Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/F2wD7K6EwMNAEtDeyHTj4bIxkQg.roa
File: F2wD7K6EwMNAEtDeyHTj4bIxkQg.roa (raw, json)
Hash identifier: Bvupz/veDv3IImPTCHu3w4f4yaKmZ+weqN9cluEwmps=
Subject key identifier: 17:6C:03:EC:AE:84:C0:C3:40:12:D0:DE:C8:74:E3:E1:B2:31:91:08
Certificate issuer: /CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Certificate serial: 018CC50118D22F467F50CA49C1141C2B585E
Authority key identifier: 44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/F2wD7K6EwMNAEtDeyHTj4bIxkQg.roa
Signing time: Mon 01 Jan 2024 12:30:32 +0000
ROA not before: Mon 01 Jan 2024 12:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 185.70.97.0/24 maxlen: 24
185.70.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 01:57:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:18:d2:2f:46:7f:50:ca:49:c1:14:1c:2b:58:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44af4b76312680e9d40a23b3ca2f19abf2f6c73b
Validity
Not Before: Jan 1 12:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=176c03ecae84c0c34012d0dec874e3e1b2319108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9e:d7:54:05:67:35:27:c0:12:4f:aa:1d:dd:
4a:70:3a:41:8e:25:39:be:71:f7:b1:f3:10:b9:2c:
b1:3f:98:9f:94:80:30:fe:99:05:3e:1e:ff:54:10:
d5:8a:a6:30:19:fb:e8:ee:76:9e:a2:a5:4c:c1:2d:
04:17:bc:f2:0d:36:70:21:aa:ee:68:ae:92:5f:c0:
04:4a:8d:28:40:0b:20:0e:62:3d:cc:f9:eb:c1:7a:
bf:ed:49:f6:ec:b0:86:85:54:f5:2e:96:21:cb:09:
c1:13:db:96:88:02:ec:51:bb:68:5d:2f:84:5f:c5:
06:56:1c:f6:57:a7:36:d1:fb:05:b9:02:5f:46:2d:
37:5b:dc:af:3f:a7:3b:fa:0d:a4:97:fb:8b:07:ad:
84:8f:14:a8:a4:fd:1e:35:b7:a5:d3:c5:af:64:79:
7b:31:39:f4:86:c4:f4:1f:ca:8a:94:2f:d7:dc:f6:
8e:23:0b:81:3a:0e:b5:16:d8:83:f9:3d:d0:05:33:
14:e4:29:18:ad:a9:5c:f5:ab:bc:e7:50:25:1e:57:
3c:17:72:5f:13:c2:cc:c3:fb:98:4c:7c:69:48:f1:
1a:bf:c4:ea:91:4d:29:40:fa:8d:a0:43:8a:9b:d0:
ba:f3:08:cc:66:f3:1f:bb:ba:a2:dc:a4:4f:36:35:
72:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6C:03:EC:AE:84:C0:C3:40:12:D0:DE:C8:74:E3:E1:B2:31:91:08
X509v3 Authority Key Identifier:
keyid:44:AF:4B:76:31:26:80:E9:D4:0A:23:B3:CA:2F:19:AB:F2:F6:C7:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/F2wD7K6EwMNAEtDeyHTj4bIxkQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/685aa1-ef22-48a5-b70a-5ea8f53ab491/1/RK9LdjEmgOnUCiOzyi8Zq_L2xzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.97.0/24
185.70.99.0/24
Signature Algorithm: sha256WithRSAEncryption
