Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/jhZ7_mCRX57QUbnIcrSnYHZPQgg.roa
File: jhZ7_mCRX57QUbnIcrSnYHZPQgg.roa (raw, json)
Hash identifier: q7wMIF+1g+NPKcxOz+H1iwr1RLtWBRLOtlY2QNZ3Occ=
Subject key identifier: 8E:16:7B:FE:60:91:5F:9E:D0:51:B9:C8:72:B4:A7:60:76:4F:42:08
Certificate issuer: /CN=c66dc60d16dfe1649d86c1693e17858c2306387f
Certificate serial: 018CC9BC4964A23E4C4FE4C01D3C873D9E5B
Authority key identifier: C6:6D:C6:0D:16:DF:E1:64:9D:86:C1:69:3E:17:85:8C:23:06:38:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm3GDRbf4WSdhsFpPheFjCMGOH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/jhZ7_mCRX57QUbnIcrSnYHZPQgg.roa
Signing time: Tue 02 Jan 2024 10:33:29 +0000
ROA not before: Tue 02 Jan 2024 10:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200569
IP address blocks: 185.99.204.0/22 maxlen: 22
2a06:1480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/xm3GDRbf4WSdhsFpPheFjCMGOH8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/xm3GDRbf4WSdhsFpPheFjCMGOH8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xm3GDRbf4WSdhsFpPheFjCMGOH8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:49:64:a2:3e:4c:4f:e4:c0:1d:3c:87:3d:9e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66dc60d16dfe1649d86c1693e17858c2306387f
Validity
Not Before: Jan 2 10:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e167bfe60915f9ed051b9c872b4a760764f4208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d4:37:fd:06:3c:1c:0f:d2:e8:bd:50:ec:5a:
dc:55:a5:6c:8a:3a:d6:e2:b1:24:c9:10:64:b8:55:
a1:5a:94:c0:1d:71:70:85:bb:bc:5f:57:49:57:10:
ac:f2:c6:f0:07:da:6f:83:d1:c5:f2:0b:a4:18:d5:
8f:22:f6:e1:46:2d:61:a9:e3:9c:3d:cd:b9:91:60:
f6:ca:aa:dc:99:fc:39:d2:a3:c3:cc:2e:47:4c:15:
15:26:0e:2e:99:4d:db:2d:41:6d:fe:4a:b2:91:9f:
94:f9:91:a0:48:8b:a2:70:a1:65:5c:7a:75:22:2c:
12:ad:62:f1:bd:96:7b:9e:d3:a1:71:39:fa:e5:47:
cc:0e:af:ae:fc:63:3e:3f:6c:ed:6b:7e:a2:07:c5:
d9:bb:68:e0:d9:ac:95:c0:91:4e:8b:21:0e:c2:85:
ff:87:fe:33:fd:59:55:5c:da:ec:82:ed:e6:14:29:
2c:b7:9f:17:fa:01:6b:dd:e7:25:01:36:8d:ec:94:
f7:eb:f6:a1:3c:bc:f3:e1:8f:3c:4b:8a:b1:30:2e:
c4:5a:f1:53:74:cd:ee:1b:39:8d:e1:cc:cd:da:de:
5f:0b:73:1f:5c:2c:4b:cc:a0:67:aa:b8:d6:c8:fc:
c9:00:a7:cf:8d:cc:07:78:60:a2:62:87:61:40:97:
73:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:16:7B:FE:60:91:5F:9E:D0:51:B9:C8:72:B4:A7:60:76:4F:42:08
X509v3 Authority Key Identifier:
keyid:C6:6D:C6:0D:16:DF:E1:64:9D:86:C1:69:3E:17:85:8C:23:06:38:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm3GDRbf4WSdhsFpPheFjCMGOH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/jhZ7_mCRX57QUbnIcrSnYHZPQgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/xm3GDRbf4WSdhsFpPheFjCMGOH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.204.0/22
