Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/app9dYK1ZGEJ9e73T-JpZ6NMDck.roa
File: app9dYK1ZGEJ9e73T-JpZ6NMDck.roa (raw, json)
Hash identifier: VfL7YJolchtbcDI6r6N53U2cJgs64kLFTP/tFdop/VY=
Subject key identifier: 6A:9A:7D:75:82:B5:64:61:09:F5:EE:F7:4F:E2:69:67:A3:4C:0D:C9
Certificate issuer: /CN=25572e8f93b18a401cfecdf62586783858cc5f14
Certificate serial: 018CC26D3E674B13C317308132A2DBBCFBF0
Authority key identifier: 25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/app9dYK1ZGEJ9e73T-JpZ6NMDck.roa
Signing time: Mon 01 Jan 2024 00:29:48 +0000
ROA not before: Mon 01 Jan 2024 00:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197164
IP address blocks: 192.162.230.0/24 maxlen: 24
185.114.124.0/22 maxlen: 24
192.162.228.0/23 maxlen: 24
2001:67c:2274::/48 maxlen: 48
2a06:6f00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:3e:67:4b:13:c3:17:30:81:32:a2:db:bc:fb:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25572e8f93b18a401cfecdf62586783858cc5f14
Validity
Not Before: Jan 1 00:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a9a7d7582b5646109f5eef74fe26967a34c0dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b6:07:85:89:06:40:65:dc:7c:6b:f5:63:16:
6b:f4:a5:60:26:e5:eb:44:3e:e0:01:cd:6c:7d:12:
31:a2:14:bf:ea:e3:3a:b9:31:08:2a:93:c6:cf:f9:
37:99:26:9e:c4:0b:b9:49:49:6a:e8:d2:db:04:2c:
33:3f:a0:78:4b:6b:69:b5:42:ef:09:f5:9c:93:4a:
e4:4b:19:b6:13:09:11:5d:64:77:4f:bd:11:d8:2c:
2d:e2:14:da:06:60:03:cc:ab:c9:98:61:70:f9:76:
ea:70:6e:c2:88:33:01:20:9a:cd:30:4a:51:17:3f:
20:e6:e4:7d:00:6c:18:06:ca:39:38:bc:b9:2d:55:
bd:9b:e9:1f:51:20:f3:22:c2:f3:a2:c1:76:d2:d7:
45:14:de:cc:1b:09:8b:c5:c5:a7:93:75:09:0f:d6:
4a:ad:7f:39:44:84:fc:85:d0:5e:e7:aa:dc:a2:f6:
aa:31:c4:f9:67:ce:08:15:6e:1b:5f:91:58:af:e9:
4b:5c:1c:9a:5d:f7:12:da:22:a1:7c:63:2a:de:f5:
f6:73:e8:4f:2b:4e:a2:c0:97:03:f5:d0:24:15:86:
96:89:36:79:dd:96:41:e4:11:79:05:db:08:ec:e7:
23:af:9d:78:51:fb:43:ef:a7:75:ec:e2:c6:82:dd:
2d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9A:7D:75:82:B5:64:61:09:F5:EE:F7:4F:E2:69:67:A3:4C:0D:C9
X509v3 Authority Key Identifier:
keyid:25:57:2E:8F:93:B1:8A:40:1C:FE:CD:F6:25:86:78:38:58:CC:5F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JVcuj5OxikAc_s32JYZ4OFjMXxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/app9dYK1ZGEJ9e73T-JpZ6NMDck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4b1a35-4a84-414b-b073-66d35e525039/1/JVcuj5OxikAc_s32JYZ4OFjMXxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.124.0/22
192.162.228.0-192.162.230.255
IPv6:
2001:67c:2274::/48
2a06:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
01:16:88:64:78:b5:e7:1d:5a:09:f8:7b:1d:d4:30:82:50:fb:
87:4a:d1:a3:3f:9c:75:1d:ed:eb:0d:0a:aa:41:7f:84:6a:29:
42:01:6b:a3:ad:f1:3a:c8:1e:8f:9d:a0:8f:0a:c4:d5:93:c0:
90:dc:3a:03:10:72:02:cd:b3:be:47:e8:02:03:35:44:42:31:
bc:cf:43:a8:cc:d6:78:6a:7c:96:7d:bd:37:b8:c2:46:f0:b0:
d6:03:c3:8b:38:bf:bf:2d:bf:eb:f6:cc:e4:8a:bc:f7:06:4b:
62:e1:67:ee:51:d7:c0:ce:88:1c:19:eb:2f:76:fa:5f:7f:d8:
22:1e:f9:90:dc:81:43:c7:ad:a1:25:40:2d:ba:bb:a6:0e:c9:
9a:d1:56:9e:04:94:e9:00:64:e7:3f:ff:e8:11:44:a1:3e:cc:
a8:b3:56:92:a2:97:af:5e:25:ef:e7:bb:f6:f9:40:c8:14:2c:
f3:a6:15:90:f6:9a:c5:d0:bc:7e:99:56:41:87:57:c7:bc:14:
23:d1:ab:42:f8:d2:48:de:2f:14:f5:91:90:c1:ca:2e:19:f0:
79:b9:83:71:f2:26:4e:ed:e6:57:20:ed:cb:01:d4:59:1f:16:
a8:1a:6b:03:d3:de:60:37:41:41:19:64:0f:09:d1:c3:69:a7:
8e:89:43:a1
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzCbT5nSxPDFzCBMqLbvPvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NTcyZThmOTNiMThhNDAxY2ZlY2RmNjI1ODY3ODM4NThj
YzVmMTQwHhcNMjQwMTAxMDAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTlhN2Q3NTgyYjU2NDYxMDlmNWVlZjc0ZmUyNjk2N2EzNGMwZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27YHhYkGQGXcfGv1YxZr9KVgJuXr
RD7gAc1sfRIxohS/6uM6uTEIKpPGz/k3mSaexAu5SUlq6NLbBCwzP6B4S2tptULv
CfWck0rkSxm2EwkRXWR3T70R2Cwt4hTaBmADzKvJmGFw+XbqcG7CiDMBIJrNMEpR
Fz8g5uR9AGwYBso5OLy5LVW9m+kfUSDzIsLzosF20tdFFN7MGwmLxcWnk3UJD9ZK
rX85RIT8hdBe56rcovaqMcT5Z84IFW4bX5FYr+lLXByaXfcS2iKhfGMq3vX2c+hP
K06iwJcD9dAkFYaWiTZ53ZZB5BF5BdsI7Ocjr514UftD76d17OLGgt0tJQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGqafXWCtWRhCfXu90/iaWejTA3JMB8GA1UdIwQY
MBaAFCVXLo+TsYpAHP7N9iWGeDhYzF8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMt
NjZkMzVlNTI1MDM5LzEvYXBwOWRZSzFaR0VKOWU3M1QtSnBaNk5NRGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80YjFhMzUtNGE4NC00MTRiLWIwNzMtNjZkMzVlNTI1MDM5
LzEvSlZjdWo1T3hpa0FjX3MzMkpZWjRPRmpNWHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUAwQCuXJ8MAwD
BALAouQDBADAouYwFgQCAAIwEAMHACABBnwidAMFAyoGbwAwDQYJKoZIhvcNAQEL
BQADggEBAAEWiGR4tecdWgn4ex3UMIJQ+4dK0aM/nHUd7esNCqpBf4RqKUIBa6Ot
8TrIHo+doI8KxNWTwJDcOgMQcgLNs75H6AIDNURCMbzPQ6jM1nhqfJZ9vTe4wkbw
sNYDw4s4v78tv+v2zOSKvPcGS2LhZ+5R18DOiBwZ6y92+l9/2CIe+ZDcgUPHraEl
QC26u6YOyZrRVp4ElOkAZOc//+gRRKE+zKizVpKil69eJe/nu/b5QMgULPOmFZD2
msXQvH6ZVkGHV8e8FCPRq0L40kjeLxT1kZDByi4Z8Hm5g3HyJk7t5lcg7csB1Fkf
FqgaawPT3mA3QUEZZA8J0cNpp46JQ6E=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:58:47 2024 by rpki-client on console-ams.rpki-client.org