Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/kIufUuZqVGYA_R82VqN_HxJaXSw.roa
File: kIufUuZqVGYA_R82VqN_HxJaXSw.roa (raw, json)
Hash identifier: rOMwVEk+1AoWT73xjhXwra7xpuGkyJWSmGN2u7/+ejM=
Subject key identifier: 90:8B:9F:52:E6:6A:54:66:00:FD:1F:36:56:A3:7F:1F:12:5A:5D:2C
Certificate issuer: /CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee
Certificate serial: 018CCA2AA0446A0C94019D7A620EE642A83A
Authority key identifier: 06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/kIufUuZqVGYA_R82VqN_HxJaXSw.roa
Signing time: Tue 02 Jan 2024 12:34:00 +0000
ROA not before: Tue 02 Jan 2024 12:34:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60929
IP address blocks: 185.23.152.0/22 maxlen: 22
185.23.152.0/24 maxlen: 24
185.23.154.0/24 maxlen: 24
185.23.155.0/24 maxlen: 24
185.23.153.0/24 maxlen: 24
2a00:6e20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:a0:44:6a:0c:94:01:9d:7a:62:0e:e6:42:a8:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee
Validity
Not Before: Jan 2 12:34:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=908b9f52e66a546600fd1f3656a37f1f125a5d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e5:14:52:09:90:8d:f2:2f:0d:33:4e:cb:c2:
8f:0a:39:18:76:f8:d8:f4:91:c9:f0:33:11:fe:22:
ad:c6:a4:9f:39:17:f2:09:41:2b:47:34:ff:8f:42:
cd:49:e8:e2:4a:ad:38:30:8e:66:15:fa:67:23:14:
b3:db:5e:4e:f1:55:e7:17:38:fb:b4:63:51:3d:67:
e7:96:1c:1d:a3:51:53:c9:dc:c8:92:7e:5e:c2:38:
b6:59:82:b2:93:5c:53:a2:a5:f7:77:69:2d:34:91:
e1:e4:76:33:a4:38:5f:f9:e0:9d:85:f4:3d:dd:96:
6f:d3:b1:3b:af:45:a6:66:e2:cb:5b:18:f5:c8:a4:
6c:19:56:93:b3:9b:2a:ce:e2:c6:96:2d:32:5d:c3:
28:4f:8e:91:49:9b:1e:27:5d:1d:3c:1c:bd:42:a2:
43:65:e7:89:9a:bc:c2:1a:ac:9b:7b:b6:8c:e0:32:
17:bb:e7:2b:bd:3c:fc:a2:4d:4b:73:48:16:72:2a:
6a:f1:15:bf:f9:7b:a2:6a:32:d1:59:51:28:20:bb:
d1:8f:c1:83:e2:eb:fc:43:11:76:1e:1e:58:89:b4:
94:af:0b:c3:ab:e5:3f:e2:13:d8:06:3b:01:6c:27:
3a:32:63:14:a9:fb:e2:d9:3d:18:6e:f3:fa:80:20:
99:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8B:9F:52:E6:6A:54:66:00:FD:1F:36:56:A3:7F:1F:12:5A:5D:2C
X509v3 Authority Key Identifier:
keyid:06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/kIufUuZqVGYA_R82VqN_HxJaXSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.152.0/22
IPv6:
2a00:6e20::/32
Signature Algorithm: sha256WithRSAEncryption
86:33:30:fd:51:24:f3:ed:b8:69:4f:11:dc:d3:ea:7a:3e:b0:
dc:b2:f6:ed:5f:c0:f4:a2:40:34:0f:32:35:32:06:a6:55:c9:
33:8c:46:4c:77:44:70:eb:2f:af:7e:3d:3f:49:bb:3b:22:05:
dc:a0:3c:80:a0:d7:d2:ae:3e:da:d7:ed:97:85:17:8e:d3:87:
59:94:18:9c:3c:4d:48:81:a5:6f:86:3d:44:c0:85:71:c7:be:
f9:a2:2e:4c:73:6a:d4:06:47:e1:7e:50:b2:35:34:92:32:49:
b6:4d:99:4f:2c:13:43:eb:93:59:45:50:c0:14:58:fa:8b:8e:
71:83:73:d7:85:6f:ae:43:f7:eb:67:59:8a:b1:9e:32:3a:b6:
1f:1a:0c:3d:78:79:4b:80:e4:38:fa:c3:2b:9e:19:dd:8e:a8:
2e:7e:e1:00:26:42:71:5a:07:e7:99:b2:ab:65:f3:6b:5f:5c:
8f:49:21:d2:44:69:ef:31:a5:d6:69:93:bd:e4:c0:2e:72:95:
01:fc:ba:99:43:8e:06:5e:92:a6:95:fc:73:b1:79:ac:bc:36:
7c:2e:87:5f:3d:3d:ab:ba:ff:88:a5:8a:64:32:59:e4:8a:ec:
09:02:88:2b:6f:49:ad:ab:22:8c:ed:96:2d:32:29:88:b7:d8:
3c:77:44:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKqBEagyUAZ16Yg7mQqg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YmQzMGFjMzU2MWExZGY3ZmM2YjI5NmJmOWQyOWRkNTU4
MWYxZWUwHhcNMjQwMTAyMTIzNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDhiOWY1MmU2NmE1NDY2MDBmZDFmMzY1NmEzN2YxZjEyNWE1ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OUUUgmQjfIvDTNOy8KPCjkYdvjY
9JHJ8DMR/iKtxqSfORfyCUErRzT/j0LNSejiSq04MI5mFfpnIxSz215O8VXnFzj7
tGNRPWfnlhwdo1FTydzIkn5ewji2WYKyk1xToqX3d2ktNJHh5HYzpDhf+eCdhfQ9
3ZZv07E7r0WmZuLLWxj1yKRsGVaTs5sqzuLGli0yXcMoT46RSZseJ10dPBy9QqJD
ZeeJmrzCGqybe7aM4DIXu+crvTz8ok1Lc0gWcipq8RW/+XuiajLRWVEoILvRj8GD
4uv8QxF2Hh5YibSUrwvDq+U/4hPYBjsBbCc6MmMUqfvi2T0YbvP6gCCZkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJCLn1LmalRmAP0fNlajfx8SWl0sMB8GA1UdIwQY
MBaAFAa9MKw1YaHff8aylr+dKd1VgfHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnIwd3JEVmhvZDlfeHJLV3Y1MHAzVldCOGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hMDFhYjUtODNjMC00ZTE5LTkwOTMt
NzkxNzViMTUxYTUyLzEva0l1ZlV1WnFWR1lBX1I4MlZxTl9IeEphWFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hMDFhYjUtODNjMC00ZTE5LTkwOTMtNzkxNzViMTUxYTUy
LzEvQnIwd3JEVmhvZDlfeHJLV3Y1MHAzVldCOGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuReYMA0E
AgACMAcDBQAqAG4gMA0GCSqGSIb3DQEBCwUAA4IBAQCGMzD9USTz7bhpTxHc0+p6
PrDcsvbtX8D0okA0DzI1MgamVckzjEZMd0Rw6y+vfj0/Sbs7IgXcoDyAoNfSrj7a
1+2XhReO04dZlBicPE1IgaVvhj1EwIVxx775oi5Mc2rUBkfhflCyNTSSMkm2TZlP
LBND65NZRVDAFFj6i45xg3PXhW+uQ/frZ1mKsZ4yOrYfGgw9eHlLgOQ4+sMrnhnd
jqgufuEAJkJxWgfnmbKrZfNrX1yPSSHSRGnvMaXWaZO95MAucpUB/LqZQ44GXpKm
lfxzsXmsvDZ8LodfPT2ruv+IpYpkMlnkiuwJAogrb0mtqyKM7ZYtMimIt9g8d0Q1
-----END CERTIFICATE-----
Generated at Fri May 17 22:58:59 2024 by rpki-client on console-fra.rpki-client.org