Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/953550-0266-4f2e-8dc3-7f4bd9b54e62/1/bDvh1ILjTKTQZrxe6LzmavKyf0I.roa
File: bDvh1ILjTKTQZrxe6LzmavKyf0I.roa (raw, json)
Hash identifier: V3PFbM4ooaMCIuidN/SRn8a0M6KLI+73WzYKwcqcTVw=
Subject key identifier: 6C:3B:E1:D4:82:E3:4C:A4:D0:66:BC:5E:E8:BC:E6:6A:F2:B2:7F:42
Certificate issuer: /CN=724518a57069cafd83e21b5c60fb262d8edf342b
Certificate serial: 018CC8714423CFFE317573BE0DF26DAE19D6
Authority key identifier: 72:45:18:A5:70:69:CA:FD:83:E2:1B:5C:60:FB:26:2D:8E:DF:34:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckUYpXBpyv2D4htcYPsmLY7fNCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/953550-0266-4f2e-8dc3-7f4bd9b54e62/1/bDvh1ILjTKTQZrxe6LzmavKyf0I.roa
Signing time: Tue 02 Jan 2024 04:31:55 +0000
ROA not before: Tue 02 Jan 2024 04:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203185
IP address blocks: 185.118.231.0/24 maxlen: 24
185.118.228.0/24 maxlen: 24
185.118.229.0/24 maxlen: 24
185.118.230.0/24 maxlen: 24
2a06:9600:faff::/48 maxlen: 48
2a06:9600:2::/48 maxlen: 48
2a06:9600:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/953550-0266-4f2e-8dc3-7f4bd9b54e62/1/ckUYpXBpyv2D4htcYPsmLY7fNCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/953550-0266-4f2e-8dc3-7f4bd9b54e62/1/ckUYpXBpyv2D4htcYPsmLY7fNCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ckUYpXBpyv2D4htcYPsmLY7fNCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:44:23:cf:fe:31:75:73:be:0d:f2:6d:ae:19:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=724518a57069cafd83e21b5c60fb262d8edf342b
Validity
Not Before: Jan 2 04:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c3be1d482e34ca4d066bc5ee8bce66af2b27f42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:81:3a:7a:d6:6c:5e:26:96:52:83:80:a7:f9:
41:2d:ac:ad:c1:4b:0f:7d:ee:fc:02:cf:d9:46:ac:
61:05:46:91:16:4f:c1:b3:38:1f:7f:f3:f3:df:21:
91:05:96:ce:a4:23:3e:b9:4d:3c:5f:e2:f2:72:f1:
80:ba:35:f6:a7:b2:e5:e0:eb:1d:fe:25:32:30:79:
aa:bb:ea:d3:2f:dc:10:b9:52:e0:23:5d:0c:5c:21:
9a:aa:09:50:5b:e7:79:55:ce:6f:24:eb:3a:f1:70:
15:28:1b:f5:ba:f7:03:6c:0d:02:57:ea:84:25:c3:
6c:54:3d:58:be:0a:14:37:93:42:ca:33:6f:68:46:
a2:83:97:12:df:bb:d5:a2:1f:77:7a:04:64:e9:e8:
27:59:1c:36:e5:e4:66:5b:40:03:2e:c6:ca:58:a7:
95:6a:0c:32:22:67:13:ea:87:23:81:b8:13:1e:b2:
87:f8:72:97:a2:e3:6d:9b:b3:0d:f4:96:5d:af:87:
84:1d:6a:39:d4:6f:e1:72:60:95:8b:3a:23:e2:39:
cd:f1:af:05:ba:1d:d2:8b:f4:c3:ac:21:db:09:ff:
00:71:7e:10:b0:30:f6:ea:90:77:8e:7f:75:7d:ef:
a5:00:d8:6f:5c:e9:42:88:e2:a9:ff:68:92:b0:30:
b3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3B:E1:D4:82:E3:4C:A4:D0:66:BC:5E:E8:BC:E6:6A:F2:B2:7F:42
X509v3 Authority Key Identifier:
keyid:72:45:18:A5:70:69:CA:FD:83:E2:1B:5C:60:FB:26:2D:8E:DF:34:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckUYpXBpyv2D4htcYPsmLY7fNCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/953550-0266-4f2e-8dc3-7f4bd9b54e62/1/bDvh1ILjTKTQZrxe6LzmavKyf0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/953550-0266-4f2e-8dc3-7f4bd9b54e62/1/ckUYpXBpyv2D4htcYPsmLY7fNCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.228.0/22
