Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/0396ad-dda7-4600-8f66-f56c779b142f/1/cb8nhkZY_9yAxbVBw5sRMfI8KMY.roa
File: cb8nhkZY_9yAxbVBw5sRMfI8KMY.roa (raw, json)
Hash identifier: Ozqhxr+VZTfcUSaFQbBOYxrG70wwDQ1u1G3x50R7hX8=
Subject key identifier: 71:BF:27:86:46:58:FF:DC:80:C5:B5:41:C3:9B:11:31:F2:3C:28:C6
Certificate issuer: /CN=a621186413bbdfde20e592fbe5553de7f94e5987
Certificate serial: 018F82AECD0B39DD3F591FB3D74083D3E104
Authority key identifier: A6:21:18:64:13:BB:DF:DE:20:E5:92:FB:E5:55:3D:E7:F9:4E:59:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/piEYZBO7394g5ZL75VU95_lOWYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/0396ad-dda7-4600-8f66-f56c779b142f/1/cb8nhkZY_9yAxbVBw5sRMfI8KMY.roa
Signing time: Thu 16 May 2024 18:34:04 +0000
ROA not before: Thu 16 May 2024 18:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.131.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/0396ad-dda7-4600-8f66-f56c779b142f/1/piEYZBO7394g5ZL75VU95_lOWYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/0396ad-dda7-4600-8f66-f56c779b142f/1/piEYZBO7394g5ZL75VU95_lOWYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/piEYZBO7394g5ZL75VU95_lOWYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:82:ae:cd:0b:39:dd:3f:59:1f:b3:d7:40:83:d3:e1:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a621186413bbdfde20e592fbe5553de7f94e5987
Validity
Not Before: May 16 18:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71bf27864658ffdc80c5b541c39b1131f23c28c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c5:4b:3f:ac:f5:78:04:57:e8:89:75:87:fb:
5e:d3:e6:33:1f:ff:ed:ed:72:a1:22:16:f8:cb:39:
6a:da:91:ef:9d:fe:68:5b:51:db:94:25:fa:d1:30:
2a:b1:38:a1:70:c1:de:25:dc:8c:f8:b2:95:2f:0b:
72:0d:40:dd:fa:74:e4:07:5c:87:0d:16:cf:89:72:
fb:34:1c:36:49:ee:06:d1:75:67:93:fc:43:32:54:
b1:69:ec:cc:a6:40:25:1e:b9:85:a9:cb:11:c2:a8:
5e:04:14:c2:97:11:59:82:66:83:07:4f:b3:3c:dd:
e6:ce:37:5f:45:ea:a4:43:dc:66:54:1f:b0:16:3a:
4b:98:ff:95:79:16:71:cd:cf:f8:4f:6c:72:66:7d:
e6:73:38:3a:ae:cf:1c:d4:fb:df:f2:2a:48:68:73:
42:57:3c:39:5f:5d:d2:6c:d6:a2:31:36:f7:70:3e:
73:ce:29:9a:29:b4:9a:de:56:2d:4a:cc:02:35:bc:
d1:30:93:07:a9:70:48:0b:3e:59:38:dd:15:de:fe:
64:62:9b:08:16:c0:5d:27:a6:26:72:30:bb:41:f8:
4a:b7:6e:8d:2f:6e:3d:3a:d4:c5:c7:93:43:07:f9:
f7:dc:70:6e:0e:28:7e:13:1b:36:4b:75:41:91:fd:
c4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:BF:27:86:46:58:FF:DC:80:C5:B5:41:C3:9B:11:31:F2:3C:28:C6
X509v3 Authority Key Identifier:
keyid:A6:21:18:64:13:BB:DF:DE:20:E5:92:FB:E5:55:3D:E7:F9:4E:59:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/piEYZBO7394g5ZL75VU95_lOWYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/0396ad-dda7-4600-8f66-f56c779b142f/1/cb8nhkZY_9yAxbVBw5sRMfI8KMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/0396ad-dda7-4600-8f66-f56c779b142f/1/piEYZBO7394g5ZL75VU95_lOWYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.228.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:a0:6c:77:e2:b4:d4:9b:b0:36:00:ef:f2:5c:cb:ff:a7:12:
5b:6c:5e:ac:7c:ef:be:8d:e6:f0:a3:e5:67:ad:f6:c7:82:0a:
bb:57:13:f6:73:35:06:d8:91:96:a4:06:27:23:f2:bd:e1:32:
c6:ca:b3:c5:46:78:0c:60:37:0c:10:4c:5d:0b:ef:82:dc:b6:
85:1a:fc:cb:47:4b:42:05:58:5a:b1:c5:56:3b:44:9e:29:16:
af:2f:fb:89:1e:9d:1f:91:11:71:9b:6a:5f:da:44:f7:9b:27:
26:4d:ee:d5:82:13:46:17:bb:fa:4e:d6:30:d3:b5:ac:7a:f5:
9b:25:34:6f:46:25:77:aa:cf:8e:71:5f:79:43:65:95:26:be:
97:4f:d3:64:1a:b7:aa:c8:e5:bd:54:43:49:13:5d:65:27:81:
1e:9f:ad:49:4f:63:35:c1:96:08:08:c3:c0:71:3a:ee:21:e5:
fb:66:3b:b5:25:f9:04:f0:47:c0:a2:0a:c5:4d:a9:9b:fd:f9:
42:bd:42:61:f7:a6:b9:08:78:99:ac:4e:f2:d5:5a:0a:f5:ad:
fd:cc:d8:11:ef:db:73:26:b6:ae:48:f6:a4:e7:79:ef:a0:85:
c0:39:ee:77:1c:24:cc:5c:ed:24:41:22:58:fd:46:b8:9e:cf:
a9:56:3e:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+Crs0LOd0/WR+z10CD0+EEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MjExODY0MTNiYmRmZGUyMGU1OTJmYmU1NTUzZGU3Zjk0
ZTU5ODcwHhcNMjQwNTE2MTgzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWJmMjc4NjQ2NThmZmRjODBjNWI1NDFjMzliMTEzMWYyM2MyOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58VLP6z1eARX6Il1h/te0+YzH//t
7XKhIhb4yzlq2pHvnf5oW1HblCX60TAqsTihcMHeJdyM+LKVLwtyDUDd+nTkB1yH
DRbPiXL7NBw2Se4G0XVnk/xDMlSxaezMpkAlHrmFqcsRwqheBBTClxFZgmaDB0+z
PN3mzjdfReqkQ9xmVB+wFjpLmP+VeRZxzc/4T2xyZn3mczg6rs8c1Pvf8ipIaHNC
Vzw5X13SbNaiMTb3cD5zzimaKbSa3lYtSswCNbzRMJMHqXBICz5ZON0V3v5kYpsI
FsBdJ6YmcjC7QfhKt26NL249OtTFx5NDB/n33HBuDih+Exs2S3VBkf3E8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHG/J4ZGWP/cgMW1QcObETHyPCjGMB8GA1UdIwQY
MBaAFKYhGGQTu9/eIOWS++VVPef5TlmHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGlFWVpCTzczOTRnNVpMNzVWVTk1X2xPV1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wMzk2YWQtZGRhNy00NjAwLThmNjYt
ZjU2Yzc3OWIxNDJmLzEvY2I4bmhrWllfOXlBeGJWQnc1c1JNZkk4S01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8wMzk2YWQtZGRhNy00NjAwLThmNjYtZjU2Yzc3OWIxNDJm
LzEvcGlFWVpCTzczOTRnNVpMNzVWVTk1X2xPV1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYPkMA0G
CSqGSIb3DQEBCwUAA4IBAQBboGx34rTUm7A2AO/yXMv/pxJbbF6sfO++jebwo+Vn
rfbHggq7VxP2czUG2JGWpAYnI/K94TLGyrPFRngMYDcMEExdC++C3LaFGvzLR0tC
BVhascVWO0SeKRavL/uJHp0fkRFxm2pf2kT3mycmTe7VghNGF7v6TtYw07WsevWb
JTRvRiV3qs+OcV95Q2WVJr6XT9NkGreqyOW9VENJE11lJ4Een61JT2M1wZYICMPA
cTruIeX7Zju1JfkE8EfAogrFTamb/flCvUJh96a5CHiZrE7y1VoK9a39zNgR79tz
JrauSPak53nvoIXAOe53HCTMXO0kQSJY/Ua4ns+pVj7s
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:34:26 2024 by rpki-client on console-ams.rpki-client.org