Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/bFS1EFMBTUVsBkxaR9nobqfB_k8.roa
File: bFS1EFMBTUVsBkxaR9nobqfB_k8.roa (raw, json)
Hash identifier: 9MC6MXlM9JbCmwcX29kHXgPA+1RJctfh/h3DImG/m/U=
Subject key identifier: 6C:54:B5:10:53:01:4D:45:6C:06:4C:5A:47:D9:E8:6E:A7:C1:FE:4F
Certificate issuer: /CN=6315dd0ba11fdaf74d53b956fc1c846a7e2f61fe
Certificate serial: 018CC86F19DD15232FC9BD5464C30DC89FBD
Authority key identifier: 63:15:DD:0B:A1:1F:DA:F7:4D:53:B9:56:FC:1C:84:6A:7E:2F:61:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YxXdC6Ef2vdNU7lW_ByEan4vYf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/bFS1EFMBTUVsBkxaR9nobqfB_k8.roa
Signing time: Tue 02 Jan 2024 04:29:33 +0000
ROA not before: Tue 02 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200653
IP address blocks: 185.100.30.0/24 maxlen: 24
185.100.30.0/23 maxlen: 23
185.100.28.0/23 maxlen: 23
185.100.28.0/22 maxlen: 22
185.100.29.0/24 maxlen: 24
185.100.31.0/24 maxlen: 24
185.100.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/YxXdC6Ef2vdNU7lW_ByEan4vYf4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/YxXdC6Ef2vdNU7lW_ByEan4vYf4.mft
rsync://rpki.ripe.net/repository/DEFAULT/YxXdC6Ef2vdNU7lW_ByEan4vYf4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:19:dd:15:23:2f:c9:bd:54:64:c3:0d:c8:9f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6315dd0ba11fdaf74d53b956fc1c846a7e2f61fe
Validity
Not Before: Jan 2 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c54b51053014d456c064c5a47d9e86ea7c1fe4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2f:a3:43:7f:4b:99:43:1e:02:13:61:27:fb:
08:21:c5:9f:d5:f3:55:37:56:1d:c1:a7:17:0e:3e:
9d:95:21:4d:35:e1:7a:ab:27:a9:a3:ee:61:73:f8:
69:60:b1:0f:b5:85:a7:04:cb:a7:c1:eb:a2:c0:82:
ae:98:44:9d:95:36:f3:d7:65:39:8b:59:b4:fa:aa:
d3:26:64:99:ed:7f:78:d2:9e:99:90:43:82:bc:3d:
da:7f:fe:b8:02:2c:2b:a5:fb:ce:62:e9:45:69:c4:
df:df:46:ca:b7:17:c8:de:f4:1a:da:ef:74:59:a4:
7a:8f:4c:7e:8a:1d:f0:bc:b0:00:38:ac:92:9f:12:
13:06:44:a7:40:49:c5:62:d9:61:5e:c6:5f:02:cd:
fc:d4:3d:77:26:c4:9b:fe:f5:e2:85:0e:a8:aa:c4:
27:72:4c:20:3c:3b:b7:55:fc:a7:b8:56:8f:30:a7:
d5:0a:c1:a4:d7:6f:ca:63:a6:ae:3a:45:0c:1b:90:
c0:63:3f:dd:bb:b1:32:f6:24:1b:b8:e7:38:5a:39:
fc:cf:d0:22:89:56:dc:78:a3:81:35:69:df:18:58:
28:0e:33:9b:a6:16:30:95:e4:e8:19:21:be:9e:08:
62:fe:32:bb:08:2e:84:c0:39:59:77:83:8f:e8:ae:
94:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:54:B5:10:53:01:4D:45:6C:06:4C:5A:47:D9:E8:6E:A7:C1:FE:4F
X509v3 Authority Key Identifier:
keyid:63:15:DD:0B:A1:1F:DA:F7:4D:53:B9:56:FC:1C:84:6A:7E:2F:61:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxXdC6Ef2vdNU7lW_ByEan4vYf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/bFS1EFMBTUVsBkxaR9nobqfB_k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/dacb92-ff70-49fe-b4b8-8989b4caa206/1/YxXdC6Ef2vdNU7lW_ByEan4vYf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.28.0/22
