Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/meh0LuGBb0m9EsMcFFLK03GRUC8.roa
File: meh0LuGBb0m9EsMcFFLK03GRUC8.roa (raw, json)
Hash identifier: El/IcNkav/Ja+ZNg49+Mw+5al/Ar6FDMcW1Yv6/ukqk=
Subject key identifier: 99:E8:74:2E:E1:81:6F:49:BD:12:C3:1C:14:52:CA:D3:71:91:50:2F
Certificate issuer: /CN=1a001d77025f052af7d0e62e1701016b9e22e002
Certificate serial: 018CCA2A0EFDDA2FDC1435C936FCAFEF7016
Authority key identifier: 1A:00:1D:77:02:5F:05:2A:F7:D0:E6:2E:17:01:01:6B:9E:22:E0:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GgAddwJfBSr30OYuFwEBa54i4AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/meh0LuGBb0m9EsMcFFLK03GRUC8.roa
Signing time: Tue 02 Jan 2024 12:33:23 +0000
ROA not before: Tue 02 Jan 2024 12:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205451
IP address blocks: 185.218.44.0/22 maxlen: 22
2a0c:8b00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/GgAddwJfBSr30OYuFwEBa54i4AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/GgAddwJfBSr30OYuFwEBa54i4AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/GgAddwJfBSr30OYuFwEBa54i4AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:0e:fd:da:2f:dc:14:35:c9:36:fc:af:ef:70:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a001d77025f052af7d0e62e1701016b9e22e002
Validity
Not Before: Jan 2 12:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99e8742ee1816f49bd12c31c1452cad37191502f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e7:4e:c8:5b:25:1e:d4:ac:95:49:a9:2d:2e:
bd:84:32:50:5d:a6:39:4e:0d:5c:a7:84:a4:d7:5e:
63:ce:f6:aa:3b:70:61:f7:2c:a9:ef:2d:36:f1:d0:
4d:a7:6c:3a:d5:63:21:60:e2:a2:a4:a3:5c:12:bf:
df:f4:23:db:28:54:55:0d:b0:4f:28:93:b5:9b:13:
42:c4:ae:1e:0b:c0:7f:91:12:f2:87:1d:f0:67:82:
b6:32:51:72:f0:18:85:a6:b2:15:49:ad:23:a7:89:
4c:72:03:f5:c7:a1:12:88:bd:ea:f7:3c:a1:68:e5:
b7:f6:b9:12:82:fb:49:5d:dd:a4:d3:f5:b6:c7:e0:
fc:50:fb:a3:5a:df:ec:fd:a1:3c:fa:50:81:5f:7c:
8d:3a:54:d5:7c:17:8f:cd:6d:66:b9:16:07:0f:c0:
26:3f:07:1d:92:56:69:3f:22:dc:05:87:4a:ee:7b:
18:83:ce:42:80:cd:87:96:49:1e:68:45:ec:d5:11:
74:0a:42:63:e8:c4:24:33:7d:6b:2e:b8:80:af:44:
fd:b4:34:5f:27:44:32:db:e5:d5:91:a2:29:04:9c:
c4:60:ca:a4:fa:1f:0d:8b:73:b3:82:e4:14:19:72:
86:e1:a8:ab:be:4c:f2:2c:5b:a0:be:83:3e:d7:c3:
c2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:E8:74:2E:E1:81:6F:49:BD:12:C3:1C:14:52:CA:D3:71:91:50:2F
X509v3 Authority Key Identifier:
keyid:1A:00:1D:77:02:5F:05:2A:F7:D0:E6:2E:17:01:01:6B:9E:22:E0:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GgAddwJfBSr30OYuFwEBa54i4AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/meh0LuGBb0m9EsMcFFLK03GRUC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/1f9ced-6bc2-486b-a4b6-09bdeb6afabd/1/GgAddwJfBSr30OYuFwEBa54i4AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.44.0/22
