Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/hT0rFbu5ZsFKvwGoBtn6rt2RnGM.roa
File: hT0rFbu5ZsFKvwGoBtn6rt2RnGM.roa (raw, json)
Hash identifier: EG4hyVPwuMQTGvjnbVUiKNinAwuV64cs/vbkR/vpYRo=
Subject key identifier: 85:3D:2B:15:BB:B9:66:C1:4A:BF:01:A8:06:D9:FA:AE:DD:91:9C:63
Certificate issuer: /CN=a42cf3ea3f4619add7b1f85e5dbc768cd3d1742d
Certificate serial: 018CC8DD98C150F8654FD3584F3826CDC001
Authority key identifier: A4:2C:F3:EA:3F:46:19:AD:D7:B1:F8:5E:5D:BC:76:8C:D3:D1:74:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCzz6j9GGa3XsfheXbx2jNPRdC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/hT0rFbu5ZsFKvwGoBtn6rt2RnGM.roa
Signing time: Tue 02 Jan 2024 06:30:14 +0000
ROA not before: Tue 02 Jan 2024 06:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209634
IP address blocks: 185.18.233.0/24 maxlen: 24
185.18.232.0/24 maxlen: 24
147.78.184.0/22 maxlen: 22
2a09:840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/pCzz6j9GGa3XsfheXbx2jNPRdC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/pCzz6j9GGa3XsfheXbx2jNPRdC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/pCzz6j9GGa3XsfheXbx2jNPRdC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:98:c1:50:f8:65:4f:d3:58:4f:38:26:cd:c0:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42cf3ea3f4619add7b1f85e5dbc768cd3d1742d
Validity
Not Before: Jan 2 06:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=853d2b15bbb966c14abf01a806d9faaedd919c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d8:ac:82:5f:06:ac:bd:53:29:2f:67:5b:7c:
3c:46:16:54:42:e6:7c:3f:b9:c7:43:77:f6:07:1d:
88:91:fe:42:f9:ff:88:cb:f7:5a:74:c5:99:a9:e6:
f6:c7:6f:6d:7c:9a:60:06:9e:ab:2e:05:57:de:e8:
cf:84:1d:be:b1:b7:74:f7:50:31:aa:cb:77:53:75:
c1:d9:da:b1:25:71:38:ba:fa:71:e8:20:8b:38:51:
fc:14:3b:67:96:ce:b7:a9:ae:94:e7:2e:4a:81:d6:
40:10:34:6a:56:66:dd:af:a3:62:43:db:5e:20:25:
ab:5b:dd:d1:b0:76:68:0f:ec:c5:8a:4a:a5:53:e1:
7d:91:cc:5d:58:bf:30:39:2a:e4:bd:64:a0:3b:2b:
ca:49:d0:2c:1a:72:99:9d:dd:33:c7:4b:11:b9:67:
be:72:86:72:ca:6e:c1:98:fd:96:1d:c8:bb:c1:74:
83:f4:6c:6c:ef:64:9f:88:fe:d9:85:93:2c:ce:03:
10:d0:3b:85:08:f4:d4:96:1c:0c:26:72:68:c8:c9:
f7:dc:64:51:95:eb:f6:e7:5e:dc:e8:18:a5:d9:fb:
51:0b:f3:45:17:00:90:e2:df:07:74:07:3a:e9:dc:
d2:4a:01:53:fe:2f:03:2f:9e:be:46:39:de:f5:0a:
e8:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3D:2B:15:BB:B9:66:C1:4A:BF:01:A8:06:D9:FA:AE:DD:91:9C:63
X509v3 Authority Key Identifier:
keyid:A4:2C:F3:EA:3F:46:19:AD:D7:B1:F8:5E:5D:BC:76:8C:D3:D1:74:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCzz6j9GGa3XsfheXbx2jNPRdC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/hT0rFbu5ZsFKvwGoBtn6rt2RnGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/57269b-0f70-46cf-bce2-c7775159fc82/1/pCzz6j9GGa3XsfheXbx2jNPRdC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.184.0/22
