Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/86b402-e43b-4b7e-98ee-b6b74cb299b0/1/1-Rb3U9ZTIGj7qfCag4g7GzJsHKI.roa
File: 1-Rb3U9ZTIGj7qfCag4g7GzJsHKI.roa (raw, json)
Hash identifier: gCyHpQqfnZ2yB8sN1nrczY7XFo9eFl5dbZsjfhWId+o=
Subject key identifier: F9:16:F7:53:D6:53:20:68:FB:A9:F0:9A:83:88:3B:1B:32:6C:1C:A2
Certificate issuer: /CN=768ef9c104be22284bf7b2756d2a8173946a386e
Certificate serial: 018CC50135D2ED0AFA93CC0EE2567E4AD528
Authority key identifier: 76:8E:F9:C1:04:BE:22:28:4B:F7:B2:75:6D:2A:81:73:94:6A:38:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/do75wQS-IihL97J1bSqBc5RqOG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/86b402-e43b-4b7e-98ee-b6b74cb299b0/1/1-Rb3U9ZTIGj7qfCag4g7GzJsHKI.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62286
IP address blocks: 185.40.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/86b402-e43b-4b7e-98ee-b6b74cb299b0/1/do75wQS-IihL97J1bSqBc5RqOG4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/86b402-e43b-4b7e-98ee-b6b74cb299b0/1/do75wQS-IihL97J1bSqBc5RqOG4.mft
rsync://rpki.ripe.net/repository/DEFAULT/do75wQS-IihL97J1bSqBc5RqOG4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:35:d2:ed:0a:fa:93:cc:0e:e2:56:7e:4a:d5:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=768ef9c104be22284bf7b2756d2a8173946a386e
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f916f753d6532068fba9f09a83883b1b326c1ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c7:4e:4c:14:4c:bf:53:a0:66:86:05:30:9c:
c5:05:bf:37:36:e6:53:85:be:d2:18:83:08:33:74:
8a:16:9a:a2:03:64:e8:5d:b2:88:37:cc:74:4e:f1:
e0:2a:b9:ab:9f:55:91:a0:23:03:2f:67:95:0c:82:
98:ab:d3:a9:73:08:a7:69:2a:e2:a2:ab:5e:13:db:
15:53:a4:cf:ec:2b:ac:cd:e4:c4:52:1e:80:0d:50:
62:2f:e7:60:37:56:14:c6:63:a7:6d:46:21:06:1b:
72:e6:e9:69:5f:bf:53:84:5b:d3:d4:e1:52:eb:7c:
b1:96:12:73:d1:6a:ff:6f:d5:08:cc:b7:75:b7:19:
f3:8f:ae:cc:96:17:a9:42:71:fc:eb:64:65:83:0b:
41:aa:75:f2:ec:49:a6:6e:dc:bd:a8:46:b5:3b:cd:
81:3c:f8:b2:90:cc:f3:0b:cc:c5:b5:7f:54:a6:25:
de:ce:6a:79:0f:62:1b:44:5f:46:46:62:ac:a1:8f:
22:a8:a4:85:3b:14:0b:61:a2:4d:79:d5:69:22:31:
6c:35:f2:99:6f:59:d8:ff:67:29:06:63:c8:e1:e6:
a4:43:01:b3:58:2d:18:ea:c1:48:a1:e6:37:2a:7d:
92:08:41:b1:89:38:60:32:19:71:44:ec:f5:9b:97:
79:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:16:F7:53:D6:53:20:68:FB:A9:F0:9A:83:88:3B:1B:32:6C:1C:A2
X509v3 Authority Key Identifier:
keyid:76:8E:F9:C1:04:BE:22:28:4B:F7:B2:75:6D:2A:81:73:94:6A:38:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/do75wQS-IihL97J1bSqBc5RqOG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/86b402-e43b-4b7e-98ee-b6b74cb299b0/1/1-Rb3U9ZTIGj7qfCag4g7GzJsHKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/86b402-e43b-4b7e-98ee-b6b74cb299b0/1/do75wQS-IihL97J1bSqBc5RqOG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.40.0/22
