Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/K4wD8obAXvEWkDyg6RTXD0sZYb4.roa
File: K4wD8obAXvEWkDyg6RTXD0sZYb4.roa (raw, json)
Hash identifier: vmxvuojjoMJlnDSeeyg88PKcg6gAlawzrav6xY6QbO4=
Subject key identifier: 2B:8C:03:F2:86:C0:5E:F1:16:90:3C:A0:E9:14:D7:0F:4B:19:61:BE
Certificate issuer: /CN=0cbbd0114d97196750d48c5e1256ed055a5e9e2c
Certificate serial: 018CC8015C78ACF5F3CC73DEBD5CF2AF29CA
Authority key identifier: 0C:BB:D0:11:4D:97:19:67:50:D4:8C:5E:12:56:ED:05:5A:5E:9E:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/K4wD8obAXvEWkDyg6RTXD0sZYb4.roa
Signing time: Tue 02 Jan 2024 02:29:41 +0000
ROA not before: Tue 02 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60671
IP address blocks: 185.27.41.0/24 maxlen: 24
185.27.40.0/24 maxlen: 24
185.27.40.0/23 maxlen: 23
2a04:33c0::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/DLvQEU2XGWdQ1IxeElbtBVpeniw.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/DLvQEU2XGWdQ1IxeElbtBVpeniw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5c:78:ac:f5:f3:cc:73:de:bd:5c:f2:af:29:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cbbd0114d97196750d48c5e1256ed055a5e9e2c
Validity
Not Before: Jan 2 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b8c03f286c05ef116903ca0e914d70f4b1961be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cd:76:8c:7c:e8:1f:34:65:72:8d:7b:95:86:
92:a8:db:3d:2d:48:94:9b:5d:22:19:e9:f4:0a:22:
c1:38:0f:b9:e4:ed:a1:64:55:36:9c:e9:86:c7:b8:
65:c1:a6:c6:71:6b:fb:a7:a2:bd:5a:51:8a:92:7b:
fe:55:67:a8:c2:cd:35:48:3d:a5:6b:d2:30:39:f5:
16:89:c5:c7:ec:f5:1b:85:0d:2f:4e:22:03:e2:90:
3d:f3:44:42:dd:7c:27:15:3e:24:e5:5c:7b:07:05:
48:8c:c5:84:08:06:b1:bf:ce:dd:75:dc:f2:c8:2e:
0b:1f:c1:b0:0f:5b:a4:16:29:40:c3:f0:29:bd:fa:
cb:75:fb:c2:71:33:ab:bd:a2:9c:10:47:34:ab:58:
28:97:b8:6b:0b:a7:6e:06:34:fb:f3:ad:eb:d3:5f:
6e:f4:ee:b2:70:3d:77:11:a4:4f:17:c1:34:2e:50:
f4:28:bf:8b:89:14:fc:7a:e4:cd:d9:df:8c:79:79:
1a:e4:d1:bb:96:af:82:7b:45:57:12:cd:0e:f5:8f:
e4:25:24:f4:6f:52:13:fd:91:75:36:63:d6:cb:ee:
25:c4:1f:6a:bb:90:dc:6a:36:fe:7e:f0:b3:dc:4f:
a6:1d:6a:99:d7:c2:cd:cc:c4:eb:30:0e:56:45:97:
3c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:8C:03:F2:86:C0:5E:F1:16:90:3C:A0:E9:14:D7:0F:4B:19:61:BE
X509v3 Authority Key Identifier:
keyid:0C:BB:D0:11:4D:97:19:67:50:D4:8C:5E:12:56:ED:05:5A:5E:9E:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/K4wD8obAXvEWkDyg6RTXD0sZYb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/DLvQEU2XGWdQ1IxeElbtBVpeniw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.40.0/23
IPv6:
2a04:33c0::/40
