Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726b60-8aa7-461f-9cd9-7ccbb45dca51/1/1-MstBHydxbQjvudkLpYTjicVT5Q.roa
File: 1-MstBHydxbQjvudkLpYTjicVT5Q.roa (raw, json)
Hash identifier: B1O/GVVfQl1qzlbj3sUD/8mESOXvYV2Sf4tqWV/Y5Sw=
Subject key identifier: F8:CB:2D:04:7C:9D:C5:B4:23:BE:E7:64:2E:96:13:8E:27:15:4F:94
Certificate issuer: /CN=8466a5dde27f911da8be73c261ff55b5881198a9
Certificate serial: 018CC7270363C937BBFD7F4E5676407A8BEC
Authority key identifier: 84:66:A5:DD:E2:7F:91:1D:A8:BE:73:C2:61:FF:55:B5:88:11:98:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGal3eJ_kR2ovnPCYf9VtYgRmKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726b60-8aa7-461f-9cd9-7ccbb45dca51/1/1-MstBHydxbQjvudkLpYTjicVT5Q.roa
Signing time: Mon 01 Jan 2024 22:31:11 +0000
ROA not before: Mon 01 Jan 2024 22:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205945
IP address blocks: 185.201.92.0/22 maxlen: 25
185.201.92.0/24 maxlen: 24
185.201.92.0/25 maxlen: 25
185.201.92.128/25 maxlen: 25
185.201.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726b60-8aa7-461f-9cd9-7ccbb45dca51/1/hGal3eJ_kR2ovnPCYf9VtYgRmKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726b60-8aa7-461f-9cd9-7ccbb45dca51/1/hGal3eJ_kR2ovnPCYf9VtYgRmKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hGal3eJ_kR2ovnPCYf9VtYgRmKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:03:63:c9:37:bb:fd:7f:4e:56:76:40:7a:8b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8466a5dde27f911da8be73c261ff55b5881198a9
Validity
Not Before: Jan 1 22:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8cb2d047c9dc5b423bee7642e96138e27154f94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ad:a6:83:a3:fd:18:a4:0b:89:56:76:6b:2c:
ed:c0:68:33:6d:e6:a7:80:10:87:85:91:de:ce:e5:
89:99:f3:40:9b:65:55:fb:3e:84:35:51:b4:88:8d:
48:2a:2c:fe:36:16:c3:12:52:3e:24:3d:bf:54:51:
3e:2f:48:6b:2f:20:fd:18:79:70:8c:d2:4e:e0:ad:
2f:60:7d:46:c5:a6:6a:f1:de:f9:31:0a:c3:c6:6d:
4d:7f:46:f3:6d:91:38:8c:ec:bc:77:f0:2d:e1:98:
6e:a7:5c:d4:ff:d1:91:66:bd:3a:4f:55:b7:e9:14:
ae:94:f7:58:68:fd:b2:0f:15:20:c7:13:14:31:e2:
f1:d8:e8:90:53:0d:de:0f:ee:8d:89:81:8b:48:9d:
97:69:68:60:70:19:b4:1c:d1:e0:55:b5:be:d1:d4:
79:a3:cf:dd:0e:aa:ca:5c:64:8e:ae:5c:ae:f6:11:
e5:39:43:a3:b5:b5:5d:46:8a:8e:87:5f:2e:ad:4b:
34:63:e2:af:20:9b:73:25:96:79:1e:15:58:46:d5:
a5:e7:47:b3:99:65:0a:43:3f:bc:4d:f9:4c:1a:5c:
5c:85:04:3b:0f:4a:3c:c1:12:41:6f:eb:0e:5c:70:
12:d9:4b:00:98:1f:1f:e2:bb:67:d3:e3:f4:be:f7:
d9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:CB:2D:04:7C:9D:C5:B4:23:BE:E7:64:2E:96:13:8E:27:15:4F:94
X509v3 Authority Key Identifier:
keyid:84:66:A5:DD:E2:7F:91:1D:A8:BE:73:C2:61:FF:55:B5:88:11:98:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGal3eJ_kR2ovnPCYf9VtYgRmKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726b60-8aa7-461f-9cd9-7ccbb45dca51/1/1-MstBHydxbQjvudkLpYTjicVT5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726b60-8aa7-461f-9cd9-7ccbb45dca51/1/hGal3eJ_kR2ovnPCYf9VtYgRmKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.92.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:c1:cc:4f:f7:f9:0f:d7:b6:34:cd:c0:37:cb:c6:2f:a7:40:
6c:03:45:c6:61:db:c6:11:39:28:6a:6a:2d:51:43:2d:3a:ef:
bc:cc:b9:c0:80:1e:b2:7e:7b:b6:5d:98:1b:0a:be:d3:58:88:
55:8b:f3:56:d2:0c:e1:b3:d4:95:5c:5b:59:7b:18:05:45:92:
f1:99:13:19:09:c8:73:b3:fc:cf:ff:fd:49:2b:49:44:46:0d:
db:bc:7d:11:51:32:98:51:29:2c:b6:8d:b2:78:d2:a2:8a:11:
04:01:0c:bb:24:62:a6:d2:95:0b:60:1a:d4:6e:be:16:02:e5:
65:9c:9f:b8:26:c7:33:93:3a:ae:91:f8:38:f2:43:79:1e:d4:
00:57:ae:6c:ca:99:22:27:4a:1f:8c:9c:67:88:e3:d7:6a:dd:
38:89:d4:ba:b9:3f:51:4c:cb:35:5c:27:e6:6c:85:a2:e3:00:
1e:5f:41:58:7f:79:64:bf:ce:33:6b:57:0d:1c:95:d0:95:c9:
d5:c5:6b:a0:ae:d4:fd:68:47:0a:45:e8:d2:6c:d0:0f:d5:50:
7b:35:19:ef:57:7c:c6:6d:a9:fd:97:d5:3a:c9:df:1d:05:50:
41:38:76:b6:ba:e7:44:50:4d:27:d1:f5:95:10:0c:4f:7d:9e:
f0:66:92:a2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJwNjyTe7/X9OVnZAeovsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NjZhNWRkZTI3ZjkxMWRhOGJlNzNjMjYxZmY1NWI1ODgx
MTk4YTkwHhcNMjQwMTAxMjIzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGNiMmQwNDdjOWRjNWI0MjNiZWU3NjQyZTk2MTM4ZTI3MTU0Zjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApK2mg6P9GKQLiVZ2ayztwGgzbean
gBCHhZHezuWJmfNAm2VV+z6ENVG0iI1IKiz+NhbDElI+JD2/VFE+L0hrLyD9GHlw
jNJO4K0vYH1GxaZq8d75MQrDxm1Nf0bzbZE4jOy8d/At4Zhup1zU/9GRZr06T1W3
6RSulPdYaP2yDxUgxxMUMeLx2OiQUw3eD+6NiYGLSJ2XaWhgcBm0HNHgVbW+0dR5
o8/dDqrKXGSOrlyu9hHlOUOjtbVdRoqOh18urUs0Y+KvIJtzJZZ5HhVYRtWl50ez
mWUKQz+8TflMGlxchQQ7D0o8wRJBb+sOXHAS2UsAmB8f4rtn0+P0vvfZ5wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjLLQR8ncW0I77nZC6WE44nFU+UMB8GA1UdIwQY
MBaAFIRmpd3if5EdqL5zwmH/VbWIEZipMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdhbDNlSl9rUjJvdm5QQ1lmOVZ0WWdSbUtrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiNjAtOGFhNy00NjFmLTljZDkt
N2NjYmI0NWRjYTUxLzEvMS1Nc3RCSHlkeGJRanZ1ZGtMcFlUamljVlQ1US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmQvNzI2YjYwLThhYTctNDYxZi05Y2Q5LTdjY2JiNDVkY2E1
MS8xL2hHYWwzZUpfa1Iyb3ZuUENZZjlWdFlnUm1Lay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnJXDAN
BgkqhkiG9w0BAQsFAAOCAQEAwcHMT/f5D9e2NM3AN8vGL6dAbANFxmHbxhE5KGpq
LVFDLTrvvMy5wIAesn57tl2YGwq+01iIVYvzVtIM4bPUlVxbWXsYBUWS8ZkTGQnI
c7P8z//9SStJREYN27x9EVEymFEpLLaNsnjSoooRBAEMuyRiptKVC2Aa1G6+FgLl
ZZyfuCbHM5M6rpH4OPJDeR7UAFeubMqZIidKH4ycZ4jj12rdOInUurk/UUzLNVwn
5myFouMAHl9BWH95ZL/OM2tXDRyV0JXJ1cVroK7U/WhHCkXo0mzQD9VQezUZ71d8
xm2p/ZfVOsnfHQVQQTh2trrnRFBNJ9H1lRAMT32e8GaSog==
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:01:16 2024 by rpki-client on console-fra.rpki-client.org