Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/193988-9572-455c-a268-de40daa2684d/1/9j_l78SHZjVaIszTnE7Ivn1YQgo.roa
File: 9j_l78SHZjVaIszTnE7Ivn1YQgo.roa (raw, json)
Hash identifier: Y90m4XlKUp3WKSUvj+NB6fPe1MXMLvtdPzctNq6u4/Y=
Subject key identifier: F6:3F:E5:EF:C4:87:66:35:5A:22:CC:D3:9C:4E:C8:BE:7D:58:42:0A
Certificate issuer: /CN=d55d0f8888edc920868c661622f643744e6e56c8
Certificate serial: 018FC8F39362D36064796FDB0808BD8C6138
Authority key identifier: D5:5D:0F:88:88:ED:C9:20:86:8C:66:16:22:F6:43:74:4E:6E:56:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1V0PiIjtySCGjGYWIvZDdE5uVsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/193988-9572-455c-a268-de40daa2684d/1/9j_l78SHZjVaIszTnE7Ivn1YQgo.roa
Signing time: Thu 30 May 2024 10:02:37 +0000
ROA not before: Thu 30 May 2024 10:02:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51001
IP address blocks: 185.158.236.0/24 maxlen: 24
185.158.237.0/24 maxlen: 24
185.158.238.0/24 maxlen: 24
185.158.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/193988-9572-455c-a268-de40daa2684d/1/1V0PiIjtySCGjGYWIvZDdE5uVsg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/193988-9572-455c-a268-de40daa2684d/1/1V0PiIjtySCGjGYWIvZDdE5uVsg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1V0PiIjtySCGjGYWIvZDdE5uVsg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c8:f3:93:62:d3:60:64:79:6f:db:08:08:bd:8c:61:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d55d0f8888edc920868c661622f643744e6e56c8
Validity
Not Before: May 30 10:02:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f63fe5efc48766355a22ccd39c4ec8be7d58420a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:46:1b:fc:ec:23:14:0f:d8:d1:85:e9:54:dd:
d6:6a:a4:8d:14:be:f8:3c:44:54:3d:ab:1f:c6:68:
43:f2:04:f5:a0:d5:07:43:38:ee:d4:b7:e9:1c:53:
63:6e:ec:81:8a:7b:72:92:27:9d:78:77:dc:6f:15:
f4:59:b7:50:6a:b7:11:d8:5a:80:8d:4e:64:06:6e:
8c:84:32:71:13:84:84:b0:2b:64:35:74:c8:09:e8:
92:2a:cd:b1:bd:b2:e0:ef:f7:ba:be:df:cc:46:f4:
71:54:8b:60:70:31:01:95:40:7c:e8:db:00:d8:96:
dd:ec:fd:af:18:5f:5c:e3:8f:b9:d6:76:c6:d9:ad:
56:90:53:b2:78:cb:56:56:8f:95:8c:38:21:ab:f0:
d6:c5:73:69:2f:4b:30:c8:ab:c3:ba:62:0e:c9:8d:
cd:a3:7a:9c:81:e2:7e:26:d4:de:9b:06:02:c1:3d:
98:fa:b2:b9:de:8d:b3:04:92:69:98:6f:77:de:c6:
71:da:9a:62:1b:a6:34:f8:41:3c:8c:87:2b:ca:21:
e1:17:87:9f:10:96:88:d2:2b:0f:47:5c:eb:2c:44:
f6:b6:66:26:3f:8d:80:88:5b:9f:b6:a0:38:62:1b:
a7:01:b7:52:86:ee:4e:f1:0f:b4:b6:31:25:67:f7:
71:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:3F:E5:EF:C4:87:66:35:5A:22:CC:D3:9C:4E:C8:BE:7D:58:42:0A
X509v3 Authority Key Identifier:
keyid:D5:5D:0F:88:88:ED:C9:20:86:8C:66:16:22:F6:43:74:4E:6E:56:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1V0PiIjtySCGjGYWIvZDdE5uVsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/193988-9572-455c-a268-de40daa2684d/1/9j_l78SHZjVaIszTnE7Ivn1YQgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/193988-9572-455c-a268-de40daa2684d/1/1V0PiIjtySCGjGYWIvZDdE5uVsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.236.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:29:fa:f8:62:2d:f9:77:71:67:c9:2b:9b:64:ba:c5:93:d2:
ce:93:ad:58:ea:08:8b:e7:6f:66:e3:8d:77:3c:47:c2:d0:3a:
68:74:02:9e:aa:73:a5:56:9d:cb:1c:25:f0:b2:19:4d:74:bb:
d4:01:14:47:5f:43:38:6f:bc:85:f1:c0:38:60:19:f2:3a:c9:
cd:2e:d6:96:d5:92:c2:4c:ad:e1:74:70:78:5e:5c:c4:74:c2:
09:b4:52:24:da:05:8a:ae:e3:e7:e2:ae:f9:6a:1f:c1:69:3d:
b4:d6:b6:1a:84:56:05:6b:a6:11:a6:1f:a5:ea:21:33:6d:d9:
b0:36:78:40:84:11:47:89:57:21:82:f1:fa:a3:4f:8a:6a:0f:
b8:64:58:3b:1a:15:74:8f:20:00:a4:f2:99:fe:e7:2d:5a:22:
94:7c:93:8d:27:92:9f:30:b5:39:6d:20:4f:23:51:02:2b:10:
50:bc:c9:52:60:69:ce:3e:ae:95:48:33:56:81:cb:70:5b:d5:
0d:65:1b:4a:fe:e4:85:cd:d3:31:9d:ac:d7:08:2b:c4:8a:40:
62:da:b2:a4:03:57:40:61:ba:1b:e6:b5:00:e9:21:94:64:03:
51:88:9d:42:31:4c:a9:23:1b:b8:c6:ad:b5:82:f9:74:50:76:
84:c3:e1:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/I85Ni02BkeW/bCAi9jGE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NWQwZjg4ODhlZGM5MjA4NjhjNjYxNjIyZjY0Mzc0NGU2
ZTU2YzgwHhcNMjQwNTMwMTAwMjM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjNmZTVlZmM0ODc2NjM1NWEyMmNjZDM5YzRlYzhiZTdkNTg0MjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0Yb/OwjFA/Y0YXpVN3WaqSNFL74
PERUPasfxmhD8gT1oNUHQzju1LfpHFNjbuyBintykiedeHfcbxX0WbdQarcR2FqA
jU5kBm6MhDJxE4SEsCtkNXTICeiSKs2xvbLg7/e6vt/MRvRxVItgcDEBlUB86NsA
2Jbd7P2vGF9c44+51nbG2a1WkFOyeMtWVo+VjDghq/DWxXNpL0swyKvDumIOyY3N
o3qcgeJ+JtTemwYCwT2Y+rK53o2zBJJpmG933sZx2ppiG6Y0+EE8jIcryiHhF4ef
EJaI0isPR1zrLET2tmYmP42AiFuftqA4YhunAbdShu5O8Q+0tjElZ/dxLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPY/5e/Eh2Y1WiLM05xOyL59WEIKMB8GA1UdIwQY
MBaAFNVdD4iI7ckghoxmFiL2Q3ROblbIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVYwUGlJanR5U0NHakdZV0l2WkRkRTV1VnNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8xOTM5ODgtOTU3Mi00NTVjLWEyNjgt
ZGU0MGRhYTI2ODRkLzEvOWpfbDc4U0haalZhSXN6VG5FN0l2bjFZUWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8xOTM5ODgtOTU3Mi00NTVjLWEyNjgtZGU0MGRhYTI2ODRk
LzEvMVYwUGlJanR5U0NHakdZV0l2WkRkRTV1VnNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ7sMA0G
CSqGSIb3DQEBCwUAA4IBAQCnKfr4Yi35d3FnySubZLrFk9LOk61Y6giL529m4413
PEfC0DpodAKeqnOlVp3LHCXwshlNdLvUARRHX0M4b7yF8cA4YBnyOsnNLtaW1ZLC
TK3hdHB4XlzEdMIJtFIk2gWKruPn4q75ah/BaT201rYahFYFa6YRph+l6iEzbdmw
NnhAhBFHiVchgvH6o0+Kag+4ZFg7GhV0jyAApPKZ/uctWiKUfJONJ5KfMLU5bSBP
I1ECKxBQvMlSYGnOPq6VSDNWgctwW9UNZRtK/uSFzdMxnazXCCvEikBi2rKkA1dA
Ybob5rUA6SGUZANRiJ1CMUypIxu4xq21gvl0UHaEw+FO
-----END CERTIFICATE-----
Generated at Sun Sep 29 00:29:55 2024 by rpki-client on console-fra.rpki-client.org