Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/66b959-472f-4922-a226-e0f930806bdc/1/cFoLmya39gyI0LLbQhOr24-RDrs.roa
File: cFoLmya39gyI0LLbQhOr24-RDrs.roa (raw, json)
Hash identifier: V/eOvAODyhgUy0z6TxHdPYdR7QdGLLcc7SAxs4wPvKg=
Subject key identifier: 70:5A:0B:9B:26:B7:F6:0C:88:D0:B2:DB:42:13:AB:DB:8F:91:0E:BB
Certificate issuer: /CN=2cbd76688b87c03914ae2a2e1490c2f1e9141661
Certificate serial: 018D01E15373390BE75674E35139956F3ECC
Authority key identifier: 2C:BD:76:68:8B:87:C0:39:14:AE:2A:2E:14:90:C2:F1:E9:14:16:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LL12aIuHwDkUriouFJDC8ekUFmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/66b959-472f-4922-a226-e0f930806bdc/1/cFoLmya39gyI0LLbQhOr24-RDrs.roa
Signing time: Sat 13 Jan 2024 08:12:40 +0000
ROA not before: Sat 13 Jan 2024 08:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52059
IP address blocks: 185.47.180.0/24 maxlen: 24
185.47.181.0/24 maxlen: 24
185.47.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/66b959-472f-4922-a226-e0f930806bdc/1/LL12aIuHwDkUriouFJDC8ekUFmE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/66b959-472f-4922-a226-e0f930806bdc/1/LL12aIuHwDkUriouFJDC8ekUFmE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LL12aIuHwDkUriouFJDC8ekUFmE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:01:e1:53:73:39:0b:e7:56:74:e3:51:39:95:6f:3e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cbd76688b87c03914ae2a2e1490c2f1e9141661
Validity
Not Before: Jan 13 08:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=705a0b9b26b7f60c88d0b2db4213abdb8f910ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:47:dc:67:b4:32:4e:39:57:89:61:b5:9b:ef:
28:42:67:dd:7d:4d:e6:c7:51:87:2b:27:35:88:08:
fb:2b:74:00:ac:01:d7:73:e3:55:06:a4:9a:84:05:
62:a4:1c:65:0f:1c:56:8b:aa:6c:48:db:3a:7b:07:
75:dd:c9:b1:2d:de:47:a3:fc:c4:fc:c7:08:a9:c9:
66:d3:b2:45:d0:18:da:d0:9f:c0:43:6f:b8:6f:ea:
e0:b9:94:df:a2:d9:4a:32:3e:14:96:ed:b5:14:ba:
90:cc:04:c7:2e:f8:c5:a8:42:47:7d:db:6c:52:34:
60:d1:42:31:b4:12:2e:6b:0f:61:4a:fc:37:bf:ab:
09:91:fe:92:73:fa:18:af:44:e0:13:47:db:c2:66:
10:be:23:2c:4a:4f:c7:c8:c0:15:01:90:40:4d:ec:
90:bc:08:9f:ad:ca:12:01:71:bb:60:14:15:9b:db:
5f:7b:5d:72:16:38:cd:28:02:bd:0c:a2:43:da:c5:
9f:39:ea:bc:b5:41:ca:04:64:3b:d9:fe:ad:0b:9e:
e8:74:30:34:3c:f2:a0:f6:bf:e7:4e:8c:d7:92:43:
6c:4d:25:c6:ed:35:10:c0:c7:37:6d:a2:d8:92:97:
e2:0d:10:a7:b4:40:94:7d:04:2d:55:b9:a2:44:80:
75:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5A:0B:9B:26:B7:F6:0C:88:D0:B2:DB:42:13:AB:DB:8F:91:0E:BB
X509v3 Authority Key Identifier:
keyid:2C:BD:76:68:8B:87:C0:39:14:AE:2A:2E:14:90:C2:F1:E9:14:16:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LL12aIuHwDkUriouFJDC8ekUFmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/66b959-472f-4922-a226-e0f930806bdc/1/cFoLmya39gyI0LLbQhOr24-RDrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/66b959-472f-4922-a226-e0f930806bdc/1/LL12aIuHwDkUriouFJDC8ekUFmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.180.0-185.47.182.255
