Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3f7ab8-6b39-4362-a27e-77660371a1ec/1/L57TXR7i2dvwTWm3WnO_yvRegMc.roa
File: L57TXR7i2dvwTWm3WnO_yvRegMc.roa (raw, json)
Hash identifier: RKBdKSNmUyHATc6qlKI2C2pZKqLUwriWls6EXRqZThY=
Subject key identifier: 2F:9E:D3:5D:1E:E2:D9:DB:F0:4D:69:B7:5A:73:BF:CA:F4:5E:80:C7
Certificate issuer: /CN=705a3bb117538db6db9c5cfd5a794bf3df697c27
Certificate serial: 018CC348A079A12364063866FF3B7625EB20
Authority key identifier: 70:5A:3B:B1:17:53:8D:B6:DB:9C:5C:FD:5A:79:4B:F3:DF:69:7C:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFo7sRdTjbbbnFz9WnlL899pfCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/3f7ab8-6b39-4362-a27e-77660371a1ec/1/L57TXR7i2dvwTWm3WnO_yvRegMc.roa
Signing time: Mon 01 Jan 2024 04:29:25 +0000
ROA not before: Mon 01 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42207
IP address blocks: 185.206.186.0/23 maxlen: 23
185.206.184.0/23 maxlen: 23
185.206.184.0/22 maxlen: 22
2a0b:15c0::/30 maxlen: 30
2a0b:15c4::/30 maxlen: 30
2a0b:15c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/3f7ab8-6b39-4362-a27e-77660371a1ec/1/cFo7sRdTjbbbnFz9WnlL899pfCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/3f7ab8-6b39-4362-a27e-77660371a1ec/1/cFo7sRdTjbbbnFz9WnlL899pfCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFo7sRdTjbbbnFz9WnlL899pfCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 19:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a0:79:a1:23:64:06:38:66:ff:3b:76:25:eb:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=705a3bb117538db6db9c5cfd5a794bf3df697c27
Validity
Not Before: Jan 1 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f9ed35d1ee2d9dbf04d69b75a73bfcaf45e80c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e1:4c:8e:26:d7:de:23:0d:49:c1:43:a8:11:
de:25:c3:c8:ad:2d:a8:23:0e:41:80:6b:ee:43:5d:
37:52:2b:4e:64:14:36:2b:de:9b:ca:52:c2:fa:ab:
0d:71:07:c7:34:e9:60:91:56:50:99:25:38:a0:bf:
40:26:20:7d:fd:37:48:41:ff:23:f0:cc:07:8e:e8:
ee:f0:bb:94:3b:6d:cb:0d:54:38:bf:b6:96:aa:7a:
7b:30:a3:77:40:1c:74:0e:85:d1:b8:14:bb:6f:15:
69:fe:ae:63:8b:ba:69:b3:e8:e3:88:9f:2d:af:78:
4a:36:9e:16:d9:7d:5d:61:dd:a3:34:9e:7c:f9:60:
54:62:64:44:02:24:20:b0:87:5f:8b:aa:96:82:ac:
24:01:95:92:65:3f:53:1c:36:e5:2d:e6:de:81:b1:
a5:25:7c:51:c2:15:5f:dd:7e:a4:23:80:63:c3:8f:
79:75:59:b2:40:4f:9d:0e:c6:be:07:4a:39:ad:d4:
b5:b0:b4:c8:15:1c:c3:e5:b0:2c:89:d5:7c:45:7c:
f8:09:de:aa:13:70:ad:6a:87:72:a9:c7:64:12:f5:
c1:11:03:9f:90:70:71:c1:c3:a7:67:e5:da:90:9b:
91:78:a0:2d:9b:bf:6f:bc:c7:e1:05:74:ce:37:83:
3c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:9E:D3:5D:1E:E2:D9:DB:F0:4D:69:B7:5A:73:BF:CA:F4:5E:80:C7
X509v3 Authority Key Identifier:
keyid:70:5A:3B:B1:17:53:8D:B6:DB:9C:5C:FD:5A:79:4B:F3:DF:69:7C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFo7sRdTjbbbnFz9WnlL899pfCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3f7ab8-6b39-4362-a27e-77660371a1ec/1/L57TXR7i2dvwTWm3WnO_yvRegMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3f7ab8-6b39-4362-a27e-77660371a1ec/1/cFo7sRdTjbbbnFz9WnlL899pfCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.184.0/22
IPv6:
2a0b:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
71:9f:54:9f:a4:2f:a6:7b:da:c5:18:03:8d:a5:91:42:eb:11:
b3:da:26:77:85:9c:f5:62:f1:bc:22:27:ec:c9:c1:0d:5b:57:
da:00:a1:67:7a:d4:ae:98:6f:32:35:03:05:c6:aa:5b:50:85:
fc:8c:a7:c7:01:75:c8:e5:1f:72:4a:92:8e:62:01:2c:f1:01:
0e:9c:b9:6c:d9:3f:b7:0f:6c:63:70:3e:36:96:ae:01:37:b8:
54:ff:c7:6d:47:e2:c1:04:48:d7:d9:6d:1d:e9:41:a6:78:20:
1c:a0:52:5f:4f:68:7f:02:f0:9d:f1:ed:d4:92:d3:61:26:85:
ef:d6:74:04:e8:ed:d5:4e:cc:48:1d:f1:91:90:14:cc:94:aa:
88:8e:58:10:9e:2f:92:77:37:d3:df:78:02:94:e0:62:11:a2:
14:84:47:cd:d4:5f:9e:b6:39:f0:39:8e:3c:c4:45:44:9c:ca:
f3:95:95:11:79:5f:02:8c:65:91:23:1d:fd:f4:6c:d1:5b:98:
eb:94:d2:51:81:77:da:bb:64:e7:16:f5:c8:7f:ce:a7:b4:ea:
8c:3e:41:63:46:b9:5c:eb:b5:2d:30:1d:4c:07:ca:50:26:f3:
4f:d0:01:c6:c3:e1:95:d6:2d:9a:b7:9f:00:b8:55:3b:1d:e2:
91:7b:73:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSKB5oSNkBjhm/zt2JesgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNWEzYmIxMTc1MzhkYjZkYjljNWNmZDVhNzk0YmYzZGY2
OTdjMjcwHhcNMjQwMTAxMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjllZDM1ZDFlZTJkOWRiZjA0ZDY5Yjc1YTczYmZjYWY0NWU4MGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuFMjibX3iMNScFDqBHeJcPIrS2o
Iw5BgGvuQ103UitOZBQ2K96bylLC+qsNcQfHNOlgkVZQmSU4oL9AJiB9/TdIQf8j
8MwHjuju8LuUO23LDVQ4v7aWqnp7MKN3QBx0DoXRuBS7bxVp/q5ji7pps+jjiJ8t
r3hKNp4W2X1dYd2jNJ58+WBUYmREAiQgsIdfi6qWgqwkAZWSZT9THDblLebegbGl
JXxRwhVf3X6kI4Bjw495dVmyQE+dDsa+B0o5rdS1sLTIFRzD5bAsidV8RXz4Cd6q
E3CtaodyqcdkEvXBEQOfkHBxwcOnZ+XakJuReKAtm79vvMfhBXTON4M80wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC+e010e4tnb8E1pt1pzv8r0XoDHMB8GA1UdIwQY
MBaAFHBaO7EXU42225xc/Vp5S/PfaXwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0ZvN3NSZFRqYmJibkZ6OVdubEw4OTlwZkNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZjdhYjgtNmIzOS00MzYyLWEyN2Ut
Nzc2NjAzNzFhMWVjLzEvTDU3VFhSN2kyZHZ3VFdtM1duT195dlJlZ01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZjdhYjgtNmIzOS00MzYyLWEyN2UtNzc2NjAzNzFhMWVj
LzEvY0ZvN3NSZFRqYmJibkZ6OVdubEw4OTlwZkNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc64MA0E
AgACMAcDBQMqCxXAMA0GCSqGSIb3DQEBCwUAA4IBAQBxn1SfpC+me9rFGAONpZFC
6xGz2iZ3hZz1YvG8IifsycENW1faAKFnetSumG8yNQMFxqpbUIX8jKfHAXXI5R9y
SpKOYgEs8QEOnLls2T+3D2xjcD42lq4BN7hU/8dtR+LBBEjX2W0d6UGmeCAcoFJf
T2h/AvCd8e3UktNhJoXv1nQE6O3VTsxIHfGRkBTMlKqIjlgQni+SdzfT33gClOBi
EaIUhEfN1F+etjnwOY48xEVEnMrzlZUReV8CjGWRIx399GzRW5jrlNJRgXfau2Tn
FvXIf86ntOqMPkFjRrlc67UtMB1MB8pQJvNP0AHGw+GV1i2at58AuFU7HeKRe3Mj
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:38:04 2024 by rpki-client on console-ams.rpki-client.org