Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/wRbJk6HSIQ5XrjHkmnqvX3y0amM.roa
File: wRbJk6HSIQ5XrjHkmnqvX3y0amM.roa (raw, json)
Hash identifier: ascg9waMBtXs0Y4eiKvLlfA1b/H2V9FyAhM2ljuDQQg=
Subject key identifier: C1:16:C9:93:A1:D2:21:0E:57:AE:31:E4:9A:7A:AF:5F:7C:B4:6A:63
Certificate issuer: /CN=4451e83dae12a371c1dd49db34d9bd52a9688b4a
Certificate serial: 018CC3B70B6F8B8B2DD5E97BC6613004B2F8
Authority key identifier: 44:51:E8:3D:AE:12:A3:71:C1:DD:49:DB:34:D9:BD:52:A9:68:8B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/wRbJk6HSIQ5XrjHkmnqvX3y0amM.roa
Signing time: Mon 01 Jan 2024 06:30:02 +0000
ROA not before: Mon 01 Jan 2024 06:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206022
IP address blocks: 185.198.157.0/24 maxlen: 24
185.198.159.0/24 maxlen: 24
185.198.156.0/22 maxlen: 24
185.198.158.0/23 maxlen: 24
2a0a:8b40:fede::/48 maxlen: 48
2a0a:8b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/RFHoPa4So3HB3UnbNNm9Uqloi0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/RFHoPa4So3HB3UnbNNm9Uqloi0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0b:6f:8b:8b:2d:d5:e9:7b:c6:61:30:04:b2:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4451e83dae12a371c1dd49db34d9bd52a9688b4a
Validity
Not Before: Jan 1 06:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c116c993a1d2210e57ae31e49a7aaf5f7cb46a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:c8:c2:9d:7e:20:a3:36:f4:2a:40:67:60:f5:
4e:4f:b2:28:d2:76:5e:a3:24:a5:26:2b:c3:2d:bc:
77:10:01:b6:3e:a5:11:57:86:7a:6d:6c:82:84:fb:
b9:b0:0e:af:2b:2e:4d:8e:8e:b5:4d:19:25:5b:ce:
c4:e0:cb:e7:3d:86:bf:dd:42:3c:86:94:cd:32:07:
62:9b:12:06:1f:90:e2:f9:28:1d:06:89:cb:56:a7:
aa:0c:d4:24:7a:a8:45:1d:b2:e7:d9:1f:99:1e:a5:
bb:cc:98:5f:4f:30:fb:7e:8c:9f:2d:9a:26:dd:c2:
5a:a0:4a:f5:94:07:e0:18:87:33:87:27:61:ce:29:
1c:f0:51:f4:46:1a:1c:9e:fc:75:71:11:49:c4:5f:
0f:7e:05:d2:24:a9:98:67:e6:bb:78:24:ba:3e:6e:
b2:5d:a5:e7:86:06:91:63:86:2e:67:c2:28:fb:9a:
66:70:fb:a0:25:3c:7c:87:73:3b:cb:05:8c:93:1c:
59:ba:9c:58:6b:7e:1f:d3:8a:60:c7:20:d7:ca:b9:
4a:9b:d3:7b:2c:fc:62:2b:ea:48:f9:36:6f:f1:6d:
74:28:ba:62:e3:41:7d:f8:9a:bf:88:68:d9:ea:18:
a5:a7:ec:d1:8b:a6:3f:58:f6:89:46:bf:b7:71:48:
7e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:16:C9:93:A1:D2:21:0E:57:AE:31:E4:9A:7A:AF:5F:7C:B4:6A:63
X509v3 Authority Key Identifier:
keyid:44:51:E8:3D:AE:12:A3:71:C1:DD:49:DB:34:D9:BD:52:A9:68:8B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFHoPa4So3HB3UnbNNm9Uqloi0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/wRbJk6HSIQ5XrjHkmnqvX3y0amM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/dd8f71-2b36-4fb7-b2d5-f997dbdc3e57/1/RFHoPa4So3HB3UnbNNm9Uqloi0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.156.0/22
