Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/wqUrTHKAH5lHmP2sfFKOTBTTOWk.roa
File: wqUrTHKAH5lHmP2sfFKOTBTTOWk.roa (raw, json)
Hash identifier: J6g2M+P7tQXEv6pbKMZLJa+YZoB5DNzWzZuTNCswziE=
Subject key identifier: C2:A5:2B:4C:72:80:1F:99:47:98:FD:AC:7C:52:8E:4C:14:D3:39:69
Certificate issuer: /CN=1f9e25f4a88b8bb43c54d58f6b4e75089f906fd2
Certificate serial: 018CC94D5B14E8684A9A2EC9834AAAA5E936
Authority key identifier: 1F:9E:25:F4:A8:8B:8B:B4:3C:54:D5:8F:6B:4E:75:08:9F:90:6F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H54l9KiLi7Q8VNWPa051CJ-Qb9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/wqUrTHKAH5lHmP2sfFKOTBTTOWk.roa
Signing time: Tue 02 Jan 2024 08:32:19 +0000
ROA not before: Tue 02 Jan 2024 08:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209390
IP address blocks: 185.108.64.0/22 maxlen: 22
185.108.64.0/24 maxlen: 24
185.108.65.0/24 maxlen: 24
185.108.66.0/24 maxlen: 24
2a06:6280::/29 maxlen: 29
2a06:6280:200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/H54l9KiLi7Q8VNWPa051CJ-Qb9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/H54l9KiLi7Q8VNWPa051CJ-Qb9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/H54l9KiLi7Q8VNWPa051CJ-Qb9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:5b:14:e8:68:4a:9a:2e:c9:83:4a:aa:a5:e9:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f9e25f4a88b8bb43c54d58f6b4e75089f906fd2
Validity
Not Before: Jan 2 08:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2a52b4c72801f994798fdac7c528e4c14d33969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:90:27:c0:9c:ce:b1:fd:95:bd:5c:c8:19:c9:
f4:72:67:f4:26:85:08:dd:91:75:62:2e:88:33:ad:
04:cc:45:32:ed:29:e3:c6:0a:40:49:b4:e5:3c:cd:
31:83:0e:dc:ce:fb:67:7b:03:75:91:19:8a:1b:7d:
1d:29:49:14:19:da:75:1c:6a:ee:4d:1b:cf:85:7b:
de:29:9b:d9:e7:71:3d:8a:7b:c5:f1:aa:75:57:28:
e9:a2:96:9f:4f:f4:c4:bd:57:fb:7b:57:5b:18:9f:
ab:50:aa:66:99:fa:d6:29:53:40:54:66:d9:61:ed:
1e:d0:f4:f3:43:fd:01:af:31:42:8f:d8:18:8f:e2:
e2:ee:94:e3:8d:b3:49:c0:21:e5:97:ef:98:f2:35:
b6:76:f2:5a:25:54:0b:47:a6:8d:c7:0b:e2:5b:46:
5f:57:d5:c3:05:c2:76:b1:9c:95:5f:c5:64:21:f4:
06:9e:35:a1:e4:37:e2:f2:d5:d1:d7:66:52:0a:c5:
b5:bb:0a:f7:38:32:7c:ee:00:94:47:3c:da:97:71:
3b:e8:7e:d5:d0:ef:e0:c1:9d:de:bd:dd:4a:ab:98:
52:b9:12:01:a7:43:85:d2:4f:50:3e:d8:02:b5:6a:
82:00:6d:f3:73:be:f8:c6:e3:7b:c9:57:a0:fd:96:
d5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A5:2B:4C:72:80:1F:99:47:98:FD:AC:7C:52:8E:4C:14:D3:39:69
X509v3 Authority Key Identifier:
keyid:1F:9E:25:F4:A8:8B:8B:B4:3C:54:D5:8F:6B:4E:75:08:9F:90:6F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H54l9KiLi7Q8VNWPa051CJ-Qb9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/wqUrTHKAH5lHmP2sfFKOTBTTOWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/H54l9KiLi7Q8VNWPa051CJ-Qb9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.64.0/22
