Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/k51pNUB-9CVZVfIZafVcgnlfoMs.roa
File: k51pNUB-9CVZVfIZafVcgnlfoMs.roa (raw, json)
Hash identifier: 4U5h64ksWcVtQ6DDKTfxmnca/483s52UkEswpbLLkz0=
Subject key identifier: 93:9D:69:35:40:7E:F4:25:59:55:F2:19:69:F5:5C:82:79:5F:A0:CB
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 018CCA2B93C3C821F7C817FB3D5ED97E88D3
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/k51pNUB-9CVZVfIZafVcgnlfoMs.roa
Signing time: Tue 02 Jan 2024 12:35:02 +0000
ROA not before: Tue 02 Jan 2024 12:35:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200189
IP address blocks: 185.108.37.0/24 maxlen: 24
185.108.36.0/24 maxlen: 24
185.108.36.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 19:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:93:c3:c8:21:f7:c8:17:fb:3d:5e:d9:7e:88:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Jan 2 12:35:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=939d6935407ef4255955f21969f55c82795fa0cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8b:38:2c:1d:ce:7a:ea:85:30:8a:85:06:cc:
ad:c0:39:e3:00:97:4c:95:87:e8:de:02:09:f3:1c:
96:d2:4e:8c:1d:92:5c:4f:d8:7f:fc:24:ee:f2:5c:
fd:7f:1d:87:90:aa:f9:a7:5a:a1:45:87:42:90:fb:
50:f0:4f:fd:54:77:42:a3:41:8c:4a:d2:06:bc:aa:
de:4e:19:76:34:9f:2f:83:34:c9:e1:94:52:3a:12:
4a:46:ea:5c:f0:5c:a8:66:74:93:51:ba:c4:f6:17:
a9:9f:ed:d8:41:1f:0f:2d:b1:f6:f6:a1:9e:d9:56:
b7:3e:b1:36:55:46:09:e4:a4:2d:55:e2:60:83:28:
c7:21:06:22:cd:94:db:8f:0b:1b:68:b9:17:aa:27:
78:4b:7f:84:d0:c3:18:70:cf:ea:04:f3:b7:1c:cd:
f4:83:3c:eb:b3:bb:3c:12:81:ef:1b:5a:99:bd:64:
09:13:bb:2d:42:85:16:50:70:08:ad:e7:ad:87:1d:
09:ab:1a:70:d5:3d:ed:bc:bc:b8:48:5e:a3:3f:e4:
56:25:02:2c:bc:54:1c:de:e9:37:79:65:0f:85:35:
97:cc:22:34:2d:29:b6:ab:90:b4:3b:d2:ea:ad:e3:
b5:c8:a6:73:4b:d9:bf:39:8b:7b:c9:d9:70:18:04:
de:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:9D:69:35:40:7E:F4:25:59:55:F2:19:69:F5:5C:82:79:5F:A0:CB
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/k51pNUB-9CVZVfIZafVcgnlfoMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.36.0/23
Signature Algorithm: sha256WithRSAEncryption
85:38:7f:88:e3:17:49:cd:90:4a:53:a7:76:d9:65:73:cb:88:
44:0c:14:59:93:a3:49:ea:af:db:2f:82:52:90:0f:ca:4a:74:
b9:fc:12:09:aa:a0:1f:ec:63:8e:ff:e3:53:24:61:ea:3c:d1:
77:b7:e0:02:79:6d:08:13:fd:41:2d:79:2d:03:63:12:ac:c8:
62:ce:3e:4f:44:57:74:67:cc:b8:7e:f6:c2:1b:6d:4d:21:2d:
ed:cf:f4:83:29:a1:df:9a:f8:97:00:8a:07:21:72:8e:e3:a2:
d6:e6:ea:7f:87:96:55:68:2c:ad:77:02:2e:75:9b:5e:c9:7f:
08:63:7d:ae:2d:4d:43:67:0d:3f:81:16:9a:6a:a8:67:e8:ab:
70:f9:4a:bb:19:30:53:4c:58:98:a5:b5:c1:36:1f:df:7b:c6:
5f:a3:26:86:9f:56:b9:f9:49:8a:35:76:51:c8:c6:17:73:20:
91:aa:dc:6b:53:cd:ed:c2:1e:2e:e4:5e:e4:00:2b:87:ea:3b:
8f:4a:12:89:94:a1:04:a4:33:a3:ca:14:a0:f1:97:8a:43:6f:
45:be:3f:60:96:7b:44:25:ca:18:59:ae:2b:7b:7b:37:75:ff:
dd:bf:60:e0:c6:4f:c1:68:9f:a7:da:dd:bd:ed:fa:16:91:da:
7e:7f:36:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK5PDyCH3yBf7PV7ZfojTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNDRlNjA5ZTM2MTkxM2UzYzNiMGE3OGQ3NDg2YWE0NWI1
NjI0MDEwHhcNMjQwMTAyMTIzNTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzlkNjkzNTQwN2VmNDI1NTk1NWYyMTk2OWY1NWM4Mjc5NWZhMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYs4LB3OeuqFMIqFBsytwDnjAJdM
lYfo3gIJ8xyW0k6MHZJcT9h//CTu8lz9fx2HkKr5p1qhRYdCkPtQ8E/9VHdCo0GM
StIGvKreThl2NJ8vgzTJ4ZRSOhJKRupc8FyoZnSTUbrE9hepn+3YQR8PLbH29qGe
2Va3PrE2VUYJ5KQtVeJggyjHIQYizZTbjwsbaLkXqid4S3+E0MMYcM/qBPO3HM30
gzzrs7s8EoHvG1qZvWQJE7stQoUWUHAIreethx0Jqxpw1T3tvLy4SF6jP+RWJQIs
vFQc3uk3eWUPhTWXzCI0LSm2q5C0O9LqreO1yKZzS9m/OYt7ydlwGATe/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJOdaTVAfvQlWVXyGWn1XIJ5X6DLMB8GA1UdIwQY
MBaAFDFE5gnjYZE+PDsKeNdIaqRbViQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYt
Nzc1ODg4YTg3MTk0LzEvazUxcE5VQi05Q1ZaVmZJWmFmVmNnbmxmb01zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYtNzc1ODg4YTg3MTk0
LzEvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWwkMA0G
CSqGSIb3DQEBCwUAA4IBAQCFOH+I4xdJzZBKU6d22WVzy4hEDBRZk6NJ6q/bL4JS
kA/KSnS5/BIJqqAf7GOO/+NTJGHqPNF3t+ACeW0IE/1BLXktA2MSrMhizj5PRFd0
Z8y4fvbCG21NIS3tz/SDKaHfmviXAIoHIXKO46LW5up/h5ZVaCytdwIudZteyX8I
Y32uLU1DZw0/gRaaaqhn6Ktw+Uq7GTBTTFiYpbXBNh/fe8ZfoyaGn1a5+UmKNXZR
yMYXcyCRqtxrU83twh4u5F7kACuH6juPShKJlKEEpDOjyhSg8ZeKQ29Fvj9glntE
JcoYWa4re3s3df/dv2Dgxk/BaJ+n2t297foWkdp+fzYS
-----END CERTIFICATE-----
Generated at Sun Jun 2 23:35:23 2024 by rpki-client on console-fra.rpki-client.org