Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/cJBbl6OHoE3JIIQCxeTJWmfo8FA.roa
File: cJBbl6OHoE3JIIQCxeTJWmfo8FA.roa (raw, json)
Hash identifier: 8c+K2QRfSnU/66TRy7gXg26zvxbotz8QrSWZ+ztDMWs=
Subject key identifier: 70:90:5B:97:A3:87:A0:4D:C9:20:84:02:C5:E4:C9:5A:67:E8:F0:50
Certificate issuer: /CN=4b6d7ea41033837f08c28c4742984b82b8f443df
Certificate serial: 018CC26D5419C29E98E042A30C31F15FDDCB
Authority key identifier: 4B:6D:7E:A4:10:33:83:7F:08:C2:8C:47:42:98:4B:82:B8:F4:43:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/cJBbl6OHoE3JIIQCxeTJWmfo8FA.roa
Signing time: Mon 01 Jan 2024 00:29:54 +0000
ROA not before: Mon 01 Jan 2024 00:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50563
IP address blocks: 85.209.182.0/23 maxlen: 23
85.209.182.0/24 maxlen: 24
85.209.180.0/24 maxlen: 24
85.209.180.0/23 maxlen: 23
85.209.183.0/24 maxlen: 24
85.209.180.0/22 maxlen: 22
85.209.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.mft
rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:54:19:c2:9e:98:e0:42:a3:0c:31:f1:5f:dd:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b6d7ea41033837f08c28c4742984b82b8f443df
Validity
Not Before: Jan 1 00:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70905b97a387a04dc9208402c5e4c95a67e8f050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d7:32:f2:ab:12:2a:df:23:2b:49:ed:c7:dc:
ce:18:6c:97:34:0d:33:e1:2c:3c:c9:b4:af:87:51:
05:10:4e:0c:b7:57:de:4c:e6:42:9e:f4:62:77:32:
e9:0a:64:56:84:0c:99:4b:fa:f4:f3:42:f2:5a:c6:
c1:6f:01:8a:90:26:b9:a8:4a:64:e0:0b:99:80:a3:
cd:7b:a3:03:6f:85:f2:68:8f:de:ec:3c:51:02:e7:
47:21:2b:0d:76:46:87:da:a6:a5:41:69:c9:b0:1e:
ac:2b:6f:00:4f:06:de:e0:eb:98:a2:29:19:4a:1b:
03:65:14:4c:02:f5:63:d4:a7:54:23:17:72:50:ad:
7b:31:dc:60:34:8e:c3:5b:83:02:d0:aa:57:9e:4d:
f7:60:11:6d:9b:5b:f4:db:31:e5:d0:ad:d6:95:74:
c7:e2:99:b8:03:02:95:75:fc:3c:3f:bc:40:29:ff:
16:fb:ce:7f:4d:06:45:0f:9a:1c:98:c0:0f:6e:18:
88:65:2a:71:2e:70:4c:9a:de:22:f5:9b:a8:35:61:
a6:7d:e4:4a:a6:a4:15:47:0e:68:ec:3c:20:95:9f:
d7:73:82:4d:bb:4f:28:8d:ef:32:a1:ce:ee:d4:62:
12:1d:49:2f:e5:ac:3b:f5:c5:c3:0e:b5:2d:28:f8:
00:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:90:5B:97:A3:87:A0:4D:C9:20:84:02:C5:E4:C9:5A:67:E8:F0:50
X509v3 Authority Key Identifier:
keyid:4B:6D:7E:A4:10:33:83:7F:08:C2:8C:47:42:98:4B:82:B8:F4:43:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S21-pBAzg38IwoxHQphLgrj0Q98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/cJBbl6OHoE3JIIQCxeTJWmfo8FA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1d0681-fe20-47a3-94df-5ee8721c1cfc/1/S21-pBAzg38IwoxHQphLgrj0Q98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.180.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:2d:b9:33:ae:04:8f:f1:49:d6:f1:a5:77:76:d8:50:c5:1b:
d7:6d:26:5f:60:a3:86:5f:f7:ae:64:84:fe:30:8e:9a:76:8c:
3f:3e:88:10:7e:62:78:72:e2:27:e8:66:c0:1b:b7:3f:52:f3:
b6:54:de:e4:66:93:86:32:fd:93:57:8d:9f:1e:72:eb:8b:a5:
31:f8:57:66:97:53:f8:6a:32:f5:39:39:51:7c:41:08:ad:4d:
2e:ee:00:b4:d5:75:2d:9f:df:80:df:93:55:ea:84:c6:25:93:
a6:26:08:59:1a:dc:8a:4a:fa:a0:2e:c3:29:a9:c5:bb:b8:95:
0f:a9:49:fd:f5:c1:00:1c:f3:5e:88:b6:8b:9c:27:43:05:92:
67:8d:45:1c:2b:94:ff:02:f4:dd:4b:50:30:97:54:a2:5d:bb:
a4:38:10:a7:a8:04:59:6c:35:79:70:fe:29:ec:83:43:a4:1d:
c1:53:89:21:4b:ca:97:88:36:db:6c:52:a9:0e:e8:ce:56:61:
2a:eb:cc:97:47:d7:c5:86:c4:8f:f4:39:d3:66:14:02:0e:00:
7f:e2:8e:39:40:53:f7:83:c9:23:83:5d:23:49:25:c4:7d:0d:
3a:e1:9b:80:a8:17:6d:cd:95:e8:2c:78:72:c4:5b:0d:e1:99:
2b:55:67:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVQZwp6Y4EKjDDHxX93LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNmQ3ZWE0MTAzMzgzN2YwOGMyOGM0NzQyOTg0YjgyYjhm
NDQzZGYwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDkwNWI5N2EzODdhMDRkYzkyMDg0MDJjNWU0Yzk1YTY3ZThmMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotcy8qsSKt8jK0ntx9zOGGyXNA0z
4Sw8ybSvh1EFEE4Mt1feTOZCnvRidzLpCmRWhAyZS/r080LyWsbBbwGKkCa5qEpk
4AuZgKPNe6MDb4XyaI/e7DxRAudHISsNdkaH2qalQWnJsB6sK28ATwbe4OuYoikZ
ShsDZRRMAvVj1KdUIxdyUK17MdxgNI7DW4MC0KpXnk33YBFtm1v02zHl0K3WlXTH
4pm4AwKVdfw8P7xAKf8W+85/TQZFD5ocmMAPbhiIZSpxLnBMmt4i9ZuoNWGmfeRK
pqQVRw5o7DwglZ/Xc4JNu08oje8yoc7u1GISHUkv5aw79cXDDrUtKPgAawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCQW5ejh6BNySCEAsXkyVpn6PBQMB8GA1UdIwQY
MBaAFEttfqQQM4N/CMKMR0KYS4K49EPfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzIxLXBCQXpnMzhJd294SFFwaExncmowUTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xZDA2ODEtZmUyMC00N2EzLTk0ZGYt
NWVlODcyMWMxY2ZjLzEvY0pCYmw2T0hvRTNKSUlRQ3hlVEpXbWZvOEZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xZDA2ODEtZmUyMC00N2EzLTk0ZGYtNWVlODcyMWMxY2Zj
LzEvUzIxLXBCQXpnMzhJd294SFFwaExncmowUTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdG0MA0G
CSqGSIb3DQEBCwUAA4IBAQAOLbkzrgSP8UnW8aV3dthQxRvXbSZfYKOGX/euZIT+
MI6adow/PogQfmJ4cuIn6GbAG7c/UvO2VN7kZpOGMv2TV42fHnLri6Ux+Fdml1P4
ajL1OTlRfEEIrU0u7gC01XUtn9+A35NV6oTGJZOmJghZGtyKSvqgLsMpqcW7uJUP
qUn99cEAHPNeiLaLnCdDBZJnjUUcK5T/AvTdS1Awl1SiXbukOBCnqARZbDV5cP4p
7INDpB3BU4khS8qXiDbbbFKpDujOVmEq68yXR9fFhsSP9DnTZhQCDgB/4o45QFP3
g8kjg10jSSXEfQ064ZuAqBdtzZXoLHhyxFsN4ZkrVWdb
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:45 2024 by rpki-client on console-ams.rpki-client.org