IPv6:
2a06:1480::/29
Signature Algorithm: sha256WithRSAEncryption
27:fc:d9:7e:bf:4d:86:ee:56:55:47:1a:a9:e9:8d:89:8d:8b:
83:14:75:21:2c:7e:9c:57:cc:27:e4:cb:a0:e0:85:21:dc:e7:
27:26:24:d0:77:3c:2d:ee:e7:b0:2a:d0:27:b1:06:fb:d4:16:
ce:d1:14:d7:b6:96:9a:90:75:25:74:a2:96:58:4b:b1:34:29:
df:6b:82:13:b6:17:0d:f1:db:47:d3:e6:d6:d9:85:ef:1f:c9:
cc:64:7d:58:4b:9b:75:44:5f:33:a5:40:80:69:88:39:c6:53:
77:c3:c6:05:cd:42:d5:2b:0b:61:8f:36:ec:2a:6d:d8:43:f0:
eb:d5:43:65:b8:b6:7d:10:ab:bd:41:d5:6d:5e:92:07:47:7f:
61:38:68:ad:14:d4:88:a5:3d:04:e2:14:7a:2c:7b:bb:b7:2e:
28:6d:74:91:7d:11:0d:7f:3c:a6:58:eb:02:e9:31:cd:de:c0:
9e:95:77:9d:c6:7d:72:87:98:d9:f6:b9:08:cc:ee:db:3d:e8:
55:7a:e8:57:68:24:b3:10:f3:c9:26:a7:17:2e:59:dc:1b:94:
41:c6:61:6d:a6:00:27:38:98:6f:74:f3:a4:ce:b5:06:0b:f7:
65:0b:1e:0b:7f:a5:62:25:d7:0a:bf:5a:54:5d:f7:27:92:21:
f3:8d:2d:11
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvElkoj5MT+TAHTyHPZ5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmRjNjBkMTZkZmUxNjQ5ZDg2YzE2OTNlMTc4NThjMjMw
NjM4N2YwHhcNMjQwMTAyMTAzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTE2N2JmZTYwOTE1ZjllZDA1MWI5Yzg3MmI0YTc2MDc2NGY0MjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9Q3/QY8HA/S6L1Q7FrcVaVsijrW
4rEkyRBkuFWhWpTAHXFwhbu8X1dJVxCs8sbwB9pvg9HF8gukGNWPIvbhRi1hqeOc
Pc25kWD2yqrcmfw50qPDzC5HTBUVJg4umU3bLUFt/kqykZ+U+ZGgSIuicKFlXHp1
IiwSrWLxvZZ7ntOhcTn65UfMDq+u/GM+P2zta36iB8XZu2jg2ayVwJFOiyEOwoX/
h/4z/VlVXNrsgu3mFCkst58X+gFr3eclATaN7JT36/ahPLzz4Y88S4qxMC7EWvFT
dM3uGzmN4czN2t5fC3MfXCxLzKBnqrjWyPzJAKfPjcwHeGCiYodhQJdz2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI4We/5gkV+e0FG5yHK0p2B2T0IIMB8GA1UdIwQY
MBaAFMZtxg0W3+FknYbBaT4XhYwjBjh/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0zR0RSYmY0V1NkaHNGcFBoZUZqQ01HT0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mMGUxNjEtYTQzYy00ZDMxLWI2NWQt
ZDRmZWQ1MDg1MzkyLzEvamhaN19tQ1JYNTdRVWJuSWNyU25ZSFpQUWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9mMGUxNjEtYTQzYy00ZDMxLWI2NWQtZDRmZWQ1MDg1Mzky
LzEveG0zR0RSYmY0V1NkaHNGcFBoZUZqQ01HT0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWPMMA0E
AgACMAcDBQMqBhSAMA0GCSqGSIb3DQEBCwUAA4IBAQAn/Nl+v02G7lZVRxqp6Y2J
jYuDFHUhLH6cV8wn5Mug4IUh3OcnJiTQdzwt7uewKtAnsQb71BbO0RTXtpaakHUl
dKKWWEuxNCnfa4ITthcN8dtH0+bW2YXvH8nMZH1YS5t1RF8zpUCAaYg5xlN3w8YF
zULVKwthjzbsKm3YQ/Dr1UNluLZ9EKu9QdVtXpIHR39hOGitFNSIpT0E4hR6LHu7
ty4obXSRfRENfzymWOsC6THN3sCelXedxn1yh5jZ9rkIzO7bPehVeuhXaCSzEPPJ
JqcXLlncG5RBxmFtpgAnOJhvdPOkzrUGC/dlCx4Lf6ViJdcKv1pUXfcnkiHzjS0R
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:26 2024 by rpki-client on console-fra.rpki-client.org