Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/1-5YG1BylCJVujhKtpIsNaY8L9Zg.roa
File: 1-5YG1BylCJVujhKtpIsNaY8L9Zg.roa (raw, json)
Hash identifier: 4mCFJ7EFZXNdTSipOeb//9K3Wzvk/9rzaDGObClJ1g8=
Subject key identifier: FB:96:06:D4:1C:A5:08:95:6E:8E:12:AD:A4:8B:0D:69:8F:0B:F5:98
Certificate issuer: /CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Certificate serial: 018F520D91A9C684AC809DB4B01D64602818
Authority key identifier: 02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/1-5YG1BylCJVujhKtpIsNaY8L9Zg.roa
Signing time: Tue 07 May 2024 07:56:11 +0000
ROA not before: Tue 07 May 2024 07:56:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56402
IP address blocks: 185.120.168.0/23 maxlen: 23
185.120.168.0/24 maxlen: 24
185.120.169.0/24 maxlen: 24
2a02:16c0::/29 maxlen: 29
2a02:16c0::/30 maxlen: 30
2a02:16c4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.mft
rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:52:0d:91:a9:c6:84:ac:80:9d:b4:b0:1d:64:60:28:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0283a8c69a2630cd8f6fa70af2a53fe019f2cc07
Validity
Not Before: May 7 07:56:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb9606d41ca508956e8e12ada48b0d698f0bf598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:34:69:6d:f9:12:69:58:88:2b:a2:12:bb:33:
4c:b4:48:88:ed:f9:a3:09:af:bd:c3:86:b0:90:84:
8b:6f:0c:ea:0c:a5:af:fd:04:96:51:19:25:0e:14:
61:e3:2e:31:fa:65:bb:71:c6:8e:5f:ef:a8:86:10:
01:c8:f2:f2:43:35:a4:1f:a4:b5:2d:89:6d:82:63:
b9:1a:f6:e9:72:84:42:dc:5d:ac:ff:1c:ca:62:38:
16:30:01:48:db:db:62:62:44:27:9b:ab:c4:00:11:
77:3f:b3:16:3d:dc:f4:ef:d5:be:24:85:41:84:20:
6f:f7:c1:77:0c:9f:3a:09:e3:e7:8a:c1:6f:50:07:
c3:06:c9:2a:10:f5:95:36:78:9e:ed:48:b6:5b:c9:
b9:8e:51:0c:8d:98:d4:bd:3b:6b:10:12:18:8d:3b:
96:50:64:09:7f:34:ea:25:3a:c2:ba:a1:1f:b6:85:
c4:b1:3a:6d:9d:80:a2:a1:80:df:93:6d:c3:91:18:
1a:a8:18:e4:bb:62:e0:0c:fb:40:d3:1e:48:1a:a6:
05:23:f6:1c:f1:75:8b:67:38:74:71:49:4c:45:7d:
db:14:56:42:79:53:a8:fc:dc:28:f4:20:88:e7:85:
0b:ed:b2:b6:92:55:7d:2a:fa:95:52:a9:d2:89:31:
39:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:96:06:D4:1C:A5:08:95:6E:8E:12:AD:A4:8B:0D:69:8F:0B:F5:98
X509v3 Authority Key Identifier:
keyid:02:83:A8:C6:9A:26:30:CD:8F:6F:A7:0A:F2:A5:3F:E0:19:F2:CC:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AoOoxpomMM2Pb6cK8qU_4BnyzAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/1-5YG1BylCJVujhKtpIsNaY8L9Zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1c24ad-24b4-4c98-a659-592c0dcdaf79/1/AoOoxpomMM2Pb6cK8qU_4BnyzAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.168.0/23
IPv6:
2a02:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
41:f6:bd:b7:a1:dc:f2:c3:28:2f:0a:1d:81:74:6e:93:c8:15:
6a:97:e8:3e:54:cf:49:d1:2e:69:98:dd:3d:f8:c8:3a:d3:f7:
64:1e:2f:45:2b:25:01:24:c1:01:5c:58:4a:4f:3f:64:9b:a3:
af:4c:6a:bd:37:f8:a8:c6:87:49:1d:e0:49:b3:3b:aa:26:7c:
4c:55:b9:f4:b3:87:b6:e9:13:26:13:70:6e:42:35:c9:36:6e:
ff:a5:e3:06:2c:e6:eb:e3:0d:eb:d6:57:6d:5e:07:5b:c3:94:
62:6e:d8:38:97:90:4b:ab:7f:0a:82:9c:ba:c7:c0:da:3e:82:
d0:52:f8:ec:cb:f7:5c:c3:55:4f:8a:bf:9a:bd:c5:37:75:d2:
7c:8a:1d:f6:03:e5:65:e3:b7:df:1c:47:c1:0a:c3:6c:9d:2e:
4f:1d:7a:26:b9:9c:fc:79:ef:70:f3:e5:35:ca:da:24:93:1a:
e1:e5:0e:78:01:69:12:84:dd:5d:bf:fa:60:3f:72:34:45:82:
48:5c:0c:d5:89:2a:7c:3d:19:e5:ba:03:b3:93:fd:8f:bc:77:
ff:f0:c6:05:b5:99:d8:8d:4b:5d:0e:9c:9a:f4:d6:84:a9:41:
5c:98:08:cf:d4:f2:a7:21:c9:a5:26:0c:e8:81:13:26:ab:a8:
2f:c2:09:01
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY9SDZGpxoSsgJ20sB1kYCgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyODNhOGM2OWEyNjMwY2Q4ZjZmYTcwYWYyYTUzZmUwMTlm
MmNjMDcwHhcNMjQwNTA3MDc1NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjk2MDZkNDFjYTUwODk1NmU4ZTEyYWRhNDhiMGQ2OThmMGJmNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzRpbfkSaViIK6ISuzNMtEiI7fmj
Ca+9w4awkISLbwzqDKWv/QSWURklDhRh4y4x+mW7ccaOX++ohhAByPLyQzWkH6S1
LYltgmO5GvbpcoRC3F2s/xzKYjgWMAFI29tiYkQnm6vEABF3P7MWPdz079W+JIVB
hCBv98F3DJ86CePnisFvUAfDBskqEPWVNnie7Ui2W8m5jlEMjZjUvTtrEBIYjTuW
UGQJfzTqJTrCuqEftoXEsTptnYCioYDfk23DkRgaqBjku2LgDPtA0x5IGqYFI/Yc
8XWLZzh0cUlMRX3bFFZCeVOo/Nwo9CCI54UL7bK2klV9KvqVUqnSiTE5lwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPuWBtQcpQiVbo4SraSLDWmPC/WYMB8GA1UdIwQY
MBaAFAKDqMaaJjDNj2+nCvKlP+AZ8swHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW9Pb3hwb21NTTJQYjZjSzhxVV80Qm55ekFjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8xYzI0YWQtMjRiNC00Yzk4LWE2NTkt
NTkyYzBkY2RhZjc5LzEvMS01WUcxQnlsQ0pWdWpoS3RwSXNOYVk4TDlaZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvMWMyNGFkLTI0YjQtNGM5OC1hNjU5LTU5MmMwZGNkYWY3
OS8xL0FvT294cG9tTU0yUGI2Y0s4cVVfNEJueXpBYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbl4qDAN
BAIAAjAHAwUDKgIWwDANBgkqhkiG9w0BAQsFAAOCAQEAQfa9t6Hc8sMoLwodgXRu
k8gVapfoPlTPSdEuaZjdPfjIOtP3ZB4vRSslASTBAVxYSk8/ZJujr0xqvTf4qMaH
SR3gSbM7qiZ8TFW59LOHtukTJhNwbkI1yTZu/6XjBizm6+MN69ZXbV4HW8OUYm7Y
OJeQS6t/CoKcusfA2j6C0FL47Mv3XMNVT4q/mr3FN3XSfIod9gPlZeO33xxHwQrD
bJ0uTx16Jrmc/HnvcPPlNcraJJMa4eUOeAFpEoTdXb/6YD9yNEWCSFwM1YkqfD0Z
5boDs5P9j7x3//DGBbWZ2I1LXQ6cmvTWhKlBXJgIz9TypyHJpSYM6IETJquoL8IJ
AQ==
-----END CERTIFICATE-----
Generated at Sun May 19 21:43:55 2024 by rpki-client on console-ams.rpki-client.org