Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/bd9f3c-9a03-420d-8a29-d094dfa364d6/1/fSnkfyq6RrsbTGSsNyvfJ72_fNQ.roa
File: fSnkfyq6RrsbTGSsNyvfJ72_fNQ.roa (raw, json)
Hash identifier: g+lxp7vgIC02QRbjWkjCDtca+POaZa+bTdSPRrqyLW4=
Subject key identifier: 7D:29:E4:7F:2A:BA:46:BB:1B:4C:64:AC:37:2B:DF:27:BD:BF:7C:D4
Certificate issuer: /CN=c96c9e6d3233e2c24120b85d17179cfb5d334784
Certificate serial: 018CD9CA6174C128D0FDD7A769F8375612CA
Authority key identifier: C9:6C:9E:6D:32:33:E2:C2:41:20:B8:5D:17:17:9C:FB:5D:33:47:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yWyebTIz4sJBILhdFxec-10zR4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/bd9f3c-9a03-420d-8a29-d094dfa364d6/1/fSnkfyq6RrsbTGSsNyvfJ72_fNQ.roa
Signing time: Fri 05 Jan 2024 13:22:48 +0000
ROA not before: Fri 05 Jan 2024 13:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206002
IP address blocks: 185.187.28.0/22 maxlen: 24
2a0b:9380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/bd9f3c-9a03-420d-8a29-d094dfa364d6/1/yWyebTIz4sJBILhdFxec-10zR4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/bd9f3c-9a03-420d-8a29-d094dfa364d6/1/yWyebTIz4sJBILhdFxec-10zR4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/yWyebTIz4sJBILhdFxec-10zR4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:ca:61:74:c1:28:d0:fd:d7:a7:69:f8:37:56:12:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c96c9e6d3233e2c24120b85d17179cfb5d334784
Validity
Not Before: Jan 5 13:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d29e47f2aba46bb1b4c64ac372bdf27bdbf7cd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3e:59:8a:18:03:7a:73:ed:40:68:6a:2d:33:
ac:7d:64:35:f0:84:50:a4:e1:82:df:a2:b5:d8:15:
39:81:bd:93:dc:a7:ff:50:ac:62:55:2f:7e:55:0c:
18:b9:97:a4:17:d7:a8:45:ba:01:44:da:31:93:d8:
83:51:a9:76:51:e7:ef:1c:f2:ab:60:71:af:12:e8:
bc:3c:b8:57:7f:5f:56:63:5a:f4:9e:94:90:95:09:
6a:38:ed:e3:70:11:1a:9c:56:df:b2:a4:08:5a:55:
13:0a:93:76:22:fc:19:65:d7:61:48:2b:94:8c:5d:
76:bd:43:eb:53:49:c6:85:7b:57:52:21:95:35:1e:
3a:73:16:6d:5f:7e:fe:34:84:aa:ba:5c:49:a2:04:
e8:ad:90:3e:72:74:3a:66:be:85:da:6a:83:9c:bb:
57:fe:fa:b5:58:8e:86:a1:76:8f:8e:8b:2a:24:c5:
8d:38:10:9f:2d:29:9e:bc:fe:39:86:54:96:16:ec:
a5:fe:d6:a7:e2:51:83:77:a0:fd:1d:f8:6d:ba:34:
e7:33:28:45:b4:25:3d:67:08:29:fa:01:0d:74:43:
ed:85:b0:5a:0d:24:63:51:d8:92:3b:29:63:d1:55:
49:ca:c9:18:f0:8c:d3:1d:7e:cb:e3:cc:7a:91:f7:
40:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:29:E4:7F:2A:BA:46:BB:1B:4C:64:AC:37:2B:DF:27:BD:BF:7C:D4
X509v3 Authority Key Identifier:
keyid:C9:6C:9E:6D:32:33:E2:C2:41:20:B8:5D:17:17:9C:FB:5D:33:47:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yWyebTIz4sJBILhdFxec-10zR4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/bd9f3c-9a03-420d-8a29-d094dfa364d6/1/fSnkfyq6RrsbTGSsNyvfJ72_fNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/bd9f3c-9a03-420d-8a29-d094dfa364d6/1/yWyebTIz4sJBILhdFxec-10zR4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.28.0/22
