Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/_z2hNdi-TdTij43ReZPTugBa0zU.roa
File: _z2hNdi-TdTij43ReZPTugBa0zU.roa (raw, json)
Hash identifier: yY5BFiZiX1sLL+kMfzJfu7rIJjyIeAMhK0ytKsvzwyM=
Subject key identifier: FF:3D:A1:35:D8:BE:4D:D4:E2:8F:8D:D1:79:93:D3:BA:00:5A:D3:35
Certificate issuer: /CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Certificate serial: 018CC86F0E9298567C7C63B97D9FBEDC2C8E
Authority key identifier: 9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/_z2hNdi-TdTij43ReZPTugBa0zU.roa
Signing time: Tue 02 Jan 2024 04:29:30 +0000
ROA not before: Tue 02 Jan 2024 04:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202918
IP address blocks: 185.246.28.0/23 maxlen: 23
185.150.156.0/22 maxlen: 22
2a0d:7380::/29 maxlen: 29
2a07:71c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:0e:92:98:56:7c:7c:63:b9:7d:9f:be:dc:2c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d239c08ead94bb04fc3e6b4a65e6e1c7dcf38f4
Validity
Not Before: Jan 2 04:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff3da135d8be4dd4e28f8dd17993d3ba005ad335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e5:02:6f:78:9e:12:f3:46:30:f6:58:22:e1:
90:2c:4e:c7:bf:e7:ca:28:da:e3:60:82:29:78:cb:
58:d6:cf:cf:c2:a8:1b:a5:03:4d:ec:16:60:1a:40:
98:b4:9f:6d:85:2f:c5:b2:fc:07:bd:08:30:c7:a6:
ef:bc:a9:83:ca:8c:a8:f1:16:46:e1:12:b2:a2:50:
98:b3:5c:c2:6f:06:25:61:e2:76:b3:e9:20:1d:2d:
5c:8a:62:af:74:80:5f:65:ab:f9:8c:0f:30:97:35:
e2:e0:3b:de:fa:fb:0f:c1:8d:58:f0:3d:13:95:aa:
d8:61:9d:89:a6:ed:63:12:8f:7e:3c:51:0e:1f:56:
de:0c:6f:3e:38:de:c7:90:5c:7e:df:b2:3f:9d:31:
b8:d5:f4:fe:fc:79:47:16:96:a2:f9:a4:ec:e9:8e:
1c:ef:7c:e6:47:db:38:5f:55:24:d8:c4:fb:94:05:
9d:5d:ac:99:9e:c7:64:fb:75:99:cc:51:dc:38:a6:
9e:3c:d1:6a:5f:1e:78:f3:a7:fd:ae:a9:32:20:09:
13:61:20:0a:94:c2:87:12:b5:b0:d1:d6:43:66:4d:
8c:3f:24:6a:4f:98:c6:9b:de:90:56:58:c2:56:d8:
72:a6:75:0f:6d:9b:39:69:84:20:e4:a9:52:87:66:
10:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3D:A1:35:D8:BE:4D:D4:E2:8F:8D:D1:79:93:D3:BA:00:5A:D3:35
X509v3 Authority Key Identifier:
keyid:9D:23:9C:08:EA:D9:4B:B0:4F:C3:E6:B4:A6:5E:6E:1C:7D:CF:38:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSOcCOrZS7BPw-a0pl5uHH3POPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/_z2hNdi-TdTij43ReZPTugBa0zU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/060859-7707-412a-9810-dbb2931a0f64/1/nSOcCOrZS7BPw-a0pl5uHH3POPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.156.0/22
185.246.28.0/23
IPv6:
2a07:71c0::/29
