Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/6a3d3e-25fd-42ff-a5fb-8b3bf8bf98eb/1/1-zIyQcXigrLmVJPoJ70dQF8tCdc.roa
File: 1-zIyQcXigrLmVJPoJ70dQF8tCdc.roa (raw, json)
Hash identifier: TXP3vPKzyPK54Lh1R+sUezVEsjJk2uOFChyNCW4zNus=
Subject key identifier: FB:32:32:41:C5:E2:82:B2:E6:54:93:E8:27:BD:1D:40:5F:2D:09:D7
Certificate issuer: /CN=24a30b60d23d74e8226bcd5e15dc5bf770ad307e
Certificate serial: 018CC8713A59C42D07B122030CD9DE94ECA7
Authority key identifier: 24:A3:0B:60:D2:3D:74:E8:22:6B:CD:5E:15:DC:5B:F7:70:AD:30:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JKMLYNI9dOgia81eFdxb93CtMH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/6a3d3e-25fd-42ff-a5fb-8b3bf8bf98eb/1/1-zIyQcXigrLmVJPoJ70dQF8tCdc.roa
Signing time: Tue 02 Jan 2024 04:31:52 +0000
ROA not before: Tue 02 Jan 2024 04:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206549
IP address blocks: 185.181.224.0/22 maxlen: 22
2a0a:d480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/6a3d3e-25fd-42ff-a5fb-8b3bf8bf98eb/1/JKMLYNI9dOgia81eFdxb93CtMH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/6a3d3e-25fd-42ff-a5fb-8b3bf8bf98eb/1/JKMLYNI9dOgia81eFdxb93CtMH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/JKMLYNI9dOgia81eFdxb93CtMH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:3a:59:c4:2d:07:b1:22:03:0c:d9:de:94:ec:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24a30b60d23d74e8226bcd5e15dc5bf770ad307e
Validity
Not Before: Jan 2 04:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb323241c5e282b2e65493e827bd1d405f2d09d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4f:61:22:b0:b7:5f:31:f7:2e:25:78:f2:b0:
55:84:19:1d:b9:3e:2f:38:ba:d7:46:05:e2:51:66:
32:32:67:06:2e:38:84:88:05:4b:f9:e5:15:e8:67:
93:cd:68:45:55:9d:c6:88:2f:e3:d9:9b:45:93:9e:
23:c6:92:de:84:2d:c9:08:5d:98:4e:60:c9:13:d3:
e6:fb:c4:df:57:49:4a:14:04:53:94:42:f4:de:69:
40:c9:66:52:a7:54:5c:bf:54:0b:9a:cc:7c:c5:fc:
7a:bf:b6:32:35:68:57:38:a0:63:31:16:69:33:c5:
94:71:ec:86:fa:7b:d3:09:6b:6d:77:15:af:6e:f9:
7b:01:92:cb:f6:b4:6b:8f:8e:51:44:0f:f3:3b:59:
61:eb:ee:a2:e0:0a:1c:86:22:6b:5a:03:dc:79:11:
63:c4:e6:50:3d:ae:37:19:1a:d0:5b:4c:2d:0f:15:
c4:55:3a:d0:89:ad:29:4f:d6:20:70:af:c6:3a:3f:
f1:e1:28:0a:82:0d:8a:de:94:ad:3e:69:2a:4a:db:
9c:17:78:2e:dc:6a:4b:c6:01:75:ab:3d:1f:f1:d3:
7f:48:ab:b5:67:2c:cc:bc:11:b4:cb:d5:40:c5:12:
83:40:c6:27:0f:45:ea:57:74:82:65:6d:94:d5:04:
16:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:32:32:41:C5:E2:82:B2:E6:54:93:E8:27:BD:1D:40:5F:2D:09:D7
X509v3 Authority Key Identifier:
keyid:24:A3:0B:60:D2:3D:74:E8:22:6B:CD:5E:15:DC:5B:F7:70:AD:30:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JKMLYNI9dOgia81eFdxb93CtMH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/6a3d3e-25fd-42ff-a5fb-8b3bf8bf98eb/1/1-zIyQcXigrLmVJPoJ70dQF8tCdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/6a3d3e-25fd-42ff-a5fb-8b3bf8bf98eb/1/JKMLYNI9dOgia81eFdxb93CtMH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.224.0/22
