Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/iCilyoJRfCcc0PPJTINmdZ6v1Z4.roa
File: iCilyoJRfCcc0PPJTINmdZ6v1Z4.roa (raw, json)
Hash identifier: t0Uk3i6pKN2aSgsxkVFKXbtlgr5ZQRK28z06EGUBOF8=
Subject key identifier: 88:28:A5:CA:82:51:7C:27:1C:D0:F3:C9:4C:83:66:75:9E:AF:D5:9E
Certificate issuer: /CN=26d9a16c2fa7d4c370b5325214be4420b611f1f9
Certificate serial: 018CC794E002098BEB848F6F595FCF63CF66
Authority key identifier: 26:D9:A1:6C:2F:A7:D4:C3:70:B5:32:52:14:BE:44:20:B6:11:F1:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JtmhbC-n1MNwtTJSFL5EILYR8fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/iCilyoJRfCcc0PPJTINmdZ6v1Z4.roa
Signing time: Tue 02 Jan 2024 00:31:11 +0000
ROA not before: Tue 02 Jan 2024 00:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205202
IP address blocks: 185.225.97.0/24 maxlen: 24
185.225.98.0/24 maxlen: 24
185.225.99.0/24 maxlen: 24
2a0d:ac00:2::/48 maxlen: 48
2a0d:ac00:1002::/48 maxlen: 48
2a0d:ac00::/48 maxlen: 48
2a0d:ac00:1000::/48 maxlen: 48
2a0d:ac00:6::/48 maxlen: 48
2a0d:ac00:1006::/48 maxlen: 48
2a0d:ac00:dc01::/48 maxlen: 48
2a0d:ac00:1007::/48 maxlen: 48
2a0d:ac00:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/JtmhbC-n1MNwtTJSFL5EILYR8fk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/JtmhbC-n1MNwtTJSFL5EILYR8fk.mft
rsync://rpki.ripe.net/repository/DEFAULT/JtmhbC-n1MNwtTJSFL5EILYR8fk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:e0:02:09:8b:eb:84:8f:6f:59:5f:cf:63:cf:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26d9a16c2fa7d4c370b5325214be4420b611f1f9
Validity
Not Before: Jan 2 00:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8828a5ca82517c271cd0f3c94c8366759eafd59e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a4:ff:49:6d:31:a5:61:54:b2:62:82:63:ae:
71:86:53:0a:9b:dd:ff:40:d3:e4:0d:71:6a:02:b3:
31:12:50:98:5a:8a:fb:82:4c:fb:f6:82:d3:8c:d7:
e5:5c:1a:27:c3:9e:88:2c:80:c5:88:66:8b:03:c1:
2b:8b:58:5f:99:70:97:64:0d:d8:c4:7a:12:ad:50:
77:23:72:aa:cf:99:d4:a8:6a:62:ba:ef:51:0b:20:
b9:2b:f5:d8:a7:31:cb:27:e3:73:e5:ae:29:f0:77:
e0:53:6a:f8:9e:a7:8d:63:e3:3b:3c:a0:d1:41:18:
33:f1:b1:49:ea:ad:5c:7b:46:f1:fb:ad:78:b2:8e:
f1:5d:08:a6:96:4e:04:12:00:15:f8:03:46:63:84:
51:d5:62:2d:8b:f6:95:44:2b:13:68:ae:2d:67:41:
8d:9a:5e:24:2b:d0:cb:78:00:23:67:a4:ed:14:45:
36:55:8b:de:89:a0:18:3d:99:c7:ac:4b:1e:1f:27:
65:6d:0d:14:d7:0f:64:f2:f8:3a:73:c3:a9:a0:53:
0a:89:ba:ef:d4:b0:d5:d7:87:97:44:fc:a9:f3:3b:
b5:90:f6:9d:7a:c5:7a:5c:ae:4f:42:c9:31:fa:13:
01:f8:a6:08:2d:c7:72:ca:fe:ce:74:fa:b1:b5:0b:
8a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:28:A5:CA:82:51:7C:27:1C:D0:F3:C9:4C:83:66:75:9E:AF:D5:9E
X509v3 Authority Key Identifier:
keyid:26:D9:A1:6C:2F:A7:D4:C3:70:B5:32:52:14:BE:44:20:B6:11:F1:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JtmhbC-n1MNwtTJSFL5EILYR8fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/iCilyoJRfCcc0PPJTINmdZ6v1Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/c5fc54-74c2-4f3d-95c1-44023c3b784e/1/JtmhbC-n1MNwtTJSFL5EILYR8fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.97.0-185.225.99.255
