Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/PcHsOPvvBLW0cdBkMBpM18lkcLs.roa
File: PcHsOPvvBLW0cdBkMBpM18lkcLs.roa (raw, json)
Hash identifier: hWo00H+0ozAIpSCAIicb/huVM4T9A0n0cnTl3V4zF20=
Subject key identifier: 3D:C1:EC:38:FB:EF:04:B5:B4:71:D0:64:30:1A:4C:D7:C9:64:70:BB
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018CC7946C19377DF704EE292806F0A01300
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/PcHsOPvvBLW0cdBkMBpM18lkcLs.roa
Signing time: Tue 02 Jan 2024 00:30:42 +0000
ROA not before: Tue 02 Jan 2024 00:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61161
IP address blocks: 185.100.56.0/22 maxlen: 24
185.17.72.0/22 maxlen: 24
2a04:600::/29 maxlen: 48
2a0d:3200::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 04:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:6c:19:37:7d:f7:04:ee:29:28:06:f0:a0:13:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 2 00:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dc1ec38fbef04b5b471d064301a4cd7c96470bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:62:ac:89:cb:c0:bb:19:9a:54:68:f3:f5:da:
ef:c9:ed:40:17:fb:52:96:45:09:51:7f:40:37:52:
fb:d1:2c:73:65:c0:3c:36:3e:cc:e7:c9:c0:85:87:
c4:8b:d0:f3:3e:c0:dc:49:c3:87:d0:72:4e:72:e6:
d1:83:c4:85:a9:db:07:51:5d:b9:13:50:3e:46:4d:
35:6a:f3:df:9b:6e:35:e6:44:ff:ae:44:5d:cc:b3:
7a:3e:62:8b:4d:e8:d3:ea:7a:17:34:a3:a6:b0:ed:
0a:34:63:1a:b3:1e:ed:a0:01:95:4b:92:e9:d6:c7:
bc:be:33:c4:60:fe:bd:e8:14:75:2a:1c:52:a8:a3:
ab:ce:28:44:9a:b2:f2:2a:c9:5e:6b:8e:ce:34:e5:
96:7d:29:a1:b5:3c:f6:96:7f:21:bc:22:3b:9c:e2:
fe:36:ad:9b:c2:80:57:53:97:89:dc:8b:61:d5:3a:
3b:f5:26:5c:27:5c:a5:6c:53:ff:a6:4b:11:c5:64:
cd:c9:39:19:73:09:1a:35:1c:96:2e:d0:7d:56:d3:
ba:b9:bd:f4:43:d0:fa:f1:41:08:3c:6e:96:79:de:
84:27:2e:8e:e7:6e:f2:f4:3a:bb:84:83:04:21:dc:
e1:c6:1d:c8:73:55:a8:01:92:15:e3:8f:b6:a9:e2:
02:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C1:EC:38:FB:EF:04:B5:B4:71:D0:64:30:1A:4C:D7:C9:64:70:BB
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/PcHsOPvvBLW0cdBkMBpM18lkcLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.72.0/22
185.100.56.0/22
IPv6:
2a04:600::/29
2a0d:3200::/29
Signature Algorithm: sha256WithRSAEncryption
21:47:f4:49:8c:5a:3e:b1:2d:a1:0c:1c:9d:df:4b:aa:29:48:
8b:ab:66:8f:0b:43:eb:5b:8a:ab:fd:69:ad:6d:88:cf:96:2b:
25:1f:0f:be:7f:35:5f:57:98:0c:5c:8e:24:af:1a:0e:9d:b1:
75:11:93:4b:56:76:91:17:56:8a:e0:f7:13:36:86:3a:ab:c3:
32:69:9b:97:74:43:7f:d7:77:b6:24:5c:a4:c9:f1:43:4f:2f:
d8:19:70:54:77:b5:03:0f:2c:b2:6f:27:4f:d8:30:8d:3c:e2:
05:e7:39:f2:3b:8e:46:16:08:0e:03:a2:11:c8:8c:b4:37:fc:
73:f5:59:0b:5c:f5:23:0a:fb:c3:a9:ef:13:fa:e7:29:53:56:
0a:8f:68:a8:82:91:ca:35:b9:91:0e:ad:16:b0:a5:81:d7:cd:
51:85:fb:8e:d3:74:9f:90:0f:d4:55:17:d8:78:77:59:4f:6c:
81:f4:55:8a:25:ff:64:ce:41:0b:34:65:5e:49:55:64:82:06:
89:b2:6c:47:4a:b5:51:f3:f1:1a:18:11:c1:d9:20:48:ba:4c:
8b:22:69:4e:9f:b0:42:31:51:14:c0:32:a7:ba:57:d4:28:d8:
9a:21:f9:67:ad:63:93:5b:b5:0a:df:50:38:94:f8:49:85:71:
1a:f8:22:e2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzHlGwZN333BO4pKAbwoBMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwMTAyMDAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGMxZWMzOGZiZWYwNGI1YjQ3MWQwNjQzMDFhNGNkN2M5NjQ3MGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGKsicvAuxmaVGjz9drvye1AF/tS
lkUJUX9AN1L70SxzZcA8Nj7M58nAhYfEi9DzPsDcScOH0HJOcubRg8SFqdsHUV25
E1A+Rk01avPfm2415kT/rkRdzLN6PmKLTejT6noXNKOmsO0KNGMasx7toAGVS5Lp
1se8vjPEYP696BR1KhxSqKOrzihEmrLyKslea47ONOWWfSmhtTz2ln8hvCI7nOL+
Nq2bwoBXU5eJ3Ith1To79SZcJ1ylbFP/pksRxWTNyTkZcwkaNRyWLtB9VtO6ub30
Q9D68UEIPG6Wed6EJy6O527y9Dq7hIMEIdzhxh3Ic1WoAZIV44+2qeICfQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFD3B7Dj77wS1tHHQZDAaTNfJZHC7MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvUGNIc09QdnZCTFcwY2RCa01CcE0xOGxrY0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuRFIAwQC
uWQ4MBQEAgACMA4DBQMqBAYAAwUDKg0yADANBgkqhkiG9w0BAQsFAAOCAQEAIUf0
SYxaPrEtoQwcnd9LqilIi6tmjwtD61uKq/1prW2Iz5YrJR8Pvn81X1eYDFyOJK8a
Dp2xdRGTS1Z2kRdWiuD3EzaGOqvDMmmbl3RDf9d3tiRcpMnxQ08v2BlwVHe1Aw8s
sm8nT9gwjTziBec58juORhYIDgOiEciMtDf8c/VZC1z1Iwr7w6nvE/rnKVNWCo9o
qIKRyjW5kQ6tFrClgdfNUYX7jtN0n5AP1FUX2Hh3WU9sgfRViiX/ZM5BCzRlXklV
ZIIGibJsR0q1UfPxGhgRwdkgSLpMiyJpTp+wQjFRFMAyp7pX1CjYmiH5Z61jk1u1
Ct9QOJT4SYVxGvgi4g==
-----END CERTIFICATE-----
Generated at Sat May 4 09:22:14 2024 by rpki-client on console-ams.rpki-client.org