Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/L-y6jKLh5m9yAy9evJjKLDmuOuU.roa
File: L-y6jKLh5m9yAy9evJjKLDmuOuU.roa (raw, json)
Hash identifier: Dp+/d7x3Vr2epFRy0KnJEaz9WWUZvVueawywDk4lVyE=
Subject key identifier: 2F:EC:BA:8C:A2:E1:E6:6F:72:03:2F:5E:BC:98:CA:2C:39:AE:3A:E5
Certificate issuer: /CN=bc9c403ad007e2a242a6b09061a3c1a360a64d5a
Certificate serial: 018CF39D7DFB1FE860AB66C7F16A772A9ECC
Authority key identifier: BC:9C:40:3A:D0:07:E2:A2:42:A6:B0:90:61:A3:C1:A3:60:A6:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/L-y6jKLh5m9yAy9evJjKLDmuOuU.roa
Signing time: Wed 10 Jan 2024 13:43:53 +0000
ROA not before: Wed 10 Jan 2024 13:43:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.112.188.0/24 maxlen: 24
185.112.189.0/24 maxlen: 24
185.112.190.0/24 maxlen: 24
185.112.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:9d:7d:fb:1f:e8:60:ab:66:c7:f1:6a:77:2a:9e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc9c403ad007e2a242a6b09061a3c1a360a64d5a
Validity
Not Before: Jan 10 13:43:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fecba8ca2e1e66f72032f5ebc98ca2c39ae3ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ad:2e:ac:b4:1b:32:2c:41:9f:c0:83:5f:4c:
43:07:9a:8b:4c:ba:e7:cc:3a:1b:8b:7b:63:ed:3b:
64:94:5c:be:e5:87:18:86:b4:42:84:84:91:fd:71:
9c:09:53:d5:63:f9:c0:a3:fc:a7:5a:d6:43:9b:b6:
0f:4a:12:3f:1a:db:1d:bf:06:3a:19:11:3e:fd:f6:
92:22:78:40:91:b5:ab:c6:94:5f:f6:f9:95:7f:2f:
09:26:01:b3:f5:d6:ff:6f:4a:fd:90:cc:ff:52:ae:
79:f0:c1:f9:39:b4:03:e1:0d:a2:8b:62:54:c2:ec:
cc:e4:ca:bb:74:94:85:3b:f8:ef:19:78:e6:13:f2:
07:da:76:e8:80:71:4e:25:eb:54:ee:3d:99:5a:a3:
88:b2:8e:40:76:44:01:da:21:af:58:91:31:4c:75:
e2:b4:0f:97:d2:2b:5d:54:c9:60:d9:45:10:d4:1f:
be:f6:01:49:7a:31:91:dd:d5:41:92:45:ea:50:8b:
ea:99:af:47:0e:94:a6:33:c8:6c:eb:47:0d:fa:89:
74:3e:aa:1e:a9:a3:a0:32:eb:64:84:92:dc:13:0a:
92:8a:a7:31:e2:60:2a:28:0b:e4:b3:15:c4:b5:ab:
e9:3d:05:7c:08:72:8c:b5:f7:ac:70:03:7b:ff:4c:
41:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:EC:BA:8C:A2:E1:E6:6F:72:03:2F:5E:BC:98:CA:2C:39:AE:3A:E5
X509v3 Authority Key Identifier:
keyid:BC:9C:40:3A:D0:07:E2:A2:42:A6:B0:90:61:A3:C1:A3:60:A6:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJxAOtAH4qJCprCQYaPBo2CmTVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/L-y6jKLh5m9yAy9evJjKLDmuOuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4ae4c7-f286-4c6e-9514-88e6816271f7/1/vJxAOtAH4qJCprCQYaPBo2CmTVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.188.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:90:ed:eb:40:fa:1c:2e:e9:53:82:26:db:c4:25:75:b4:4d:
