Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/602bfe-7a40-4f5a-9ec9-37a5d9ca6558/1/1bcmDx5XiCsKDAhWsiSmBMN77g0.roa
File: 1bcmDx5XiCsKDAhWsiSmBMN77g0.roa (raw, json)
Hash identifier: u0FHodxE6Sqs4aMp3BLIfXaEiX1Xm4A/+kmYSm7YTmk=
Subject key identifier: D5:B7:26:0F:1E:57:88:2B:0A:0C:08:56:B2:24:A6:04:C3:7B:EE:0D
Certificate issuer: /CN=753cff430f7f1751e697bb30f87fef397cc17fa6
Certificate serial: 018CC7952D33ECE55C21D6A5E78F874F0A6A
Authority key identifier: 75:3C:FF:43:0F:7F:17:51:E6:97:BB:30:F8:7F:EF:39:7C:C1:7F:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTz_Qw9_F1Hml7sw-H_vOXzBf6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/602bfe-7a40-4f5a-9ec9-37a5d9ca6558/1/1bcmDx5XiCsKDAhWsiSmBMN77g0.roa
Signing time: Tue 02 Jan 2024 00:31:31 +0000
ROA not before: Tue 02 Jan 2024 00:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8816
IP address blocks: 185.84.228.0/22 maxlen: 22
212.121.64.0/19 maxlen: 19
212.45.128.0/19 maxlen: 19
217.174.112.0/20 maxlen: 20
2a02:4d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/602bfe-7a40-4f5a-9ec9-37a5d9ca6558/1/dTz_Qw9_F1Hml7sw-H_vOXzBf6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/602bfe-7a40-4f5a-9ec9-37a5d9ca6558/1/dTz_Qw9_F1Hml7sw-H_vOXzBf6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/dTz_Qw9_F1Hml7sw-H_vOXzBf6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:2d:33:ec:e5:5c:21:d6:a5:e7:8f:87:4f:0a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=753cff430f7f1751e697bb30f87fef397cc17fa6
Validity
Not Before: Jan 2 00:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5b7260f1e57882b0a0c0856b224a604c37bee0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3e:c4:fb:bf:6c:13:c8:78:93:fc:21:af:60:
19:4a:6d:ca:79:95:55:f4:c9:60:06:b3:4a:ef:f2:
44:15:d7:a2:73:fa:ce:4c:f8:6c:4d:d8:6b:30:ef:
5a:af:43:ee:69:90:fa:02:48:80:fc:d5:0c:5b:08:
f3:e7:2a:16:96:0f:fa:7c:c7:43:ac:b6:bb:88:1b:
59:31:e4:5a:dd:3e:18:ba:cb:fb:be:f8:2b:e5:0d:
81:f5:b0:43:49:35:38:dd:58:76:89:af:0a:e0:2f:
e5:01:f6:04:bb:8a:95:39:9b:b2:1b:8c:ed:ce:25:
37:20:9c:43:29:5f:93:04:bb:76:fb:75:c8:11:70:
ec:98:a9:de:a6:12:02:98:6b:a4:7d:50:a9:0f:f3:
22:4b:28:24:ff:2a:e5:9d:62:a3:9c:ac:4e:4a:b2:
7f:a9:c7:e5:45:3f:02:8e:d4:03:72:92:86:fc:ab:
0d:ba:51:fe:4e:c5:f9:dc:5b:d5:8e:00:13:04:d0:
2f:a6:8e:a2:33:16:f0:d0:0b:db:f4:dc:5d:86:4e:
d5:08:22:42:73:2f:2c:8c:69:59:79:44:e7:d0:84:
1b:03:0e:65:f4:cd:c3:95:50:82:bc:10:0a:f7:b9:
47:67:36:5d:5c:0a:55:e6:98:b1:10:d1:9e:28:62:
20:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B7:26:0F:1E:57:88:2B:0A:0C:08:56:B2:24:A6:04:C3:7B:EE:0D
X509v3 Authority Key Identifier:
keyid:75:3C:FF:43:0F:7F:17:51:E6:97:BB:30:F8:7F:EF:39:7C:C1:7F:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTz_Qw9_F1Hml7sw-H_vOXzBf6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/602bfe-7a40-4f5a-9ec9-37a5d9ca6558/1/1bcmDx5XiCsKDAhWsiSmBMN77g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/602bfe-7a40-4f5a-9ec9-37a5d9ca6558/1/dTz_Qw9_F1Hml7sw-H_vOXzBf6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.228.0/22
