Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/bathhTEz2C5vsBdxkoa1B5GuHSc.roa
File: bathhTEz2C5vsBdxkoa1B5GuHSc.roa (raw, json)
Hash identifier: JJ2kBfAkUVj9iAAvlgZR7gvYUuAt9cqa7mFsw8vpD0g=
Subject key identifier: 6D:AB:61:85:31:33:D8:2E:6F:B0:17:71:92:86:B5:07:91:AE:1D:27
Certificate issuer: /CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Certificate serial: 018CC86F76AFABB32FEAE1EB3330D418121E
Authority key identifier: 32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/bathhTEz2C5vsBdxkoa1B5GuHSc.roa
Signing time: Tue 02 Jan 2024 04:29:57 +0000
ROA not before: Tue 02 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212538
IP address blocks: 185.180.30.0/24 maxlen: 24
185.180.31.0/24 maxlen: 24
185.180.28.0/24 maxlen: 24
185.180.29.0/24 maxlen: 24
185.34.128.0/24 maxlen: 24
185.34.129.0/24 maxlen: 24
185.34.130.0/24 maxlen: 24
185.34.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:76:af:ab:b3:2f:ea:e1:eb:33:30:d4:18:12:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Validity
Not Before: Jan 2 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dab61853133d82e6fb017719286b50791ae1d27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c7:d7:22:92:32:ce:d9:75:53:33:df:6f:07:
61:16:a9:e4:4f:5d:f8:c6:9d:5a:1d:9b:74:f1:dc:
f0:19:61:e8:5d:81:aa:46:31:b9:1c:cc:a0:ca:11:
0b:bb:50:f1:cd:15:fe:da:a2:ab:38:39:46:1d:27:
c2:b8:5c:3a:89:45:9d:34:9a:ec:7f:97:3b:bf:b6:
ff:ef:48:e3:50:46:65:69:45:cd:9d:2b:c6:78:9e:
ae:f0:a2:6d:70:5a:91:ca:49:50:c4:0d:ce:bb:bc:
5d:1f:65:cb:0c:75:2f:df:ea:6f:6b:96:7a:71:b8:
c1:f2:15:be:b3:95:f0:e7:aa:03:50:ad:2f:87:b9:
d2:c2:16:93:71:a2:de:b2:ce:8e:7c:0a:34:9c:9a:
fa:a2:4b:1b:dd:2f:77:91:68:df:23:ea:9b:60:d8:
49:a0:d7:b1:28:0c:05:a0:c8:eb:f9:9d:61:f7:de:
68:43:b6:6a:c8:8e:1b:e6:f4:b0:4d:ef:74:70:74:
54:b6:dc:7a:7e:6f:0d:08:7b:5f:3b:87:12:21:81:
6f:a3:0a:66:e3:5a:b6:3c:38:e8:b8:9d:83:e0:a7:
26:c8:a9:25:de:90:fb:70:37:31:d7:05:b1:66:3c:
a8:1e:50:01:8c:0c:ba:fb:56:14:3f:e8:e1:bc:12:
c1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AB:61:85:31:33:D8:2E:6F:B0:17:71:92:86:B5:07:91:AE:1D:27
X509v3 Authority Key Identifier:
keyid:32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/bathhTEz2C5vsBdxkoa1B5GuHSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.128.0/22
185.180.28.0/22
Signature Algorithm: sha256WithRSAEncryption
20:b0:00:db:2a:41:ae:9d:ba:d7:1f:f0:c0:aa:90:45:91:66:
eb:b8:e8:b9:56:cb:0d:3d:29:25:e3:63:7d:c6:18:f8:f5:ec:
58:89:5a:ca:93:74:2d:24:09:d6:4c:d7:73:0f:dd:73:80:29:
21:df:fb:4a:fb:c5:86:39:f2:5f:1b:67:75:1c:fb:e5:1a:10:
5d:66:94:c7:40:91:41:ff:23:88:04:0f:a1:30:4a:89:87:74:
ca:5e:00:92:84:f7:df:ff:af:1c:b2:d0:43:11:5d:b1:73:67:
c9:b8:09:42:2b:d4:e8:bd:2b:86:62:be:62:93:bc:93:57:77:
d2:e3:13:5a:9e:25:4b:8d:ff:df:de:85:9c:08:5f:0b:70:87:
a5:1d:df:aa:64:13:aa:76:55:68:84:52:fc:84:a3:e9:5f:8e:
f2:fd:8a:a1:c6:c6:41:ec:38:4c:e8:60:2a:32:3f:e2:81:50:
f5:82:04:3a:23:7e:91:f5:a4:3c:cb:97:0a:aa:90:60:03:43:
12:34:7b:4f:78:0a:a1:7c:3d:e5:82:c6:8f:e5:2a:cd:ae:c2:
e3:82:ca:e0:93:41:c8:a9:52:0c:b2:32:eb:d0:ae:6d:58:cc:
47:29:67:c5:0b:7e:93:3d:57:e6:8e:70:75:01:d9:4c:35:18:
d9:5c:6c:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIb3avq7Mv6uHrMzDUGBIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZWQ2NzAwMmRjNzMwN2U4NTYzYjZlNDkzNGNjZDU3MjNh
NDRmM2UwHhcNMjQwMTAyMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGFiNjE4NTMxMzNkODJlNmZiMDE3NzE5Mjg2YjUwNzkxYWUxZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMfXIpIyztl1UzPfbwdhFqnkT134
xp1aHZt08dzwGWHoXYGqRjG5HMygyhELu1DxzRX+2qKrODlGHSfCuFw6iUWdNJrs
f5c7v7b/70jjUEZlaUXNnSvGeJ6u8KJtcFqRyklQxA3Ou7xdH2XLDHUv3+pva5Z6
cbjB8hW+s5Xw56oDUK0vh7nSwhaTcaLess6OfAo0nJr6oksb3S93kWjfI+qbYNhJ
oNexKAwFoMjr+Z1h995oQ7ZqyI4b5vSwTe90cHRUttx6fm8NCHtfO4cSIYFvowpm
41q2PDjouJ2D4KcmyKkl3pD7cDcx1wWxZjyoHlABjAy6+1YUP+jhvBLBsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG2rYYUxM9gub7AXcZKGtQeRrh0nMB8GA1UdIwQY
MBaAFDLtZwAtxzB+hWO25JNMzVcjpE8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMt
ZjFlOWJjNDFkOTJmLzEvYmF0aGhURXoyQzV2c0JkeGtvYTFCNUd1SFNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMtZjFlOWJjNDFkOTJm
LzEvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSKAAwQC
ubQcMA0GCSqGSIb3DQEBCwUAA4IBAQAgsADbKkGunbrXH/DAqpBFkWbruOi5VssN
PSkl42N9xhj49exYiVrKk3QtJAnWTNdzD91zgCkh3/tK+8WGOfJfG2d1HPvlGhBd
ZpTHQJFB/yOIBA+hMEqJh3TKXgCShPff/68cstBDEV2xc2fJuAlCK9TovSuGYr5i
k7yTV3fS4xNaniVLjf/f3oWcCF8LcIelHd+qZBOqdlVohFL8hKPpX47y/YqhxsZB
7DhM6GAqMj/igVD1ggQ6I36R9aQ8y5cKqpBgA0MSNHtPeAqhfD3lgsaP5SrNrsLj
gsrgk0HIqVIMsjLr0K5tWMxHKWfFC36TPVfmjnB1AdlMNRjZXGxd
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:31:33 2024 by rpki-client on console-ams.rpki-client.org