Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/p0CXUiRg3NCy_IiyPa6_KKT_ySw.roa
File: p0CXUiRg3NCy_IiyPa6_KKT_ySw.roa (raw, json)
Hash identifier: WvMNBnH47W63yOd4ijCSIrg3us9ein+aGUwf5gNVM9w=
Subject key identifier: A7:40:97:52:24:60:DC:D0:B2:FC:88:B2:3D:AE:BF:28:A4:FF:C9:2C
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 018D7725187A8C241AFB47AB93B23EEFDBFF
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/p0CXUiRg3NCy_IiyPa6_KKT_ySw.roa
Signing time: Mon 05 Feb 2024 02:42:16 +0000
ROA not before: Mon 05 Feb 2024 02:42:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6898
IP address blocks: 185.155.176.0/22 maxlen: 22
185.155.184.0/24 maxlen: 24
185.155.185.0/24 maxlen: 24
2a00:bd00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:77:25:18:7a:8c:24:1a:fb:47:ab:93:b2:3e:ef:db:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Feb 5 02:42:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a74097522460dcd0b2fc88b23daebf28a4ffc92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8d:3c:0f:81:ce:c5:26:5e:84:84:bd:0e:06:
a5:95:4f:13:63:3b:02:b4:01:77:bd:32:f5:30:67:
d9:ef:83:2f:b6:98:93:d6:78:8d:c8:2d:73:db:c7:
e7:6d:94:9f:69:c9:cb:3d:ce:e2:8f:6d:6d:5c:d8:
6c:a4:e9:16:a9:11:6a:01:1a:1c:1f:16:19:44:ec:
20:d4:34:75:f5:4f:5d:29:4b:34:e4:a1:6b:53:3c:
04:50:1c:65:4c:8b:86:5f:9d:9a:39:31:13:f8:e6:
61:a3:bc:95:56:40:ed:ed:50:ce:cd:89:f5:b5:c1:
40:91:73:cc:71:11:75:a8:3e:c7:80:90:3e:4d:cd:
e6:c3:2f:93:d7:e1:09:92:8a:8c:bd:3a:f1:3b:57:
01:4c:64:11:d2:96:47:f8:31:7d:fc:77:33:ae:98:
71:76:99:7c:77:60:23:43:5b:55:a4:b3:fd:81:31:
b7:dc:dc:97:99:d3:9a:d3:1f:99:61:81:26:cf:ab:
7e:19:45:39:20:cc:f9:ac:c4:ee:10:33:e5:5d:11:
1b:10:4c:37:ae:c2:6d:bf:35:e1:30:27:85:50:68:
07:40:58:a1:40:8f:0c:4f:71:fd:fc:64:46:4c:8a:
17:fc:02:0f:08:27:7a:0d:e5:bd:da:37:60:a1:83:
55:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:40:97:52:24:60:DC:D0:B2:FC:88:B2:3D:AE:BF:28:A4:FF:C9:2C
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/p0CXUiRg3NCy_IiyPa6_KKT_ySw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.176.0/22
185.155.184.0/23
IPv6:
2a00:bd00::/32
Signature Algorithm: sha256WithRSAEncryption
a4:47:85:91:16:58:a5:90:70:92:21:d3:fa:21:d0:23:94:cf:
b2:32:aa:c9:94:eb:21:c4:60:4c:25:eb:d8:6f:4b:ed:57:05:
b9:f2:66:88:36:c3:24:fe:32:80:e3:a2:b0:a9:6e:d1:29:f5:
95:0f:27:2b:23:8c:6b:1d:47:78:e6:b0:e9:fe:fc:41:8c:91:
0b:7c:87:54:bf:47:8c:43:15:c6:34:cd:ea:3c:00:c2:a6:f0:
8c:cc:d3:ac:6d:bf:04:00:d2:d4:cf:7d:3d:b3:9a:a6:79:e9:
aa:2e:6c:e8:d9:b1:fa:9c:ce:3e:53:4c:ce:a3:b9:2e:2c:8e:
84:da:c8:9a:c2:76:1e:1d:84:f2:ea:0e:61:c6:01:da:0f:3d:
7a:45:5e:81:d0:01:3b:41:cf:3e:04:95:bb:ec:65:57:a3:77:
9e:2f:3c:3a:aa:2c:fe:2d:3d:a6:82:5b:27:10:d7:40:c5:f3:
3a:c7:e9:c5:e4:53:26:29:1f:b6:a6:a2:05:00:09:df:b7:e1:
9f:5b:dc:95:94:5b:ea:d6:2a:09:8e:77:72:0f:ce:00:cd:f4:
df:ed:80:a5:bd:10:83:dd:68:d3:a7:16:00:66:c8:c7:af:0c:
00:3a:29:25:2a:08:74:49:61:88:a5:e4:52:af:37:3e:ef:00:
76:3c:aa:c5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY13JRh6jCQa+0erk7I+79v/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjQwMjA1MDI0MjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQwOTc1MjI0NjBkY2QwYjJmYzg4YjIzZGFlYmYyOGE0ZmZjOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso08D4HOxSZehIS9DgallU8TYzsC
tAF3vTL1MGfZ74MvtpiT1niNyC1z28fnbZSfacnLPc7ij21tXNhspOkWqRFqARoc
HxYZROwg1DR19U9dKUs05KFrUzwEUBxlTIuGX52aOTET+OZho7yVVkDt7VDOzYn1
tcFAkXPMcRF1qD7HgJA+Tc3mwy+T1+EJkoqMvTrxO1cBTGQR0pZH+DF9/Hczrphx
dpl8d2AjQ1tVpLP9gTG33NyXmdOa0x+ZYYEmz6t+GUU5IMz5rMTuEDPlXREbEEw3
rsJtvzXhMCeFUGgHQFihQI8MT3H9/GRGTIoX/AIPCCd6DeW92jdgoYNVVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKdAl1IkYNzQsvyIsj2uvyik/8ksMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvcDBDWFVpUmczTkN5X0lpeVBhNl9LS1RfeVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZuwAwQB
uZu4MA0EAgACMAcDBQAqAL0AMA0GCSqGSIb3DQEBCwUAA4IBAQCkR4WRFlilkHCS
IdP6IdAjlM+yMqrJlOshxGBMJevYb0vtVwW58maINsMk/jKA46KwqW7RKfWVDycr
I4xrHUd45rDp/vxBjJELfIdUv0eMQxXGNM3qPADCpvCMzNOsbb8EANLUz309s5qm
eemqLmzo2bH6nM4+U0zOo7kuLI6E2siawnYeHYTy6g5hxgHaDz16RV6B0AE7Qc8+
BJW77GVXo3eeLzw6qiz+LT2mglsnENdAxfM6x+nF5FMmKR+2pqIFAAnft+GfW9yV
lFvq1ioJjndyD84AzfTf7YClvRCD3WjTpxYAZsjHrwwAOiklKgh0SWGIpeRSrzc+
7wB2PKrF
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:47:39 2024 by rpki-client on console-ams.rpki-client.org