Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/biZyxYdgoVGH9XPjOzQkKNh3wcI.roa
File: biZyxYdgoVGH9XPjOzQkKNh3wcI.roa (raw, json)
Hash identifier: zhzpE1a7Yjw6F5aAhofOvrLZLOST2Y0F0kL01D3rApM=
Subject key identifier: 6E:26:72:C5:87:60:A1:51:87:F5:73:E3:3B:34:24:28:D8:77:C1:C2
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 018CC72752DDB1B9B24E9CF00DACDC0B8989
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/biZyxYdgoVGH9XPjOzQkKNh3wcI.roa
Signing time: Mon 01 Jan 2024 22:31:32 +0000
ROA not before: Mon 01 Jan 2024 22:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205659
IP address blocks: 185.218.232.0/24 maxlen: 24
185.218.232.0/23 maxlen: 23
185.218.233.0/24 maxlen: 24
185.218.234.0/24 maxlen: 24
185.229.242.0/24 maxlen: 24
185.235.12.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 19:03:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:52:dd:b1:b9:b2:4e:9c:f0:0d:ac:dc:0b:89:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jan 1 22:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e2672c58760a15187f573e33b342428d877c1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:57:8e:e0:69:4d:94:16:9c:1a:a6:5c:f1:48:
8d:61:87:eb:58:6c:d8:56:bd:03:f0:72:dd:35:89:
5b:3f:62:cb:d2:db:02:3a:8f:5f:3f:45:a6:6f:93:
d1:0f:f2:bb:eb:af:f9:d5:c8:6b:e1:aa:10:e8:bc:
74:df:92:76:43:45:a2:89:32:ba:6d:a0:13:1a:af:
1a:df:40:d4:1e:42:15:71:15:45:8d:96:ba:a8:4a:
9a:97:32:43:62:73:20:b7:cf:67:09:91:2c:9b:a1:
f4:2a:da:bc:01:41:71:1f:7b:6d:f2:ad:09:a9:9c:
57:ce:c8:cc:a3:62:0c:fb:c3:ec:47:78:1b:5f:01:
13:8a:68:a6:6c:5b:44:91:e6:5a:44:28:34:23:74:
0a:ed:97:8a:17:f6:a6:ad:d0:f3:a7:82:2a:6d:a2:
e6:43:f2:bb:3b:fd:ae:df:77:9d:b4:dc:62:57:e0:
39:e6:d6:bc:94:e4:e4:bc:5f:22:3b:73:98:9f:97:
89:f3:80:c9:2e:1d:6c:26:ad:30:39:dc:db:8d:a0:
c4:76:a1:87:b6:d0:ed:17:ad:2f:b4:f7:87:7d:ab:
1a:96:a7:b5:dc:fb:16:80:3c:a7:92:bc:36:79:d1:
4f:67:a9:84:d9:a7:5e:16:ca:a5:d0:02:d8:c6:37:
a9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:26:72:C5:87:60:A1:51:87:F5:73:E3:3B:34:24:28:D8:77:C1:C2
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/biZyxYdgoVGH9XPjOzQkKNh3wcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.232.0-185.218.234.255
185.229.242.0/24
185.235.12.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:dc:0d:3d:91:d1:e6:51:ca:6b:ed:4d:55:c8:36:78:0b:f3:
fa:c4:63:85:c3:b4:fa:48:0c:20:be:fc:7e:61:87:2e:1e:67:
78:ba:fe:16:d5:72:18:3b:fc:a1:c9:db:12:06:b6:18:43:5c:
c4:6f:6a:4a:72:57:9a:76:7d:18:c9:b6:0d:65:b8:cb:fa:55:
c3:51:86:17:7e:bf:86:33:41:26:b1:89:77:c7:f9:65:29:de:
37:18:16:e4:50:17:47:8c:71:d9:65:3a:2e:db:08:61:36:50:
5c:69:25:8a:a4:c0:ae:49:97:40:74:df:d2:ec:35:ce:e2:d5:
e2:0b:15:94:3a:5b:ea:11:ed:bc:80:fe:4a:69:62:fd:b3:1f:
6d:38:70:be:df:39:cd:c3:70:1b:cf:b1:fb:f9:28:7c:f1:d1:
d4:be:fe:6b:8f:44:0c:51:17:61:41:13:c8:5f:8d:e2:d2:90:
76:f3:67:30:81:3d:e9:54:fb:aa:da:82:55:cc:ea:09:19:c1:
d3:a4:35:9a:ca:a3:34:fa:39:23:30:1e:5c:42:e3:dc:ca:78:
ed:8d:fd:c3:27:94:06:17:06:de:a9:3b:07:8b:ad:a7:8b:60:
c5:c2:3a:07:58:84:51:ec:bd:a5:f8:e5:75:fe:ff:12:8d:b1:
c3:c2:92:27
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHJ1LdsbmyTpzwDazcC4mJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjQwMTAxMjIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTI2NzJjNTg3NjBhMTUxODdmNTczZTMzYjM0MjQyOGQ4NzdjMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA81eO4GlNlBacGqZc8UiNYYfrWGzY
Vr0D8HLdNYlbP2LL0tsCOo9fP0Wmb5PRD/K766/51chr4aoQ6Lx035J2Q0WiiTK6
baATGq8a30DUHkIVcRVFjZa6qEqalzJDYnMgt89nCZEsm6H0Ktq8AUFxH3tt8q0J
qZxXzsjMo2IM+8PsR3gbXwETimimbFtEkeZaRCg0I3QK7ZeKF/amrdDzp4IqbaLm
Q/K7O/2u33edtNxiV+A55ta8lOTkvF8iO3OYn5eJ84DJLh1sJq0wOdzbjaDEdqGH
ttDtF60vtPeHfasalqe13PsWgDynkrw2edFPZ6mE2adeFsql0ALYxjepvQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG4mcsWHYKFRh/Vz4zs0JCjYd8HCMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvYmlaeXhZZGdvVkdIOVhQak96UWtLTmgzd2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAO52ugD
BAC52uoDBAC55fIDBAG56wwwDQYJKoZIhvcNAQELBQADggEBAB/cDT2R0eZRymvt
TVXINngL8/rEY4XDtPpIDCC+/H5hhy4eZ3i6/hbVchg7/KHJ2xIGthhDXMRvakpy
V5p2fRjJtg1luMv6VcNRhhd+v4YzQSaxiXfH+WUp3jcYFuRQF0eMcdllOi7bCGE2
UFxpJYqkwK5Jl0B039LsNc7i1eILFZQ6W+oR7byA/kppYv2zH204cL7fOc3DcBvP
sfv5KHzx0dS+/muPRAxRF2FBE8hfjeLSkHbzZzCBPelU+6raglXM6gkZwdOkNZrK
ozT6OSMwHlxC49zKeO2N/cMnlAYXBt6pOweLraeLYMXCOgdYhFHsvaX45XX+/xKN
scPCkic=
-----END CERTIFICATE-----
Generated at Fri May 24 23:56:50 2024 by rpki-client on console-fra.rpki-client.org