Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/cIHgPQfkeGGkH1YH0us6u-BItEw.roa
File: cIHgPQfkeGGkH1YH0us6u-BItEw.roa (raw, json)
Hash identifier: J09w581HYGMBFoQ3t1ZjBOEodf50+DAwxqhQZWajtY0=
Subject key identifier: 70:81:E0:3D:07:E4:78:61:A4:1F:56:07:D2:EB:3A:BB:E0:48:B4:4C
Certificate issuer: /CN=36261c261756fa03ac57d1bfc4db856ef808975a
Certificate serial: 018CC86F6A7135867859290F3ECE06E646A4
Authority key identifier: 36:26:1C:26:17:56:FA:03:AC:57:D1:BF:C4:DB:85:6E:F8:08:97:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/cIHgPQfkeGGkH1YH0us6u-BItEw.roa
Signing time: Tue 02 Jan 2024 04:29:54 +0000
ROA not before: Tue 02 Jan 2024 04:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20860
IP address blocks: 185.35.77.0/24 maxlen: 24
2a00:e120::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/NiYcJhdW-gOsV9G_xNuFbvgIl1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/NiYcJhdW-gOsV9G_xNuFbvgIl1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:6a:71:35:86:78:59:29:0f:3e:ce:06:e6:46:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36261c261756fa03ac57d1bfc4db856ef808975a
Validity
Not Before: Jan 2 04:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7081e03d07e47861a41f5607d2eb3abbe048b44c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:61:10:1c:8c:5c:f1:d4:fe:b7:43:08:e7:8a:
21:aa:fe:96:27:0e:79:13:1e:34:f8:63:8d:73:ba:
3b:eb:0f:39:13:da:53:8c:bf:34:45:37:5e:59:fe:
77:c0:7e:76:65:9d:a8:29:a8:50:b1:3f:4b:f4:67:
f5:52:a1:e2:e0:79:8f:97:bb:17:2c:08:a8:e2:06:
56:b7:a3:6c:72:94:02:52:bd:ca:26:4d:d4:1f:62:
35:e9:d5:0a:a0:63:ff:31:2c:e4:d4:5b:f3:48:b6:
c6:89:f6:db:70:f8:48:c7:c9:82:77:ac:db:5b:8f:
21:c1:15:db:12:03:dc:61:2a:85:30:41:fa:9d:8d:
c9:7d:f9:9a:8c:34:77:33:75:6d:96:a3:60:83:1d:
ba:6e:70:82:bc:cd:66:3c:78:2b:20:c5:2f:68:92:
84:ca:a7:3e:9b:c5:02:96:58:d1:f6:42:e0:b9:f2:
76:ae:a0:12:40:3f:95:c8:9b:fa:3d:73:94:00:a4:
2e:c0:01:23:ba:d2:12:02:0a:2b:e6:74:d0:6c:f6:
4f:a4:b5:27:25:f7:2a:c0:cd:57:db:a5:28:97:4b:
c0:19:d9:1e:90:a3:af:ea:35:0e:a2:f7:a2:00:69:
7e:b9:6b:2a:f6:91:66:bd:60:f1:46:cf:35:cc:60:
ad:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:81:E0:3D:07:E4:78:61:A4:1F:56:07:D2:EB:3A:BB:E0:48:B4:4C
X509v3 Authority Key Identifier:
keyid:36:26:1C:26:17:56:FA:03:AC:57:D1:BF:C4:DB:85:6E:F8:08:97:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiYcJhdW-gOsV9G_xNuFbvgIl1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/cIHgPQfkeGGkH1YH0us6u-BItEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/0bab1f-92d6-42f0-b952-442c080ae541/1/NiYcJhdW-gOsV9G_xNuFbvgIl1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.77.0/24
