Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hb3ELBPjR57dG6F33VjLCyGF0dE.roa
File: hb3ELBPjR57dG6F33VjLCyGF0dE.roa (raw, json)
Hash identifier: UiZCr4akGBuq/Ed9LW6j6Rjn5bgmJ9TtNLLhd5+ROgQ=
Subject key identifier: 85:BD:C4:2C:13:E3:47:9E:DD:1B:A1:77:DD:58:CB:0B:21:85:D1:D1
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B5173D7E5D727E3BAE194C2EDF0CC
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hb3ELBPjR57dG6F33VjLCyGF0dE.roa
Signing time: Tue 02 Jan 2024 12:34:45 +0000
ROA not before: Tue 02 Jan 2024 12:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41546
IP address blocks: 185.119.253.0/24 maxlen: 24
2a06:82c7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:51:73:d7:e5:d7:27:e3:ba:e1:94:c2:ed:f0:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85bdc42c13e3479edd1ba177dd58cb0b2185d1d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bc:bc:0d:57:03:73:a5:84:53:34:40:89:6d:
9d:4b:88:c3:df:62:e1:fa:0d:f7:e3:ab:cc:96:78:
3d:d3:55:51:9d:5c:7d:9e:92:99:2b:4a:76:a9:28:
71:2a:50:88:80:d1:aa:d9:a5:d5:9b:d5:82:52:2d:
55:47:99:77:65:9e:6e:6c:92:c6:40:06:8e:6e:9e:
81:47:cc:3f:d2:e1:84:e6:fe:69:9b:89:15:6f:78:
6f:4d:df:db:41:8a:dd:34:41:f0:7d:d0:38:bd:cb:
1c:cf:a2:9d:df:95:c5:f0:34:0c:59:88:1b:a1:6d:
b5:7b:05:73:09:f1:12:95:59:d7:34:2a:66:84:fa:
52:b9:a6:ec:0d:e9:43:d8:cb:6d:91:de:60:49:d0:
85:cf:d4:dc:2d:78:b7:1c:3b:30:90:a2:53:e0:0b:
6a:c2:65:7b:cc:8d:24:d4:46:24:b8:16:2b:3c:ef:
fd:9a:b7:01:36:51:66:9b:8d:e2:e1:7c:fc:ff:a4:
ba:2b:2c:39:43:8a:12:70:95:e7:95:57:dd:03:18:
e3:e8:a0:5d:b7:f5:b8:07:3d:37:73:d3:89:b3:13:
60:77:40:34:58:33:74:e7:f2:ef:05:c4:0a:9f:fc:
d9:0e:8f:71:4b:b1:0e:66:49:ad:de:04:ec:75:98:
0e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:BD:C4:2C:13:E3:47:9E:DD:1B:A1:77:DD:58:CB:0B:21:85:D1:D1
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hb3ELBPjR57dG6F33VjLCyGF0dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.253.0/24
IPv6:
2a06:82c7::/48
Signature Algorithm: sha256WithRSAEncryption
28:3b:2d:29:20:81:4c:f5:3a:0b:4e:09:00:10:91:e9:f1:4a:
e7:16:1b:77:e9:a0:99:14:bf:e0:a2:7c:dc:b2:4d:a7:fc:04:
4a:14:94:88:a7:fd:27:81:17:23:7c:a4:77:a5:22:37:c6:e9:
1c:19:8a:39:84:50:da:27:90:1d:df:43:d7:59:d9:9c:df:65:
f0:91:d3:b3:18:d2:c7:76:63:e1:a5:10:1d:27:9a:e9:7f:34:
ae:9b:1b:ac:52:87:31:73:3a:70:fb:35:19:08:ef:38:10:24:
18:0f:f4:5e:32:a0:e8:8c:65:38:24:30:89:ce:62:72:c5:7a:
4f:cb:ef:3b:1f:3f:a2:73:82:d5:b8:e6:2a:05:18:5f:7d:a1:
d9:4b:8c:54:43:42:5b:69:d0:d4:20:c3:18:ff:82:d0:af:27:
77:de:0d:56:0f:29:80:ea:94:d5:d5:d3:89:75:f4:4c:9b:55:
d8:a6:4a:d5:d9:3b:ab:76:cb:7a:fa:1a:17:b5:5a:b8:9f:37:
e9:18:75:c6:08:c0:93:20:99:e8:83:38:9b:a1:fb:05:c3:35:
c6:33:0c:1b:34:84:e4:90:1e:f6:a6:a0:26:3b:c1:79:d1:22:
2c:00:eb:85:36:28:e2:57:8c:94:93:64:1f:25:5f:7d:51:75:
eb:cf:f0:43
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKK1Fz1+XXJ+O64ZTC7fDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWJkYzQyYzEzZTM0NzllZGQxYmExNzdkZDU4Y2IwYjIxODVkMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7y8DVcDc6WEUzRAiW2dS4jD32Lh
+g3346vMlng901VRnVx9npKZK0p2qShxKlCIgNGq2aXVm9WCUi1VR5l3ZZ5ubJLG
QAaObp6BR8w/0uGE5v5pm4kVb3hvTd/bQYrdNEHwfdA4vcscz6Kd35XF8DQMWYgb
oW21ewVzCfESlVnXNCpmhPpSuabsDelD2Mttkd5gSdCFz9TcLXi3HDswkKJT4Atq
wmV7zI0k1EYkuBYrPO/9mrcBNlFmm43i4Xz8/6S6Kyw5Q4oScJXnlVfdAxjj6KBd
t/W4Bz03c9OJsxNgd0A0WDN05/LvBcQKn/zZDo9xS7EOZkmt3gTsdZgO4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIW9xCwT40ee3Ruhd91YywshhdHRMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvaGIzRUxCUGpSNTdkRzZGMzNWakxDeUdGMGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuXf9MA8E
AgACMAkDBwAqBoLHAAAwDQYJKoZIhvcNAQELBQADggEBACg7LSkggUz1OgtOCQAQ
kenxSucWG3fpoJkUv+CifNyyTaf8BEoUlIin/SeBFyN8pHelIjfG6RwZijmEUNon
kB3fQ9dZ2ZzfZfCR07MY0sd2Y+GlEB0nmul/NK6bG6xShzFzOnD7NRkI7zgQJBgP
9F4yoOiMZTgkMInOYnLFek/L7zsfP6JzgtW45ioFGF99odlLjFRDQltp0NQgwxj/
gtCvJ3feDVYPKYDqlNXV04l19EybVdimStXZO6t2y3r6Ghe1WrifN+kYdcYIwJMg
meiDOJuh+wXDNcYzDBs0hOSQHvamoCY7wXnRIiwA64U2KOJXjJSTZB8lX31RdevP
8EM=
-----END CERTIFICATE-----
Generated at Sat May 4 23:05:21 2024 by rpki-client on console-ams.rpki-client.org