Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/xy4S0F2z_B3U_WTTyev2HtpNig8.roa
File: xy4S0F2z_B3U_WTTyev2HtpNig8.roa (raw, json)
Hash identifier: 7XQoRRVC0KYLUIJTd+wZfgUfS6tflR9z0G+klYr0K4s=
Subject key identifier: C7:2E:12:D0:5D:B3:FC:1D:D4:FD:64:D3:C9:EB:F6:1E:DA:4D:8A:0F
Certificate issuer: /CN=8ecf78ba0275d1d3b6492a8e9d610613c0306a17
Certificate serial: 018CC42533F42B875F1C0C669D29119C7254
Authority key identifier: 8E:CF:78:BA:02:75:D1:D3:B6:49:2A:8E:9D:61:06:13:C0:30:6A:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/js94ugJ10dO2SSqOnWEGE8Awahc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/xy4S0F2z_B3U_WTTyev2HtpNig8.roa
Signing time: Mon 01 Jan 2024 08:30:21 +0000
ROA not before: Mon 01 Jan 2024 08:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.34.191.0/24 maxlen: 24
185.34.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/js94ugJ10dO2SSqOnWEGE8Awahc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/js94ugJ10dO2SSqOnWEGE8Awahc.mft
rsync://rpki.ripe.net/repository/DEFAULT/js94ugJ10dO2SSqOnWEGE8Awahc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:33:f4:2b:87:5f:1c:0c:66:9d:29:11:9c:72:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ecf78ba0275d1d3b6492a8e9d610613c0306a17
Validity
Not Before: Jan 1 08:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c72e12d05db3fc1dd4fd64d3c9ebf61eda4d8a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:c9:47:37:63:ef:09:c7:7a:8a:52:96:7c:
3c:8c:fb:52:7a:22:fb:e1:6f:75:b3:48:bc:00:10:
e5:dc:27:b5:f3:8a:d1:df:0e:33:c6:cd:b6:ef:30:
e4:7f:9c:5f:a3:6b:7a:33:ca:5f:8a:b4:dd:1c:10:
5e:e8:4e:c7:e9:33:eb:6e:fa:77:78:59:c5:70:c1:
80:e2:d1:73:7a:ef:2e:f1:fd:33:e6:2e:b4:47:72:
fb:43:a8:29:fd:7f:3d:cc:12:41:82:4a:f4:ce:53:
46:92:a4:5a:d5:2f:7d:3e:d5:45:76:1a:5f:a4:0d:
2a:b0:d6:ea:b0:7f:6e:a0:ec:43:ad:91:f0:1a:55:
41:a3:d5:87:b4:05:88:74:6d:26:df:68:16:2b:47:
8d:7b:ec:52:c0:e3:97:83:1c:d6:5c:4a:b0:31:24:
c4:c0:5b:ab:26:e8:68:5a:f9:d2:ad:a9:b9:fc:1d:
f5:ea:11:17:ed:3d:a9:f6:8e:a3:17:be:e5:21:6e:
93:28:8c:52:f3:c4:af:a1:0f:e8:30:e0:f4:af:43:
2d:70:9c:f3:77:56:c0:fc:4a:51:1f:2a:23:dd:80:
24:96:74:79:0f:5c:e1:bd:75:ca:9a:46:bc:85:90:
af:83:e2:5d:df:9b:9f:91:77:ac:1e:9c:aa:02:98:
ea:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2E:12:D0:5D:B3:FC:1D:D4:FD:64:D3:C9:EB:F6:1E:DA:4D:8A:0F
X509v3 Authority Key Identifier:
keyid:8E:CF:78:BA:02:75:D1:D3:B6:49:2A:8E:9D:61:06:13:C0:30:6A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/js94ugJ10dO2SSqOnWEGE8Awahc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/xy4S0F2z_B3U_WTTyev2HtpNig8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/js94ugJ10dO2SSqOnWEGE8Awahc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.188.0/24
