Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/3xkSjGHlgBYDIulkaYXP5Ab65bA.roa
File: 3xkSjGHlgBYDIulkaYXP5Ab65bA.roa (raw, json)
Hash identifier: J8IUhSb0UoWXYzRaEtl8v/XBx2hCLlWwnN3UgDgOhKA=
Subject key identifier: DF:19:12:8C:61:E5:80:16:03:22:E9:64:69:85:CF:E4:06:FA:E5:B0
Certificate issuer: /CN=cb36180ab4542d6eee66d9f99030df71236ce264
Certificate serial: 018CC26D15DFF18DCBF5D2A306C5FA3C9015
Authority key identifier: CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/3xkSjGHlgBYDIulkaYXP5Ab65bA.roa
Signing time: Mon 01 Jan 2024 00:29:38 +0000
ROA not before: Mon 01 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199995
IP address blocks: 185.76.68.0/22 maxlen: 22
185.151.84.0/24 maxlen: 24
185.109.54.0/23 maxlen: 23
185.151.85.0/24 maxlen: 24
185.109.52.0/24 maxlen: 24
185.109.53.0/24 maxlen: 24
185.151.86.0/24 maxlen: 24
185.151.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:15:df:f1:8d:cb:f5:d2:a3:06:c5:fa:3c:90:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb36180ab4542d6eee66d9f99030df71236ce264
Validity
Not Before: Jan 1 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df19128c61e580160322e9646985cfe406fae5b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:62:3b:1d:83:1f:e4:be:b1:28:95:62:e1:7a:
d0:4b:cd:ca:c1:48:da:5a:c7:0b:92:a1:00:37:aa:
ad:71:e0:a2:93:86:3b:72:c5:61:27:4b:0b:8d:2f:
78:80:03:88:35:43:58:41:10:76:79:fa:e2:89:5a:
c7:15:63:ab:3e:a5:d9:34:52:14:f7:b0:2f:a6:c6:
b1:a2:4d:53:a8:0f:c5:0a:1c:5c:34:c9:e5:7f:e1:
b8:44:17:12:9e:72:05:db:a0:62:a8:a7:0e:20:de:
00:a0:8e:28:8e:d9:3a:99:de:97:db:0d:15:a3:4d:
74:0c:b9:85:f0:ca:f1:dd:7d:62:f2:3e:8c:76:25:
a3:9a:0a:ce:56:12:d1:43:b5:61:40:42:1b:3d:ae:
ff:a4:5d:6d:e5:5e:fd:8d:dc:ea:fc:18:93:2c:5b:
22:89:6e:70:dd:f0:70:a4:e4:63:69:cf:01:4a:cf:
db:ea:f7:f3:94:f0:0f:f2:97:e0:44:05:72:33:5a:
55:aa:c0:4a:af:b7:65:41:de:17:13:c5:49:c6:c8:
6e:31:24:5f:54:00:b9:0d:26:35:01:b7:a6:aa:96:
cc:db:23:1f:27:d8:ca:0f:6e:c6:5c:92:fc:ba:88:
8d:52:f2:a0:6f:0e:1e:a3:fb:d4:ed:87:02:aa:f4:
de:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:19:12:8C:61:E5:80:16:03:22:E9:64:69:85:CF:E4:06:FA:E5:B0
X509v3 Authority Key Identifier:
keyid:CB:36:18:0A:B4:54:2D:6E:EE:66:D9:F9:90:30:DF:71:23:6C:E2:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzYYCrRULW7uZtn5kDDfcSNs4mQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/3xkSjGHlgBYDIulkaYXP5Ab65bA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0797d4-8b2c-40ac-9cab-667db1dc1b86/1/yzYYCrRULW7uZtn5kDDfcSNs4mQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.68.0/22
