Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/b9a936-2ec7-494c-95d2-eab40be48cc1/1/2m6VhdE18CMK2ixeyp6Gb7tQblo.roa
File: 2m6VhdE18CMK2ixeyp6Gb7tQblo.roa (raw, json)
Hash identifier: fHj+RYPLJj1gt3d18nEI0g097dwGFrvObuE+qF2XqLg=
Subject key identifier: DA:6E:95:85:D1:35:F0:23:0A:DA:2C:5E:CA:9E:86:6F:BB:50:6E:5A
Certificate issuer: /CN=dae70ef6feb813ed9dbb967d0513cf2043d3a347
Certificate serial: 018CC8DF792A8E60F8DAC90EF4837D6E9C01
Authority key identifier: DA:E7:0E:F6:FE:B8:13:ED:9D:BB:96:7D:05:13:CF:20:43:D3:A3:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ucO9v64E-2du5Z9BRPPIEPTo0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/b9a936-2ec7-494c-95d2-eab40be48cc1/1/2m6VhdE18CMK2ixeyp6Gb7tQblo.roa
Signing time: Tue 02 Jan 2024 06:32:17 +0000
ROA not before: Tue 02 Jan 2024 06:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201782
IP address blocks: 185.63.180.0/22 maxlen: 22
2a03:da0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/b9a936-2ec7-494c-95d2-eab40be48cc1/1/2ucO9v64E-2du5Z9BRPPIEPTo0c.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/b9a936-2ec7-494c-95d2-eab40be48cc1/1/2ucO9v64E-2du5Z9BRPPIEPTo0c.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ucO9v64E-2du5Z9BRPPIEPTo0c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:79:2a:8e:60:f8:da:c9:0e:f4:83:7d:6e:9c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dae70ef6feb813ed9dbb967d0513cf2043d3a347
Validity
Not Before: Jan 2 06:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da6e9585d135f0230ada2c5eca9e866fbb506e5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e4:ea:4d:7a:20:67:44:e8:60:07:fe:98:d5:
ec:de:8f:b5:03:65:07:e2:4e:58:83:75:72:f3:32:
13:e4:ec:60:f5:2c:43:d0:44:33:b5:d4:4c:59:64:
75:85:47:b2:f5:77:3f:75:9d:b7:c6:13:9f:84:bb:
b5:b7:99:51:16:15:23:26:58:c3:87:78:9f:82:0f:
fa:00:3a:9f:1f:d9:c1:91:e4:a1:b5:7c:e2:c7:9e:
a4:1c:60:5f:45:0c:db:aa:d0:e9:20:89:28:be:e3:
07:13:3f:ab:53:5d:fe:b8:26:c0:5d:d0:2f:6e:e0:
01:4a:08:ab:d8:88:f2:0d:2f:2c:cb:26:7e:bd:b3:
31:07:6b:e7:65:a3:46:88:c9:16:f0:6c:f6:f3:d6:
d6:85:b6:1a:ff:c9:1d:5d:a4:5c:18:84:78:40:43:
b5:ba:21:92:20:d1:fe:e9:94:98:77:4c:02:bc:03:
a0:a5:14:5e:4a:60:0f:d0:c0:c9:70:07:b7:94:b8:
85:27:04:bb:91:be:d0:06:b9:2e:b1:4a:59:7d:24:
17:34:88:20:e2:2f:f6:cb:89:2d:a4:0c:f0:80:82:
c7:44:20:a9:49:8a:87:05:35:b9:29:b2:1a:db:12:
f3:8f:9d:f0:c5:06:e0:af:42:ba:a0:c8:9b:bd:ce:
e9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6E:95:85:D1:35:F0:23:0A:DA:2C:5E:CA:9E:86:6F:BB:50:6E:5A
X509v3 Authority Key Identifier:
keyid:DA:E7:0E:F6:FE:B8:13:ED:9D:BB:96:7D:05:13:CF:20:43:D3:A3:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ucO9v64E-2du5Z9BRPPIEPTo0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b9a936-2ec7-494c-95d2-eab40be48cc1/1/2m6VhdE18CMK2ixeyp6Gb7tQblo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/b9a936-2ec7-494c-95d2-eab40be48cc1/1/2ucO9v64E-2du5Z9BRPPIEPTo0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.180.0/22