185.34.191.0/24
Signature Algorithm: sha256WithRSAEncryption
60:03:39:ea:6b:5e:e5:20:b7:2b:da:84:5a:20:bd:6f:02:17:
76:77:aa:2d:51:6b:be:01:45:c0:4a:7c:96:ff:bc:4d:94:3c:
40:d5:21:94:ba:bd:68:88:e3:db:91:d3:ea:d7:fe:a8:21:f6:
66:f4:11:62:d7:6c:48:9a:81:ee:3f:0a:b1:4f:45:94:1d:ca:
99:e5:1c:21:f6:a1:f4:55:fb:64:d9:47:cd:e5:ec:ea:4a:67:
8b:15:a4:23:c0:db:9f:96:35:0a:b9:43:22:9d:94:cf:fb:29:
74:38:e0:ec:be:40:7c:2b:a9:b9:91:38:e4:8c:65:80:c8:ee:
a7:89:e6:b1:4a:ab:c2:75:67:61:1f:53:b7:bf:d3:f5:32:31:
09:82:12:00:1d:dc:c2:98:d7:cc:ab:60:83:38:58:c6:51:56:
e8:27:8b:20:9e:57:31:81:65:ff:93:27:21:89:64:8b:50:40:
2e:c4:a0:1f:cb:86:c0:51:f1:c2:33:a9:51:06:ad:8d:35:17:
b1:03:55:fc:19:98:da:a6:c9:af:9c:33:09:fd:9d:2b:75:de:
e9:cf:6a:a9:df:61:6c:af:e8:70:5c:6a:dc:6b:85:05:af:6d:
70:6a:7c:a9:d2:2d:b6:4b:e2:6e:5f:13:97:5c:02:88:f9:3b:
7a:ba:41:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJTP0K4dfHAxmnSkRnHJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlY2Y3OGJhMDI3NWQxZDNiNjQ5MmE4ZTlkNjEwNjEzYzAz
MDZhMTcwHhcNMjQwMTAxMDgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzJlMTJkMDVkYjNmYzFkZDRmZDY0ZDNjOWViZjYxZWRhNGQ4YTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXzJRzdj7wnHeopSlnw8jPtSeiL7
4W91s0i8ABDl3Ce184rR3w4zxs227zDkf5xfo2t6M8pfirTdHBBe6E7H6TPrbvp3
eFnFcMGA4tFzeu8u8f0z5i60R3L7Q6gp/X89zBJBgkr0zlNGkqRa1S99PtVFdhpf
pA0qsNbqsH9uoOxDrZHwGlVBo9WHtAWIdG0m32gWK0eNe+xSwOOXgxzWXEqwMSTE
wFurJuhoWvnSram5/B316hEX7T2p9o6jF77lIW6TKIxS88SvoQ/oMOD0r0MtcJzz
d1bA/EpRHyoj3YAklnR5D1zhvXXKmka8hZCvg+Jd35ufkXesHpyqApjq7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMcuEtBds/wd1P1k08nr9h7aTYoPMB8GA1UdIwQY
MBaAFI7PeLoCddHTtkkqjp1hBhPAMGoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanM5NHVnSjEwZE8yU1NxT25XRUdFOEF3YWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iMmEyZGMtYzA3Ni00NWUxLWJlYzQt
MmJiZjhmYWEwMGNhLzEveHk0UzBGMnpfQjNVX1dUVHlldjJIdHBOaWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iMmEyZGMtYzA3Ni00NWUxLWJlYzQtMmJiZjhmYWEwMGNh
LzEvanM5NHVnSjEwZE8yU1NxT25XRUdFOEF3YWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSK8AwQA
uSK/MA0GCSqGSIb3DQEBCwUAA4IBAQBgAznqa17lILcr2oRaIL1vAhd2d6otUWu+
AUXASnyW/7xNlDxA1SGUur1oiOPbkdPq1/6oIfZm9BFi12xImoHuPwqxT0WUHcqZ
5Rwh9qH0Vftk2UfN5ezqSmeLFaQjwNufljUKuUMinZTP+yl0OODsvkB8K6m5kTjk
jGWAyO6nieaxSqvCdWdhH1O3v9P1MjEJghIAHdzCmNfMq2CDOFjGUVboJ4sgnlcx
gWX/kychiWSLUEAuxKAfy4bAUfHCM6lRBq2NNRexA1X8GZjapsmvnDMJ/Z0rdd7p
z2qp32Fsr+hwXGrca4UFr21wanyp0i22S+JuXxOXXAKI+Tt6ukG8
-----END CERTIFICATE-----
Generated at Thu May 2 18:25:55 2024 by rpki-client on console-ams.rpki-client.org