a9:41:30:76:cb:b7:3e:69:f0:83:ec:b5:3f:0b:3e:c4:7b:15:
cb:3e:3c:27:1d:db:19:0b:1a:dd:b7:3c:58:a2:d6:83:98:b5:
e7:fd:ae:75:98:e9:e2:be:04:51:e8:59:d1:ad:b0:8f:c6:43:
f0:7e:b0:5b:69:72:cd:f4:ea:8a:c1:2a:3c:5a:ce:0e:79:24:
83:ac:95:c1:b9:df:4f:fe:7d:2c:57:d9:07:94:64:4d:cd:6b:
fd:8e:75:f2:99:dd:11:a6:92:bb:40:b7:bb:7a:5b:b9:1c:d2:
08:1b:70:77:27:c0:79:e9:81:c3:0d:dd:a0:a7:12:c9:f9:98:
ce:1b:40:e5:b3:ae:b8:e5:04:ed:20:3d:13:98:c7:88:49:59:
7e:3d:7b:92:1a:a2:e8:5e:6b:5f:39:91:d0:92:05:d6:a6:6d:
36:21:70:c8:39:d6:fb:08:22:ce:70:2e:f1:71:9a:f9:29:f5:
2f:94:fa:1f:25:2e:38:98:31:29:c8:8a:3f:58:e3:00:6f:5f:
0e:78:ab:e5:35:63:43:93:57:8e:29:e3:94:cd:ff:99:e1:78:
4f:fc:99:ef:aa:f0:0e:89:35:2b:b3:cc:75:51:38:bb:2e:49:
0c:4a:16:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzznX37H+hgq2bH8Wp3Kp7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWM0MDNhZDAwN2UyYTI0MmE2YjA5MDYxYTNjMWEzNjBh
NjRkNWEwHhcNMjQwMTEwMTM0MzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmVjYmE4Y2EyZTFlNjZmNzIwMzJmNWViYzk4Y2EyYzM5YWUzYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk60urLQbMixBn8CDX0xDB5qLTLrn
zDobi3tj7TtklFy+5YcYhrRChISR/XGcCVPVY/nAo/ynWtZDm7YPShI/GtsdvwY6
GRE+/faSInhAkbWrxpRf9vmVfy8JJgGz9db/b0r9kMz/Uq558MH5ObQD4Q2ii2JU
wuzM5Mq7dJSFO/jvGXjmE/IH2nbogHFOJetU7j2ZWqOIso5AdkQB2iGvWJExTHXi
tA+X0itdVMlg2UUQ1B++9gFJejGR3dVBkkXqUIvqma9HDpSmM8hs60cN+ol0Pqoe
qaOgMutkhJLcEwqSiqcx4mAqKAvksxXEtavpPQV8CHKMtfescAN7/0xB1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/suoyi4eZvcgMvXryYyiw5rjrlMB8GA1UdIwQY
MBaAFLycQDrQB+KiQqawkGGjwaNgpk1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkp4QU90QUg0cUpDcHJDUVlhUEJvMkNtVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80YWU0YzctZjI4Ni00YzZlLTk1MTQt
ODhlNjgxNjI3MWY3LzEvTC15NmpLTGg1bTl5QXk5ZXZKaktMRG11T3VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS80YWU0YzctZjI4Ni00YzZlLTk1MTQtODhlNjgxNjI3MWY3
LzEvdkp4QU90QUg0cUpDcHJDUVlhUEJvMkNtVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXC8MA0G
CSqGSIb3DQEBCwUAA4IBAQA6kO3rQPocLulTgibbxCV1tE2pQTB2y7c+afCD7LU/
Cz7EexXLPjwnHdsZCxrdtzxYotaDmLXn/a51mOnivgRR6FnRrbCPxkPwfrBbaXLN
9OqKwSo8Ws4OeSSDrJXBud9P/n0sV9kHlGRNzWv9jnXymd0RppK7QLe7elu5HNII
G3B3J8B56YHDDd2gpxLJ+ZjOG0Dls6645QTtID0TmMeISVl+PXuSGqLoXmtfOZHQ
kgXWpm02IXDIOdb7CCLOcC7xcZr5KfUvlPofJS44mDEpyIo/WOMAb18OeKvlNWND
k1eOKeOUzf+Z4XhP/JnvqvAOiTUrs8x1UTi7LkkMShY9
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:05:20 2024 by rpki-client on console-ams.rpki-client.org