Signature Algorithm: sha256WithRSAEncryption
0a:80:21:f6:2f:7e:f6:7e:64:5c:8a:68:34:8b:c4:3b:23:f7:
08:92:b2:c5:bd:84:02:7a:99:eb:90:8c:6a:59:f1:2d:72:78:
63:10:12:92:ed:50:b0:81:16:52:d0:62:34:87:59:f1:a3:56:
9c:ef:f1:ab:36:b8:81:d1:49:96:05:75:4a:03:73:c7:62:c9:
8c:b8:96:a9:ea:00:af:b7:b1:8f:26:7c:ba:f6:ae:dd:e6:dc:
41:c2:77:7a:cc:a3:6a:ac:18:31:af:96:26:0f:45:73:79:f3:
e0:f7:21:b6:58:e2:12:0c:ee:2d:a3:5b:08:54:93:d8:a4:34:
0a:2a:db:46:b3:3b:d9:b4:a7:97:21:3e:48:9c:13:17:3b:07:
b9:59:ae:e8:9b:9a:9d:c1:28:d1:34:be:49:01:b0:fe:a7:0c:
07:17:db:4b:80:86:28:ca:9d:5b:3f:50:2e:b0:b1:d2:2a:9f:
bd:0f:37:89:46:30:02:57:5e:a5:57:ab:82:a9:93:7b:43:d3:
4d:e2:c0:fe:a2:30:22:58:74:b2:b6:1b:19:fb:52:b8:0a:83:
e4:ed:f4:d0:6c:65:4e:ca:60:8a:45:bf:1b:df:43:bc:a1:e7:
26:07:18:18:5a:1a:a0:cb:3e:f9:c3:c8:05:5f:fb:d3:89:b8:
3d:c2:62:0b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY0B4VNzOQvnVnTjUTmVbz7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYmQ3NjY4OGI4N2MwMzkxNGFlMmEyZTE0OTBjMmYxZTkx
NDE2NjEwHhcNMjQwMTEzMDgxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDVhMGI5YjI2YjdmNjBjODhkMGIyZGI0MjEzYWJkYjhmOTEwZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUfcZ7QyTjlXiWG1m+8oQmfdfU3m
x1GHKyc1iAj7K3QArAHXc+NVBqSahAVipBxlDxxWi6psSNs6ewd13cmxLd5Ho/zE
/McIqclm07JF0Bja0J/AQ2+4b+rguZTfotlKMj4Ulu21FLqQzATHLvjFqEJHfdts
UjRg0UIxtBIuaw9hSvw3v6sJkf6Sc/oYr0TgE0fbwmYQviMsSk/HyMAVAZBATeyQ
vAifrcoSAXG7YBQVm9tfe11yFjjNKAK9DKJD2sWfOeq8tUHKBGQ72f6tC57odDA0
PPKg9r/nTozXkkNsTSXG7TUQwMc3baLYkpfiDRCntECUfQQtVbmiRIB1FwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHBaC5smt/YMiNCy20ITq9uPkQ67MB8GA1UdIwQY
MBaAFCy9dmiLh8A5FK4qLhSQwvHpFBZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEwxMmFJdUh3RGtVcmlvdUZKREM4ZWtVRm1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82NmI5NTktNDcyZi00OTIyLWEyMjYt
ZTBmOTMwODA2YmRjLzEvY0ZvTG15YTM5Z3lJMExMYlFoT3IyNC1SRHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82NmI5NTktNDcyZi00OTIyLWEyMjYtZTBmOTMwODA2YmRj
LzEvTEwxMmFJdUh3RGtVcmlvdUZKREM4ZWtVRm1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5L7QD
BAC5L7YwDQYJKoZIhvcNAQELBQADggEBAAqAIfYvfvZ+ZFyKaDSLxDsj9wiSssW9
hAJ6meuQjGpZ8S1yeGMQEpLtULCBFlLQYjSHWfGjVpzv8as2uIHRSZYFdUoDc8di
yYy4lqnqAK+3sY8mfLr2rt3m3EHCd3rMo2qsGDGvliYPRXN58+D3IbZY4hIM7i2j
WwhUk9ikNAoq20azO9m0p5chPkicExc7B7lZruibmp3BKNE0vkkBsP6nDAcX20uA
hijKnVs/UC6wsdIqn70PN4lGMAJXXqVXq4Kpk3tD003iwP6iMCJYdLK2Gxn7UrgK
g+Tt9NBsZU7KYIpFvxvfQ7yh5yYHGBhaGqDLPvnDyAVf+9OJuD3CYgs=
-----END CERTIFICATE-----
Generated at Sat Jun 1 22:20:13 2024 by rpki-client on console-fra.rpki-client.org