Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/028492-d619-42da-aa64-cb6c674c5a3c/1/yjIWW9EgIn-DE3AZf4yq99Uzo0k.roa
File: yjIWW9EgIn-DE3AZf4yq99Uzo0k.roa (raw, json)
Hash identifier: OcevnrUpTAvgoY4jTKkdw++dQu1a3AYspgtM8OUt2ZU=
Subject key identifier: CA:32:16:5B:D1:20:22:7F:83:13:70:19:7F:8C:AA:F7:D5:33:A3:49
Certificate issuer: /CN=835d37408a225f1a8964f8d72bc99d9bbe533234
Certificate serial: 018CC86F5332DDFE0069660AFB728C09B896
Authority key identifier: 83:5D:37:40:8A:22:5F:1A:89:64:F8:D7:2B:C9:9D:9B:BE:53:32:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g103QIoiXxqJZPjXK8mdm75TMjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/028492-d619-42da-aa64-cb6c674c5a3c/1/yjIWW9EgIn-DE3AZf4yq99Uzo0k.roa
Signing time: Tue 02 Jan 2024 04:29:48 +0000
ROA not before: Tue 02 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203187
IP address blocks: 185.82.80.0/22 maxlen: 24
185.238.124.0/22 maxlen: 24
2a0c:2e80::/29 maxlen: 48
2a05:8e00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/028492-d619-42da-aa64-cb6c674c5a3c/1/g103QIoiXxqJZPjXK8mdm75TMjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/028492-d619-42da-aa64-cb6c674c5a3c/1/g103QIoiXxqJZPjXK8mdm75TMjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/g103QIoiXxqJZPjXK8mdm75TMjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:53:32:dd:fe:00:69:66:0a:fb:72:8c:09:b8:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835d37408a225f1a8964f8d72bc99d9bbe533234
Validity
Not Before: Jan 2 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca32165bd120227f831370197f8caaf7d533a349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2f:49:01:42:38:e5:a8:9f:93:a9:a9:00:5a:
65:ea:fd:f0:48:b4:88:38:ca:aa:0e:60:7b:1c:66:
81:26:e1:dc:94:32:aa:47:96:db:27:94:dd:b0:72:
d0:df:81:66:8b:00:a4:bc:35:35:32:be:4b:d3:a1:
5e:db:da:3e:42:35:a2:d5:5b:10:bd:44:54:1e:93:
ae:74:ae:ce:b9:a3:1e:d3:a2:07:1b:d8:b4:67:98:
43:9b:84:fb:6a:27:6d:4c:8d:b7:e9:8a:17:c0:d9:
24:9c:81:20:a6:b7:d8:be:f4:b3:20:65:d6:a4:43:
1a:d1:e8:c7:08:47:de:a0:6b:27:72:b5:c2:f0:5c:
20:a6:8b:ea:da:4d:87:84:a1:1f:a8:dc:7d:22:36:
53:ef:4f:e2:be:9f:7f:e1:55:a2:67:9f:a4:3d:a1:
7b:6c:c2:0b:da:44:98:6b:b0:85:23:1a:b5:18:63:
c1:9c:4d:70:d8:f7:0c:8b:2d:b2:76:4b:af:e7:f3:
a5:f9:b9:58:ad:fc:72:a4:46:dc:59:a0:c0:63:2c:
fd:6d:4f:91:0d:db:34:db:b4:71:9d:a1:ef:c7:28:
cb:df:d0:b7:f9:b3:39:e9:45:4a:39:22:99:be:7a:
54:1e:ed:5d:4d:4d:51:98:56:1c:c5:04:a2:65:80:
4a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:32:16:5B:D1:20:22:7F:83:13:70:19:7F:8C:AA:F7:D5:33:A3:49
X509v3 Authority Key Identifier:
keyid:83:5D:37:40:8A:22:5F:1A:89:64:F8:D7:2B:C9:9D:9B:BE:53:32:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g103QIoiXxqJZPjXK8mdm75TMjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/028492-d619-42da-aa64-cb6c674c5a3c/1/yjIWW9EgIn-DE3AZf4yq99Uzo0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/028492-d619-42da-aa64-cb6c674c5a3c/1/g103QIoiXxqJZPjXK8mdm75TMjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.80.0/22
