Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cvamCBm6JqcMNVV1TxW0n3T6jpg.roa
File: cvamCBm6JqcMNVV1TxW0n3T6jpg.roa (raw, json)
Hash identifier: 2Or52RcfV0O9MIEcz9CEHu1LrZ7bUYGVzj5Xd8zl2Nw=
Subject key identifier: 72:F6:A6:08:19:BA:26:A7:0C:35:55:75:4F:15:B4:9F:74:FA:8E:98
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: 018CC6B794F65E72E6B62B23FFF1A16F1116
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cvamCBm6JqcMNVV1TxW0n3T6jpg.roa
Signing time: Mon 01 Jan 2024 20:29:29 +0000
ROA not before: Mon 01 Jan 2024 20:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34884
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:94:f6:5e:72:e6:b6:2b:23:ff:f1:a1:6f:11:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 20:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72f6a60819ba26a70c3555754f15b49f74fa8e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ba:98:1d:74:f2:5f:60:1b:d9:95:22:31:e7:
76:2a:b0:a3:71:c5:48:6e:98:96:0f:f4:88:43:ec:
b4:93:c3:b7:ae:17:17:47:34:f1:37:a4:a6:dc:d5:
03:9f:f4:9d:42:60:99:62:0b:b1:e1:b2:15:31:45:
ea:cf:72:c9:35:da:20:cf:ad:0c:21:21:7b:92:60:
12:dd:26:12:1d:77:11:f4:25:4d:60:f1:f1:56:79:
94:98:37:22:2d:49:9a:c6:d9:03:01:72:a4:ee:27:
a8:7f:a2:18:c4:70:5c:d5:26:28:d2:c4:d1:f1:de:
ce:8f:cc:e7:31:46:60:f1:6a:a2:8f:8a:90:69:38:
23:27:e4:83:0b:55:30:1b:31:2a:e6:85:ea:7b:13:
65:33:07:50:6a:06:b6:f1:61:0e:23:4c:4d:67:41:
7d:9a:e4:b3:c9:12:d2:81:53:bc:3f:9a:d8:cd:05:
d2:db:fa:f2:10:a4:6d:9c:b2:94:c1:7e:4f:d5:99:
23:d1:3f:d7:72:4b:a0:df:67:7a:f3:d8:12:d2:a5:
1a:51:26:12:39:e4:b3:f3:c2:26:53:56:28:0c:c3:
d8:87:b5:e5:a3:96:98:20:d1:af:e6:7c:e9:53:78:
a7:12:b1:6a:bb:88:be:ae:2c:96:08:50:6e:41:46:
a7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F6:A6:08:19:BA:26:A7:0C:35:55:75:4F:15:B4:9F:74:FA:8E:98
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cvamCBm6JqcMNVV1TxW0n3T6jpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:9d:35:ed:a1:71:ee:66:c5:18:37:10:61:02:97:bd:e6:80:
87:80:4b:ac:c8:6f:78:73:75:86:40:55:76:4e:1d:3e:3b:8c:
98:37:7a:18:b2:96:cd:ba:3a:ef:1f:04:a8:d8:bf:8a:be:d7:
57:f6:db:76:0d:0c:e0:a3:51:ea:0b:d3:83:53:72:ea:ea:68:
e3:e1:a5:3d:2b:3e:05:f1:9c:b7:85:4c:06:22:97:c4:e5:29:
7c:79:3d:d4:54:0d:73:1f:c3:73:22:6a:8e:35:81:c1:f0:a3:
30:4a:56:b0:0b:56:e4:53:1d:83:fe:58:06:f0:7b:a0:2b:78:
de:7a:32:a6:49:3f:72:38:c9:ff:f3:37:f9:2e:57:99:f7:48:
7e:ac:c5:1a:54:38:50:4d:2f:7b:53:60:1d:4f:b6:f8:05:75:
e3:28:bf:3d:5f:fe:d7:aa:60:6d:e1:40:df:8b:af:52:c4:ba:
a1:d2:7e:ff:f7:42:79:5c:58:4e:9f:46:74:d1:23:53:2f:ee:
81:d1:c8:cd:a7:a1:42:09:4b:ae:83:69:7c:83:76:c9:19:7a:
42:cf:ba:f3:b8:cb:11:40:b2:dd:64:42:8b:92:c1:45:1c:7e:
02:21:63:e3:a4:9d:5d:6f:e4:88:d3:91:46:c3:7b:76:2d:09:
f4:e7:2a:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt5T2XnLmtisj//GhbxEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwODQ3ZjgyMjE4OTdkNmU5NTJlODZlYTJjMzM5YWJhYWNj
MTMxZjUwHhcNMjQwMTAxMjAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmY2YTYwODE5YmEyNmE3MGMzNTU1NzU0ZjE1YjQ5Zjc0ZmE4ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7qYHXTyX2Ab2ZUiMed2KrCjccVI
bpiWD/SIQ+y0k8O3rhcXRzTxN6Sm3NUDn/SdQmCZYgux4bIVMUXqz3LJNdogz60M
ISF7kmAS3SYSHXcR9CVNYPHxVnmUmDciLUmaxtkDAXKk7ieof6IYxHBc1SYo0sTR
8d7Oj8znMUZg8Wqij4qQaTgjJ+SDC1UwGzEq5oXqexNlMwdQaga28WEOI0xNZ0F9
muSzyRLSgVO8P5rYzQXS2/ryEKRtnLKUwX5P1Zkj0T/Xckug32d689gS0qUaUSYS
OeSz88ImU1YoDMPYh7Xlo5aYINGv5nzpU3inErFqu4i+riyWCFBuQUanAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHL2pggZuianDDVVdU8VtJ90+o6YMB8GA1UdIwQY
MBaAFHCEf4IhiX1ulS6G6iwzmrqswTH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgt
NmU4Nzg0YTdhZDA5LzEvY3ZhbUNCbTZKcWNNTlZWMVR4VzBuM1Q2anBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy83MDZjMDMtN2QzNS00OTEzLThhMTgtNmU4Nzg0YTdhZDA5
LzEvY0lSX2dpR0pmVzZWTG9icUxET2F1cXpCTWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSYcAwQC
uV/8MA0GCSqGSIb3DQEBCwUAA4IBAQCKnTXtoXHuZsUYNxBhApe95oCHgEusyG94
c3WGQFV2Th0+O4yYN3oYspbNujrvHwSo2L+KvtdX9tt2DQzgo1HqC9ODU3Lq6mjj
4aU9Kz4F8Zy3hUwGIpfE5Sl8eT3UVA1zH8NzImqONYHB8KMwSlawC1bkUx2D/lgG
8HugK3jeejKmST9yOMn/8zf5LleZ90h+rMUaVDhQTS97U2AdT7b4BXXjKL89X/7X
qmBt4UDfi69SxLqh0n7/90J5XFhOn0Z00SNTL+6B0cjNp6FCCUuug2l8g3bJGXpC
z7rzuMsRQLLdZEKLksFFHH4CIWPjpJ1db+SI05FGw3t2LQn05yo/
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:31:26 2024 by rpki-client on console-ams.rpki-client.org