Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/s3bjUbrJf842lRbnAqBnVtPmnAg.roa
File: s3bjUbrJf842lRbnAqBnVtPmnAg.roa (raw, json)
Hash identifier: n++KTN7o4UD3GeNncwm4fRqUkdHn9piYgMzdcQVGFr4=
Subject key identifier: B3:76:E3:51:BA:C9:7F:CE:36:95:16:E7:02:A0:67:56:D3:E6:9C:08
Certificate issuer: /CN=52a165dc3aafbe2c62e265ff104327a3e675f89f
Certificate serial: 018CC94E490861CE299E31C723FBE16C3325
Authority key identifier: 52:A1:65:DC:3A:AF:BE:2C:62:E2:65:FF:10:43:27:A3:E6:75:F8:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/s3bjUbrJf842lRbnAqBnVtPmnAg.roa
Signing time: Tue 02 Jan 2024 08:33:20 +0000
ROA not before: Tue 02 Jan 2024 08:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210352
IP address blocks: 185.143.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/UqFl3Dqvvixi4mX_EEMno-Z1-J8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/UqFl3Dqvvixi4mX_EEMno-Z1-J8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:49:08:61:ce:29:9e:31:c7:23:fb:e1:6c:33:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52a165dc3aafbe2c62e265ff104327a3e675f89f
Validity
Not Before: Jan 2 08:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b376e351bac97fce369516e702a06756d3e69c08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ac:f4:98:58:c5:62:1b:13:60:4b:c3:eb:a2:
fa:ac:5e:6b:3f:bd:64:a1:bf:38:cd:dc:1d:8d:39:
74:9b:f9:19:06:48:83:ac:53:b5:db:32:37:b5:7c:
b7:6c:b1:53:a3:2a:23:96:12:5f:77:11:bb:15:c4:
10:fa:51:5c:e8:41:02:1f:4b:d1:28:c0:4f:81:d9:
70:28:6b:dc:b0:2d:2e:8a:81:0d:73:d1:80:e8:03:
fd:2b:43:44:57:7c:89:47:ff:5f:24:e6:e8:ef:9f:
08:44:0c:c5:fb:53:1b:39:5c:8d:b3:af:ec:17:07:
cf:50:9c:ea:73:e8:7a:37:89:7e:e5:b1:31:d3:1d:
fb:d3:0e:1e:7c:ae:a4:47:bb:a4:d3:09:c6:21:23:
81:ec:2c:5e:29:a9:6a:60:fb:c1:5b:14:89:9a:05:
db:32:04:fe:50:c8:52:b6:f0:05:8c:c8:b1:5a:42:
de:8e:86:bb:fc:99:37:3f:6b:8e:fe:a0:da:cd:65:
95:87:ec:af:a7:99:83:c5:f8:b0:1e:e6:d8:59:2a:
be:15:a3:1c:ce:d6:d7:80:96:ee:db:d9:f9:73:7f:
6d:03:22:7f:e8:58:e2:18:fe:40:67:57:c3:d3:7a:
d3:ac:93:f7:8d:f4:3b:91:3c:9e:cb:1a:9e:66:f8:
57:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:76:E3:51:BA:C9:7F:CE:36:95:16:E7:02:A0:67:56:D3:E6:9C:08
X509v3 Authority Key Identifier:
keyid:52:A1:65:DC:3A:AF:BE:2C:62:E2:65:FF:10:43:27:A3:E6:75:F8:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqFl3Dqvvixi4mX_EEMno-Z1-J8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/s3bjUbrJf842lRbnAqBnVtPmnAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/80aceb-50e2-40c0-a852-e298b41b6c81/1/UqFl3Dqvvixi4mX_EEMno-Z1-J8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.223.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:89:b1:5c:da:d3:8e:bd:7b:5e:2d:8f:48:52:ef:ad:a3:f5:
15:17:a6:95:ee:53:e4:21:77:2f:14:da:2d:3d:9e:20:9b:90:
cf:d1:07:ac:7d:3a:80:7d:fc:08:8b:37:11:d0:94:58:f6:59:
bc:16:f6:a4:37:cd:80:dd:94:43:f7:4f:ad:c0:98:04:82:a9:
07:9a:5d:3d:53:46:c0:91:36:8a:81:82:cf:21:81:3e:0d:9c:
18:a3:5e:4e:df:d5:89:b1:72:19:39:c2:e4:a4:06:9c:48:73:
53:a9:5c:c8:88:b6:be:d8:dc:b3:6b:dd:ba:95:ae:17:4c:e5:
c0:74:c7:0e:23:bf:03:24:e3:bf:21:b1:4e:bb:20:52:68:bb:
06:79:41:27:e8:0c:28:92:e1:c7:98:34:4a:47:89:b1:aa:2b:
66:cf:a9:ca:d6:88:bb:4a:a0:ee:7f:f6:f5:cf:b7:ad:b2:74:
33:dd:72:1f:30:43:bd:cf:3a:85:de:f9:eb:1a:12:5e:5d:3a:
be:31:38:e7:b8:aa:1a:d7:a0:9e:de:f9:e1:39:86:70:d1:8d:
0b:60:59:08:22:56:4f:53:13:ff:5d:20:5e:10:57:13:cd:af:
6c:67:10:77:2a:dc:6d:fe:f0:d1:c2:29:57:31:cf:8c:21:89:
7e:88:8f:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTkkIYc4pnjHHI/vhbDMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYTE2NWRjM2FhZmJlMmM2MmUyNjVmZjEwNDMyN2EzZTY3
NWY4OWYwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzc2ZTM1MWJhYzk3ZmNlMzY5NTE2ZTcwMmEwNjc1NmQzZTY5YzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqz0mFjFYhsTYEvD66L6rF5rP71k
ob84zdwdjTl0m/kZBkiDrFO12zI3tXy3bLFToyojlhJfdxG7FcQQ+lFc6EECH0vR
KMBPgdlwKGvcsC0uioENc9GA6AP9K0NEV3yJR/9fJObo758IRAzF+1MbOVyNs6/s
FwfPUJzqc+h6N4l+5bEx0x370w4efK6kR7uk0wnGISOB7CxeKalqYPvBWxSJmgXb
MgT+UMhStvAFjMixWkLejoa7/Jk3P2uO/qDazWWVh+yvp5mDxfiwHubYWSq+FaMc
ztbXgJbu29n5c39tAyJ/6FjiGP5AZ1fD03rTrJP3jfQ7kTyeyxqeZvhXtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLN241G6yX/ONpUW5wKgZ1bT5pwIMB8GA1UdIwQY
MBaAFFKhZdw6r74sYuJl/xBDJ6PmdfifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFGbDNEcXZ2aXhpNG1YX0VFTW5vLVoxLUo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84MGFjZWItNTBlMi00MGMwLWE4NTIt
ZTI5OGI0MWI2YzgxLzEvczNialVickpmODQybFJibkFxQm5WdFBtbkFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy84MGFjZWItNTBlMi00MGMwLWE4NTItZTI5OGI0MWI2Yzgx
LzEvVXFGbDNEcXZ2aXhpNG1YX0VFTW5vLVoxLUo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY/fMA0G
CSqGSIb3DQEBCwUAA4IBAQDGibFc2tOOvXteLY9IUu+to/UVF6aV7lPkIXcvFNot
PZ4gm5DP0QesfTqAffwIizcR0JRY9lm8FvakN82A3ZRD90+twJgEgqkHml09U0bA
kTaKgYLPIYE+DZwYo15O39WJsXIZOcLkpAacSHNTqVzIiLa+2Nyza926la4XTOXA
dMcOI78DJOO/IbFOuyBSaLsGeUEn6AwokuHHmDRKR4mxqitmz6nK1oi7SqDuf/b1
z7etsnQz3XIfMEO9zzqF3vnrGhJeXTq+MTjnuKoa16Ce3vnhOYZw0Y0LYFkIIlZP
UxP/XSBeEFcTza9sZxB3Ktxt/vDRwilXMc+MIYl+iI9F
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:37:08 2024 by rpki-client on console-ams.rpki-client.org