212.45.128.0/19
212.121.64.0/19
217.174.112.0/20
IPv6:
2a02:4d0::/32
Signature Algorithm: sha256WithRSAEncryption
01:1e:ad:a5:63:b8:d4:13:62:63:6a:89:bd:ca:a7:3f:79:c7:
25:9f:0d:89:95:c4:87:d7:91:ba:05:8c:8a:a1:2d:89:00:20:
7c:0d:4f:f2:62:b4:ea:c9:13:2c:fd:42:0b:fd:fa:f8:d9:08:
3f:58:d6:41:a1:2e:b6:e0:87:1e:52:1d:3e:d1:b3:1d:f8:6a:
27:96:1f:20:84:60:36:fe:2b:50:b6:a2:b8:13:89:92:0d:9f:
da:20:e1:55:38:99:53:51:3e:3a:28:15:e5:d1:84:2c:a0:d4:
be:d2:75:30:48:73:27:47:5e:1a:45:a3:cd:e5:41:1c:96:8d:
b2:de:d5:99:d5:54:56:6f:44:6b:b8:2f:33:7b:64:af:d2:d4:
d3:46:8a:d5:54:9c:2b:7f:a5:af:4f:e6:87:99:f3:7c:31:95:
88:0c:47:a9:0f:24:65:a7:59:e6:1e:bb:c2:b9:52:80:b7:25:
0b:a7:5f:2d:48:51:b0:d5:62:1d:33:6f:94:13:ea:b1:20:b3:
f5:27:c1:00:14:2c:d6:3e:a3:c1:ff:09:dd:50:56:97:7a:0e:
77:cc:ef:fa:65:47:fe:e0:0b:72:3e:33:79:db:99:d8:60:f5:
25:5e:b5:39:80:d9:d3:55:89:bf:9b:3e:7e:bc:11:b8:c7:f7:
9c:8e:2c:0e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHlS0z7OVcIdal54+HTwpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1M2NmZjQzMGY3ZjE3NTFlNjk3YmIzMGY4N2ZlZjM5N2Nj
MTdmYTYwHhcNMjQwMTAyMDAzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWI3MjYwZjFlNTc4ODJiMGEwYzA4NTZiMjI0YTYwNGMzN2JlZTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD7E+79sE8h4k/whr2AZSm3KeZVV
9MlgBrNK7/JEFdeic/rOTPhsTdhrMO9ar0PuaZD6AkiA/NUMWwjz5yoWlg/6fMdD
rLa7iBtZMeRa3T4Yusv7vvgr5Q2B9bBDSTU43Vh2ia8K4C/lAfYEu4qVOZuyG4zt
ziU3IJxDKV+TBLt2+3XIEXDsmKnephICmGukfVCpD/MiSygk/yrlnWKjnKxOSrJ/
qcflRT8CjtQDcpKG/KsNulH+TsX53FvVjgATBNAvpo6iMxbw0Avb9Nxdhk7VCCJC
cy8sjGlZeUTn0IQbAw5l9M3DlVCCvBAK97lHZzZdXApV5pixENGeKGIghQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNW3Jg8eV4grCgwIVrIkpgTDe+4NMB8GA1UdIwQY
MBaAFHU8/0MPfxdR5pe7MPh/7zl8wX+mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFR6X1F3OV9GMUhtbDdzdy1IX3ZPWHpCZjZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82MDJiZmUtN2E0MC00ZjVhLTllYzkt
MzdhNWQ5Y2E2NTU4LzEvMWJjbUR4NVhpQ3NLREFoV3NpU21CTU43N2cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS82MDJiZmUtN2E0MC00ZjVhLTllYzktMzdhNWQ5Y2E2NTU4
LzEvZFR6X1F3OV9GMUhtbDdzdy1IX3ZPWHpCZjZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuVTkAwQF
1C2AAwQF1HlAAwQE2a5wMA0EAgACMAcDBQAqAgTQMA0GCSqGSIb3DQEBCwUAA4IB
AQABHq2lY7jUE2Jjaom9yqc/ecclnw2JlcSH15G6BYyKoS2JACB8DU/yYrTqyRMs
/UIL/fr42Qg/WNZBoS624IceUh0+0bMd+Gonlh8ghGA2/itQtqK4E4mSDZ/aIOFV
OJlTUT46KBXl0YQsoNS+0nUwSHMnR14aRaPN5UEclo2y3tWZ1VRWb0RruC8ze2Sv
0tTTRorVVJwrf6WvT+aHmfN8MZWIDEepDyRlp1nmHrvCuVKAtyULp18tSFGw1WId
M2+UE+qxILP1J8EAFCzWPqPB/wndUFaXeg53zO/6ZUf+4AtyPjN525nYYPUlXrU5
gNnTVYm/mz5+vBG4x/ecjiwO
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:55:13 2024 by rpki-client on console-ams.rpki-client.org