Signature Algorithm: sha256WithRSAEncryption
38:3d:18:f6:92:8a:91:fa:96:fd:00:19:c8:06:ce:03:f4:87:
64:cb:08:3f:5c:bb:db:80:0c:cb:42:75:cd:4b:d9:ab:df:18:
c0:d9:dc:35:e2:c6:3c:eb:66:6c:73:ef:ec:08:c5:30:23:b8:
a6:7a:87:4b:7f:8c:c3:5a:46:2e:54:73:9b:5e:ad:03:e3:a5:
04:96:bd:f2:7b:3c:c6:33:e6:10:f8:a1:87:e9:a8:2f:e7:2f:
98:ab:48:9a:03:3a:31:97:c1:c0:87:81:b0:c6:a5:15:09:03:
49:06:dd:42:c7:34:aa:0f:0e:9a:2d:ea:c8:b7:97:a3:ab:db:
92:b9:35:fb:98:a6:01:d1:7d:c8:82:3b:f7:01:4c:a6:ff:d6:
d5:9c:34:be:fd:f3:52:ce:7c:d3:41:06:8a:32:84:46:b9:47:
2b:17:33:6e:06:6f:8e:e3:4d:06:91:b4:53:6f:ca:f2:4d:6c:
8a:87:b7:a0:56:e9:e5:09:31:b4:1a:ec:69:ee:03:bd:0b:85:
34:e9:63:70:43:0a:6b:9e:49:7d:0d:0d:e2:c1:e8:5d:ca:32:
96:85:f0:07:e8:6b:8e:88:e1:86:8f:40:89:95:1e:36:9b:94:
79:86:4e:85:21:9f:af:a7:57:18:b7:aa:43:b3:65:2c:ce:a9:
3e:cc:92:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbxndFSMvyb1UZMMNyJ+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMTVkZDBiYTExZmRhZjc0ZDUzYjk1NmZjMWM4NDZhN2Uy
ZjYxZmUwHhcNMjQwMTAyMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzU0YjUxMDUzMDE0ZDQ1NmMwNjRjNWE0N2Q5ZTg2ZWE3YzFmZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy+jQ39LmUMeAhNhJ/sIIcWf1fNV
N1YdwacXDj6dlSFNNeF6qyepo+5hc/hpYLEPtYWnBMunweuiwIKumESdlTbz12U5
i1m0+qrTJmSZ7X940p6ZkEOCvD3af/64AiwrpfvOYulFacTf30bKtxfI3vQa2u90
WaR6j0x+ih3wvLAAOKySnxITBkSnQEnFYtlhXsZfAs381D13JsSb/vXihQ6oqsQn
ckwgPDu3VfynuFaPMKfVCsGk12/KY6auOkUMG5DAYz/du7Ey9iQbuOc4Wjn8z9Ai
iVbceKOBNWnfGFgoDjObphYwleToGSG+nghi/jK7CC6EwDlZd4OP6K6UlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxUtRBTAU1FbAZMWkfZ6G6nwf5PMB8GA1UdIwQY
MBaAFGMV3QuhH9r3TVO5VvwchGp+L2H+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhYZEM2RWYydmROVTdsV19CeUVhbjR2WWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kYWNiOTItZmY3MC00OWZlLWI0Yjgt
ODk4OWI0Y2FhMjA2LzEvYkZTMUVGTUJUVVZzQmt4YVI5bm9icWZCX2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9kYWNiOTItZmY3MC00OWZlLWI0YjgtODk4OWI0Y2FhMjA2
LzEvWXhYZEM2RWYydmROVTdsV19CeUVhbjR2WWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWQcMA0G
CSqGSIb3DQEBCwUAA4IBAQA4PRj2koqR+pb9ABnIBs4D9Idkywg/XLvbgAzLQnXN
S9mr3xjA2dw14sY862Zsc+/sCMUwI7imeodLf4zDWkYuVHObXq0D46UElr3yezzG
M+YQ+KGH6agv5y+Yq0iaAzoxl8HAh4GwxqUVCQNJBt1CxzSqDw6aLerIt5ejq9uS
uTX7mKYB0X3Igjv3AUym/9bVnDS+/fNSznzTQQaKMoRGuUcrFzNuBm+O400GkbRT
b8ryTWyKh7egVunlCTG0Guxp7gO9C4U06WNwQwprnkl9DQ3iwehdyjKWhfAH6GuO
iOGGj0CJlR42m5R5hk6FIZ+vp1cYt6pDs2Uszqk+zJJT
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:29:22 2024 by rpki-client on console-ams.rpki-client.org