47:5e:02:b2:66:5a:62:fe:bd:de:49:0e:79:26:3e:3f:b5:c4:
8b:ea:85:3b:9c:39:1d:4b:31:ab:1e:4d:40:fe:33:5d:53:50:
7c:19:b2:c5:df:1e:15:54:6d:f7:47:35:ad:4a:5b:8e:8e:0b:
ba:5d:14:1e:34:db:a8:1f:6b:ec:60:e2:8b:19:ae:6d:2b:3b:
44:73:d1:78:1b:27:ab:3a:63:ce:b1:eb:93:36:85:dd:68:8d:
6c:2f:0d:d9:f3:8c:78:d6:4a:27:37:24:75:7b:a5:87:ea:68:
43:73:cc:66:45:cb:9d:81:0c:18:2a:50:b2:dc:c3:9a:66:1a:
3d:fd:8e:b0:85:7a:b1:33:1c:6d:39:e2:11:01:40:5d:4b:68:
13:1d:58:9c:0a:6d:47:9f:a8:91:79:b9:33:18:a0:4d:c8:67:
b9:e7:8c:9d:c4:41:b3:82:0d:49:d3:92:a6:7a:43:1c:b0:24:
73:c7:24:3c:e6:7d:0d:f6:48:20:af:30:4c:00:7e:01:d4:3f:
bc:c5:a9:4c:50:ab:d0:d5:f8:49:ec:43:53:74:db:72:56:c7:
cf:1d:ec:bb:57:96:5b:43:f0:fb:85:d9:50:88:39:8f:3b:d3:
a4:9f:67:0e:68:1e:70:ed:73:bd:d5:26:9e:fc:01:b0:5f:bb:
96:fc:cb:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFARjSL0Z/UMpJwRQcK1heMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YWY0Yjc2MzEyNjgwZTlkNDBhMjNiM2NhMmYxOWFiZjJm
NmM3M2IwHhcNMjQwMTAxMTIzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzZjMDNlY2FlODRjMGMzNDAxMmQwZGVjODc0ZTNlMWIyMzE5MTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Z7XVAVnNSfAEk+qHd1KcDpBjiU5
vnH3sfMQuSyxP5iflIAw/pkFPh7/VBDViqYwGfvo7naeoqVMwS0EF7zyDTZwIaru
aK6SX8AESo0oQAsgDmI9zPnrwXq/7Un27LCGhVT1LpYhywnBE9uWiALsUbtoXS+E
X8UGVhz2V6c20fsFuQJfRi03W9yvP6c7+g2kl/uLB62EjxSopP0eNbel08WvZHl7
MTn0hsT0H8qKlC/X3PaOIwuBOg61FtiD+T3QBTMU5CkYralc9au851AlHlc8F3Jf
E8LMw/uYTHxpSPEav8TqkU0pQPqNoEOKm9C68wjMZvMfu7qi3KRPNjVylQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBdsA+yuhMDDQBLQ3sh04+GyMZEIMB8GA1UdIwQY
MBaAFESvS3YxJoDp1Aojs8ovGavy9sc7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEt
NWVhOGY1M2FiNDkxLzEvRjJ3RDdLNkV3TU5BRXREZXlIVGo0Ykl4a1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODVhYTEtZWYyMi00OGE1LWI3MGEtNWVhOGY1M2FiNDkx
LzEvUks5TGRqRW1nT25VQ2lPenlpOFpxX0wyeHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuUZhAwQA
uUZjMA0GCSqGSIb3DQEBCwUAA4IBAQBHXgKyZlpi/r3eSQ55Jj4/tcSL6oU7nDkd
SzGrHk1A/jNdU1B8GbLF3x4VVG33RzWtSluOjgu6XRQeNNuoH2vsYOKLGa5tKztE
c9F4GyerOmPOseuTNoXdaI1sLw3Z84x41konNyR1e6WH6mhDc8xmRcudgQwYKlCy
3MOaZho9/Y6whXqxMxxtOeIRAUBdS2gTHVicCm1Hn6iRebkzGKBNyGe554ydxEGz
gg1J05KmekMcsCRzxyQ85n0N9kggrzBMAH4B1D+8xalMUKvQ1fhJ7ENTdNtyVsfP
Hey7V5ZbQ/D7hdlQiDmPO9Okn2cOaB5w7XO91Sae/AGwX7uW/MtG
-----END CERTIFICATE-----
Generated at Sun Apr 28 06:38:35 2024 by rpki-client on console-ams.rpki-client.org