Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/txeieNRA9-cDqmOeqM1WdI2kmo0.roa
File: txeieNRA9-cDqmOeqM1WdI2kmo0.roa (raw, json)
Hash identifier: jbbmoF12F8hW5urcubo4DZ8aD+/xbE6h9ulp+5eigkk=
Subject key identifier: B7:17:A2:78:D4:40:F7:E7:03:AA:63:9E:A8:CD:56:74:8D:A4:9A:8D
Certificate issuer: /CN=46efb53f266e11e6ed5a13eb3e97f4b9601dd6e0
Certificate serial: 018CC94E515885A7AE639D8C9F47A7809397
Authority key identifier: 46:EF:B5:3F:26:6E:11:E6:ED:5A:13:EB:3E:97:F4:B9:60:1D:D6:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ru-1PyZuEebtWhPrPpf0uWAd1uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/txeieNRA9-cDqmOeqM1WdI2kmo0.roa
Signing time: Tue 02 Jan 2024 08:33:22 +0000
ROA not before: Tue 02 Jan 2024 08:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 185.156.185.0/24 maxlen: 24
185.156.184.0/24 maxlen: 24
185.156.186.0/24 maxlen: 24
185.156.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/Ru-1PyZuEebtWhPrPpf0uWAd1uA.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/Ru-1PyZuEebtWhPrPpf0uWAd1uA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ru-1PyZuEebtWhPrPpf0uWAd1uA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:51:58:85:a7:ae:63:9d:8c:9f:47:a7:80:93:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46efb53f266e11e6ed5a13eb3e97f4b9601dd6e0
Validity
Not Before: Jan 2 08:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b717a278d440f7e703aa639ea8cd56748da49a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:69:07:da:5c:b2:be:a1:b2:02:fc:ec:9d:f7:
c1:f0:b8:0e:ed:b4:bb:10:ab:8c:d0:cc:14:dc:d8:
6d:f5:a7:1d:9a:39:b9:5f:29:b2:9a:be:78:ad:3a:
c1:cc:24:d2:4d:18:b3:67:7c:56:1e:6d:eb:9c:c5:
8e:c0:f0:80:9c:61:4f:5d:ff:42:73:00:8c:13:26:
97:fc:a6:a0:bf:76:33:29:95:3d:db:ee:93:df:47:
46:34:24:e5:1a:99:f7:b1:5a:f4:38:57:47:e7:70:
e4:a0:48:2c:ff:f2:6b:37:78:00:ae:8b:f9:85:da:
4b:be:15:d3:11:f5:98:4a:06:61:20:3f:b6:15:f7:
f7:be:37:41:ea:1f:f3:b4:d3:45:8f:93:43:d7:61:
8b:02:43:4c:2e:07:f2:2f:64:1b:28:40:63:37:02:
97:28:d1:18:c0:54:9e:24:14:c0:31:df:b7:be:80:
da:e8:d1:ab:39:50:94:f7:35:47:15:cd:6e:7a:cf:
fe:5b:48:22:20:3a:da:70:b6:e1:55:51:5a:e0:de:
83:bc:38:fb:cb:a4:12:2a:4e:34:9d:37:02:6e:bd:
08:0b:04:05:be:fb:64:55:46:24:da:fe:03:6f:d6:
38:b5:8d:35:29:18:cd:04:ea:65:78:11:4a:ae:d2:
9f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:17:A2:78:D4:40:F7:E7:03:AA:63:9E:A8:CD:56:74:8D:A4:9A:8D
X509v3 Authority Key Identifier:
keyid:46:EF:B5:3F:26:6E:11:E6:ED:5A:13:EB:3E:97:F4:B9:60:1D:D6:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ru-1PyZuEebtWhPrPpf0uWAd1uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/txeieNRA9-cDqmOeqM1WdI2kmo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/7bfb11-be26-4c4e-9c35-d7c6708414fa/1/Ru-1PyZuEebtWhPrPpf0uWAd1uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.184.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:ff:67:b3:00:c5:fc:87:14:92:06:7d:73:72:93:39:53:4c:
c6:7c:d2:1e:11:e2:db:0a:ef:52:d1:05:40:4d:7f:cd:64:cf:
bf:7e:cd:5c:10:59:e5:ff:35:41:64:31:be:4c:c9:76:6d:70:
20:39:5e:e6:b0:97:fb:86:09:63:b2:b5:2d:9a:a7:a2:a3:01:
90:e8:12:88:e0:bc:8f:c6:22:3f:a2:b3:31:8a:bd:d3:f5:16:
03:cd:a1:13:15:52:10:bf:d2:cf:2d:44:0d:45:c2:f3:3a:27:
67:38:ba:fc:26:8d:12:f3:c1:4a:b4:d8:3e:58:7f:de:83:e0:
29:7b:9c:1b:1e:75:16:bf:4e:3a:fb:92:a5:ab:77:24:de:a0:
c0:3d:67:b7:5c:9e:fb:d3:33:47:85:bf:0c:2d:32:34:28:43:
25:f0:00:0d:65:02:4f:e1:99:18:a2:30:c7:3a:a3:ee:90:e0:
0d:23:cf:dc:54:54:94:7e:ce:f3:c6:e8:7c:f8:59:77:a6:9a:
81:80:7f:4d:0a:24:8f:df:f2:bf:86:a6:80:69:b1:90:85:12:
c0:27:72:a2:8f:1d:f4:98:d9:7d:17:dc:92:9c:ea:15:e1:43:
f2:f5:a5:57:ad:9f:c8:6d:7b:09:d7:0f:7f:b0:d3:8e:b7:37:
bc:e9:cc:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTlFYhaeuY52Mn0engJOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWZiNTNmMjY2ZTExZTZlZDVhMTNlYjNlOTdmNGI5NjAx
ZGQ2ZTAwHhcNMjQwMTAyMDgzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzE3YTI3OGQ0NDBmN2U3MDNhYTYzOWVhOGNkNTY3NDhkYTQ5YThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmkH2lyyvqGyAvzsnffB8LgO7bS7
EKuM0MwU3Nht9acdmjm5Xymymr54rTrBzCTSTRizZ3xWHm3rnMWOwPCAnGFPXf9C
cwCMEyaX/Kagv3YzKZU92+6T30dGNCTlGpn3sVr0OFdH53DkoEgs//JrN3gArov5
hdpLvhXTEfWYSgZhID+2Fff3vjdB6h/ztNNFj5ND12GLAkNMLgfyL2QbKEBjNwKX
KNEYwFSeJBTAMd+3voDa6NGrOVCU9zVHFc1ues/+W0giIDracLbhVVFa4N6DvDj7
y6QSKk40nTcCbr0ICwQFvvtkVUYk2v4Db9Y4tY01KRjNBOpleBFKrtKfXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLcXonjUQPfnA6pjnqjNVnSNpJqNMB8GA1UdIwQY
MBaAFEbvtT8mbhHm7VoT6z6X9LlgHdbgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnUtMVB5WnVFZWJ0V2hQclBwZjB1V0FkMXVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny83YmZiMTEtYmUyNi00YzRlLTljMzUt
ZDdjNjcwODQxNGZhLzEvdHhlaWVOUkE5LWNEcW1PZXFNMVdkSTJrbW8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny83YmZiMTEtYmUyNi00YzRlLTljMzUtZDdjNjcwODQxNGZh
LzEvUnUtMVB5WnVFZWJ0V2hQclBwZjB1V0FkMXVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZy4MA0G
CSqGSIb3DQEBCwUAA4IBAQAu/2ezAMX8hxSSBn1zcpM5U0zGfNIeEeLbCu9S0QVA
TX/NZM+/fs1cEFnl/zVBZDG+TMl2bXAgOV7msJf7hgljsrUtmqeiowGQ6BKI4LyP
xiI/orMxir3T9RYDzaETFVIQv9LPLUQNRcLzOidnOLr8Jo0S88FKtNg+WH/eg+Ap
e5wbHnUWv046+5Klq3ck3qDAPWe3XJ770zNHhb8MLTI0KEMl8AANZQJP4ZkYojDH
OqPukOANI8/cVFSUfs7zxuh8+Fl3ppqBgH9NCiSP3/K/hqaAabGQhRLAJ3Kijx30
mNl9F9ySnOoV4UPy9aVXrZ/IbXsJ1w9/sNOOtze86cz/
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:54:11 2024 by rpki-client on console-ams.rpki-client.org