Signature Algorithm: sha256WithRSAEncryption
6f:d4:fa:6e:1b:15:60:ac:02:35:05:90:1d:0c:42:3d:b7:b2:
9e:98:8d:22:3e:42:e5:4f:be:49:a1:bd:aa:82:02:1d:5e:b4:
fb:b4:26:2f:33:77:7a:6c:0c:fe:e7:60:e3:d0:af:6e:fe:5e:
3f:f1:c2:a5:d7:23:34:3d:2c:67:0e:df:d4:40:9b:45:8b:d8:
b9:64:18:11:63:45:dd:a0:55:e0:d7:8a:82:77:1c:37:ad:d2:
7b:e6:16:8a:c3:c5:fe:09:89:63:e3:93:79:24:c3:c4:7f:df:
41:da:21:76:90:58:be:0d:89:57:8b:de:e1:d8:47:95:40:ac:
56:c4:9d:e7:15:1d:b4:bb:20:44:1c:75:7a:49:c2:79:ec:40:
60:a5:e2:e2:ba:74:f0:be:7d:8a:52:9b:f2:fb:a0:79:76:75:
a8:c9:97:3d:47:29:43:57:3d:a2:13:50:77:5c:ef:d4:01:09:
9b:79:f2:af:d9:0d:5a:51:9f:d7:c5:36:3a:46:25:38:36:7a:
84:6c:34:a3:0b:6a:fa:5c:44:9d:bc:38:2a:1f:f3:d2:64:93:
35:20:4a:c2:1c:1b:31:0b:97:a6:2b:df:4d:cd:a5:a7:3d:b4:
c6:5d:2c:3f:e6:3a:ae:33:02:50:2d:06:9a:20:4a:88:d9:cf:
05:1b:a9:d5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzIAVx4rPXzzHPevVzyrynKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjYmJkMDExNGQ5NzE5Njc1MGQ0OGM1ZTEyNTZlZDA1NWE1
ZTllMmMwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjhjMDNmMjg2YzA1ZWYxMTY5MDNjYTBlOTE0ZDcwZjRiMTk2MWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqc12jHzoHzRlco17lYaSqNs9LUiU
m10iGen0CiLBOA+55O2hZFU2nOmGx7hlwabGcWv7p6K9WlGKknv+VWeows01SD2l
a9IwOfUWicXH7PUbhQ0vTiID4pA980RC3XwnFT4k5Vx7BwVIjMWECAaxv87dddzy
yC4LH8GwD1ukFilAw/ApvfrLdfvCcTOrvaKcEEc0q1gol7hrC6duBjT7863r019u
9O6ycD13EaRPF8E0LlD0KL+LiRT8euTN2d+MeXka5NG7lq+Ce0VXEs0O9Y/kJST0
b1IT/ZF1NmPWy+4lxB9qu5Dcajb+fvCz3E+mHWqZ18LNzMTrMA5WRZc8FwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCuMA/KGwF7xFpA8oOkU1w9LGWG+MB8GA1UdIwQY
MBaAFAy70BFNlxlnUNSMXhJW7QVaXp4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREx2UUVVMlhHV2RRMUl4ZUVsYnRCVnBlbml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yYTFiNGUtZDc1NC00NDNjLWEzNjAt
YWZiNTY2Y2RmYWM2LzEvSzR3RDhvYkFYdkVXa0R5ZzZSVFhEMHNaWWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yYTFiNGUtZDc1NC00NDNjLWEzNjAtYWZiNTY2Y2RmYWM2
LzEvREx2UUVVMlhHV2RRMUl4ZUVsYnRCVnBlbml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuRsoMA4E
AgACMAgDBgAqBDPAADANBgkqhkiG9w0BAQsFAAOCAQEAb9T6bhsVYKwCNQWQHQxC
PbeynpiNIj5C5U++SaG9qoICHV60+7QmLzN3emwM/udg49Cvbv5eP/HCpdcjND0s
Zw7f1ECbRYvYuWQYEWNF3aBV4NeKgnccN63Se+YWisPF/gmJY+OTeSTDxH/fQdoh
dpBYvg2JV4ve4dhHlUCsVsSd5xUdtLsgRBx1eknCeexAYKXi4rp08L59ilKb8vug
eXZ1qMmXPUcpQ1c9ohNQd1zv1AEJm3nyr9kNWlGf18U2OkYlODZ6hGw0owtq+lxE
nbw4Kh/z0mSTNSBKwhwbMQuXpivfTc2lpz20xl0sP+Y6rjMCUC0GmiBKiNnPBRup
1Q==
-----END CERTIFICATE-----
Generated at Wed May 15 16:38:06 2024 by rpki-client on console-ams.rpki-client.org