Signature Algorithm: sha256WithRSAEncryption
51:43:47:8b:4e:9e:7d:95:4a:a0:81:c2:e8:8c:61:47:4e:92:
98:89:d7:32:9d:fc:ca:d6:d4:f6:ca:12:0a:e2:3e:da:c7:2d:
c7:01:cb:d8:e9:51:8b:7e:c5:99:8e:4b:41:b3:dc:0a:56:ba:
75:a9:ab:e7:9c:53:e7:42:43:63:5e:23:f7:2f:a5:2b:ce:e2:
bc:ac:0a:c5:44:ea:25:5d:7c:cf:ed:10:22:67:5d:75:2e:89:
2a:e9:59:ab:fd:17:77:17:73:34:88:8d:de:c3:89:f6:ac:e5:
1d:d7:01:f0:e8:99:a5:3d:51:9d:83:6d:84:d8:d1:d5:a7:64:
c0:fb:6a:97:a2:73:39:84:d7:87:5b:f7:a8:b3:b5:6b:05:f5:
c4:db:31:9d:cd:b7:66:dc:48:47:a6:2f:46:a6:76:ee:b8:33:
59:3a:e6:4a:ba:d6:6e:bf:93:cb:a8:50:aa:b1:e4:d9:ed:cc:
e5:92:c4:48:f1:63:a9:88:6a:c6:47:09:11:b7:c2:ac:19:92:
81:3e:e4:f7:a3:98:07:be:d2:96:40:c6:52:a3:3e:cd:66:8c:
54:32:84:92:e5:b7:44:e7:b7:d7:5f:df:c1:80:fc:99:26:e3:
d9:5c:e5:62:03:3e:bf:e3:3c:34:aa:19:40:f5:4e:00:a0:f8:
98:9c:f9:21
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFATXS7Qr6k8wO4lZ+StUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OGVmOWMxMDRiZTIyMjg0YmY3YjI3NTZkMmE4MTczOTQ2
YTM4NmUwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTE2Zjc1M2Q2NTMyMDY4ZmJhOWYwOWE4Mzg4M2IxYjMyNmMxY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcdOTBRMv1OgZoYFMJzFBb83NuZT
hb7SGIMIM3SKFpqiA2ToXbKIN8x0TvHgKrmrn1WRoCMDL2eVDIKYq9OpcwinaSri
oqteE9sVU6TP7CuszeTEUh6ADVBiL+dgN1YUxmOnbUYhBhty5ulpX79ThFvT1OFS
63yxlhJz0Wr/b9UIzLd1txnzj67MlhepQnH862RlgwtBqnXy7Emmbty9qEa1O82B
PPiykMzzC8zFtX9UpiXezmp5D2IbRF9GRmKsoY8iqKSFOxQLYaJNedVpIjFsNfKZ
b1nY/2cpBmPI4eakQwGzWC0Y6sFIoeY3Kn2SCEGxiThgMhlxROz1m5d5gwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPkW91PWUyBo+6nwmoOIOxsybByiMB8GA1UdIwQY
MBaAFHaO+cEEviIoS/eydW0qgXOUajhuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG83NXdRUy1JaWhMOTdKMWJTcUJjNVJxT0c0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84NmI0MDItZTQzYi00YjdlLTk4ZWUt
YjZiNzRjYjI5OWIwLzEvMS1SYjNVOVpUSUdqN3FmQ2FnNGc3R3pKc0hLSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWQvODZiNDAyLWU0M2ItNGI3ZS05OGVlLWI2Yjc0Y2IyOTli
MC8xL2RvNzV3UVMtSWloTDk3SjFiU3FCYzVScU9HNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkoKDAN
BgkqhkiG9w0BAQsFAAOCAQEAUUNHi06efZVKoIHC6IxhR06SmInXMp38ytbU9soS
CuI+2sctxwHL2OlRi37FmY5LQbPcCla6damr55xT50JDY14j9y+lK87ivKwKxUTq
JV18z+0QImdddS6JKulZq/0XdxdzNIiN3sOJ9qzlHdcB8OiZpT1RnYNthNjR1adk
wPtql6JzOYTXh1v3qLO1awX1xNsxnc23ZtxIR6YvRqZ27rgzWTrmSrrWbr+Ty6hQ
qrHk2e3M5ZLESPFjqYhqxkcJEbfCrBmSgT7k96OYB77SlkDGUqM+zWaMVDKEkuW3
ROe311/fwYD8mSbj2VzlYgM+v+M8NKoZQPVOAKD4mJz5IQ==
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:05:39 2024 by rpki-client on console-fra.rpki-client.org