Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/0tp1nP42grcTIJ9Q1AbVzA-sh5I.roa
File: 0tp1nP42grcTIJ9Q1AbVzA-sh5I.roa (raw, json)
Hash identifier: dfSMq4r11nG9rR2z/jAoqnl58X5Caxmbhas0j6Lzf78=
Subject key identifier: D2:DA:75:9C:FE:36:82:B7:13:20:9F:50:D4:06:D5:CC:0F:AC:87:92
Certificate issuer: /CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Certificate serial: 018CC8011B4FEDFC0D46998E87BF57A056DF
Authority key identifier: DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/0tp1nP42grcTIJ9Q1AbVzA-sh5I.roa
Signing time: Tue 02 Jan 2024 02:29:24 +0000
ROA not before: Tue 02 Jan 2024 02:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203827
IP address blocks: 185.255.220.0/24 maxlen: 24
185.255.223.0/24 maxlen: 24
185.255.221.0/24 maxlen: 24
185.255.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 01:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1b:4f:ed:fc:0d:46:99:8e:87:bf:57:a0:56:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Validity
Not Before: Jan 2 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2da759cfe3682b713209f50d406d5cc0fac8792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:db:dd:e4:62:29:f8:1e:22:75:87:f3:55:7f:
1f:23:11:23:aa:73:9a:c7:7c:5e:b8:84:4c:19:c1:
b4:d4:7f:4c:ac:ab:99:1e:cd:b4:07:67:53:f1:69:
23:ca:dd:12:a8:e0:76:ae:42:42:97:b7:9a:41:7e:
89:03:00:67:fe:6c:2b:ec:40:c6:89:9a:51:d4:25:
fb:b5:a1:96:0e:98:b9:b2:ce:05:f3:8a:ee:2f:6b:
c7:95:05:06:5c:23:4f:92:d8:68:69:54:e3:b6:65:
e1:b9:96:3f:96:34:5c:91:96:eb:1e:20:be:df:4c:
14:c2:82:99:64:b1:68:f2:73:4b:57:da:af:e2:a4:
12:2a:55:ef:bc:42:2c:77:9a:8b:91:2b:59:93:35:
a2:33:4c:32:f5:b6:84:3f:e7:60:86:b9:25:a6:1d:
4d:01:d1:44:1d:94:cf:7b:72:6e:20:82:7d:75:5c:
8e:48:f8:0a:56:f3:c4:3c:f0:cc:4a:21:c8:0b:8c:
f3:8d:ce:45:9e:68:68:94:0a:3a:73:fd:62:8a:08:
8d:d5:85:71:8a:52:4b:bd:0e:8d:39:dc:17:d3:18:
e0:01:42:29:e3:ac:d7:39:8b:46:77:8f:ae:4b:ca:
2f:de:f8:46:56:ea:4f:f1:dd:d9:00:10:5b:bc:28:
e6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:DA:75:9C:FE:36:82:B7:13:20:9F:50:D4:06:D5:CC:0F:AC:87:92
X509v3 Authority Key Identifier:
keyid:DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/0tp1nP42grcTIJ9Q1AbVzA-sh5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.220.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:3b:77:0c:4e:bf:16:da:cf:a6:5f:ad:7a:1f:7b:47:be:32:
b1:14:f1:95:d5:69:87:88:42:ec:7b:75:45:06:92:86:b8:b5:
11:24:d9:e2:9d:56:a8:f1:f7:73:db:5e:00:d5:00:a3:91:50:
8c:b0:3d:0e:a8:38:c3:e6:01:67:c0:52:38:e4:16:9b:ec:b4:
29:53:bc:cd:6c:95:ef:e8:63:f0:9c:01:2c:b2:6f:38:eb:6e:
a1:26:fc:06:0e:3f:29:f4:20:2f:e2:86:df:6d:e0:5c:99:40:
a4:f5:ac:c5:bd:ee:68:16:21:78:5d:d1:2d:9a:9c:d6:db:7a:
9e:37:59:a2:35:40:c4:67:23:3f:83:2f:a1:6f:43:2a:e6:71:
ba:8c:3f:3a:1e:7d:ba:51:ff:8e:d8:b6:78:79:a9:1b:00:96:
4f:8a:e2:64:9c:a5:e7:3d:fa:ef:30:97:9c:9d:4c:b5:a9:3f:
2d:7e:f4:d3:d1:2b:7c:36:bc:17:1b:b8:4b:a2:29:29:28:00:
f2:c0:af:99:59:1d:9e:e9:47:36:ee:bf:cb:23:ad:15:c3:77:
a8:66:ec:82:42:e3:0b:13:43:b4:ba:2f:22:19:72:96:d2:bf:
9a:46:cb:46:d8:77:b6:c7:4a:73:07:96:35:ae:99:14:ff:7a:
0b:77:1e:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIARtP7fwNRpmOh79XoFbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYWVmNWMzMmJlYTRiNTRkMTdlMjQxYjVjY2NhZjA3YmMw
YThlZTkwHhcNMjQwMTAyMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmRhNzU5Y2ZlMzY4MmI3MTMyMDlmNTBkNDA2ZDVjYzBmYWM4NzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Nvd5GIp+B4idYfzVX8fIxEjqnOa
x3xeuIRMGcG01H9MrKuZHs20B2dT8Wkjyt0SqOB2rkJCl7eaQX6JAwBn/mwr7EDG
iZpR1CX7taGWDpi5ss4F84ruL2vHlQUGXCNPkthoaVTjtmXhuZY/ljRckZbrHiC+
30wUwoKZZLFo8nNLV9qv4qQSKlXvvEIsd5qLkStZkzWiM0wy9baEP+dghrklph1N
AdFEHZTPe3JuIIJ9dVyOSPgKVvPEPPDMSiHIC4zzjc5FnmholAo6c/1iigiN1YVx
ilJLvQ6NOdwX0xjgAUIp46zXOYtGd4+uS8ov3vhGVupP8d3ZABBbvCjmRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNLadZz+NoK3EyCfUNQG1cwPrIeSMB8GA1UdIwQY
MBaAFNuu9cMr6ktU0X4kG1zMrwe8Co7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kZWU2NmYtNDVjYy00Y2I0LTlmYmIt
NjQyY2U2NzRmOTc0LzEvMHRwMW5QNDJncmNUSUo5UTFBYlZ6QS1zaDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kZWU2NmYtNDVjYy00Y2I0LTlmYmItNjQyY2U2NzRmOTc0
LzEvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuf/cMA0G
CSqGSIb3DQEBCwUAA4IBAQAOO3cMTr8W2s+mX616H3tHvjKxFPGV1WmHiELse3VF
BpKGuLURJNninVao8fdz214A1QCjkVCMsD0OqDjD5gFnwFI45Bab7LQpU7zNbJXv
6GPwnAEssm84626hJvwGDj8p9CAv4obfbeBcmUCk9azFve5oFiF4XdEtmpzW23qe
N1miNUDEZyM/gy+hb0Mq5nG6jD86Hn26Uf+O2LZ4eakbAJZPiuJknKXnPfrvMJec
nUy1qT8tfvTT0St8NrwXG7hLoikpKADywK+ZWR2e6Uc27r/LI60Vw3eoZuyCQuML
E0O0ui8iGXKW0r+aRstG2He2x0pzB5Y1rpkU/3oLdx78
-----END CERTIFICATE-----
Generated at Sun May 12 04:28:23 2024 by rpki-client on console-ams.rpki-client.org