IPv6:
2a03:da0::/32
Signature Algorithm: sha256WithRSAEncryption
20:2b:61:e8:78:9e:b4:d6:f5:ee:75:cf:92:d0:65:38:2a:84:
3a:cc:6d:4f:6a:ae:2f:31:0a:34:76:23:59:da:84:c2:42:8d:
09:59:72:c8:fc:f9:6e:73:ce:62:69:cd:44:34:f8:bf:15:13:
a5:6d:16:3c:fa:4c:1f:7c:3c:28:61:82:bd:1e:31:5c:a9:be:
0a:b4:58:9b:ad:03:05:d5:00:4f:e4:6a:53:5c:19:63:36:20:
90:62:95:0d:f5:e9:51:fc:72:04:54:8e:e5:85:66:97:8c:ae:
92:25:8c:09:05:21:06:f9:f0:79:4a:46:6d:0b:02:10:83:56:
5b:66:aa:45:dc:5c:09:a4:1f:9b:ea:9a:a2:aa:3f:96:fd:89:
f7:41:bf:5b:7e:46:84:06:7a:da:32:17:ee:85:06:1d:1a:38:
bd:c9:89:0e:4e:3c:95:6a:75:de:98:54:66:94:69:64:ea:dd:
38:eb:d4:9b:ad:8c:22:a4:90:cd:f5:d0:71:6a:a1:36:a1:fc:
3e:2f:99:b8:46:9a:eb:5f:52:8e:2a:4f:b2:88:be:bc:06:47:
64:18:c3:1a:0e:fa:8a:20:13:2b:53:3b:42:c4:b2:f5:69:93:
cc:4c:e1:ad:85:33:62:6c:44:4b:46:0d:86:28:12:b2:be:88:
54:b2:29:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI33kqjmD42skO9IN9bpwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZTcwZWY2ZmViODEzZWQ5ZGJiOTY3ZDA1MTNjZjIwNDNk
M2EzNDcwHhcNMjQwMTAyMDYzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTZlOTU4NWQxMzVmMDIzMGFkYTJjNWVjYTllODY2ZmJiNTA2ZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4uTqTXogZ0ToYAf+mNXs3o+1A2UH
4k5Yg3Vy8zIT5Oxg9SxD0EQztdRMWWR1hUey9Xc/dZ23xhOfhLu1t5lRFhUjJljD
h3ifgg/6ADqfH9nBkeShtXzix56kHGBfRQzbqtDpIIkovuMHEz+rU13+uCbAXdAv
buABSgir2IjyDS8syyZ+vbMxB2vnZaNGiMkW8Gz289bWhbYa/8kdXaRcGIR4QEO1
uiGSINH+6ZSYd0wCvAOgpRReSmAP0MDJcAe3lLiFJwS7kb7QBrkusUpZfSQXNIgg
4i/2y4ktpAzwgILHRCCpSYqHBTW5KbIa2xLzj53wxQbgr0K6oMibvc7pYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNpulYXRNfAjCtosXsqehm+7UG5aMB8GA1UdIwQY
MBaAFNrnDvb+uBPtnbuWfQUTzyBD06NHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnVjTzl2NjRFLTJkdTVaOUJSUFBJRVBUbzBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9iOWE5MzYtMmVjNy00OTRjLTk1ZDIt
ZWFiNDBiZTQ4Y2MxLzEvMm02VmhkRTE4Q01LMml4ZXlwNkdiN3RRYmxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9iOWE5MzYtMmVjNy00OTRjLTk1ZDItZWFiNDBiZTQ4Y2Mx
LzEvMnVjTzl2NjRFLTJkdTVaOUJSUFBJRVBUbzBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT+0MA0E
AgACMAcDBQAqAw2gMA0GCSqGSIb3DQEBCwUAA4IBAQAgK2HoeJ601vXudc+S0GU4
KoQ6zG1Paq4vMQo0diNZ2oTCQo0JWXLI/Pluc85iac1ENPi/FROlbRY8+kwffDwo
YYK9HjFcqb4KtFibrQMF1QBP5GpTXBljNiCQYpUN9elR/HIEVI7lhWaXjK6SJYwJ
BSEG+fB5SkZtCwIQg1ZbZqpF3FwJpB+b6pqiqj+W/Yn3Qb9bfkaEBnraMhfuhQYd
Gji9yYkOTjyVanXemFRmlGlk6t0469SbrYwipJDN9dBxaqE2ofw+L5m4RprrX1KO
Kk+yiL68BkdkGMMaDvqKIBMrUztCxLL1aZPMTOGthTNibERLRg2GKBKyvohUsin6
-----END CERTIFICATE-----
Generated at Sat May 18 06:31:10 2024 by rpki-client on console-ams.rpki-client.org