185.238.124.0/22
IPv6:
2a05:8e00::/29
2a0c:2e80::/29
Signature Algorithm: sha256WithRSAEncryption
36:68:67:bc:b4:42:e5:00:ac:4c:90:6f:4b:b3:15:57:a0:1f:
d3:17:2d:12:70:7c:0e:e3:a7:17:53:51:ea:f3:d4:a8:3b:56:
b4:67:ff:26:cb:4c:f6:7a:40:34:69:8b:e6:9d:14:44:b5:72:
da:74:5d:f7:6c:63:d6:91:30:a8:34:08:02:38:66:b5:3c:74:
28:33:0f:26:d4:b2:b9:6e:17:60:ba:11:f5:5b:d9:e3:e3:ea:
55:f7:28:de:bf:38:d0:96:09:fe:13:cc:0e:56:73:ab:9d:92:
0e:f8:ba:86:73:1e:e5:d4:dd:b2:82:65:d4:f9:de:63:74:38:
7b:17:71:43:79:e4:5e:8f:e9:82:45:cd:8a:3c:c2:e5:f3:95:
a8:59:d8:f6:20:2a:d4:3d:fe:f6:3f:35:2d:b3:ed:fd:63:99:
5f:46:ea:34:b0:bb:63:09:94:93:c4:0d:42:21:b2:46:cd:93:
cf:1a:76:79:b6:27:30:32:ac:4a:df:2d:ff:ee:00:37:69:0e:
fe:03:09:ef:8a:98:5b:24:05:b7:a5:a3:83:cd:6b:14:2c:e6:
72:27:3e:92:8c:66:bd:8b:3e:a1:f5:c9:f1:5a:ac:54:47:85:
ee:72:66:0b:3a:1e:57:0e:39:56:50:9b:58:06:98:bc:1f:8b:
e5:cf:6b:36
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzIb1My3f4AaWYK+3KMCbiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWQzNzQwOGEyMjVmMWE4OTY0ZjhkNzJiYzk5ZDliYmU1
MzMyMzQwHhcNMjQwMTAyMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTMyMTY1YmQxMjAyMjdmODMxMzcwMTk3ZjhjYWFmN2Q1MzNhMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjS9JAUI45aifk6mpAFpl6v3wSLSI
OMqqDmB7HGaBJuHclDKqR5bbJ5TdsHLQ34FmiwCkvDU1Mr5L06Fe29o+QjWi1VsQ
vURUHpOudK7OuaMe06IHG9i0Z5hDm4T7aidtTI236YoXwNkknIEgprfYvvSzIGXW
pEMa0ejHCEfeoGsncrXC8Fwgpovq2k2HhKEfqNx9IjZT70/ivp9/4VWiZ5+kPaF7
bMIL2kSYa7CFIxq1GGPBnE1w2PcMiy2ydkuv5/Ol+blYrfxypEbcWaDAYyz9bU+R
Dds027RxnaHvxyjL39C3+bM56UVKOSKZvnpUHu1dTU1RmFYcxQSiZYBKlQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMoyFlvRICJ/gxNwGX+MqvfVM6NJMB8GA1UdIwQY
MBaAFINdN0CKIl8aiWT41yvJnZu+UzI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzEwM1FJb2lYeHFKWlBqWEs4bWRtNzVUTWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8wMjg0OTItZDYxOS00MmRhLWFhNjQt
Y2I2YzY3NGM1YTNjLzEveWpJV1c5RWdJbi1ERTNBWmY0eXE5OVV6bzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8wMjg0OTItZDYxOS00MmRhLWFhNjQtY2I2YzY3NGM1YTNj
LzEvZzEwM1FJb2lYeHFKWlBqWEs4bWRtNzVUTWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuVJQAwQC
ue58MBQEAgACMA4DBQMqBY4AAwUDKgwugDANBgkqhkiG9w0BAQsFAAOCAQEANmhn
vLRC5QCsTJBvS7MVV6Af0xctEnB8DuOnF1NR6vPUqDtWtGf/JstM9npANGmL5p0U
RLVy2nRd92xj1pEwqDQIAjhmtTx0KDMPJtSyuW4XYLoR9VvZ4+PqVfco3r840JYJ
/hPMDlZzq52SDvi6hnMe5dTdsoJl1PneY3Q4exdxQ3nkXo/pgkXNijzC5fOVqFnY
9iAq1D3+9j81LbPt/WOZX0bqNLC7YwmUk8QNQiGyRs2Tzxp2ebYnMDKsSt8t/+4A
N2kO/gMJ74qYWyQFt6Wjg81rFCzmcic+koxmvYs+ofXJ8VqsVEeF7nJmCzoeVw45
VlCbWAaYvB+L5c9rNg==
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:06:28 2024 by rpki-client on console-ams.rpki-client.org