IPv6:
2a00:e120::/32
Signature Algorithm: sha256WithRSAEncryption
45:b0:23:3a:e5:bd:c8:db:f3:4b:6b:93:e5:8e:08:24:1e:c9:
bb:b2:f0:b6:37:08:63:8c:b2:df:2e:8b:44:5c:6c:67:74:2a:
a5:80:67:cf:90:a7:6a:38:6f:bd:5b:2b:52:2f:d1:76:22:68:
0e:1d:97:d2:23:94:71:84:a0:db:c0:90:1c:5a:af:3d:d4:f4:
78:02:8e:13:71:10:d5:1b:55:93:56:df:f0:83:a9:a5:9d:30:
96:0a:11:44:36:bd:b7:64:e7:5b:d8:e7:77:1f:a3:92:7f:a0:
58:e4:3c:7e:69:56:78:59:be:97:ba:29:b7:ba:2a:1a:83:8e:
7f:0f:45:ea:84:9b:62:85:a2:8a:10:b0:e4:73:f9:c1:56:c4:
6b:b2:94:9f:cb:3f:96:21:84:e7:c7:47:16:cf:8e:7b:1e:ce:
53:8b:76:15:ce:19:18:44:6e:7e:a0:ac:9b:14:f9:22:c6:3c:
50:01:c4:72:2e:39:79:44:4e:50:a5:6b:d4:78:04:68:45:86:
1c:67:a9:77:d4:c8:40:c8:a1:d3:7b:af:3b:25:29:f2:ac:f6:
ac:f3:ff:85:67:a2:3f:9f:e1:f5:26:8e:01:13:28:a8:8c:b6:
89:fd:1f:a8:4e:10:d3:c5:ba:79:89:eb:3c:76:a0:be:c8:bf:
51:6d:83:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb2pxNYZ4WSkPPs4G5kakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjYxYzI2MTc1NmZhMDNhYzU3ZDFiZmM0ZGI4NTZlZjgw
ODk3NWEwHhcNMjQwMTAyMDQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDgxZTAzZDA3ZTQ3ODYxYTQxZjU2MDdkMmViM2FiYmUwNDhiNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2EQHIxc8dT+t0MI54ohqv6WJw55
Ex40+GONc7o76w85E9pTjL80RTdeWf53wH52ZZ2oKahQsT9L9Gf1UqHi4HmPl7sX
LAio4gZWt6NscpQCUr3KJk3UH2I16dUKoGP/MSzk1FvzSLbGifbbcPhIx8mCd6zb
W48hwRXbEgPcYSqFMEH6nY3JffmajDR3M3VtlqNggx26bnCCvM1mPHgrIMUvaJKE
yqc+m8UClljR9kLgufJ2rqASQD+VyJv6PXOUAKQuwAEjutISAgor5nTQbPZPpLUn
JfcqwM1X26Uol0vAGdkekKOv6jUOoveiAGl+uWsq9pFmvWDxRs81zGCtaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHCB4D0H5HhhpB9WB9LrOrvgSLRMMB8GA1UdIwQY
MBaAFDYmHCYXVvoDrFfRv8TbhW74CJdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlZY0poZFctZ09zVjlHX3hOdUZidmdJbDFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8wYmFiMWYtOTJkNi00MmYwLWI5NTIt
NDQyYzA4MGFlNTQxLzEvY0lIZ1BRZmtlR0drSDFZSDB1czZ1LUJJdEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8wYmFiMWYtOTJkNi00MmYwLWI5NTItNDQyYzA4MGFlNTQx
LzEvTmlZY0poZFctZ09zVjlHX3hOdUZidmdJbDFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSNNMA0E
AgACMAcDBQAqAOEgMA0GCSqGSIb3DQEBCwUAA4IBAQBFsCM65b3I2/NLa5Pljggk
Hsm7svC2NwhjjLLfLotEXGxndCqlgGfPkKdqOG+9WytSL9F2ImgOHZfSI5RxhKDb
wJAcWq891PR4Ao4TcRDVG1WTVt/wg6mlnTCWChFENr23ZOdb2Od3H6OSf6BY5Dx+
aVZ4Wb6Xuim3uioag45/D0XqhJtihaKKELDkc/nBVsRrspSfyz+WIYTnx0cWz457
Hs5Ti3YVzhkYRG5+oKybFPkixjxQAcRyLjl5RE5QpWvUeARoRYYcZ6l31MhAyKHT
e687JSnyrPas8/+FZ6I/n+H1Jo4BEyiojLaJ/R+oThDTxbp5ies8dqC+yL9RbYMi
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:28:33 2024 by rpki-client on console-ams.rpki-client.org