IPv6:
2a06:9600:1::-2a06:9600:2:ffff:ffff:ffff:ffff:ffff
2a06:9600:faff::/48
Signature Algorithm: sha256WithRSAEncryption
59:9c:92:b7:76:48:7d:ce:da:bf:1e:30:40:29:e4:8e:8c:28:
34:0c:64:f4:d4:75:d7:86:38:ee:18:6f:28:4e:ae:d9:08:e4:
4e:91:7d:e2:f5:8f:ed:d3:66:33:e4:ce:ad:2b:d3:74:2e:26:
39:67:a8:ed:7f:1d:47:c4:90:6e:ae:55:99:b3:9f:cc:7f:ec:
fe:da:52:71:17:26:f7:90:39:49:35:3a:dd:25:49:38:fe:2c:
e1:ba:53:da:bf:93:6d:08:1e:d0:73:4d:4d:e4:56:3a:a7:81:
09:3a:69:df:ad:09:d3:49:8d:20:de:c3:b9:93:e3:63:89:55:
fa:01:2b:73:7c:a7:66:23:39:6e:d0:4a:6b:87:ff:53:1d:b5:
85:d9:78:b1:2c:14:d3:05:48:17:d5:2b:be:3c:08:60:24:c1:
11:70:15:23:8d:8d:cb:ca:82:ad:d3:07:f6:ad:1b:8d:44:11:
6d:23:92:31:34:0a:8e:e2:47:e7:90:f8:af:77:bf:40:a4:86:
96:82:6d:a8:e6:02:b0:c1:45:78:ed:a2:43:ed:b5:7f:57:b0:
88:80:7c:75:fe:9e:82:08:3a:31:97:83:59:87:eb:32:16:20:
10:84:26:27:70:4e:12:57:e8:87:d0:e4:70:0c:34:eb:ac:68:
b3:00:bc:99
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzIcUQjz/4xdXO+DfJtrhnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDUxOGE1NzA2OWNhZmQ4M2UyMWI1YzYwZmIyNjJkOGVk
ZjM0MmIwHhcNMjQwMTAyMDQzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNiZTFkNDgyZTM0Y2E0ZDA2NmJjNWVlOGJjZTY2YWYyYjI3ZjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIE6etZsXiaWUoOAp/lBLaytwUsP
fe78As/ZRqxhBUaRFk/Bszgff/Pz3yGRBZbOpCM+uU08X+LycvGAujX2p7Ll4Osd
/iUyMHmqu+rTL9wQuVLgI10MXCGaqglQW+d5Vc5vJOs68XAVKBv1uvcDbA0CV+qE
JcNsVD1YvgoUN5NCyjNvaEaig5cS37vVoh93egRk6egnWRw25eRmW0ADLsbKWKeV
agwyImcT6ocjgbgTHrKH+HKXouNtm7MN9JZdr4eEHWo51G/hcmCVizoj4jnN8a8F
uh3Si/TDrCHbCf8AcX4QsDD26pB3jn91fe+lANhvXOlCiOKp/2iSsDCzbQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFGw74dSC40yk0Ga8Xui85mrysn9CMB8GA1UdIwQY
MBaAFHJFGKVwacr9g+IbXGD7Ji2O3zQrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tVWXBYQnB5djJENGh0Y1lQc21MWTdmTkNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85NTM1NTAtMDI2Ni00ZjJlLThkYzMt
N2Y0YmQ5YjU0ZTYyLzEvYkR2aDFJTGpUS1RRWnJ4ZTZMem1hdkt5ZjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85NTM1NTAtMDI2Ni00ZjJlLThkYzMtN2Y0YmQ5YjU0ZTYy
LzEvY2tVWXBYQnB5djJENGh0Y1lQc21MWTdmTkNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQCuXbkMCME
AgACMB0wEgMHACoGlgAAAQMHACoGlgAAAgMHACoGlgD6/zANBgkqhkiG9w0BAQsF
AAOCAQEAWZySt3ZIfc7avx4wQCnkjowoNAxk9NR114Y47hhvKE6u2QjkTpF94vWP
7dNmM+TOrSvTdC4mOWeo7X8dR8SQbq5VmbOfzH/s/tpScRcm95A5STU63SVJOP4s
4bpT2r+TbQge0HNNTeRWOqeBCTpp360J00mNIN7DuZPjY4lV+gErc3ynZiM5btBK
a4f/Ux21hdl4sSwU0wVIF9UrvjwIYCTBEXAVI42Ny8qCrdMH9q0bjUQRbSOSMTQK
juJH55D4r3e/QKSGloJtqOYCsMFFeO2iQ+21f1ewiIB8df6eggg6MZeDWYfrMhYg
EIQmJ3BOElfoh9DkcAw066xoswC8mQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:45:08 2024 by rpki-client on console-fra.rpki-client.org