IPv6:
2a0a:d480::/29
Signature Algorithm: sha256WithRSAEncryption
15:d2:b4:90:ed:32:91:fc:0f:bc:1c:65:70:eb:55:66:01:ce:
3d:d5:d0:4d:38:d0:5b:b3:72:f7:17:0d:42:9c:88:59:04:46:
5e:6d:5b:99:92:89:01:d8:20:1f:9e:e1:00:9c:31:90:7e:38:
38:11:e7:78:4e:70:62:00:ea:2e:4f:66:10:5c:7f:a0:69:14:
c2:6a:3e:eb:a1:3f:79:f3:e9:91:88:da:17:be:15:f8:fe:1b:
ec:41:ea:e1:7e:d1:6a:6c:b5:ec:6f:d4:44:c2:61:e0:3c:04:
05:21:c3:c0:47:5b:a4:24:69:8d:b0:6a:3f:83:31:e0:aa:f4:
e6:eb:0c:53:d1:d4:c1:92:bd:0f:0b:7f:8c:a0:d1:cf:3d:83:
27:00:f1:ce:ab:ae:5e:bc:dd:39:bc:fa:6d:71:fa:a3:39:d3:
2f:a2:98:a5:63:7d:de:b2:fd:24:3f:b6:eb:54:c4:c8:40:41:
66:15:c8:e5:1c:65:d4:08:10:b6:69:d7:7b:4d:27:91:26:8d:
a0:08:a3:04:6b:d6:b1:ab:60:b1:30:e4:6b:c9:ea:1e:06:2b:
d4:ee:cd:90:56:4a:89:dd:93:fa:5f:52:7f:13:26:f3:2f:f0:
bb:f3:fe:ec:d0:5a:35:39:66:80:1d:3a:99:b0:be:76:be:f5:
4b:00:0c:2d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzIcTpZxC0HsSIDDNnelOynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YTMwYjYwZDIzZDc0ZTgyMjZiY2Q1ZTE1ZGM1YmY3NzBh
ZDMwN2UwHhcNMjQwMTAyMDQzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjMyMzI0MWM1ZTI4MmIyZTY1NDkzZTgyN2JkMWQ0MDVmMmQwOWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE9hIrC3XzH3LiV48rBVhBkduT4v
OLrXRgXiUWYyMmcGLjiEiAVL+eUV6GeTzWhFVZ3GiC/j2ZtFk54jxpLehC3JCF2Y
TmDJE9Pm+8TfV0lKFARTlEL03mlAyWZSp1Rcv1QLmsx8xfx6v7YyNWhXOKBjMRZp
M8WUceyG+nvTCWttdxWvbvl7AZLL9rRrj45RRA/zO1lh6+6i4AochiJrWgPceRFj
xOZQPa43GRrQW0wtDxXEVTrQia0pT9YgcK/GOj/x4SgKgg2K3pStPmkqStucF3gu
3GpLxgF1qz0f8dN/SKu1ZyzMvBG0y9VAxRKDQMYnD0XqV3SCZW2U1QQWCQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPsyMkHF4oKy5lST6Ce9HUBfLQnXMB8GA1UdIwQY
MBaAFCSjC2DSPXToImvNXhXcW/dwrTB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSktNTFlOSTlkT2dpYTgxZUZkeGI5M0N0TUg0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82YTNkM2UtMjVmZC00MmZmLWE1ZmIt
OGIzYmY4YmY5OGViLzEvMS16SXlRY1hpZ3JMbVZKUG9KNzBkUUY4dENkYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjYvNmEzZDNlLTI1ZmQtNDJmZi1hNWZiLThiM2JmOGJmOThl
Yi8xL0pLTUxZTkk5ZE9naWE4MWVGZHhiOTNDdE1INC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArm14DAN
BAIAAjAHAwUDKgrUgDANBgkqhkiG9w0BAQsFAAOCAQEAFdK0kO0ykfwPvBxlcOtV
ZgHOPdXQTTjQW7Ny9xcNQpyIWQRGXm1bmZKJAdggH57hAJwxkH44OBHneE5wYgDq
Lk9mEFx/oGkUwmo+66E/efPpkYjaF74V+P4b7EHq4X7Ramy17G/URMJh4DwEBSHD
wEdbpCRpjbBqP4Mx4Kr05usMU9HUwZK9Dwt/jKDRzz2DJwDxzquuXrzdObz6bXH6
oznTL6KYpWN93rL9JD+261TEyEBBZhXI5Rxl1AgQtmnXe00nkSaNoAijBGvWsatg
sTDka8nqHgYr1O7NkFZKid2T+l9SfxMm8y/wu/P+7NBaNTlmgB06mbC+dr71SwAM
LQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:30:23 2024 by rpki-client on console-fra.rpki-client.org