185.109.52.0/22
185.151.84.0/22
Signature Algorithm: sha256WithRSAEncryption
37:8d:a0:f7:9d:d1:b5:09:e7:a1:a1:0d:01:f1:20:c7:ce:0d:
54:91:de:c5:9e:59:2e:9d:e6:1b:32:cb:94:f4:74:b5:36:0b:
b4:50:0c:a2:f5:56:b2:58:4a:09:cc:43:af:53:04:24:1d:ef:
0b:3b:46:89:0e:bc:cc:3e:33:11:f8:3b:5a:73:9d:61:1e:03:
f9:0d:61:69:ca:83:2f:41:bf:2b:25:83:dc:8d:e2:9a:39:0f:
c6:2f:88:b2:01:4f:03:ab:f7:f6:cc:e3:1f:50:95:97:cb:0a:
46:ea:22:90:04:ec:5a:80:97:06:e2:3c:44:9b:cb:ae:4d:3b:
72:98:3c:ef:5e:0e:ee:77:e5:ec:ec:73:55:6d:eb:24:e9:91:
58:96:ec:b0:bd:71:3d:48:f7:31:96:f7:fb:a0:51:cf:90:3e:
ef:11:fc:2c:7b:29:ff:1b:11:80:b9:b9:d2:cc:c3:88:05:46:
0f:57:04:d8:c6:ac:6a:d6:76:4c:a9:ed:0f:cd:40:3b:d8:32:
2c:f6:35:d3:85:0d:b0:9a:41:91:1c:39:ca:1a:e8:e7:73:9f:
53:08:78:48:b2:c3:90:7e:dc:82:4a:25:0d:e7:9d:d4:76:b8:
64:50:f3:4f:4a:36:48:9e:28:a9:f0:ac:75:22:aa:9e:58:62:
43:2c:af:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbRXf8Y3L9dKjBsX6PJAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzYxODBhYjQ1NDJkNmVlZTY2ZDlmOTkwMzBkZjcxMjM2
Y2UyNjQwHhcNMjQwMTAxMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjE5MTI4YzYxZTU4MDE2MDMyMmU5NjQ2OTg1Y2ZlNDA2ZmFlNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGI7HYMf5L6xKJVi4XrQS83KwUja
WscLkqEAN6qtceCik4Y7csVhJ0sLjS94gAOINUNYQRB2efriiVrHFWOrPqXZNFIU
97Avpsaxok1TqA/FChxcNMnlf+G4RBcSnnIF26BiqKcOIN4AoI4ojtk6md6X2w0V
o010DLmF8Mrx3X1i8j6MdiWjmgrOVhLRQ7VhQEIbPa7/pF1t5V79jdzq/BiTLFsi
iW5w3fBwpORjac8BSs/b6vfzlPAP8pfgRAVyM1pVqsBKr7dlQd4XE8VJxshuMSRf
VAC5DSY1AbemqpbM2yMfJ9jKD27GXJL8uoiNUvKgbw4eo/vU7YcCqvTeqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN8ZEoxh5YAWAyLpZGmFz+QG+uWwMB8GA1UdIwQY
MBaAFMs2GAq0VC1u7mbZ+ZAw33EjbOJkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8wNzk3ZDQtOGIyYy00MGFjLTljYWIt
NjY3ZGIxZGMxYjg2LzEvM3hrU2pHSGxnQllESXVsa2FZWFA1QWI2NWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8wNzk3ZDQtOGIyYy00MGFjLTljYWItNjY3ZGIxZGMxYjg2
LzEveXpZWUNyUlVMVzd1WnRuNWtERGZjU05zNG1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuUxEAwQC
uW00AwQCuZdUMA0GCSqGSIb3DQEBCwUAA4IBAQA3jaD3ndG1CeehoQ0B8SDHzg1U
kd7FnlkuneYbMsuU9HS1Ngu0UAyi9VayWEoJzEOvUwQkHe8LO0aJDrzMPjMR+Dta
c51hHgP5DWFpyoMvQb8rJYPcjeKaOQ/GL4iyAU8Dq/f2zOMfUJWXywpG6iKQBOxa
gJcG4jxEm8uuTTtymDzvXg7ud+Xs7HNVbesk6ZFYluywvXE9SPcxlvf7oFHPkD7v
Efwseyn/GxGAubnSzMOIBUYPVwTYxqxq1nZMqe0PzUA72DIs9jXThQ2wmkGRHDnK
Gujnc59TCHhIssOQftyCSiUN553UdrhkUPNPSjZIniip8Kx1IqqeWGJDLK8Z
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:52 2024 by rpki-client on console-fra.rpki-client.org