBQADggEBAHpC0xPNX8ipwtdmgCl/
DtCcd1vkrqBtWDb/ncOn+hc0STt3/E9QcWtWonAM1GCxf/ZE5pY7hGWHFxQoz/OP
gqsdVUBDvDeHgu5turO3A1x6AqUsmjWcNHNezAr9kGNMegtYw359Fpb0ky7xSqiZ
/kLxc/mAV7njNdaEfOywujh/lPiI6BVXEyD8GJcBUfkBcYsnkWe4QGkWySqB5KSZ
ThphNBK2Enu+jCjBDseQRZJLSGPQYoseP2bxDbQrFg8bS2AC8vc4XMn7fbqh0Fuz
No0vO6RzO8t9PR7/5RG86u/muUbmxh+yCN78N1TiA64xAF0jAhzIj/T3KwRb7lus
tPE=
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:19:22 2024 by rpki-client on console-ams.rpki-client.org