Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/M-ytwnMUk05gIqH92m60UljkoTI.roa
File: M-ytwnMUk05gIqH92m60UljkoTI.roa (raw, json)
Hash identifier: 7jOu3alyQfvDCubFgKJQK/eqn0lUC7HiUSippENOimc=
Subject key identifier: 33:EC:AD:C2:73:14:93:4E:60:22:A1:FD:DA:6E:B4:52:58:E4:A1:32
Certificate issuer: /CN=1b6df0bc093f298b043522ebd4ede19793081a29
Certificate serial: 018CC9BBE4996E6278CC2DE3FC2D6C28E9F9
Authority key identifier: 1B:6D:F0:BC:09:3F:29:8B:04:35:22:EB:D4:ED:E1:97:93:08:1A:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G23wvAk_KYsENSLr1O3hl5MIGik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/M-ytwnMUk05gIqH92m60UljkoTI.roa
Signing time: Tue 02 Jan 2024 10:33:03 +0000
ROA not before: Tue 02 Jan 2024 10:33:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42221
IP address blocks: 185.87.0.0/24 maxlen: 24
185.87.3.0/24 maxlen: 24
185.87.2.0/24 maxlen: 24
185.87.1.0/24 maxlen: 24
2a05:bd04::/31 maxlen: 31
2a05:bd06::/31 maxlen: 31
2a05:bd02::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/G23wvAk_KYsENSLr1O3hl5MIGik.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/G23wvAk_KYsENSLr1O3hl5MIGik.mft
rsync://rpki.ripe.net/repository/DEFAULT/G23wvAk_KYsENSLr1O3hl5MIGik.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:e4:99:6e:62:78:cc:2d:e3:fc:2d:6c:28:e9:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b6df0bc093f298b043522ebd4ede19793081a29
Validity
Not Before: Jan 2 10:33:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33ecadc27314934e6022a1fdda6eb45258e4a132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d3:e5:bf:a8:1e:0f:7f:77:97:72:24:b6:cb:
0b:f1:97:71:03:46:b4:3f:d1:27:bc:bf:d4:15:ba:
5a:24:62:8f:6a:41:79:01:db:17:29:bf:63:64:41:
a0:12:e3:38:00:d5:5c:d3:2a:98:1d:11:ef:fc:62:
49:14:48:5d:0d:42:0f:25:fd:3c:ba:83:ac:40:d6:
94:03:5f:d5:90:b3:a4:a6:71:a1:fb:9c:3d:99:7a:
d4:ca:4f:64:f4:25:94:d6:12:38:d0:37:bc:fb:db:
b7:35:17:ce:88:37:dc:35:d3:2c:1c:6a:6f:fe:d1:
98:84:4d:d3:40:ea:83:83:64:6d:a7:4e:33:4d:be:
d4:80:bc:d8:61:45:aa:9c:0b:1a:b0:af:4e:af:f3:
4a:e2:22:63:ff:05:6b:6d:20:af:17:3d:98:7d:7b:
b7:f7:29:c2:82:0b:b8:64:6c:48:0b:de:0d:0c:10:
a5:39:66:86:03:0f:ff:1e:bd:60:2b:1f:d8:0a:d4:
d7:7f:71:cf:c3:54:e1:83:83:11:63:27:d5:29:bd:
2d:9b:b4:80:30:5b:30:95:ff:8e:dd:db:36:d8:23:
c4:e1:9c:cb:5b:b2:c0:0a:12:f2:22:3d:42:1a:d5:
e4:b3:c9:90:bc:84:40:c8:e3:6e:35:c3:6b:c9:7d:
88:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:EC:AD:C2:73:14:93:4E:60:22:A1:FD:DA:6E:B4:52:58:E4:A1:32
X509v3 Authority Key Identifier:
keyid:1B:6D:F0:BC:09:3F:29:8B:04:35:22:EB:D4:ED:E1:97:93:08:1A:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G23wvAk_KYsENSLr1O3hl5MIGik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/M-ytwnMUk05gIqH92m60UljkoTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/83cf01-6cca-48d1-9cbf-5ac6fdfdc0cc/1/G23wvAk_KYsENSLr1O3hl5MIGik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.0.0/22
