Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/vRDIBAGq8YZQcKsJNhXM8uwmA6s.roa
File: vRDIBAGq8YZQcKsJNhXM8uwmA6s.roa (raw, json)
Hash identifier: 4s0Rts72OqTZrbaSS90/Xk0LeEEOM3FbIfgbDf36Dj0=
Subject key identifier: BD:10:C8:04:01:AA:F1:86:50:70:AB:09:36:15:CC:F2:EC:26:03:AB
Certificate issuer: /CN=1bef5aa14d3140c7c7c4988f19da9431eb1a40f1
Certificate serial: 018CC500154CAE9C0E5A097586AC81DBCC1F
Authority key identifier: 1B:EF:5A:A1:4D:31:40:C7:C7:C4:98:8F:19:DA:94:31:EB:1A:40:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-9aoU0xQMfHxJiPGdqUMesaQPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/vRDIBAGq8YZQcKsJNhXM8uwmA6s.roa
Signing time: Mon 01 Jan 2024 12:29:26 +0000
ROA not before: Mon 01 Jan 2024 12:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49796
IP address blocks: 185.167.72.3/32 maxlen: 32
185.167.72.254/32 maxlen: 32
185.167.72.253/32 maxlen: 32
185.167.72.13/32 maxlen: 32
185.167.74.0/23 maxlen: 23
185.167.74.0/24 maxlen: 24
185.167.72.0/24 maxlen: 24
185.167.72.0/23 maxlen: 23
185.167.72.0/22 maxlen: 22
185.167.75.0/24 maxlen: 24
185.167.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/G-9aoU0xQMfHxJiPGdqUMesaQPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/G-9aoU0xQMfHxJiPGdqUMesaQPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-9aoU0xQMfHxJiPGdqUMesaQPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:15:4c:ae:9c:0e:5a:09:75:86:ac:81:db:cc:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bef5aa14d3140c7c7c4988f19da9431eb1a40f1
Validity
Not Before: Jan 1 12:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd10c80401aaf1865070ab093615ccf2ec2603ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:96:06:48:8f:b5:d9:d2:12:89:72:04:da:d5:
1a:1c:da:75:83:a9:12:13:ea:87:a8:18:b4:ab:b1:
ad:9e:27:df:4e:49:15:08:39:a7:c3:30:1f:0b:16:
bf:b4:fa:62:2f:11:f8:4e:c5:ef:a4:25:25:a2:81:
10:9a:47:0e:e4:03:76:1a:b6:af:bf:c8:99:58:28:
87:05:11:04:54:7f:26:32:52:06:96:b9:59:29:16:
a0:c7:bc:bb:70:8e:83:19:aa:bf:f7:9e:52:63:d7:
f5:68:b9:c5:1b:28:c2:17:3a:72:cc:08:5d:09:60:
ed:4f:64:0e:db:eb:4d:a4:8e:2d:cb:2e:7f:64:a3:
fc:ec:95:39:72:3f:63:3c:fc:81:c1:ff:a1:6a:a3:
5a:4d:79:09:9e:4a:34:cc:2a:e2:67:c3:8b:9f:2c:
7d:ba:bc:d9:2d:86:c2:46:e0:e4:52:a6:36:6b:9f:
6a:28:f0:61:20:c0:2e:fc:e1:5a:6c:e5:12:de:9c:
72:88:a2:61:75:b7:09:18:eb:61:49:8a:43:22:ac:
b7:4b:5c:e4:5f:99:9b:7a:30:e6:02:80:c7:0d:e1:
2a:00:d5:c8:68:71:7a:e4:e2:aa:e2:fc:ca:87:a8:
ed:6f:ba:e2:26:bc:a1:19:75:8b:76:84:48:10:87:
49:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:10:C8:04:01:AA:F1:86:50:70:AB:09:36:15:CC:F2:EC:26:03:AB
X509v3 Authority Key Identifier:
keyid:1B:EF:5A:A1:4D:31:40:C7:C7:C4:98:8F:19:DA:94:31:EB:1A:40:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-9aoU0xQMfHxJiPGdqUMesaQPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/vRDIBAGq8YZQcKsJNhXM8uwmA6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/5d6167-f02b-44db-b565-0e4382310ca5/1/G-9aoU0xQMfHxJiPGdqUMesaQPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.72.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:15:62:bb:cc:4c:45:10:90:02:f2:05:46:5f:4f:f3:83:fa:
01:29:53:db:23:04:ee:9d:da:c0:b7:43:7e:ef:c0:f1:ed:b4:
43:15:8f:b3:20:66:76:82:cc:3b:f3:8c:f8:23:0d:88:4d:c0:
9e:5e:53:c6:eb:21:d9:2c:b8:62:3d:6e:4f:04:79:f9:53:2e:
4e:1d:bd:a0:70:08:68:46:89:1a:31:ab:64:74:41:8c:02:1d:
f5:a8:17:6b:ae:12:ef:4b:7c:d7:87:9a:f3:bc:a0:c2:4d:7f:
cb:dc:48:b0:f5:80:c4:cd:eb:14:72:df:27:0b:9a:f1:2c:14:
6b:70:6a:a5:85:83:d5:6a:2f:ea:18:7c:52:e5:80:6f:23:07:
8d:0a:a8:3e:ff:06:b9:3f:83:77:49:9f:1b:c6:4f:b0:d4:e9:
7b:b9:fa:23:01:f8:bf:2a:5c:26:ad:90:74:b9:98:ac:3a:b3:
0b:b5:0b:ab:97:95:25:74:2c:ca:5e:7c:82:f0:df:6a:3b:b5:
66:95:e1:b3:ab:d3:30:74:3a:89:d8:bb:eb:ee:51:b6:e8:24:
e4:02:6b:c5:bc:37:31:78:0b:7b:ab:a4:91:8e:f9:bb:70:e2:
2e:a7:0b:b0:83:fe:2d:c3:04:d4:c0:fa:13:f3:78:b7:c2:76:
e8:15:84:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABVMrpwOWgl1hqyB28wfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZWY1YWExNGQzMTQwYzdjN2M0OTg4ZjE5ZGE5NDMxZWIx
YTQwZjEwHhcNMjQwMTAxMTIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDEwYzgwNDAxYWFmMTg2NTA3MGFiMDkzNjE1Y2NmMmVjMjYwM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJYGSI+12dISiXIE2tUaHNp1g6kS
E+qHqBi0q7GtniffTkkVCDmnwzAfCxa/tPpiLxH4TsXvpCUlooEQmkcO5AN2Grav
v8iZWCiHBREEVH8mMlIGlrlZKRagx7y7cI6DGaq/955SY9f1aLnFGyjCFzpyzAhd
CWDtT2QO2+tNpI4tyy5/ZKP87JU5cj9jPPyBwf+haqNaTXkJnko0zCriZ8OLnyx9
urzZLYbCRuDkUqY2a59qKPBhIMAu/OFabOUS3pxyiKJhdbcJGOthSYpDIqy3S1zk
X5mbejDmAoDHDeEqANXIaHF65OKq4vzKh6jtb7riJryhGXWLdoRIEIdJxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL0QyAQBqvGGUHCrCTYVzPLsJgOrMB8GA1UdIwQY
MBaAFBvvWqFNMUDHx8SYjxnalDHrGkDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRy05YW9VMHhRTWZIeEppUEdkcVVNZXNhUVBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC81ZDYxNjctZjAyYi00NGRiLWI1NjUt
MGU0MzgyMzEwY2E1LzEvdlJESUJBR3E4WVpRY0tzSk5oWE04dXdtQTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC81ZDYxNjctZjAyYi00NGRiLWI1NjUtMGU0MzgyMzEwY2E1
LzEvRy05YW9VMHhRTWZIeEppUEdkcVVNZXNhUVBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuadIMA0G
CSqGSIb3DQEBCwUAA4IBAQAfFWK7zExFEJAC8gVGX0/zg/oBKVPbIwTundrAt0N+
78Dx7bRDFY+zIGZ2gsw784z4Iw2ITcCeXlPG6yHZLLhiPW5PBHn5Uy5OHb2gcAho
RokaMatkdEGMAh31qBdrrhLvS3zXh5rzvKDCTX/L3Eiw9YDEzesUct8nC5rxLBRr
cGqlhYPVai/qGHxS5YBvIweNCqg+/wa5P4N3SZ8bxk+w1Ol7ufojAfi/KlwmrZB0
uZisOrMLtQurl5UldCzKXnyC8N9qO7VmleGzq9MwdDqJ2Lvr7lG26CTkAmvFvDcx
eAt7q6SRjvm7cOIupwuwg/4twwTUwPoT83i3wnboFYTF
-----END CERTIFICATE-----
Generated at Sun May 19 08:37:18 2024 by rpki-client on console-ams.rpki-client.org