IPv6:
2a0b:9380::/32
Signature Algorithm: sha256WithRSAEncryption
1f:b5:68:07:9a:14:bd:c8:d2:5e:68:6b:d8:f1:76:27:47:56:
7a:60:48:e8:69:c9:43:5c:73:ee:ef:86:9c:d5:c2:f5:58:ce:
62:5d:59:99:3d:eb:4a:94:ab:a8:3c:5b:90:85:c7:d3:81:1c:
b9:a0:24:e7:a5:c7:56:2e:66:32:81:67:e8:a8:28:0e:66:59:
21:6a:74:88:c4:15:9c:d9:a9:ae:48:7a:1c:4d:af:59:bf:b9:
1c:92:01:59:92:f4:20:5c:6e:62:9f:77:09:d8:00:36:c8:d9:
21:7a:9b:da:8e:91:ad:a1:3b:15:2e:91:9c:c9:8b:ef:3e:c3:
2b:66:f5:74:cd:75:15:cd:6b:47:15:29:7b:81:de:b9:7e:8a:
f5:93:6b:76:e9:03:1b:81:8f:75:4c:6a:e2:51:aa:53:2f:e3:
57:75:3a:27:a2:6e:b0:44:24:a2:81:4a:01:c3:eb:67:36:cc:
81:b9:54:e5:dc:10:4e:dd:54:b0:95:ea:28:85:cf:68:ef:93:
f0:10:1d:1d:a3:c1:70:33:e8:42:c1:6e:cb:19:23:29:a8:ce:
25:74:49:70:3d:37:9d:87:ab:30:59:1c:ee:bd:37:b7:d3:02:
03:0e:15:59:69:ff:98:c7:46:d4:e4:e6:ed:79:55:aa:c0:bf:
75:58:58:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzZymF0wSjQ/denafg3VhLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5NmM5ZTZkMzIzM2UyYzI0MTIwYjg1ZDE3MTc5Y2ZiNWQz
MzQ3ODQwHhcNMjQwMTA1MTMyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDI5ZTQ3ZjJhYmE0NmJiMWI0YzY0YWMzNzJiZGYyN2JkYmY3Y2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjj5ZihgDenPtQGhqLTOsfWQ18IRQ
pOGC36K12BU5gb2T3Kf/UKxiVS9+VQwYuZekF9eoRboBRNoxk9iDUal2UefvHPKr
YHGvEui8PLhXf19WY1r0npSQlQlqOO3jcBEanFbfsqQIWlUTCpN2IvwZZddhSCuU
jF12vUPrU0nGhXtXUiGVNR46cxZtX37+NISqulxJogTorZA+cnQ6Zr6F2mqDnLtX
/vq1WI6GoXaPjosqJMWNOBCfLSmevP45hlSWFuyl/tan4lGDd6D9HfhtujTnMyhF
tCU9Zwgp+gENdEPthbBaDSRjUdiSOylj0VVJyskY8IzTHX7L48x6kfdAQwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH0p5H8quka7G0xkrDcr3ye9v3zUMB8GA1UdIwQY
MBaAFMlsnm0yM+LCQSC4XRcXnPtdM0eEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVd5ZWJUSXo0c0pCSUxoZEZ4ZWMtMTB6UjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iZDlmM2MtOWEwMy00MjBkLThhMjkt
ZDA5NGRmYTM2NGQ2LzEvZlNua2Z5cTZScnNiVEdTc055dmZKNzJfZk5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9iZDlmM2MtOWEwMy00MjBkLThhMjktZDA5NGRmYTM2NGQ2
LzEveVd5ZWJUSXo0c0pCSUxoZEZ4ZWMtMTB6UjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubscMA0E
AgACMAcDBQAqC5OAMA0GCSqGSIb3DQEBCwUAA4IBAQAftWgHmhS9yNJeaGvY8XYn
R1Z6YEjoaclDXHPu74ac1cL1WM5iXVmZPetKlKuoPFuQhcfTgRy5oCTnpcdWLmYy
gWfoqCgOZlkhanSIxBWc2amuSHocTa9Zv7kckgFZkvQgXG5in3cJ2AA2yNkhepva
jpGtoTsVLpGcyYvvPsMrZvV0zXUVzWtHFSl7gd65for1k2t26QMbgY91TGriUapT
L+NXdTonom6wRCSigUoBw+tnNsyBuVTl3BBO3VSwleoohc9o75PwEB0do8FwM+hC
wW7LGSMpqM4ldElwPTedh6swWRzuvTe30wIDDhVZaf+Yx0bU5ObteVWqwL91WFhs
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:41 2024 by rpki-client on console-ams.rpki-client.org