Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/p7pjylcwBbPNmwGxAjUlCwTWYW8.roa
File: p7pjylcwBbPNmwGxAjUlCwTWYW8.roa (raw, json)
Hash identifier: 7zc0AT21s1IhQuIFGDGyxAoISI1ow5I42e0tXtGi1Yk=
Subject key identifier: A7:BA:63:CA:57:30:05:B3:CD:9B:01:B1:02:35:25:0B:04:D6:61:6F
Certificate issuer: /CN=c98a186e8eeb8714edca5b0d716e51d66c168ce1
Certificate serial: 018CC56EE82CF1804A58209DEC19B126496A
Authority key identifier: C9:8A:18:6E:8E:EB:87:14:ED:CA:5B:0D:71:6E:51:D6:6C:16:8C:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYoYbo7rhxTtylsNcW5R1mwWjOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/p7pjylcwBbPNmwGxAjUlCwTWYW8.roa
Signing time: Mon 01 Jan 2024 14:30:29 +0000
ROA not before: Mon 01 Jan 2024 14:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42703
IP address blocks: 185.106.225.0/24 maxlen: 24
185.106.224.0/22 maxlen: 22
185.106.224.0/24 maxlen: 24
185.106.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yYoYbo7rhxTtylsNcW5R1mwWjOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yYoYbo7rhxTtylsNcW5R1mwWjOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/yYoYbo7rhxTtylsNcW5R1mwWjOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e8:2c:f1:80:4a:58:20:9d:ec:19:b1:26:49:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98a186e8eeb8714edca5b0d716e51d66c168ce1
Validity
Not Before: Jan 1 14:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7ba63ca573005b3cd9b01b10235250b04d6616f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7a:57:89:22:03:36:f8:29:f7:89:f8:c7:3d:
a8:36:89:98:fa:cc:4d:ad:dc:1d:ed:70:14:f9:00:
6b:cb:80:21:d8:8e:64:28:39:54:2b:5d:10:d4:4f:
32:a3:3b:29:de:19:89:3b:79:1f:2f:ba:58:33:e2:
f2:c4:35:bb:74:eb:ef:9d:d7:bb:21:c4:18:cd:f7:
70:6f:df:6d:72:cd:f1:02:59:67:14:ed:ea:e0:f5:
80:28:e7:91:fa:37:1a:f7:f4:87:6c:58:35:31:bc:
7c:34:62:e2:92:9e:6b:69:bb:cd:c5:4f:39:21:c8:
e6:83:8b:a9:91:1c:f5:f8:b1:9f:bd:63:f7:09:57:
b1:e8:d2:f8:77:0d:bd:51:41:9e:af:a5:f2:51:52:
0b:2a:05:0a:2a:9f:23:0f:b4:a7:19:d1:d0:2f:f2:
4c:31:c0:b2:59:81:32:d0:10:14:44:44:e5:a7:6b:
91:50:6e:6d:34:8f:9b:1e:60:8e:95:19:ff:cb:23:
de:7b:d4:ad:9b:23:9d:ec:53:69:4b:4a:1e:0a:48:
fd:bd:2d:d4:ee:78:12:97:63:b9:89:7c:f7:78:58:
f8:11:c5:19:4a:90:b8:85:d2:ac:c5:04:e4:bb:88:
23:62:a3:52:a8:0d:be:3c:8e:c6:a9:b8:4e:b3:dd:
40:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:BA:63:CA:57:30:05:B3:CD:9B:01:B1:02:35:25:0B:04:D6:61:6F
X509v3 Authority Key Identifier:
keyid:C9:8A:18:6E:8E:EB:87:14:ED:CA:5B:0D:71:6E:51:D6:6C:16:8C:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYoYbo7rhxTtylsNcW5R1mwWjOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/p7pjylcwBbPNmwGxAjUlCwTWYW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/ba7214-5568-4a42-a999-7a5a8d0967c8/1/yYoYbo7rhxTtylsNcW5R1mwWjOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.224.0/22