185.18.232.0/23
IPv6:
2a09:840::/32
Signature Algorithm: sha256WithRSAEncryption
d2:2d:3f:fe:8c:58:89:e4:06:4a:1e:80:b1:61:99:72:5b:9e:
d5:fe:ce:da:2a:fd:39:19:02:40:d3:3d:5d:ba:4f:f1:3d:08:
db:19:e7:34:04:45:19:07:77:c2:59:a6:44:02:d1:5d:86:85:
cb:6a:b1:10:a3:0f:fd:f8:6c:dd:e7:50:34:5e:50:96:41:b8:
eb:63:fd:1d:87:26:fc:17:0c:df:e3:2f:91:50:aa:d7:79:de:
61:ec:98:79:f7:6e:86:bc:34:ea:f2:c3:86:b9:39:1f:f8:53:
ed:4c:ef:d0:f8:dc:56:66:a6:a1:81:a3:cd:02:c9:15:d6:8d:
9a:01:14:45:d0:01:f2:ff:3e:e0:9d:67:29:1a:be:9f:3d:19:
a5:ff:75:cf:66:5b:a5:d8:df:2e:8e:49:07:c2:d4:cd:15:d5:
0e:3d:89:05:23:9d:bf:83:33:a1:68:b7:3f:a1:93:85:04:c7:
b8:c1:54:3c:0d:ee:b0:27:5c:cc:fc:43:e8:c4:f3:aa:b7:f8:
86:a7:fe:14:51:86:57:d0:19:ab:ff:b8:f2:43:05:09:ac:ba:
ee:86:ee:dc:c6:04:5e:90:92:56:b1:85:bd:9b:9f:37:f5:c9:
87:09:ef:f5:f8:09:68:15:40:a2:95:38:6f:ba:d4:9c:73:87:
98:85:da:d9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3ZjBUPhlT9NYTzgmzcABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MmNmM2VhM2Y0NjE5YWRkN2IxZjg1ZTVkYmM3NjhjZDNk
MTc0MmQwHhcNMjQwMTAyMDYzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNkMmIxNWJiYjk2NmMxNGFiZjAxYTgwNmQ5ZmFhZWRkOTE5YzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdisgl8GrL1TKS9nW3w8RhZUQuZ8
P7nHQ3f2Bx2Ikf5C+f+Iy/dadMWZqeb2x29tfJpgBp6rLgVX3ujPhB2+sbd091Ax
qst3U3XB2dqxJXE4uvpx6CCLOFH8FDtnls63qa6U5y5KgdZAEDRqVmbdr6NiQ9te
ICWrW93RsHZoD+zFikqlU+F9kcxdWL8wOSrkvWSgOyvKSdAsGnKZnd0zx0sRuWe+
coZyym7BmP2WHci7wXSD9Gxs72SfiP7ZhZMszgMQ0DuFCPTUlhwMJnJoyMn33GRR
lev2517c6Bil2ftRC/NFFwCQ4t8HdAc66dzSSgFT/i8DL56+Rjne9Qro2QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIU9KxW7uWbBSr8BqAbZ+q7dkZxjMB8GA1UdIwQY
MBaAFKQs8+o/Rhmt17H4Xl28dozT0XQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEN6ejZqOUdHYTNYc2ZoZVhieDJqTlBSZEMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC81NzI2OWItMGY3MC00NmNmLWJjZTIt
Yzc3NzUxNTlmYzgyLzEvaFQwckZidTVac0ZLdndHb0J0bjZydDJSbkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC81NzI2OWItMGY3MC00NmNmLWJjZTItYzc3NzUxNTlmYzgy
LzEvcEN6ejZqOUdHYTNYc2ZoZVhieDJqTlBSZEMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCk064AwQB
uRLoMA0EAgACMAcDBQAqCQhAMA0GCSqGSIb3DQEBCwUAA4IBAQDSLT/+jFiJ5AZK
HoCxYZlyW57V/s7aKv05GQJA0z1duk/xPQjbGec0BEUZB3fCWaZEAtFdhoXLarEQ
ow/9+Gzd51A0XlCWQbjrY/0dhyb8Fwzf4y+RUKrXed5h7Jh5926GvDTq8sOGuTkf
+FPtTO/Q+NxWZqahgaPNAskV1o2aARRF0AHy/z7gnWcpGr6fPRml/3XPZlul2N8u
jkkHwtTNFdUOPYkFI52/gzOhaLc/oZOFBMe4wVQ8De6wJ1zM/EPoxPOqt/iGp/4U
UYZX0Bmr/7jyQwUJrLruhu7cxgRekJJWsYW9m5839cmHCe/1+AloFUCilThvutSc
c4eYhdrZ
-----END CERTIFICATE-----
Generated at Mon Jul 1 08:09:55 2024 by rpki-client on console.sobornost.net