Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/b1pg9sI6thJ37A762QaE_okcX2k.roa
File: b1pg9sI6thJ37A762QaE_okcX2k.roa (raw, json)
Hash identifier: yX6l+lN0MBlx0/bUJRFuE2FTDRzfoA60hEnPLL/+jIQ=
Subject key identifier: 6F:5A:60:F6:C2:3A:B6:12:77:EC:0E:FA:D9:06:84:FE:89:1C:5F:69
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018F4E293F1338E0DB0D8319269E43E1C32B
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/b1pg9sI6thJ37A762QaE_okcX2k.roa
Signing time: Mon 06 May 2024 13:47:57 +0000
ROA not before: Mon 06 May 2024 13:47:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208229
IP address blocks: 185.228.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4e:29:3f:13:38:e0:db:0d:83:19:26:9e:43:e1:c3:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: May 6 13:47:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f5a60f6c23ab61277ec0efad90684fe891c5f69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:23:e0:ff:08:03:66:f2:32:29:40:6f:41:80:
42:06:2a:e9:16:17:ab:87:12:0f:3a:84:3e:cd:ed:
7d:7d:bb:35:b7:ad:34:37:ad:dd:13:83:b6:84:e1:
ac:c6:ef:16:3d:4f:e8:2f:2f:33:b0:07:38:0b:b5:
17:12:10:9f:5c:5c:19:c3:a0:c3:99:21:7f:9b:f7:
ce:bf:71:1e:7a:33:8f:31:2c:1f:0d:b6:96:e9:80:
84:47:64:14:76:aa:16:c4:3b:f9:8f:54:74:24:9e:
15:95:1c:18:9b:15:10:89:ce:1f:c1:39:a2:ef:68:
2e:14:a6:a4:bc:4e:c5:c0:c3:cb:0b:24:e4:4b:95:
cc:38:8b:98:c7:89:ba:34:e8:89:e8:ce:04:79:25:
27:7d:5e:07:11:0e:88:9f:6a:0c:d7:ef:bf:1e:e3:
17:8d:fe:47:68:51:52:fd:1b:84:63:61:e7:86:dc:
07:e6:db:a4:5e:9e:1e:1f:67:c8:45:f4:ea:4e:12:
94:75:d6:92:d5:88:29:ac:60:bc:c1:40:7a:c4:d5:
2f:e6:da:3b:78:90:75:a4:1b:98:7e:0b:99:84:34:
8f:f9:53:3b:c3:84:5c:ff:c2:52:eb:3c:be:48:4a:
96:e5:83:58:f2:13:58:9d:d1:58:71:86:8a:d7:0f:
94:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:5A:60:F6:C2:3A:B6:12:77:EC:0E:FA:D9:06:84:FE:89:1C:5F:69
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/b1pg9sI6thJ37A762QaE_okcX2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.64.0/22
Signature Algorithm: sha256WithRSAEncryption
53:b8:af:1e:d7:ef:a9:e3:f2:ca:90:bd:65:36:34:e1:6d:1d:
bf:7f:a2:e3:5d:7f:59:56:42:b5:6a:1a:b8:52:27:eb:7b:6e:
01:d6:d8:e0:d5:b7:62:d8:0f:b3:b7:a2:c1:66:80:7d:03:93:
fc:dc:fd:c9:61:1c:0b:5c:75:64:e1:c6:c7:22:99:f7:f8:2d:
91:8a:86:ad:f4:dd:bb:f2:a6:8a:aa:00:ba:3e:6a:d1:34:37:
09:37:a5:ac:c9:0b:7c:7a:69:73:ce:26:f9:5e:6d:9b:d2:19:
03:01:f7:58:e4:51:af:3e:51:1f:ac:fd:06:69:d8:6c:d9:73:
b0:53:29:d2:bd:c4:37:e4:a7:d6:7c:4b:57:74:22:17:3a:50:
7b:54:db:bd:09:30:73:73:c7:1a:9f:27:ec:b1:d5:95:c0:4d:
9c:b7:24:d9:26:05:67:b8:d7:21:ed:dc:10:b3:14:17:4e:16:
10:e0:68:49:f9:ad:1d:02:dc:2e:ec:c6:3d:4d:28:18:1c:89:
fe:c1:80:d1:46:bb:10:6f:7c:89:45:14:68:7c:cc:00:b6:a5:
19:2c:26:ec:6b:a5:a3:15:8b:19:7f:1f:c0:79:cc:74:0f:d0:
78:76:67:bc:3d:60:cc:a1:fc:66:06:32:ad:99:92:84:83:48:
57:f8:cc:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9OKT8TOODbDYMZJp5D4cMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwNTA2MTM0NzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjVhNjBmNmMyM2FiNjEyNzdlYzBlZmFkOTA2ODRmZTg5MWM1ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiPg/wgDZvIyKUBvQYBCBirpFher
hxIPOoQ+ze19fbs1t600N63dE4O2hOGsxu8WPU/oLy8zsAc4C7UXEhCfXFwZw6DD
mSF/m/fOv3EeejOPMSwfDbaW6YCER2QUdqoWxDv5j1R0JJ4VlRwYmxUQic4fwTmi
72guFKakvE7FwMPLCyTkS5XMOIuYx4m6NOiJ6M4EeSUnfV4HEQ6In2oM1++/HuMX
jf5HaFFS/RuEY2HnhtwH5tukXp4eH2fIRfTqThKUddaS1YgprGC8wUB6xNUv5to7
eJB1pBuYfguZhDSP+VM7w4Rc/8JS6zy+SEqW5YNY8hNYndFYcYaK1w+UqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG9aYPbCOrYSd+wO+tkGhP6JHF9pMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvYjFwZzlzSTZ0aEozN0E3NjJRYUVfb2tjWDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueRAMA0G
CSqGSIb3DQEBCwUAA4IBAQBTuK8e1++p4/LKkL1lNjThbR2/f6LjXX9ZVkK1ahq4
Uifre24B1tjg1bdi2A+zt6LBZoB9A5P83P3JYRwLXHVk4cbHIpn3+C2Rioat9N27
8qaKqgC6PmrRNDcJN6WsyQt8emlzzib5Xm2b0hkDAfdY5FGvPlEfrP0Gadhs2XOw
UynSvcQ35KfWfEtXdCIXOlB7VNu9CTBzc8canyfssdWVwE2ctyTZJgVnuNch7dwQ
sxQXThYQ4GhJ+a0dAtwu7MY9TSgYHIn+wYDRRrsQb3yJRRRofMwAtqUZLCbsa6Wj
FYsZfx/Aecx0D9B4dme8PWDMofxmBjKtmZKEg0hX+Mya
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:26:08 2024 by rpki-client on console-ams.rpki-client.org