Signature Algorithm: sha256WithRSAEncryption
65:ad:20:42:ee:75:40:ae:f4:95:54:48:58:ab:c6:2d:11:0f:
f3:03:e5:5a:b9:53:fc:a4:89:c9:12:91:8a:7e:a2:23:96:e3:
c0:e5:77:8d:00:78:29:6a:30:e7:74:85:02:35:25:9a:6a:08:
29:3a:86:16:dd:29:73:d1:93:54:10:21:b8:f2:0d:93:02:ec:
81:7c:ca:13:cf:74:86:43:fb:b9:2f:68:a5:e7:e9:25:f2:79:
84:ee:ec:26:c3:7b:0f:3a:4b:68:d1:bb:64:41:ec:64:19:19:
4b:90:3a:ba:9c:3a:fc:b5:04:d6:8f:ac:cb:03:09:39:2e:57:
91:b5:ab:f7:72:f2:86:2c:78:3e:56:25:b2:f7:46:5c:3f:17:
f0:77:c6:2f:06:60:2d:37:11:a8:00:ab:b1:ca:a7:8b:c8:01:
aa:fa:0b:bf:59:65:fe:2e:c5:82:08:06:04:49:25:47:e3:1b:
a4:a5:28:0a:fb:19:64:1c:d0:1a:76:01:da:8f:2d:37:57:a6:
9b:d2:67:6e:28:83:02:80:06:c6:d2:89:df:6f:ee:51:c5:f5:
71:86:a8:1d:b7:98:2a:7c:ed:bf:23:5d:15:1c:24:4f:d2:fa:
7d:11:ae:11:12:32:75:01:52:16:8e:43:26:07:87:cd:4c:f4:
88:ab:f3:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbugs8YBKWCCd7BmxJklqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGExODZlOGVlYjg3MTRlZGNhNWIwZDcxNmU1MWQ2NmMx
NjhjZTEwHhcNMjQwMTAxMTQzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2JhNjNjYTU3MzAwNWIzY2Q5YjAxYjEwMjM1MjUwYjA0ZDY2MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHpXiSIDNvgp94n4xz2oNomY+sxN
rdwd7XAU+QBry4Ah2I5kKDlUK10Q1E8yozsp3hmJO3kfL7pYM+LyxDW7dOvvnde7
IcQYzfdwb99tcs3xAllnFO3q4PWAKOeR+jca9/SHbFg1Mbx8NGLikp5rabvNxU85
Icjmg4upkRz1+LGfvWP3CVex6NL4dw29UUGer6XyUVILKgUKKp8jD7SnGdHQL/JM
McCyWYEy0BAURETlp2uRUG5tNI+bHmCOlRn/yyPee9StmyOd7FNpS0oeCkj9vS3U
7ngSl2O5iXz3eFj4EcUZSpC4hdKsxQTku4gjYqNSqA2+PI7GqbhOs91AFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKe6Y8pXMAWzzZsBsQI1JQsE1mFvMB8GA1UdIwQY
MBaAFMmKGG6O64cU7cpbDXFuUdZsFozhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlvWWJvN3JoeFR0eWxzTmNXNVIxbXdXak9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iYTcyMTQtNTU2OC00YTQyLWE5OTkt
N2E1YThkMDk2N2M4LzEvcDdwanlsY3dCYlBObXdHeEFqVWxDd1RXWVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iYTcyMTQtNTU2OC00YTQyLWE5OTktN2E1YThkMDk2N2M4
LzEveVlvWWJvN3JoeFR0eWxzTmNXNVIxbXdXak9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWrgMA0G
CSqGSIb3DQEBCwUAA4IBAQBlrSBC7nVArvSVVEhYq8YtEQ/zA+VauVP8pInJEpGK
fqIjluPA5XeNAHgpajDndIUCNSWaaggpOoYW3Slz0ZNUECG48g2TAuyBfMoTz3SG
Q/u5L2il5+kl8nmE7uwmw3sPOkto0btkQexkGRlLkDq6nDr8tQTWj6zLAwk5LleR
tav3cvKGLHg+ViWy90ZcPxfwd8YvBmAtNxGoAKuxyqeLyAGq+gu/WWX+LsWCCAYE
SSVH4xukpSgK+xlkHNAadgHajy03V6ab0mduKIMCgAbG0onfb+5RxfVxhqgdt5gq
fO2/I10VHCRP0vp9Ea4REjJ1AVIWjkMmB4fNTPSIq/N+
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:41 2024 by rpki-client on console-ams.rpki-client.org