2a0d:7380::/29
Signature Algorithm: sha256WithRSAEncryption
12:75:e2:22:4a:ee:a9:8d:0b:59:1f:86:bd:b0:ac:3f:4a:a8:
46:50:81:94:41:50:a5:09:11:87:ef:c0:e5:b1:dd:2b:15:43:
2f:c3:2f:48:0e:bc:29:ff:d7:0f:02:75:72:92:06:c1:b6:72:
d0:c6:84:58:ca:6d:6e:6a:ba:bc:a2:5f:45:b9:33:46:51:c2:
08:c9:fd:32:b8:f1:7f:39:50:71:cf:f7:f8:6e:cc:79:1c:08:
4a:31:a2:db:e2:4f:05:b0:aa:1e:cb:d2:bf:8c:dc:a9:e9:ff:
8a:fb:be:1d:a1:97:fc:5c:92:1a:18:85:b3:37:90:03:46:f3:
dd:60:b8:61:00:f9:87:c3:25:d8:2a:90:91:7f:c7:f1:4a:60:
b1:31:15:0f:49:02:75:71:d3:bb:b8:b7:5e:ec:51:44:bf:45:
4a:67:07:88:d1:55:4e:92:7f:20:68:4e:52:0b:2e:54:3a:25:
e3:68:f8:ac:0b:8e:69:7b:5a:58:c8:0c:bf:19:4c:75:99:72:
d0:c4:ba:7a:61:63:f7:c0:8c:02:73:94:5a:22:20:dc:08:a1:
f3:4c:63:78:2d:00:1e:11:43:e7:89:6e:80:f1:31:b4:2e:97:
17:b9:5f:dc:44:ec:09:66:2d:c6:e5:bc:83:a8:32:e6:0c:15:
f0:99:47:8e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzIbw6SmFZ8fGO5fZ++3CyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjM5YzA4ZWFkOTRiYjA0ZmMzZTZiNGE2NWU2ZTFjN2Rj
ZjM4ZjQwHhcNMjQwMTAyMDQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNkYTEzNWQ4YmU0ZGQ0ZTI4ZjhkZDE3OTkzZDNiYTAwNWFkMzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeUCb3ieEvNGMPZYIuGQLE7Hv+fK
KNrjYIIpeMtY1s/PwqgbpQNN7BZgGkCYtJ9thS/FsvwHvQgwx6bvvKmDyoyo8RZG
4RKyolCYs1zCbwYlYeJ2s+kgHS1cimKvdIBfZav5jA8wlzXi4Dve+vsPwY1Y8D0T
larYYZ2Jpu1jEo9+PFEOH1beDG8+ON7HkFx+37I/nTG41fT+/HlHFpai+aTs6Y4c
73zmR9s4X1Uk2MT7lAWdXayZnsdk+3WZzFHcOKaePNFqXx5486f9rqkyIAkTYSAK
lMKHErWw0dZDZk2MPyRqT5jGm96QVljCVthypnUPbZs5aYQg5KlSh2YQbQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFP89oTXYvk3U4o+N0XmT07oAWtM1MB8GA1UdIwQY
MBaAFJ0jnAjq2UuwT8PmtKZebhx9zzj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAt
ZGJiMjkzMWEwZjY0LzEvX3oyaE5kaS1UZFRpajQzUmVaUFR1Z0JhMHpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wNjA4NTktNzcwNy00MTJhLTk4MTAtZGJiMjkzMWEwZjY0
LzEvblNPY0NPclpTN0JQdy1hMHBsNXVISDNQT1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuZacAwQB
ufYcMBQEAgACMA4DBQMqB3HAAwUDKg1zgDANBgkqhkiG9w0BAQsFAAOCAQEAEnXi
IkruqY0LWR+GvbCsP0qoRlCBlEFQpQkRh+/A5bHdKxVDL8MvSA68Kf/XDwJ1cpIG
wbZy0MaEWMptbmq6vKJfRbkzRlHCCMn9MrjxfzlQcc/3+G7MeRwISjGi2+JPBbCq
HsvSv4zcqen/ivu+HaGX/FySGhiFszeQA0bz3WC4YQD5h8Ml2CqQkX/H8UpgsTEV
D0kCdXHTu7i3XuxRRL9FSmcHiNFVTpJ/IGhOUgsuVDol42j4rAuOaXtaWMgMvxlM
dZly0MS6emFj98CMAnOUWiIg3Aih80xjeC0AHhFD54lugPExtC6XF7lf3ETsCWYt
xuW8g6gy5gwV8JlHjg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:18:35 2024 by rpki-client on console-fra.rpki-client.org