Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/yLk3xIY2BF_etWCgQ65Sq55kxyU.roa
File: yLk3xIY2BF_etWCgQ65Sq55kxyU.roa (raw, json)
Hash identifier: 4I2dYSnZbAV0MAUEMCQ6COIQqaIvjuD2TKR27aGWoUo=
Subject key identifier: C8:B9:37:C4:86:36:04:5F:DE:B5:60:A0:43:AE:52:AB:9E:64:C7:25
Certificate issuer: /CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Certificate serial: 018CC7274CC375ED3FD05855D94E1FF7E5E7
Authority key identifier: 30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/yLk3xIY2BF_etWCgQ65Sq55kxyU.roa
Signing time: Mon 01 Jan 2024 22:31:30 +0000
ROA not before: Mon 01 Jan 2024 22:31:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.64.6.0/24 maxlen: 24
2a10:2307:fffd::/48 maxlen: 48
2a10:2307:ffff::/48 maxlen: 48
2a10:2307:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:4c:c3:75:ed:3f:d0:58:55:d9:4e:1f:f7:e5:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30706b2b95588d780e36ef82a8f54a317d5869e2
Validity
Not Before: Jan 1 22:31:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8b937c48636045fdeb560a043ae52ab9e64c725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:73:cf:37:c3:fd:33:ea:24:5f:5f:b0:b6:b2:
6b:a8:56:10:d9:16:d9:f6:b2:2e:bc:85:39:81:c6:
35:bb:84:09:a9:bd:37:66:35:93:a5:e8:b7:48:80:
76:e7:61:55:0b:aa:a1:14:96:eb:91:e7:84:e6:21:
62:a2:33:6d:39:63:19:16:72:c9:7c:bb:af:d6:20:
80:d7:f2:ae:b4:e8:41:da:9a:e0:09:85:9e:65:ee:
25:6c:e9:41:f6:7f:57:87:3a:4a:08:70:68:db:c6:
76:f8:79:76:7d:34:67:7d:2e:7b:8e:97:eb:a3:d5:
fb:a2:b9:a2:20:c1:7d:b2:b6:80:57:64:da:33:1e:
31:98:78:5d:d5:da:c4:bb:6f:ee:e9:a9:d7:87:4d:
e5:a3:8c:11:d4:d7:03:e5:82:7e:67:a9:52:fc:61:
f8:67:6d:68:fb:1f:bc:63:8d:dd:db:e2:d0:ab:37:
d7:0f:c1:52:62:56:12:61:2a:75:2b:e7:6d:23:aa:
c8:72:9d:aa:a5:13:7d:da:b4:21:c4:00:94:c4:1f:
00:2f:79:45:ce:91:fc:7d:e0:5a:a2:e8:0f:5e:2e:
8b:35:87:6e:dd:8f:6c:a9:7e:8a:d4:c7:ab:e1:1f:
5b:f5:e4:de:a6:f9:77:b4:f8:ee:6d:66:34:91:ef:
9a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B9:37:C4:86:36:04:5F:DE:B5:60:A0:43:AE:52:AB:9E:64:C7:25
X509v3 Authority Key Identifier:
keyid:30:70:6B:2B:95:58:8D:78:0E:36:EF:82:A8:F5:4A:31:7D:58:69:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHBrK5VYjXgONu-CqPVKMX1YaeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/yLk3xIY2BF_etWCgQ65Sq55kxyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/28debb-3a59-4ee1-bd37-84ed91ec1c65/1/MHBrK5VYjXgONu-CqPVKMX1YaeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.6.0/24
IPv6:
2a10:2307:fffd::-2a10:2307:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
8c:73:5f:47:8a:4d:c0:64:20:0d:bb:44:6f:69:91:40:da:38:
35:c6:d4:c2:81:fb:0b:be:0c:da:3f:c3:e7:51:aa:d9:e6:b5:
0a:2f:e0:de:f3:1a:f2:5c:7f:ad:54:47:b4:f3:25:a8:ca:d8:
6d:c2:38:b0:85:cc:7b:81:d5:14:de:2e:ff:95:c4:8b:d8:85:
23:b1:03:57:8f:98:9c:46:1c:70:02:43:e2:01:33:e5:48:b5:
94:6a:35:95:1d:5c:1c:10:6f:e8:5e:34:3d:5c:50:7c:fa:d5:
00:0e:8a:14:0f:bd:8e:33:ed:c1:17:1a:6d:ff:e7:87:08:61:
c2:18:34:28:0a:44:e8:44:5f:4c:22:03:79:79:40:25:43:88:
ef:db:27:55:5a:52:16:07:bd:46:11:f3:06:d2:87:78:2a:a8:
18:6a:02:c8:35:1d:26:5d:13:84:37:1f:ca:dd:89:95:a1:cb:
19:67:c0:d7:1f:49:d0:fc:43:c0:2b:56:ab:c1:f0:f1:0a:b1:
da:53:73:cb:ee:6b:58:a9:37:28:48:55:68:af:63:66:d0:5d:
d2:29:0d:55:7b:89:a0:b2:a8:33:16:2b:d3:9b:a3:34:ce:20:
87:2a:9d:33:df:ec:f3:97:87:0f:da:73:ce:08:94:76:7f:9a:
1e:43:11:b2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHJ0zDde0/0FhV2U4f9+XnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzA2YjJiOTU1ODhkNzgwZTM2ZWY4MmE4ZjU0YTMxN2Q1
ODY5ZTIwHhcNMjQwMTAxMjIzMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGI5MzdjNDg2MzYwNDVmZGViNTYwYTA0M2FlNTJhYjllNjRjNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHPPN8P9M+okX1+wtrJrqFYQ2RbZ
9rIuvIU5gcY1u4QJqb03ZjWTpei3SIB252FVC6qhFJbrkeeE5iFiojNtOWMZFnLJ
fLuv1iCA1/KutOhB2prgCYWeZe4lbOlB9n9XhzpKCHBo28Z2+Hl2fTRnfS57jpfr
o9X7ormiIMF9sraAV2TaMx4xmHhd1drEu2/u6anXh03lo4wR1NcD5YJ+Z6lS/GH4
Z21o+x+8Y43d2+LQqzfXD8FSYlYSYSp1K+dtI6rIcp2qpRN92rQhxACUxB8AL3lF
zpH8feBaougPXi6LNYdu3Y9sqX6K1Mer4R9b9eTepvl3tPjubWY0ke+a7wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMi5N8SGNgRf3rVgoEOuUqueZMclMB8GA1UdIwQY
MBaAFDBwayuVWI14Djbvgqj1SjF9WGniMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzct
ODRlZDkxZWMxYzY1LzEveUxrM3hJWTJCRl9ldFdDZ1E2NVNxNTVreHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yOGRlYmItM2E1OS00ZWUxLWJkMzctODRlZDkxZWMxYzY1
LzEvTUhCcks1VllqWGdPTnUtQ3FQVktNWDFZYWVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAuUAGMBgE
AgACMBIwEAMHACoQIwf//QMFAyoQIwAwDQYJKoZIhvcNAQELBQADggEBAIxzX0eK
TcBkIA27RG9pkUDaODXG1MKB+wu+DNo/w+dRqtnmtQov4N7zGvJcf61UR7TzJajK
2G3COLCFzHuB1RTeLv+VxIvYhSOxA1ePmJxGHHACQ+IBM+VItZRqNZUdXBwQb+he
ND1cUHz61QAOihQPvY4z7cEXGm3/54cIYcIYNCgKROhEX0wiA3l5QCVDiO/bJ1Va
UhYHvUYR8wbSh3gqqBhqAsg1HSZdE4Q3H8rdiZWhyxlnwNcfSdD8Q8ArVqvB8PEK
sdpTc8vua1ipNyhIVWivY2bQXdIpDVV7iaCyqDMWK9ObozTOIIcqnTPf7POXhw/a
c84IlHZ/mh5DEbI=
-----END CERTIFICATE-----
Generated at Thu May 2 13:30:23 2024 by rpki-client on console-ams.rpki-client.org