Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/9QagZGTfrzWYic4RVf8zUllKgl0.roa
File: 9QagZGTfrzWYic4RVf8zUllKgl0.roa (raw, json)
Hash identifier: 3P8Qlq/waR3Im72g4SxxsbIf0ZaXUU+b5Q7j/8DUwkE=
Subject key identifier: F5:06:A0:64:64:DF:AF:35:98:89:CE:11:55:FF:33:52:59:4A:82:5D
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018CE673593AA0A6F76AE1DA9AC4267EF68A
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/9QagZGTfrzWYic4RVf8zUllKgl0.roa
Signing time: Mon 08 Jan 2024 00:22:48 +0000
ROA not before: Mon 08 Jan 2024 00:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 168.199.212.0/22 maxlen: 24
168.199.128.0/22 maxlen: 24
185.101.244.0/23 maxlen: 24
185.101.246.0/23 maxlen: 24
168.199.160.0/22 maxlen: 24
168.199.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e6:73:59:3a:a0:a6:f7:6a:e1:da:9a:c4:26:7e:f6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 8 00:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f506a06464dfaf359889ce1155ff3352594a825d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:62:e0:ed:49:11:0f:bf:44:23:be:3f:de:08:
34:4b:7c:c2:f2:d0:08:01:80:ad:49:7e:e8:20:cf:
4f:98:df:e4:40:10:93:f8:a1:c3:64:0b:b6:47:ae:
7c:88:31:7a:88:4e:35:75:c1:e6:42:b0:24:a6:1f:
60:0b:b5:0c:e1:60:66:72:f1:33:40:56:b6:2b:70:
35:cb:89:17:a4:47:52:af:e1:20:02:43:34:53:e5:
43:a9:21:77:ce:94:16:a7:7d:7d:85:af:fa:97:c5:
2a:af:7a:de:f8:a5:33:49:8f:09:c8:07:50:81:a0:
a8:02:5f:53:67:2e:a4:12:ce:fc:13:b6:ae:e9:02:
ec:4c:06:79:d0:05:a2:66:33:de:f7:d4:13:bc:5a:
c8:a1:10:93:e7:ab:f2:af:1a:dd:75:e0:12:cd:e2:
66:10:78:6a:60:63:69:90:cd:1d:6f:96:ad:b0:a4:
1d:79:77:cf:9d:27:4d:64:e5:21:0b:70:29:72:b4:
6a:ba:43:4b:ca:1b:c7:07:53:8c:29:34:89:0f:79:
95:48:3d:89:db:b0:33:f5:a4:4c:1d:40:e4:30:12:
55:e8:d2:b9:88:90:6f:38:9a:9f:92:98:de:7b:21:
d4:b8:ee:b3:3d:a8:0b:a4:4f:b0:8b:33:c0:90:e4:
db:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:06:A0:64:64:DF:AF:35:98:89:CE:11:55:FF:33:52:59:4A:82:5D
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/9QagZGTfrzWYic4RVf8zUllKgl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.128.0/22
168.199.160.0/22
168.199.192.0/22
168.199.212.0/22
185.101.244.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:4b:c4:4a:9f:17:d2:f5:6a:bf:bd:df:38:ff:3c:d7:ce:d9:
9e:b9:8c:89:82:68:2a:44:81:fd:cb:03:7f:6e:bc:52:0c:b9:
f5:a3:9c:5c:f7:f1:f0:2c:ed:c1:d8:76:67:e0:7e:98:03:57:
7a:ed:58:ef:93:d3:0d:52:a4:6e:ce:39:fc:22:36:7c:5d:69:
0b:09:66:36:07:99:56:49:92:a3:6c:1c:05:96:cd:f7:6e:68:
3a:21:a2:9e:3f:71:2c:1f:9a:b7:45:aa:d1:a2:f0:76:7d:2b:
54:47:a4:6e:51:13:44:a2:9a:18:61:a2:f3:c8:ff:6c:2c:b7:
3d:95:54:b7:92:82:3f:aa:05:94:b0:bd:d2:41:52:d8:60:a6:
a0:0a:99:fc:a9:26:37:0e:66:9a:36:23:6e:9e:7b:6c:b1:99:
f9:17:13:7b:88:ff:aa:73:da:86:c9:e8:fc:d0:c0:fb:ea:e5:
df:7d:b7:ac:2d:12:4d:64:af:e0:b6:aa:f4:5e:47:87:fc:1e:
4c:2a:e8:f6:09:73:fd:b8:c4:e6:f6:60:11:66:79:1e:ac:a4:
67:be:28:2f:97:cf:2b:55:bb:07:e9:99:ab:a8:54:e6:69:86:
23:9d:c0:d1:a6:31:96:a3:86:3e:14:91:fe:a0:27:39:79:46:
a2:88:10:08
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzmc1k6oKb3auHamsQmfvaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwMTA4MDAyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTA2YTA2NDY0ZGZhZjM1OTg4OWNlMTE1NWZmMzM1MjU5NGE4MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWLg7UkRD79EI74/3gg0S3zC8tAI
AYCtSX7oIM9PmN/kQBCT+KHDZAu2R658iDF6iE41dcHmQrAkph9gC7UM4WBmcvEz
QFa2K3A1y4kXpEdSr+EgAkM0U+VDqSF3zpQWp319ha/6l8Uqr3re+KUzSY8JyAdQ
gaCoAl9TZy6kEs78E7au6QLsTAZ50AWiZjPe99QTvFrIoRCT56vyrxrddeASzeJm
EHhqYGNpkM0db5atsKQdeXfPnSdNZOUhC3ApcrRqukNLyhvHB1OMKTSJD3mVSD2J
27Az9aRMHUDkMBJV6NK5iJBvOJqfkpjeeyHUuO6zPagLpE+wizPAkOTbYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPUGoGRk3681mInOEVX/M1JZSoJdMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvOVFhZ1pHVGZyeldZaWM0UlZmOHpVbGxLZ2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCqMeAAwQC
qMegAwQCqMfAAwQCqMfUAwQCuWX0MA0GCSqGSIb3DQEBCwUAA4IBAQAOS8RKnxfS
9Wq/vd84/zzXztmeuYyJgmgqRIH9ywN/brxSDLn1o5xc9/HwLO3B2HZn4H6YA1d6
7Vjvk9MNUqRuzjn8IjZ8XWkLCWY2B5lWSZKjbBwFls33bmg6IaKeP3EsH5q3RarR
ovB2fStUR6RuURNEopoYYaLzyP9sLLc9lVS3koI/qgWUsL3SQVLYYKagCpn8qSY3
DmaaNiNunntssZn5FxN7iP+qc9qGyej80MD76uXffbesLRJNZK/gtqr0XkeH/B5M
Kuj2CXP9uMTm9mARZnkerKRnvigvl88rVbsH6ZmrqFTmaYYjncDRpjGWo4Y+FJH+
oCc5eUaiiBAI
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:54:03 2024 by rpki-client on console-ams.rpki-client.org