Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/pZR0tYQPv2mNoW582Kyx0GSPUjg.roa
File: pZR0tYQPv2mNoW582Kyx0GSPUjg.roa (raw, json)
Hash identifier: Gckz+e0B4QXLOjLf22VwMvkgbGwVWE/YcSCQb4v0F/4=
Subject key identifier: A5:94:74:B5:84:0F:BF:69:8D:A1:6E:7C:D8:AC:B1:D0:64:8F:52:38
Certificate issuer: /CN=c00935185c68036a0faedeeaaa6bfef4e62a0c93
Certificate serial: 018CC2DB3F80ADCA9544ECAC4001559719BB
Authority key identifier: C0:09:35:18:5C:68:03:6A:0F:AE:DE:EA:AA:6B:FE:F4:E6:2A:0C:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wAk1GFxoA2oPrt7qqmv-9OYqDJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/pZR0tYQPv2mNoW582Kyx0GSPUjg.roa
Signing time: Mon 01 Jan 2024 02:29:57 +0000
ROA not before: Mon 01 Jan 2024 02:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60244
IP address blocks: 185.27.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/wAk1GFxoA2oPrt7qqmv-9OYqDJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/wAk1GFxoA2oPrt7qqmv-9OYqDJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/wAk1GFxoA2oPrt7qqmv-9OYqDJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:3f:80:ad:ca:95:44:ec:ac:40:01:55:97:19:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c00935185c68036a0faedeeaaa6bfef4e62a0c93
Validity
Not Before: Jan 1 02:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a59474b5840fbf698da16e7cd8acb1d0648f5238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a4:2f:12:76:58:97:cf:49:57:03:b5:0b:ac:
40:e2:89:48:cc:f1:0d:c9:7f:38:89:88:be:fd:eb:
bb:da:62:35:37:5c:be:de:7a:ca:6e:07:cf:c8:27:
bc:d9:75:8d:74:6f:87:a2:e6:3b:5e:fb:56:67:cf:
ca:db:2e:91:3b:a9:cc:df:13:be:36:51:bd:79:ae:
e9:86:1c:7c:87:19:13:ca:f6:17:82:7c:31:f1:64:
4d:ae:fa:9e:83:0d:7a:ea:d1:84:03:50:5a:58:91:
dc:84:e0:63:83:43:72:eb:e1:55:19:aa:8b:b0:da:
6e:12:9d:01:ce:f6:a6:e5:9d:30:9a:2e:73:d0:93:
07:0d:50:62:e0:2d:cb:ad:b8:ef:b8:c1:84:e9:00:
ea:2b:b6:36:da:7d:88:cf:8f:3c:a0:15:a2:d8:12:
95:ae:76:79:0a:ea:f1:c2:61:cd:ac:45:8a:a7:06:
2e:7a:9c:5e:48:6a:35:25:7a:da:02:5b:05:d6:84:
af:1d:e8:d6:cd:aa:a1:03:8b:25:41:de:f8:68:ce:
72:7d:be:6f:43:5c:73:94:e1:19:01:10:30:df:81:
0b:9e:dd:c2:0c:40:e0:b0:ee:4a:7e:d5:9e:07:cb:
43:36:cd:12:67:2f:46:94:a6:2c:bf:7a:8d:b5:1f:
53:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:94:74:B5:84:0F:BF:69:8D:A1:6E:7C:D8:AC:B1:D0:64:8F:52:38
X509v3 Authority Key Identifier:
keyid:C0:09:35:18:5C:68:03:6A:0F:AE:DE:EA:AA:6B:FE:F4:E6:2A:0C:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wAk1GFxoA2oPrt7qqmv-9OYqDJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/pZR0tYQPv2mNoW582Kyx0GSPUjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/be306f-0f8c-4674-93ff-2a9712bf603c/1/wAk1GFxoA2oPrt7qqmv-9OYqDJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.0.0/22
