Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/_i5G6N8rn3TTCFbvLl3j5u8PbaE.roa
File: _i5G6N8rn3TTCFbvLl3j5u8PbaE.roa (raw, json)
Hash identifier: z/TMijo2O3ngc3QzuqgIG/C26GaTBVavJmQpfTEfYDo=
Subject key identifier: FE:2E:46:E8:DF:2B:9F:74:D3:08:56:EF:2E:5D:E3:E6:EF:0F:6D:A1
Certificate issuer: /CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Certificate serial: 018CC79418AC835617869002FCAC5D80A238
Authority key identifier: D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/_i5G6N8rn3TTCFbvLl3j5u8PbaE.roa
Signing time: Tue 02 Jan 2024 00:30:20 +0000
ROA not before: Tue 02 Jan 2024 00:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199412
IP address blocks: 185.13.208.0/22 maxlen: 24
2a03:a540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 15:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:18:ac:83:56:17:86:90:02:fc:ac:5d:80:a2:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Validity
Not Before: Jan 2 00:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe2e46e8df2b9f74d30856ef2e5de3e6ef0f6da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a6:ab:e5:d7:82:32:ed:09:e7:29:91:e2:57:
a0:11:f6:d4:92:43:4d:17:20:96:60:19:51:bf:33:
f0:39:ee:4d:3e:cb:15:7f:25:09:07:d5:2a:ab:f7:
69:1f:33:c5:c7:2f:35:df:9f:f9:27:2f:f9:9d:40:
e4:7f:b9:98:5c:7b:0a:84:67:ae:0e:8b:2d:fd:ea:
66:15:b7:e3:ea:3b:6c:e0:75:16:50:b7:4f:f2:ac:
8b:80:88:5b:aa:e5:ed:ac:8e:43:84:f7:86:ec:9e:
e9:c1:74:10:dc:45:a6:47:8b:ff:11:54:95:7b:d6:
17:cb:29:dd:9b:84:30:63:ce:10:02:03:6f:48:61:
86:18:d3:9c:cc:72:4e:b6:01:66:62:d3:ed:9b:f0:
9b:05:dc:de:6b:af:e4:19:43:2b:b2:7a:52:3a:26:
7e:2d:42:7c:87:8a:23:7b:81:a3:dc:3a:53:e0:5c:
af:66:94:cf:15:ab:5a:1d:88:ad:f4:a2:69:14:30:
cf:9c:1a:8b:f3:f6:e7:49:24:eb:3b:19:7e:33:c0:
70:3e:6e:66:9f:2d:54:00:76:a7:5f:ef:46:fb:49:
bd:f9:52:5c:4e:5e:ed:61:79:1f:86:59:8a:ce:a6:
2c:28:c0:75:b6:98:06:85:b3:6a:d3:01:1a:29:36:
91:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:2E:46:E8:DF:2B:9F:74:D3:08:56:EF:2E:5D:E3:E6:EF:0F:6D:A1
X509v3 Authority Key Identifier:
keyid:D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/_i5G6N8rn3TTCFbvLl3j5u8PbaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.208.0/22
IPv6:
2a03:a540::/32
Signature Algorithm: sha256WithRSAEncryption
5e:37:25:b5:cb:17:42:8b:4a:df:46:a0:e2:c7:23:9f:ac:bf:
ed:87:d4:8a:52:7b:b4:c8:09:7f:f7:44:11:89:04:f8:1d:9b:
dd:d6:19:08:db:8b:23:dc:9b:d3:21:e9:29:00:79:c8:3a:0c:
11:fb:11:22:f5:91:fc:84:49:42:c2:56:dd:4f:0b:09:df:ee:
51:3b:13:9c:84:43:ae:8e:b0:7d:93:72:3e:67:8c:94:ad:a4:
f0:f2:eb:b6:de:2a:2c:68:33:d7:7a:a7:8a:43:4b:58:3d:00:
52:ef:92:ba:87:40:92:b3:a8:77:31:c7:32:d7:84:82:b4:22:
7c:75:9e:6d:52:96:b7:9f:cd:d4:0c:dc:40:99:e4:e7:a9:31:
7e:ab:ff:e7:46:2b:9a:26:5f:b5:0a:97:85:42:db:4e:7a:07:
79:5a:4b:4f:ed:f5:5c:c9:16:71:ef:7a:ee:b2:82:3d:b3:e2:
68:3a:71:27:98:6b:0c:d1:15:59:26:aa:58:35:36:13:ae:ac:
c7:b6:85:39:35:7c:ec:2f:31:b6:4c:61:35:eb:0f:43:10:66:
4b:5b:48:12:b5:a7:ab:0d:62:91:6c:68:3a:78:3c:7e:73:63:
ae:e2:b1:58:de:aa:86:c6:c1:54:05:0a:e2:56:9a:ba:01:3d:
23:f1:86:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlBisg1YXhpAC/KxdgKI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZmQzNDM2ZDdhMTlhNzM0M2ZhODAwZDg3YTAxYWYxODNk
YTMxOGIwHhcNMjQwMTAyMDAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTJlNDZlOGRmMmI5Zjc0ZDMwODU2ZWYyZTVkZTNlNmVmMGY2ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqar5deCMu0J5ymR4legEfbUkkNN
FyCWYBlRvzPwOe5NPssVfyUJB9Uqq/dpHzPFxy8135/5Jy/5nUDkf7mYXHsKhGeu
Dost/epmFbfj6jts4HUWULdP8qyLgIhbquXtrI5DhPeG7J7pwXQQ3EWmR4v/EVSV
e9YXyyndm4QwY84QAgNvSGGGGNOczHJOtgFmYtPtm/CbBdzea6/kGUMrsnpSOiZ+
LUJ8h4oje4Gj3DpT4FyvZpTPFataHYit9KJpFDDPnBqL8/bnSSTrOxl+M8BwPm5m
ny1UAHanX+9G+0m9+VJcTl7tYXkfhlmKzqYsKMB1tpgGhbNq0wEaKTaRvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP4uRujfK5900whW7y5d4+bvD22hMB8GA1UdIwQY
MBaAFNH9NDbXoZpzQ/qADYegGvGD2jGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMt
MzlhNjZjYmUxZTRkLzEvX2k1RzZOOHJuM1RUQ0ZidkxsM2o1dThQYmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMtMzlhNjZjYmUxZTRk
LzEvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ3QMA0E
AgACMAcDBQAqA6VAMA0GCSqGSIb3DQEBCwUAA4IBAQBeNyW1yxdCi0rfRqDixyOf
rL/th9SKUnu0yAl/90QRiQT4HZvd1hkI24sj3JvTIekpAHnIOgwR+xEi9ZH8hElC
wlbdTwsJ3+5ROxOchEOujrB9k3I+Z4yUraTw8uu23iosaDPXeqeKQ0tYPQBS75K6
h0CSs6h3Mccy14SCtCJ8dZ5tUpa3n83UDNxAmeTnqTF+q//nRiuaJl+1CpeFQttO
egd5WktP7fVcyRZx73rusoI9s+JoOnEnmGsM0RVZJqpYNTYTrqzHtoU5NXzsLzG2
TGE16w9DEGZLW0gStaerDWKRbGg6eDx+c2Ou4rFY3qqGxsFUBQriVpq6AT0j8YYw
-----END CERTIFICATE-----
Generated at Fri May 24 21:56:41 2024 by rpki-client on console-fra.rpki-client.org