IPv6:
2a0d:ac00::/48
2a0d:ac00:2::/48
2a0d:ac00:6::/47
2a0d:ac00:1000::/48
2a0d:ac00:1002::/48
2a0d:ac00:1006::/47
2a0d:ac00:dc01::/48
Signature Algorithm: sha256WithRSAEncryption
a1:58:07:b1:0d:4e:67:ac:25:f5:d2:74:a7:ca:a3:f7:af:bd:
df:ec:c6:b2:b1:db:1c:f0:af:53:28:21:2e:99:2f:d5:6a:69:
d5:0f:be:ff:4c:55:55:65:9b:d3:99:15:ee:37:fb:34:23:1b:
59:36:16:f7:02:0e:c5:7c:67:2e:43:db:8a:9e:69:70:8d:70:
04:98:98:e6:92:b0:85:6e:10:c2:4f:99:55:f7:13:f5:27:16:
b8:6b:7f:7f:b5:9c:32:65:62:7f:ec:9b:f3:d2:c2:9e:ac:1a:
03:bd:9e:58:4a:4e:02:28:4f:f8:25:04:a1:75:88:da:51:09:
f3:20:27:d1:5f:ad:8a:4e:38:a4:97:af:1f:29:a4:4b:74:20:
cc:43:99:18:fa:96:bb:c4:c2:c2:32:dd:95:09:ae:9f:1e:47:
b4:8e:58:15:04:6c:00:ad:e5:4e:a6:77:95:92:9b:bf:c5:59:
d7:15:50:ed:b8:af:ee:c6:30:84:ea:35:f9:25:4e:ce:7a:46:
3c:9c:c1:6c:26:43:3a:28:1a:cc:4c:12:92:98:a9:3a:d4:7c:
7b:a8:e5:70:b2:b7:b1:3b:0c:fc:1e:f7:95:6a:4d:00:38:4f:
19:56:18:37:ca:78:e2:34:aa:f3:2c:68:e7:63:16:cc:a1:00:
55:36:17:54
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYzHlOACCYvrhI9vWV/PY89mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZDlhMTZjMmZhN2Q0YzM3MGI1MzI1MjE0YmU0NDIwYjYx
MWYxZjkwHhcNMjQwMTAyMDAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODI4YTVjYTgyNTE3YzI3MWNkMGYzYzk0YzgzNjY3NTllYWZkNTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6T/SW0xpWFUsmKCY65xhlMKm93/
QNPkDXFqArMxElCYWor7gkz79oLTjNflXBonw56ILIDFiGaLA8Eri1hfmXCXZA3Y
xHoSrVB3I3Kqz5nUqGpiuu9RCyC5K/XYpzHLJ+Nz5a4p8HfgU2r4nqeNY+M7PKDR
QRgz8bFJ6q1ce0bx+614so7xXQimlk4EEgAV+ANGY4RR1WIti/aVRCsTaK4tZ0GN
ml4kK9DLeAAjZ6TtFEU2VYveiaAYPZnHrEseHydlbQ0U1w9k8vg6c8OpoFMKibrv
1LDV14eXRPyp8zu1kPadesV6XK5PQskx+hMB+KYILcdyyv7OdPqxtQuK0QIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFIgopcqCUXwnHNDzyUyDZnWer9WeMB8GA1UdIwQY
MBaAFCbZoWwvp9TDcLUyUhS+RCC2EfH5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnRtaGJDLW4xTU53dFRKU0ZMNUVJTFlSOGZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9jNWZjNTQtNzRjMi00ZjNkLTk1YzEt
NDQwMjNjM2I3ODRlLzEvaUNpbHlvSlJmQ2NjMFBQSlRJTm1kWjZ2MVo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9jNWZjNTQtNzRjMi00ZjNkLTk1YzEtNDQwMjNjM2I3ODRl
LzEvSnRtaGJDLW4xTU53dFRKU0ZMNUVJTFlSOGZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTAUBAIAATAOMAwDBAC54WED
BAK54WAwRQQCAAIwPwMHACoNrAAAAAMHACoNrAAAAgMHASoNrAAABgMHACoNrAAQ
AAMHACoNrAAQAgMHASoNrAAQBgMHACoNrADcATANBgkqhkiG9w0BAQsFAAOCAQEA
oVgHsQ1OZ6wl9dJ0p8qj96+93+zGsrHbHPCvUyghLpkv1Wpp1Q++/0xVVWWb05kV
7jf7NCMbWTYW9wIOxXxnLkPbip5pcI1wBJiY5pKwhW4Qwk+ZVfcT9ScWuGt/f7Wc
MmVif+yb89LCnqwaA72eWEpOAihP+CUEoXWI2lEJ8yAn0V+tik44pJevHymkS3Qg
zEOZGPqWu8TCwjLdlQmunx5HtI5YFQRsAK3lTqZ3lZKbv8VZ1xVQ7biv7sYwhOo1
+SVOznpGPJzBbCZDOigazEwSkpipOtR8e6jlcLK3sTsM/B73lWpNADhPGVYYN8p4
4jSq8yxo52MWzKEAVTYXVA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:29:55 2024 by rpki-client on console-ams.rpki-client.org