IPv6:
2a06:6280::/29
Signature Algorithm: sha256WithRSAEncryption
41:a6:9d:9d:a3:74:20:07:9f:26:2e:5c:1a:58:c1:d5:14:55:
7f:fd:6b:97:1a:20:dd:eb:f2:ca:d1:9b:b0:f2:a9:bf:d9:e3:
47:e8:78:cd:bd:29:f2:1f:6c:a5:94:42:44:5a:e6:ad:7a:0e:
bb:3c:d5:4c:ed:c9:a5:30:28:cc:9b:c0:25:cf:cd:73:d6:33:
94:6c:ca:73:c7:3a:20:4b:fd:99:99:d9:c6:50:48:0d:ce:ba:
d4:55:d6:0b:d7:77:d7:66:50:34:b5:e1:ac:4d:39:d9:51:0c:
33:ad:6f:83:79:db:9e:c3:ff:b2:9b:35:0f:3b:08:b8:6d:60:
45:17:8a:81:ca:cf:99:2c:19:6e:2c:b2:1d:f7:5a:5e:bc:f7:
72:79:ec:3b:2e:e6:55:e2:52:03:c9:87:41:da:e3:17:7c:b4:
37:4e:5a:e7:a5:bd:5f:b7:9e:a9:3c:73:7a:3a:c0:61:7e:f8:
a0:9b:1b:3e:19:19:17:5c:e1:0e:0b:15:e0:d4:5f:93:ef:0c:
65:0a:1c:01:8b:35:07:fc:89:db:35:2c:5d:52:d2:10:bb:58:
2c:91:61:5e:21:ed:f6:88:e3:08:2e:fd:b0:51:41:db:4a:01:
b8:05:89:bb:d3:bd:c4:cd:55:e7:33:04:06:24:b1:9a:01:10:
eb:14:b0:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTVsU6GhKmi7Jg0qqpek2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOWUyNWY0YTg4YjhiYjQzYzU0ZDU4ZjZiNGU3NTA4OWY5
MDZmZDIwHhcNMjQwMTAyMDgzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmE1MmI0YzcyODAxZjk5NDc5OGZkYWM3YzUyOGU0YzE0ZDMzOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5AnwJzOsf2VvVzIGcn0cmf0JoUI
3ZF1Yi6IM60EzEUy7SnjxgpASbTlPM0xgw7czvtnewN1kRmKG30dKUkUGdp1HGru
TRvPhXveKZvZ53E9invF8ap1VyjpopafT/TEvVf7e1dbGJ+rUKpmmfrWKVNAVGbZ
Ye0e0PTzQ/0BrzFCj9gYj+Li7pTjjbNJwCHll++Y8jW2dvJaJVQLR6aNxwviW0Zf
V9XDBcJ2sZyVX8VkIfQGnjWh5Dfi8tXR12ZSCsW1uwr3ODJ87gCURzzal3E76H7V
0O/gwZ3evd1Kq5hSuRIBp0OF0k9QPtgCtWqCAG3zc774xuN7yVeg/ZbVmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMKlK0xygB+ZR5j9rHxSjkwU0zlpMB8GA1UdIwQY
MBaAFB+eJfSoi4u0PFTVj2tOdQifkG/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDU0bDlLaUxpN1E4Vk5XUGEwNTFDSi1RYjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi81YjVmMjAtNmVmNi00NGI5LWE2OTEt
ZTU1NGEzNWU5ZTc3LzEvd3FVclRIS0FINWxIbVAyc2ZGS09UQlRUT1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi81YjVmMjAtNmVmNi00NGI5LWE2OTEtZTU1NGEzNWU5ZTc3
LzEvSDU0bDlLaUxpN1E4Vk5XUGEwNTFDSi1RYjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWxAMA0E
AgACMAcDBQMqBmKAMA0GCSqGSIb3DQEBCwUAA4IBAQBBpp2do3QgB58mLlwaWMHV
FFV//WuXGiDd6/LK0Zuw8qm/2eNH6HjNvSnyH2yllEJEWuateg67PNVM7cmlMCjM
m8Alz81z1jOUbMpzxzogS/2ZmdnGUEgNzrrUVdYL13fXZlA0teGsTTnZUQwzrW+D
eduew/+ymzUPOwi4bWBFF4qBys+ZLBluLLId91pevPdyeew7LuZV4lIDyYdB2uMX
fLQ3Tlrnpb1ft56pPHN6OsBhfvigmxs+GRkXXOEOCxXg1F+T7wxlChwBizUH/Inb
NSxdUtIQu1gskWFeIe32iOMILv2wUUHbSgG4BYm7073EzVXnMwQGJLGaARDrFLAj
-----END CERTIFICATE-----
Generated at Thu May 23 14:47:02 2024 by rpki-client on console-ams.rpki-client.org