IPv6:
2a0a:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
27:97:73:ce:a2:9e:21:7f:d3:17:f4:0a:7f:50:63:3f:ff:59:
a5:de:e5:a0:99:2b:78:a8:af:d6:27:df:f8:98:e2:ec:20:89:
37:62:4b:80:80:da:8e:50:98:9c:ff:c1:59:11:b6:38:e0:5c:
b8:f9:2e:73:35:a6:20:02:6c:16:de:f6:1d:51:25:46:8d:d9:
bf:4d:e1:d8:a2:5d:25:2c:3a:66:60:38:8a:2c:3c:49:42:d5:
9c:b6:ae:ee:f6:69:e4:d8:0d:70:2b:69:ad:97:5c:ae:4e:ea:
58:7b:83:56:86:32:e4:71:cb:c1:3d:2a:26:9e:a2:59:f7:2a:
50:c7:cf:24:4c:a4:9b:5d:c9:75:c7:76:18:64:b8:71:11:e7:
3b:1e:f2:f2:6c:c4:73:8e:ad:d9:2a:11:c0:a7:1a:14:01:1a:
da:8b:63:0f:5c:32:88:22:d2:9d:fd:44:90:76:58:73:ba:96:
db:de:aa:bf:4f:cc:12:1a:b0:c3:66:1e:be:9c:8d:fc:e1:bf:
dc:d8:0c:a0:5a:89:79:32:39:41:2c:2a:cb:8d:22:54:d2:1c:
40:0b:27:57:97:2d:d3:52:04:25:4b:33:26:9c:8f:a6:fe:f3:
87:6d:77:a9:17:f7:63:dc:75:d3:9f:c2:90:27:e3:b2:4d:91:
23:eb:e7:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtwtvi4st1el7xmEwBLL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTFlODNkYWUxMmEzNzFjMWRkNDlkYjM0ZDliZDUyYTk2
ODhiNGEwHhcNMjQwMTAxMDYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTE2Yzk5M2ExZDIyMTBlNTdhZTMxZTQ5YTdhYWY1ZjdjYjQ2YTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8jCnX4gozb0KkBnYPVOT7Io0nZe
oySlJivDLbx3EAG2PqURV4Z6bWyChPu5sA6vKy5Njo61TRklW87E4MvnPYa/3UI8
hpTNMgdimxIGH5Di+SgdBonLVqeqDNQkeqhFHbLn2R+ZHqW7zJhfTzD7foyfLZom
3cJaoEr1lAfgGIczhydhzikc8FH0Rhocnvx1cRFJxF8PfgXSJKmYZ+a7eCS6Pm6y
XaXnhgaRY4YuZ8Io+5pmcPugJTx8h3M7ywWMkxxZupxYa34f04pgxyDXyrlKm9N7
LPxiK+pI+TZv8W10KLpi40F9+Jq/iGjZ6hilp+zRi6Y/WPaJRr+3cUh+/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMEWyZOh0iEOV64x5Jp6r198tGpjMB8GA1UdIwQY
MBaAFERR6D2uEqNxwd1J2zTZvVKpaItKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZIb1BhNFNvM0hCM1VuYk5ObTlVcWxvaTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9kZDhmNzEtMmIzNi00ZmI3LWIyZDUt
Zjk5N2RiZGMzZTU3LzEvd1JiSms2SFNJUTVYcmpIa21ucXZYM3kwYW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9kZDhmNzEtMmIzNi00ZmI3LWIyZDUtZjk5N2RiZGMzZTU3
LzEvUkZIb1BhNFNvM0hCM1VuYk5ObTlVcWxvaTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucacMA0E
AgACMAcDBQMqCotAMA0GCSqGSIb3DQEBCwUAA4IBAQAnl3POop4hf9MX9Ap/UGM/
/1ml3uWgmSt4qK/WJ9/4mOLsIIk3YkuAgNqOUJic/8FZEbY44Fy4+S5zNaYgAmwW
3vYdUSVGjdm/TeHYol0lLDpmYDiKLDxJQtWctq7u9mnk2A1wK2mtl1yuTupYe4NW
hjLkccvBPSomnqJZ9ypQx88kTKSbXcl1x3YYZLhxEec7HvLybMRzjq3ZKhHApxoU
ARrai2MPXDKIItKd/USQdlhzupbb3qq/T8wSGrDDZh6+nI384b/c2AygWol5MjlB
LCrLjSJU0hxACydXly3TUgQlSzMmnI+m/vOHbXepF/dj3HXTn8KQJ+OyTZEj6+dx
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:23:06 2024 by rpki-client on console-ams.rpki-client.org