Signature Algorithm: sha256WithRSAEncryption
99:8a:b8:2d:59:c1:d6:57:6e:d8:97:06:c3:9b:d1:4f:c0:9b:
0f:cd:04:89:96:0f:07:e8:42:45:9a:61:37:6d:40:c1:bb:a8:
a1:96:cc:4f:cd:22:98:6d:ab:89:04:db:01:c7:a2:c9:6a:71:
c8:93:59:c4:1a:4b:1c:f2:36:87:a2:69:dc:6b:0a:87:02:f7:
07:ac:36:d1:31:31:8f:c2:f4:d0:11:b2:e4:c9:ea:bc:70:87:
9d:34:2a:15:ee:39:4c:9a:ea:1f:a6:4e:eb:b5:d7:87:df:53:
b7:c7:df:dc:c5:ff:93:41:fa:3c:1e:1f:76:68:77:6e:5f:9d:
a3:86:05:a1:f1:5f:18:2c:c1:f2:cb:0e:61:14:93:6b:fe:44:
1b:c0:af:aa:6f:3e:e9:6d:52:7c:44:bf:5f:76:c2:ff:25:a6:
15:b4:ac:c4:62:8d:a1:92:7b:41:14:67:65:be:0c:94:0a:ad:
76:bd:84:e0:91:c8:d5:a1:bf:d8:e3:ca:d8:70:5a:b6:8d:bf:
2c:b9:c2:aa:41:f4:76:62:3a:08:5d:50:a6:52:72:d4:7e:7f:
b6:db:4a:d3:93:5a:41:9a:a2:00:d3:50:c6:e1:2c:87:14:7b:
6b:96:c6:b4:db:eb:85:79:68:a9:84:74:85:5f:3d:f1:24:91:
96:f8:ac:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2z+ArcqVROysQAFVlxm7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMDkzNTE4NWM2ODAzNmEwZmFlZGVlYWFhNmJmZWY0ZTYy
YTBjOTMwHhcNMjQwMTAxMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTk0NzRiNTg0MGZiZjY5OGRhMTZlN2NkOGFjYjFkMDY0OGY1MjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6QvEnZYl89JVwO1C6xA4olIzPEN
yX84iYi+/eu72mI1N1y+3nrKbgfPyCe82XWNdG+HouY7XvtWZ8/K2y6RO6nM3xO+
NlG9ea7phhx8hxkTyvYXgnwx8WRNrvqegw166tGEA1BaWJHchOBjg0Ny6+FVGaqL
sNpuEp0Bzvam5Z0wmi5z0JMHDVBi4C3LrbjvuMGE6QDqK7Y22n2Iz488oBWi2BKV
rnZ5CurxwmHNrEWKpwYuepxeSGo1JXraAlsF1oSvHejWzaqhA4slQd74aM5yfb5v
Q1xzlOEZARAw34ELnt3CDEDgsO5KftWeB8tDNs0SZy9GlKYsv3qNtR9T2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWUdLWED79pjaFufNissdBkj1I4MB8GA1UdIwQY
MBaAFMAJNRhcaANqD67e6qpr/vTmKgyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0FrMUdGeG9BMm9QcnQ3cXFtdi05T1lxREpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iZTMwNmYtMGY4Yy00Njc0LTkzZmYt
MmE5NzEyYmY2MDNjLzEvcFpSMHRZUVB2Mm1Ob1c1ODJLeXgwR1NQVWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iZTMwNmYtMGY4Yy00Njc0LTkzZmYtMmE5NzEyYmY2MDNj
LzEvd0FrMUdGeG9BMm9QcnQ3cXFtdi05T1lxREpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRsAMA0G
CSqGSIb3DQEBCwUAA4IBAQCZirgtWcHWV27YlwbDm9FPwJsPzQSJlg8H6EJFmmE3
bUDBu6ihlsxPzSKYbauJBNsBx6LJanHIk1nEGksc8jaHomncawqHAvcHrDbRMTGP
wvTQEbLkyeq8cIedNCoV7jlMmuofpk7rtdeH31O3x9/cxf+TQfo8Hh92aHduX52j
hgWh8V8YLMHyyw5hFJNr/kQbwK+qbz7pbVJ8RL9fdsL/JaYVtKzEYo2hkntBFGdl
vgyUCq12vYTgkcjVob/Y48rYcFq2jb8sucKqQfR2YjoIXVCmUnLUfn+220rTk1pB
mqIA01DG4SyHFHtrlsa02+uFeWiphHSFXz3xJJGW+KxH
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:14:58 2024 by rpki-client on console-fra.rpki-client.org