Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/spGJRuWYPz3fOT-EivFH0mMG6oI.roa
File: spGJRuWYPz3fOT-EivFH0mMG6oI.roa (raw, json)
Hash identifier: crD3ATpbJvLSv9Ow9XzfWphpa7HQaGKzvUuEc1Cl+nI=
Subject key identifier: B2:91:89:46:E5:98:3F:3D:DF:39:3F:84:8A:F1:47:D2:63:06:EA:82
Certificate issuer: /CN=918ef823bb041ea3ac7c8936c750b6018137e2cd
Certificate serial: 018CCA2BC6D0743F391B1A7E7F2C3C6DF038
Authority key identifier: 91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/spGJRuWYPz3fOT-EivFH0mMG6oI.roa
Signing time: Tue 02 Jan 2024 12:35:15 +0000
ROA not before: Tue 02 Jan 2024 12:35:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47264
IP address blocks: 185.4.116.0/24 maxlen: 24
185.4.116.0/22 maxlen: 22
185.4.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:c6:d0:74:3f:39:1b:1a:7e:7f:2c:3c:6d:f0:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918ef823bb041ea3ac7c8936c750b6018137e2cd
Validity
Not Before: Jan 2 12:35:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2918946e5983f3ddf393f848af147d26306ea82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a6:bd:10:3e:51:a1:23:f5:82:cd:31:d7:ba:
c9:8a:02:ab:b8:a1:97:ee:e5:df:68:8d:65:d6:db:
08:4b:17:ab:ae:23:64:4e:fe:0e:c2:d8:dc:b0:36:
03:71:fa:49:0d:e6:48:e3:fd:57:e5:f2:41:e4:30:
77:e9:3b:58:44:ff:d7:21:84:34:ea:98:d9:dd:cb:
62:c8:dd:14:cd:01:29:d7:4e:37:4e:2e:19:47:6f:
a6:fe:31:62:55:9b:dd:69:72:36:37:c1:46:34:63:
e9:61:24:d1:cd:df:bd:69:15:d4:bb:30:fd:44:fa:
8a:55:74:ec:9a:be:d2:8a:a5:2b:b7:ee:67:34:79:
92:08:57:c4:1b:37:63:ac:2a:75:1b:d6:32:7b:f9:
c6:d4:71:b8:a7:38:9c:6b:84:37:3f:25:b6:2f:1b:
22:2b:e2:a7:9f:6c:e6:cc:2f:c7:08:80:c7:9f:bf:
b2:0d:3f:0e:34:22:fa:80:ed:ad:36:df:2f:ae:93:
b7:6a:43:60:79:66:57:41:ff:6d:e2:6f:1b:b1:e1:
80:0b:e2:ef:42:a6:24:a3:57:08:07:9f:b8:7a:7c:
ba:7b:a8:69:cb:2c:de:4b:e2:a7:14:9b:a0:bc:47:
84:ea:dd:0b:e3:52:24:83:bf:56:6f:68:cf:cc:d8:
58:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:91:89:46:E5:98:3F:3D:DF:39:3F:84:8A:F1:47:D2:63:06:EA:82
X509v3 Authority Key Identifier:
keyid:91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/spGJRuWYPz3fOT-EivFH0mMG6oI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.116.0/22
Signature Algorithm: sha256WithRSAEncryption
56:71:e2:6d:d2:c3:a3:c5:f4:60:02:a5:03:7b:29:12:b6:13:
2b:44:f6:a3:30:d2:23:ae:ac:da:2b:c7:b1:6c:da:78:36:76:
21:d0:8e:88:31:ad:bb:74:99:b1:ef:b4:fc:6a:c2:53:b0:77:
82:aa:a5:ec:ea:90:18:93:8a:c4:16:66:7d:a5:be:73:23:cd:
e5:51:8b:fd:d4:92:7c:18:38:a9:dc:8a:c0:ea:de:4f:2c:14:
51:a5:b8:3d:8e:39:ec:88:ac:78:c8:67:f2:72:f6:5e:5d:cf:
dc:f7:11:66:da:f8:3d:4c:12:b1:e2:8d:47:7e:ea:1f:69:34:
b2:3b:c7:7d:e6:f8:b6:a5:c0:22:61:00:5d:96:b8:cc:60:e0:
c8:cb:1c:b7:3a:7a:8f:83:cb:2f:7c:b9:be:99:9b:5b:d2:94:
07:09:e2:d0:27:f3:e7:49:8d:e7:7b:6b:c8:29:97:4b:49:72:
8b:da:97:6b:ae:3f:7c:af:1e:d9:9c:70:24:fd:0c:88:4f:2f:
e5:27:1c:9b:df:ed:08:30:e1:5e:9c:a9:f8:d7:b3:d2:45:7d:
6a:b5:f3:77:f0:57:23:d3:21:3c:4e:0e:47:3a:64:53:dd:f8:
56:3d:53:c6:df:30:fa:a4:3f:98:8e:cd:0f:83:1e:0a:d3:c8:
d1:ae:eb:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK8bQdD85Gxp+fyw8bfA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxOGVmODIzYmIwNDFlYTNhYzdjODkzNmM3NTBiNjAxODEz
N2UyY2QwHhcNMjQwMTAyMTIzNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjkxODk0NmU1OTgzZjNkZGYzOTNmODQ4YWYxNDdkMjYzMDZlYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKa9ED5RoSP1gs0x17rJigKruKGX
7uXfaI1l1tsISxerriNkTv4OwtjcsDYDcfpJDeZI4/1X5fJB5DB36TtYRP/XIYQ0
6pjZ3ctiyN0UzQEp1043Ti4ZR2+m/jFiVZvdaXI2N8FGNGPpYSTRzd+9aRXUuzD9
RPqKVXTsmr7SiqUrt+5nNHmSCFfEGzdjrCp1G9Yye/nG1HG4pzica4Q3PyW2Lxsi
K+Knn2zmzC/HCIDHn7+yDT8ONCL6gO2tNt8vrpO3akNgeWZXQf9t4m8bseGAC+Lv
QqYko1cIB5+4eny6e6hpyyzeS+KnFJugvEeE6t0L41Ikg79Wb2jPzNhYbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLKRiUblmD893zk/hIrxR9JjBuqCMB8GA1UdIwQY
MBaAFJGO+CO7BB6jrHyJNsdQtgGBN+LNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMt
NjUyOTc1MWIyYjAxLzEvc3BHSlJ1V1lQejNmT1QtRWl2RkgwbU1HNm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMtNjUyOTc1MWIyYjAx
LzEva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQR0MA0G
CSqGSIb3DQEBCwUAA4IBAQBWceJt0sOjxfRgAqUDeykSthMrRPajMNIjrqzaK8ex
bNp4NnYh0I6IMa27dJmx77T8asJTsHeCqqXs6pAYk4rEFmZ9pb5zI83lUYv91JJ8
GDip3IrA6t5PLBRRpbg9jjnsiKx4yGfycvZeXc/c9xFm2vg9TBKx4o1HfuofaTSy
O8d95vi2pcAiYQBdlrjMYODIyxy3OnqPg8svfLm+mZtb0pQHCeLQJ/PnSY3ne2vI
KZdLSXKL2pdrrj98rx7ZnHAk/QyITy/lJxyb3+0IMOFenKn417PSRX1qtfN38Fcj
0yE8Tg5HOmRT3fhWPVPG3zD6pD+Yjs0Pgx4K08jRrut2
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:34:46 2024 by rpki-client on console-fra.rpki-client.org