Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/mX1W7qrbr4OVJb0lonkA8nL8K-0.roa
File: mX1W7qrbr4OVJb0lonkA8nL8K-0.roa (raw, json)
Hash identifier: lkD4XVwzdudTLnd89+vH6E+YKrnwYNcOI3lLSH5i2Jo=
Subject key identifier: 99:7D:56:EE:AA:DB:AF:83:95:25:BD:25:A2:79:00:F2:72:FC:2B:ED
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF6D3F1A1D4C8D1B3E549A8DA20E2
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/mX1W7qrbr4OVJb0lonkA8nL8K-0.roa
Signing time: Mon 01 Jan 2024 14:30:32 +0000
ROA not before: Mon 01 Jan 2024 14:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207691
IP address blocks: 185.43.56.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f6:d3:f1:a1:d4:c8:d1:b3:e5:49:a8:da:20:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=997d56eeaadbaf839525bd25a27900f272fc2bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:78:79:c7:56:6f:95:ba:fb:6b:14:3d:57:1b:
c3:bc:ba:be:1a:7e:83:2f:2c:5b:7e:d9:cd:73:34:
62:93:84:33:e9:12:7b:aa:36:0e:84:5d:e4:f5:e2:
24:02:cd:74:42:47:33:b9:5d:30:0a:39:d2:45:44:
52:46:97:cd:fc:a9:b2:fd:75:2e:36:bd:23:4d:81:
c5:6c:e3:4a:4a:e5:54:75:51:38:35:ab:2e:8f:32:
6e:a0:dc:eb:e6:58:d2:b3:e6:78:3f:df:e3:d8:0b:
04:a6:ef:a5:16:30:df:f8:8b:56:90:e9:1c:0d:92:
19:d1:88:40:d3:88:17:71:49:09:9d:b5:b3:d0:38:
d9:31:9e:c0:75:8f:c3:f7:7a:20:94:8c:9f:42:ef:
27:6d:19:ab:6a:f7:59:9a:cd:17:72:1d:65:15:13:
2c:d0:dd:3f:8c:88:33:84:07:21:9b:15:62:0e:91:
00:be:4d:1f:01:7d:24:8e:50:d0:b7:a2:e8:9f:62:
97:0d:b3:9a:6b:ed:36:27:80:b3:2d:25:c4:5d:69:
fa:38:a5:92:fa:89:fe:53:92:88:ab:96:58:e4:3c:
13:87:d4:28:a6:73:e0:73:cf:26:b6:db:84:67:39:
64:c3:e6:20:70:a3:c1:60:df:fe:04:34:21:b4:a6:
b2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:7D:56:EE:AA:DB:AF:83:95:25:BD:25:A2:79:00:F2:72:FC:2B:ED
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/mX1W7qrbr4OVJb0lonkA8nL8K-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.56.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:30:66:5a:6d:ad:83:58:e9:64:5b:74:32:3f:96:fc:e2:97:
53:dc:4b:e0:13:fa:e9:2a:1d:d4:68:33:d6:f7:59:b0:c1:7e:
d0:aa:17:ad:4e:04:89:d9:a1:5a:f7:5c:22:ab:aa:9f:ba:5d:
84:e3:09:bd:ef:33:d2:00:e8:66:e8:a5:ac:0c:b0:3c:2c:b4:
46:2d:7b:de:b9:55:d0:72:b0:a2:1f:d3:78:31:4c:8b:a9:7f:
13:d5:57:6e:cf:10:34:b5:c7:eb:b7:67:5a:f8:92:e1:fc:3b:
2c:01:51:ae:11:e4:2f:ad:df:1c:f5:bc:33:8b:05:b4:14:fb:
73:6b:19:81:fb:c8:b5:d8:be:7f:38:df:56:92:3c:32:91:a9:
35:05:da:d5:43:90:64:8d:62:b0:f7:8d:99:f2:d4:fe:95:f3:
57:6c:dc:72:97:0b:8f:cd:6f:d0:72:c3:d5:2e:2f:22:37:5a:
12:c4:a8:a0:32:be:4c:02:4b:bc:df:ce:c4:8b:9a:42:3f:33:
ff:ca:9a:98:f3:f2:d8:c2:a5:8f:61:00:45:22:fe:7d:4e:b3:
a4:0d:55:0f:9a:8c:5b:b2:98:bf:76:07:a0:6c:85:2c:6a:62:
f1:51:e2:55:53:22:98:60:db:c4:53:fd:9e:7f:7b:34:22:60:
99:a8:45:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbvbT8aHUyNGz5Umo2iDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTdkNTZlZWFhZGJhZjgzOTUyNWJkMjVhMjc5MDBmMjcyZmMyYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHh5x1Zvlbr7axQ9VxvDvLq+Gn6D
LyxbftnNczRik4Qz6RJ7qjYOhF3k9eIkAs10QkczuV0wCjnSRURSRpfN/Kmy/XUu
Nr0jTYHFbONKSuVUdVE4NasujzJuoNzr5ljSs+Z4P9/j2AsEpu+lFjDf+ItWkOkc
DZIZ0YhA04gXcUkJnbWz0DjZMZ7AdY/D93oglIyfQu8nbRmravdZms0Xch1lFRMs
0N0/jIgzhAchmxViDpEAvk0fAX0kjlDQt6Lon2KXDbOaa+02J4CzLSXEXWn6OKWS
+on+U5KIq5ZY5DwTh9QopnPgc88mttuEZzlkw+YgcKPBYN/+BDQhtKayYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJl9Vu6q26+DlSW9JaJ5APJy/CvtMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvbVgxVzdxcmJyNE9WSmIwbG9ua0E4bkw4Sy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSs4MA0G
CSqGSIb3DQEBCwUAA4IBAQALMGZaba2DWOlkW3QyP5b84pdT3EvgE/rpKh3UaDPW
91mwwX7QqhetTgSJ2aFa91wiq6qful2E4wm97zPSAOhm6KWsDLA8LLRGLXveuVXQ
crCiH9N4MUyLqX8T1VduzxA0tcfrt2da+JLh/DssAVGuEeQvrd8c9bwziwW0FPtz
axmB+8i12L5/ON9Wkjwykak1BdrVQ5BkjWKw942Z8tT+lfNXbNxylwuPzW/QcsPV
Li8iN1oSxKigMr5MAku8387Ei5pCPzP/ypqY8/LYwqWPYQBFIv59TrOkDVUPmoxb
spi/dgegbIUsamLxUeJVUyKYYNvEU/2ef3s0ImCZqEV3
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:15:30 2024 by rpki-client on console-ams.rpki-client.org