IPv6:
2a0c:8b00::/32
Signature Algorithm: sha256WithRSAEncryption
0b:b9:8e:07:54:ca:34:40:d8:26:70:eb:e6:ac:1d:4e:c8:06:
e4:99:85:41:c7:56:c2:bb:c1:56:38:ef:63:43:6a:c5:cb:42:
fa:b2:c8:54:ea:0f:33:fd:77:6c:06:84:ad:19:91:26:8f:6f:
d4:58:a5:df:1b:d9:eb:b2:1c:ba:d1:87:71:84:aa:87:77:ab:
73:09:20:9c:f6:eb:1e:9f:f2:aa:c7:fc:8f:98:74:9d:d4:96:
68:5f:b5:b7:41:48:7d:30:51:e4:2d:e3:27:7d:5b:9b:18:73:
45:60:52:0c:e7:20:59:0a:b2:c5:d5:55:ed:19:cb:73:a7:d0:
10:30:61:59:b9:2f:32:96:23:88:e1:bf:04:60:b0:1e:bd:a7:
04:36:a2:ec:6d:90:e4:19:cc:0e:01:f2:79:b5:ae:57:0a:ca:
e5:e7:06:9c:2b:6c:6b:32:4d:98:e2:ad:fd:0e:da:5e:f9:88:
a1:d7:39:e7:f5:fe:40:30:ab:7f:5c:d2:8e:9f:7e:bb:49:7b:
d8:a7:1d:13:bd:ca:65:a6:90:91:d8:07:a5:80:63:f7:3b:c9:
03:d1:16:4c:2f:94:e2:95:19:c4:38:ef:df:cd:56:88:b1:e6:
c5:31:6b:bf:85:50:ce:d2:85:88:3d:49:00:f1:f5:ae:b4:6a:
e6:10:57:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKg792i/cFDXJNvyv73AWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMDAxZDc3MDI1ZjA1MmFmN2QwZTYyZTE3MDEwMTZiOWUy
MmUwMDIwHhcNMjQwMTAyMTIzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWU4NzQyZWUxODE2ZjQ5YmQxMmMzMWMxNDUyY2FkMzcxOTE1MDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkedOyFslHtSslUmpLS69hDJQXaY5
Tg1cp4Sk115jzvaqO3Bh9yyp7y028dBNp2w61WMhYOKipKNcEr/f9CPbKFRVDbBP
KJO1mxNCxK4eC8B/kRLyhx3wZ4K2MlFy8BiFprIVSa0jp4lMcgP1x6ESiL3q9zyh
aOW39rkSgvtJXd2k0/W2x+D8UPujWt/s/aE8+lCBX3yNOlTVfBePzW1muRYHD8Am
PwcdklZpPyLcBYdK7nsYg85CgM2HlkkeaEXs1RF0CkJj6MQkM31rLriAr0T9tDRf
J0Qy2+XVkaIpBJzEYMqk+h8Ni3OzguQUGXKG4airvkzyLFugvoM+18PCTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJnodC7hgW9JvRLDHBRSytNxkVAvMB8GA1UdIwQY
MBaAFBoAHXcCXwUq99DmLhcBAWueIuACMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2dBZGR3SmZCU3IzME9ZdUZ3RUJhNTRpNEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8xZjljZWQtNmJjMi00ODZiLWE0YjYt
MDliZGViNmFmYWJkLzEvbWVoMEx1R0JiMG05RXNNY0ZGTEswM0dSVUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8xZjljZWQtNmJjMi00ODZiLWE0YjYtMDliZGViNmFmYWJk
LzEvR2dBZGR3SmZCU3IzME9ZdUZ3RUJhNTRpNEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudosMA0E
AgACMAcDBQAqDIsAMA0GCSqGSIb3DQEBCwUAA4IBAQALuY4HVMo0QNgmcOvmrB1O
yAbkmYVBx1bCu8FWOO9jQ2rFy0L6sshU6g8z/XdsBoStGZEmj2/UWKXfG9nrshy6
0YdxhKqHd6tzCSCc9usen/Kqx/yPmHSd1JZoX7W3QUh9MFHkLeMnfVubGHNFYFIM
5yBZCrLF1VXtGctzp9AQMGFZuS8yliOI4b8EYLAevacENqLsbZDkGcwOAfJ5ta5X
Csrl5wacK2xrMk2Y4q39Dtpe+Yih1znn9f5AMKt/XNKOn367SXvYpx0TvcplppCR
2AelgGP3O8kD0RZML5TilRnEOO/fzVaIsebFMWu/hVDO0oWIPUkA8fWutGrmEFdn
-----END CERTIFICATE-----
Generated at Sat May 18 03:04:58 2024 by rpki-client on console-ams.rpki-client.org