IPv6:
2a05:bd02::-2a05:bd07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6c:fc:5c:57:2f:7e:ec:e5:68:b8:31:98:d3:50:06:0e:69:3f:
ab:1b:98:fd:39:7c:a5:26:8c:aa:68:73:82:6e:08:84:69:6e:
50:35:80:7a:34:eb:05:03:6f:61:fe:1c:08:bd:15:aa:44:de:
73:00:a9:91:0d:ec:80:74:27:66:e2:5f:06:ae:b4:20:1e:4c:
9a:04:4c:87:d7:c2:33:71:aa:13:06:0e:c5:3a:8b:24:97:50:
33:e6:de:80:4e:76:b2:50:96:d7:90:1d:30:a6:ab:68:17:01:
c7:a6:15:42:1c:d3:9f:2e:ab:2b:5f:09:39:40:5d:d3:0a:40:
6f:f8:a3:96:dc:36:a2:4d:53:3a:6d:e8:6a:25:b9:7c:ee:69:
95:f6:07:c9:39:b2:a1:51:40:dd:97:36:76:d0:60:27:18:03:
31:1c:4b:f2:d0:a8:7b:7b:3e:10:92:09:97:75:ed:4c:e4:c8:
19:8e:1d:da:61:2c:21:08:6d:17:58:3d:65:51:a3:fa:39:ac:
fd:b8:52:4a:1d:1d:87:af:62:b9:e7:71:67:cd:6d:79:ac:84:
49:bd:45:1c:41:91:4b:57:1b:24:06:17:eb:38:8b:5c:57:3a:
2c:3b:43:16:d2:62:a2:7e:0c:00:04:3f:45:e1:48:75:70:fa:
d8:d4:34:a2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJu+SZbmJ4zC3j/C1sKOn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmRmMGJjMDkzZjI5OGIwNDM1MjJlYmQ0ZWRlMTk3OTMw
ODFhMjkwHhcNMjQwMTAyMTAzMzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2VjYWRjMjczMTQ5MzRlNjAyMmExZmRkYTZlYjQ1MjU4ZTRhMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9Plv6geD393l3IktssL8ZdxA0a0
P9EnvL/UFbpaJGKPakF5AdsXKb9jZEGgEuM4ANVc0yqYHRHv/GJJFEhdDUIPJf08
uoOsQNaUA1/VkLOkpnGh+5w9mXrUyk9k9CWU1hI40De8+9u3NRfOiDfcNdMsHGpv
/tGYhE3TQOqDg2Rtp04zTb7UgLzYYUWqnAsasK9Or/NK4iJj/wVrbSCvFz2YfXu3
9ynCggu4ZGxIC94NDBClOWaGAw//Hr1gKx/YCtTXf3HPw1Thg4MRYyfVKb0tm7SA
MFswlf+O3ds22CPE4ZzLW7LAChLyIj1CGtXks8mQvIRAyONuNcNryX2IxQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDPsrcJzFJNOYCKh/dputFJY5KEyMB8GA1UdIwQY
MBaAFBtt8LwJPymLBDUi69Tt4ZeTCBopMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzIzd3ZBa19LWXNFTlNMcjFPM2hsNU1JR2lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84M2NmMDEtNmNjYS00OGQxLTljYmYt
NWFjNmZkZmRjMGNjLzEvTS15dHduTVVrMDVnSXFIOTJtNjBVbGprb1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC84M2NmMDEtNmNjYS00OGQxLTljYmYtNWFjNmZkZmRjMGNj
LzEvRzIzd3ZBa19LWXNFTlNMcjFPM2hsNU1JR2lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuVcAMBYE
AgACMBAwDgMFASoFvQIDBQMqBb0AMA0GCSqGSIb3DQEBCwUAA4IBAQBs/FxXL37s
5Wi4MZjTUAYOaT+rG5j9OXylJoyqaHOCbgiEaW5QNYB6NOsFA29h/hwIvRWqRN5z
AKmRDeyAdCdm4l8GrrQgHkyaBEyH18IzcaoTBg7FOoskl1Az5t6ATnayUJbXkB0w
pqtoFwHHphVCHNOfLqsrXwk5QF3TCkBv+KOW3DaiTVM6behqJbl87mmV9gfJObKh
UUDdlzZ20GAnGAMxHEvy0Kh7ez4QkgmXde1M5MgZjh3aYSwhCG0XWD1lUaP6Oaz9
uFJKHR2Hr2K553FnzW15rIRJvUUcQZFLVxskBhfrOItcVzosO0MW0mKifgwABD9F
4Uh1cPrY1DSi
-----END CERTIFICATE-----
Generated at Sun May 19 00:47:21 2024 by rpki-client on console-ams.rpki-client.org