Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/kYQWe7abGXbCa7mxrBpfV99WXuw.roa
File: kYQWe7abGXbCa7mxrBpfV99WXuw.roa (raw, json)
Hash identifier: l0b1gGrZwDnL5wKWiyBsMK5v64l5R3hgleR9XiY4n5c=
Subject key identifier: 91:84:16:7B:B6:9B:19:76:C2:6B:B9:B1:AC:1A:5F:57:DF:56:5E:EC
Certificate issuer: /CN=b1f7d0094adc98d9b032720e81e3db5aa7581c74
Certificate serial: 018CC8DE6B4DA642AB101575D07809D1CBB3
Authority key identifier: B1:F7:D0:09:4A:DC:98:D9:B0:32:72:0E:81:E3:DB:5A:A7:58:1C:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/kYQWe7abGXbCa7mxrBpfV99WXuw.roa
Signing time: Tue 02 Jan 2024 06:31:08 +0000
ROA not before: Tue 02 Jan 2024 06:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205313
IP address blocks: 185.222.74.0/23 maxlen: 23
185.222.75.0/24 maxlen: 24
185.222.72.0/24 maxlen: 24
185.222.73.0/24 maxlen: 24
185.222.72.0/23 maxlen: 23
185.222.72.0/22 maxlen: 22
185.222.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:6b:4d:a6:42:ab:10:15:75:d0:78:09:d1:cb:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1f7d0094adc98d9b032720e81e3db5aa7581c74
Validity
Not Before: Jan 2 06:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9184167bb69b1976c26bb9b1ac1a5f57df565eec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c2:75:43:95:14:fb:cb:2d:6c:96:64:6d:a5:
68:51:dd:6d:67:7a:46:aa:a5:82:ef:39:bd:3a:69:
82:f6:2d:38:b6:7e:c1:8c:0f:58:b0:f0:02:f4:c1:
6e:8a:d6:3a:e0:a8:7d:28:6d:36:29:ac:b6:1d:f3:
e2:4d:1e:da:76:82:6c:b4:74:87:aa:bf:7f:e0:53:
1a:ec:34:2f:af:10:08:1b:83:29:67:45:1e:99:d2:
47:4f:98:c9:04:f3:f7:70:81:ae:ff:2d:21:0a:ca:
2d:19:85:05:18:80:89:4e:52:76:85:4c:a4:fe:64:
cd:0a:0d:12:07:5f:40:09:2e:08:02:dc:ed:f2:39:
80:3d:31:c9:f3:91:f0:1b:bc:a3:de:3d:be:7e:3e:
a7:fa:fb:c8:4c:11:9f:69:8e:11:4a:78:6e:31:be:
5c:23:52:7f:64:7c:67:39:c7:17:56:25:e4:30:be:
a6:2d:05:c7:d8:4f:77:a9:80:5e:12:ff:57:17:dd:
1d:01:c6:ae:13:9e:cf:49:0d:9b:6b:2e:5f:21:d9:
d7:b0:9c:9a:c9:bf:d1:82:5c:8e:53:85:be:58:c8:
11:9d:a4:c1:ea:38:ee:de:f6:a2:71:9b:00:91:b7:
65:cc:0f:3e:96:3c:02:e6:d8:ea:8a:63:f4:0c:d0:
bf:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:84:16:7B:B6:9B:19:76:C2:6B:B9:B1:AC:1A:5F:57:DF:56:5E:EC
X509v3 Authority Key Identifier:
keyid:B1:F7:D0:09:4A:DC:98:D9:B0:32:72:0E:81:E3:DB:5A:A7:58:1C:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sffQCUrcmNmwMnIOgePbWqdYHHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/kYQWe7abGXbCa7mxrBpfV99WXuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e8dd6b-4627-4a3c-ba73-a54b869dcd27/1/sffQCUrcmNmwMnIOgePbWqdYHHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.72.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:f8:af:68:4e:58:2d:1b:23:3a:49:51:d5:bf:21:a2:5d:a2:
f4:7b:e8:fa:62:84:f8:4c:e6:14:b3:4c:5e:43:ca:50:05:6b:
d3:3e:7f:cd:b7:01:13:3c:42:ca:ca:47:1b:f9:2c:d6:26:54:
05:99:5d:9c:b0:28:13:c8:36:10:31:d8:1d:61:c5:99:9f:bf:
6c:74:ff:76:42:ef:77:93:60:8f:c1:46:dc:61:8b:84:a4:cb:
44:46:9f:06:86:75:11:1e:86:e3:84:50:df:5e:11:d0:23:8b:
e4:d9:ab:06:f2:99:87:53:a3:39:9a:a5:24:59:01:a8:76:e2:
17:ee:da:77:4d:7f:53:93:3b:ba:94:be:52:24:f7:b4:5f:2f:
e7:65:4d:8d:95:d2:12:67:d6:ff:1c:4b:7a:0b:aa:d1:3d:73:
5b:ef:f3:1f:aa:4a:d8:56:3d:fd:8b:e8:7e:f7:e9:56:d4:07:
c3:74:11:58:42:0e:18:e7:50:0c:7b:53:cf:05:50:df:db:a9:
ff:1b:51:60:25:2b:a5:09:a3:ee:fc:91:ad:a7:02:f3:6f:58:
92:71:d4:b0:0c:ed:16:09:54:aa:eb:82:b3:f3:dd:55:77:fe:
f6:ac:d5:35:9c:ba:d7:8b:a1:41:f3:e2:3a:a8:46:85:ce:77:
01:95:60:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3mtNpkKrEBV10HgJ0cuzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZjdkMDA5NGFkYzk4ZDliMDMyNzIwZTgxZTNkYjVhYTc1
ODFjNzQwHhcNMjQwMTAyMDYzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTg0MTY3YmI2OWIxOTc2YzI2YmI5YjFhYzFhNWY1N2RmNTY1ZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsJ1Q5UU+8stbJZkbaVoUd1tZ3pG
qqWC7zm9OmmC9i04tn7BjA9YsPAC9MFuitY64Kh9KG02Kay2HfPiTR7adoJstHSH
qr9/4FMa7DQvrxAIG4MpZ0UemdJHT5jJBPP3cIGu/y0hCsotGYUFGICJTlJ2hUyk
/mTNCg0SB19ACS4IAtzt8jmAPTHJ85HwG7yj3j2+fj6n+vvITBGfaY4RSnhuMb5c
I1J/ZHxnOccXViXkML6mLQXH2E93qYBeEv9XF90dAcauE57PSQ2bay5fIdnXsJya
yb/RglyOU4W+WMgRnaTB6jju3vaicZsAkbdlzA8+ljwC5tjqimP0DNC/AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJGEFnu2mxl2wmu5sawaX1ffVl7sMB8GA1UdIwQY
MBaAFLH30AlK3JjZsDJyDoHj21qnWBx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOGRkNmItNDYyNy00YTNjLWJhNzMt
YTU0Yjg2OWRjZDI3LzEva1lRV2U3YWJHWGJDYTdteHJCcGZWOTlXWHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOGRkNmItNDYyNy00YTNjLWJhNzMtYTU0Yjg2OWRjZDI3
LzEvc2ZmUUNVcmNtTm13TW5JT2dlUGJXcWRZSEhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud5IMA0G
CSqGSIb3DQEBCwUAA4IBAQAL+K9oTlgtGyM6SVHVvyGiXaL0e+j6YoT4TOYUs0xe
Q8pQBWvTPn/NtwETPELKykcb+SzWJlQFmV2csCgTyDYQMdgdYcWZn79sdP92Qu93
k2CPwUbcYYuEpMtERp8GhnURHobjhFDfXhHQI4vk2asG8pmHU6M5mqUkWQGoduIX
7tp3TX9Tkzu6lL5SJPe0Xy/nZU2NldISZ9b/HEt6C6rRPXNb7/MfqkrYVj39i+h+
9+lW1AfDdBFYQg4Y51AMe1PPBVDf26n/G1FgJSulCaPu/JGtpwLzb1iScdSwDO0W
CVSq64Kz891Vd/72rNU1nLrXi6FB8+I6qEaFzncBlWCH
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:33:26 2024 by rpki-client on console-ams.rpki-client.org