Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/a_38Q1dYpdxcJMSfBiyChtOdQy8.roa
File: a_38Q1dYpdxcJMSfBiyChtOdQy8.roa (raw, json)
Hash identifier: hh+0fchPaDrnCXIe9D9tIy5gzt2zGJ/gvdPVUS8Ro9Q=
Subject key identifier: 6B:FD:FC:43:57:58:A5:DC:5C:24:C4:9F:06:2C:82:86:D3:9D:43:2F
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 018CC94CC65865052EB0D62B553F307E8C66
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/a_38Q1dYpdxcJMSfBiyChtOdQy8.roa
Signing time: Tue 02 Jan 2024 08:31:41 +0000
ROA not before: Tue 02 Jan 2024 08:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2043
IP address blocks: 185.2.172.0/22 maxlen: 22
185.2.174.0/23 maxlen: 23
2a02:80c0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:c6:58:65:05:2e:b0:d6:2b:55:3f:30:7e:8c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 2 08:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bfdfc435758a5dc5c24c49f062c8286d39d432f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:df:b5:7f:7f:9e:a6:60:2b:60:25:b7:a5:14:
67:f4:79:3f:7d:da:d3:91:78:68:a3:38:6e:1e:3d:
3c:eb:99:90:cf:26:4b:c2:97:c2:d1:32:6e:be:4b:
7a:56:97:97:d8:3f:c4:7f:d5:a0:b5:46:7c:4c:ba:
74:6b:08:a2:16:ad:81:37:dc:36:90:cb:72:0a:29:
85:f9:e9:39:41:f0:63:67:57:ba:47:35:0e:1d:d3:
4f:5e:81:06:d8:b1:b8:c7:30:9a:32:6c:85:c0:95:
09:ec:20:4e:79:bc:42:13:1a:6c:02:c6:12:56:cc:
8c:6b:dc:2c:36:a2:76:f0:16:6f:ef:4f:ff:bd:bb:
c1:e6:26:b2:b7:58:04:4f:1f:ae:78:52:56:e3:25:
67:26:59:e1:42:2e:19:a0:e3:8c:c2:cb:99:bd:e5:
6f:fb:70:c5:97:32:8d:95:56:bb:f2:85:b4:29:7d:
8e:5f:f4:43:4e:a5:59:11:30:4e:9d:38:ed:01:95:
4e:48:6d:4b:2a:fd:32:cc:16:48:79:95:e8:25:04:
d0:d8:83:2c:b8:82:c8:ba:b7:3a:a4:cb:be:c9:7b:
ae:99:9a:2a:4a:d0:8c:5d:f2:68:08:1c:3d:ac:fc:
f5:59:2a:3d:a7:c3:87:07:b4:46:6f:a5:3d:71:01:
d5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:FD:FC:43:57:58:A5:DC:5C:24:C4:9F:06:2C:82:86:D3:9D:43:2F
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/a_38Q1dYpdxcJMSfBiyChtOdQy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.172.0/22
IPv6:
2a02:80c0::/30
Signature Algorithm: sha256WithRSAEncryption
47:9b:45:71:d6:8c:6e:60:94:54:b7:12:bd:26:9c:a2:db:5f:
80:7f:1e:84:c8:82:dc:f9:30:c9:1e:be:90:89:88:54:a9:fd:
2d:30:67:a6:f4:ed:da:0e:84:55:31:14:44:39:8e:e2:28:95:
b8:15:11:38:8a:9c:6d:25:42:00:f8:20:5d:a9:2a:9f:e9:ce:
a7:ed:75:5c:8f:e2:70:b5:6a:fe:c4:0d:d9:a5:88:c9:cc:f7:
56:39:82:db:b4:a9:cf:86:1e:52:48:20:6e:53:d3:6d:ca:b8:
58:55:81:f8:0e:fa:7b:19:a3:4d:6b:41:f5:8f:54:c6:d2:cb:
41:36:d8:33:fa:47:6d:e3:17:e2:5f:5e:53:7d:ba:cf:bd:c1:
2e:4d:f3:4b:94:73:e9:59:87:e4:09:8b:f1:b2:12:bf:78:c0:
b7:ee:fc:e6:b7:85:25:af:06:2d:52:f5:ad:e0:d0:10:6c:96:
d8:c2:9d:41:64:6f:e9:f2:06:97:0a:f5:42:18:d8:d2:f6:48:
23:86:67:e5:51:a9:25:d0:0c:49:29:bb:33:bf:25:76:97:19:
a0:db:da:42:1b:bd:fe:0e:0a:7a:7d:30:d7:d4:83:9a:1b:9d:
20:d5:09:59:bb:26:9f:c5:de:35:b9:12:9a:f2:83:41:b4:cf:
50:16:74:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTMZYZQUusNYrVT8wfoxmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjQwMTAyMDgzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmZkZmM0MzU3NThhNWRjNWMyNGM0OWYwNjJjODI4NmQzOWQ0MzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9+1f3+epmArYCW3pRRn9Hk/fdrT
kXhoozhuHj0865mQzyZLwpfC0TJuvkt6VpeX2D/Ef9WgtUZ8TLp0awiiFq2BN9w2
kMtyCimF+ek5QfBjZ1e6RzUOHdNPXoEG2LG4xzCaMmyFwJUJ7CBOebxCExpsAsYS
VsyMa9wsNqJ28BZv70//vbvB5iayt1gETx+ueFJW4yVnJlnhQi4ZoOOMwsuZveVv
+3DFlzKNlVa78oW0KX2OX/RDTqVZETBOnTjtAZVOSG1LKv0yzBZIeZXoJQTQ2IMs
uILIurc6pMu+yXuumZoqStCMXfJoCBw9rPz1WSo9p8OHB7RGb6U9cQHVIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGv9/ENXWKXcXCTEnwYsgobTnUMvMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvYV8zOFExZFlwZHhjSk1TZkJpeUNodE9kUXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQKsMA0E
AgACMAcDBQIqAoDAMA0GCSqGSIb3DQEBCwUAA4IBAQBHm0Vx1oxuYJRUtxK9Jpyi
21+Afx6EyILc+TDJHr6QiYhUqf0tMGem9O3aDoRVMRREOY7iKJW4FRE4ipxtJUIA
+CBdqSqf6c6n7XVcj+JwtWr+xA3ZpYjJzPdWOYLbtKnPhh5SSCBuU9NtyrhYVYH4
Dvp7GaNNa0H1j1TG0stBNtgz+kdt4xfiX15TfbrPvcEuTfNLlHPpWYfkCYvxshK/
eMC37vzmt4UlrwYtUvWt4NAQbJbYwp1BZG/p8gaXCvVCGNjS9kgjhmflUakl0AxJ
KbszvyV2lxmg29pCG73+Dgp6fTDX1IOaG50g1QlZuyafxd41uRKa8oNBtM9QFnSW
-----END CERTIFICATE-----
Generated at Mon May 20 05:50:44 2024 by rpki-client on console-ams.rpki-client.org