Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/1-3iJAwN8UeYlcb22v46GaV6SHlg.roa
File: 1-3iJAwN8UeYlcb22v46GaV6SHlg.roa (raw, json)
Hash identifier: KaSrfZL2GYEy2jhaMyE71pbUOojJd0IYLbRtkqNDCGg=
Subject key identifier: FB:78:89:03:03:7C:51:E6:25:71:BD:B6:BF:8E:86:69:5E:92:1E:58
Certificate issuer: /CN=86da356c2a8610d11d34cdb8a47d2b90519fbd35
Certificate serial: 018CC500CD002C8000ED1EFDF6C7874B90FD
Authority key identifier: 86:DA:35:6C:2A:86:10:D1:1D:34:CD:B8:A4:7D:2B:90:51:9F:BD:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/1-3iJAwN8UeYlcb22v46GaV6SHlg.roa
Signing time: Mon 01 Jan 2024 12:30:13 +0000
ROA not before: Mon 01 Jan 2024 12:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60680
IP address blocks: 185.27.89.0/24 maxlen: 24
185.27.88.0/24 maxlen: 24
2a00:9120:2::/48 maxlen: 48
2a00:9120:1::/48 maxlen: 48
2a00:9120:1:3::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:cd:00:2c:80:00:ed:1e:fd:f6:c7:87:4b:90:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86da356c2a8610d11d34cdb8a47d2b90519fbd35
Validity
Not Before: Jan 1 12:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb788903037c51e62571bdb6bf8e86695e921e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ed:0a:be:0d:46:ab:c6:39:ed:eb:82:d5:48:
96:e2:bc:52:0d:31:ea:ea:94:17:82:ac:88:6c:37:
1f:84:d1:fc:6b:4a:cc:a5:a6:28:e9:0b:b6:60:52:
2a:da:fb:a9:bd:26:74:67:8c:34:2e:2f:db:4c:2f:
f4:11:3b:02:cd:b8:1f:ce:8f:0a:2b:13:9b:40:14:
4d:98:4b:be:ea:9a:74:ea:99:51:83:45:96:3b:be:
14:94:b2:4c:7b:2a:ec:bd:d0:e5:2a:ab:46:9b:78:
48:60:8e:32:51:94:70:29:34:74:52:ef:18:e9:5f:
82:37:6b:54:54:bb:fd:c2:de:23:72:45:ff:86:c6:
c9:f8:e5:ae:16:44:50:b9:47:82:d3:8c:32:aa:cc:
30:ca:7b:e6:7c:7b:22:92:44:ab:12:a2:14:34:74:
d9:79:52:5a:47:a6:71:38:da:3c:a1:af:69:ce:1b:
19:a6:34:b6:26:2f:73:27:0a:86:ed:cf:17:7f:be:
53:69:60:d5:7b:e5:66:a2:0a:74:96:e0:ff:11:2d:
71:93:08:4b:2f:bd:b2:37:9b:50:b9:dd:3f:d8:cc:
98:4c:1d:19:6f:9b:13:09:ef:87:31:ee:26:c3:bb:
30:e5:6d:61:2e:aa:2d:0f:e9:76:6f:cc:c6:35:2c:
72:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:78:89:03:03:7C:51:E6:25:71:BD:B6:BF:8E:86:69:5E:92:1E:58
X509v3 Authority Key Identifier:
keyid:86:DA:35:6C:2A:86:10:D1:1D:34:CD:B8:A4:7D:2B:90:51:9F:BD:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hto1bCqGENEdNM24pH0rkFGfvTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/1-3iJAwN8UeYlcb22v46GaV6SHlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/cffdb2-de8c-4c78-8132-8a96604c826d/1/hto1bCqGENEdNM24pH0rkFGfvTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.88.0/23
IPv6:
2a00:9120:1::-2a00:9120:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:31:28:de:b1:0b:d0:48:83:d2:3c:21:be:58:ac:03:d8:97:
83:91:91:e0:5f:e4:3c:a1:d6:ca:8b:69:9c:ef:aa:d2:54:68:
a8:2f:75:7d:30:48:80:02:b7:a0:0f:d8:d5:e3:be:87:0f:6a:
97:74:73:26:a0:7e:1e:b4:77:89:55:a1:c6:ea:46:fa:82:7b:
78:ac:45:a0:41:db:cd:a5:8f:7f:7e:fb:d1:9d:70:8c:e3:59:
98:e8:57:07:4f:28:48:92:b1:7b:8a:eb:ab:b2:12:52:ac:a6:
c5:d4:66:01:f7:68:c7:c4:d9:50:57:3d:f5:12:48:de:11:8e:
77:98:f0:c6:a1:fc:80:b4:17:d0:8d:da:ee:e8:d1:9f:5c:e7:
8c:38:48:43:09:ce:9a:c3:fc:a4:0a:12:13:ac:82:68:be:c8:
ed:9c:b0:b8:c4:74:f0:bf:d7:d8:9b:65:4e:30:66:f0:00:45:
06:6c:cb:64:c7:21:91:04:b6:0f:fc:fb:08:bb:bf:e9:79:5f:
ab:bb:51:f9:4a:22:dd:38:33:aa:83:0f:84:f7:52:19:88:c1:
d5:e2:33:a9:bd:51:b0:20:6f:e2:fe:8e:1c:2d:4a:1a:31:77:
a1:38:c6:4a:76:ed:96:39:03:9d:56:4d:7a:42:34:1f:1f:9f:
eb:a6:4f:22
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFAM0ALIAA7R799seHS5D9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZGEzNTZjMmE4NjEwZDExZDM0Y2RiOGE0N2QyYjkwNTE5
ZmJkMzUwHhcNMjQwMTAxMTIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjc4ODkwMzAzN2M1MWU2MjU3MWJkYjZiZjhlODY2OTVlOTIxZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjO0Kvg1Gq8Y57euC1UiW4rxSDTHq
6pQXgqyIbDcfhNH8a0rMpaYo6Qu2YFIq2vupvSZ0Z4w0Li/bTC/0ETsCzbgfzo8K
KxObQBRNmEu+6pp06plRg0WWO74UlLJMeyrsvdDlKqtGm3hIYI4yUZRwKTR0Uu8Y
6V+CN2tUVLv9wt4jckX/hsbJ+OWuFkRQuUeC04wyqswwynvmfHsikkSrEqIUNHTZ
eVJaR6ZxONo8oa9pzhsZpjS2Ji9zJwqG7c8Xf75TaWDVe+Vmogp0luD/ES1xkwhL
L72yN5tQud0/2MyYTB0Zb5sTCe+HMe4mw7sw5W1hLqotD+l2b8zGNSxyrwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPt4iQMDfFHmJXG9tr+Ohmlekh5YMB8GA1UdIwQY
MBaAFIbaNWwqhhDRHTTNuKR9K5BRn701MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRvMWJDcUdFTkVkTk0yNHBIMHJrRkdmdlRVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9jZmZkYjItZGU4Yy00Yzc4LTgxMzIt
OGE5NjYwNGM4MjZkLzEvMS0zaUpBd044VWVZbGNiMjJ2NDZHYVY2U0hsZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTYvY2ZmZGIyLWRlOGMtNGM3OC04MTMyLThhOTY2MDRjODI2
ZC8xL2h0bzFiQ3FHRU5FZE5NMjRwSDBya0ZHZnZUVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA7BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEAbkbWDAa
BAIAAjAUMBIDBwAqAJEgAAEDBwAqAJEgAAIwDQYJKoZIhvcNAQELBQADggEBAGsx
KN6xC9BIg9I8Ib5YrAPYl4ORkeBf5Dyh1sqLaZzvqtJUaKgvdX0wSIACt6AP2NXj
vocPapd0cyagfh60d4lVocbqRvqCe3isRaBB282lj39++9GdcIzjWZjoVwdPKEiS
sXuK66uyElKspsXUZgH3aMfE2VBXPfUSSN4RjneY8Mah/IC0F9CN2u7o0Z9c54w4
SEMJzprD/KQKEhOsgmi+yO2csLjEdPC/19ibZU4wZvAARQZsy2THIZEEtg/8+wi7
v+l5X6u7UflKIt04M6qDD4T3UhmIwdXiM6m9UbAgb+L+jhwtShoxd6E4xkp27ZY5
A51WTXpCNB8fn+umTyI=
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:27:59 2024 by rpki-client on console-ams.rpki-client.org