Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/BOXUEE6GTcbtxm8g6MDpiP7GAfY.roa
File: BOXUEE6GTcbtxm8g6MDpiP7GAfY.roa (raw, json)
Hash identifier: R2mjUdQdLbrcfseEoXTMf3ecw4dFXAaLu5+lewDS50A=
Subject key identifier: 04:E5:D4:10:4E:86:4D:C6:ED:C6:6F:20:E8:C0:E9:88:FE:C6:01:F6
Certificate issuer: /CN=a2893a4b284acb5d8a4164289045492109511688
Certificate serial: 018CC8712B374EC6DBB84FE10F357903D83E
Authority key identifier: A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/BOXUEE6GTcbtxm8g6MDpiP7GAfY.roa
Signing time: Tue 02 Jan 2024 04:31:48 +0000
ROA not before: Tue 02 Jan 2024 04:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 95.214.136.0/22 maxlen: 24
185.25.158.0/24 maxlen: 24
185.25.159.0/24 maxlen: 24
185.25.156.0/22 maxlen: 24
185.25.157.0/24 maxlen: 24
45.67.100.0/22 maxlen: 24
185.175.160.0/22 maxlen: 24
45.87.168.0/22 maxlen: 24
185.182.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.mft
rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 04:37:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:2b:37:4e:c6:db:b8:4f:e1:0f:35:79:03:d8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2893a4b284acb5d8a4164289045492109511688
Validity
Not Before: Jan 2 04:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04e5d4104e864dc6edc66f20e8c0e988fec601f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:25:35:f4:cb:ca:f7:62:2a:82:b9:c9:27:aa:
15:74:3e:87:24:3c:db:f6:aa:e0:3f:57:e6:42:50:
28:d4:26:bd:fc:93:50:35:24:f4:27:d4:61:e9:27:
80:93:d2:be:0c:8e:f6:50:a0:0a:a5:15:b1:5b:f5:
20:4a:8b:83:e2:ac:60:39:3c:94:10:0d:c0:d3:02:
9f:7a:73:f1:9c:ef:ac:03:f1:d1:8c:8f:3e:e4:20:
ce:62:d7:13:18:47:99:68:34:37:31:0b:04:55:e0:
d3:d8:ab:64:0a:9c:42:f8:bf:74:80:32:c5:36:28:
b5:1e:66:e3:cf:ca:e6:36:25:d4:75:5a:65:d3:1f:
eb:0c:57:da:08:c1:e0:04:54:89:88:2f:ce:55:1a:
d8:92:03:68:ae:0b:25:e0:42:12:31:20:5a:cf:6e:
a8:d9:d9:9e:26:a5:19:22:88:c7:61:e5:92:2d:c5:
45:ae:87:0f:57:1b:12:96:2b:3c:1c:44:ae:3c:ea:
14:a9:6d:30:fe:c4:f7:25:ac:c6:fb:8f:cf:bc:dc:
7e:3f:71:8a:e8:e2:81:67:c0:b2:d8:3a:b1:54:d4:
bd:71:96:4f:15:fb:8b:6e:2f:cc:e1:6d:b8:44:3b:
57:4b:d5:ee:71:c0:d7:cd:ba:92:93:7e:05:fc:97:
e1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E5:D4:10:4E:86:4D:C6:ED:C6:6F:20:E8:C0:E9:88:FE:C6:01:F6
X509v3 Authority Key Identifier:
keyid:A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/BOXUEE6GTcbtxm8g6MDpiP7GAfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.100.0/22
45.87.168.0/22
95.214.136.0/22
185.25.156.0/22
185.175.160.0/22
185.182.240.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:35:3e:06:43:06:2b:34:dd:3f:92:25:26:2f:30:47:8c:b4:
04:50:d9:f3:e1:1e:1e:76:26:6b:db:01:1d:47:c6:82:5d:2e:
b5:91:7c:5a:47:16:8d:24:9c:95:69:19:79:3e:47:22:01:b1:
b6:6f:cb:49:6d:5e:b2:a1:2c:ed:99:bb:d0:96:ae:ba:d9:34:
56:ad:d2:4f:77:09:4f:64:e3:a6:7d:66:94:01:69:24:ba:c9:
03:a6:81:a2:2a:03:d4:16:73:ce:17:ec:10:e3:25:fb:28:e9:
ca:db:b8:2d:1b:e0:31:44:39:27:1b:5a:08:f9:b8:9f:9b:3c:
59:c0:a3:d0:e1:43:e9:c8:47:ee:08:f5:ab:a7:9e:95:bf:7f:
cc:14:2f:34:2a:51:ac:0f:e7:c4:e5:d5:b9:5f:60:04:63:cc:
42:9e:22:17:32:34:11:4e:8e:0b:d7:12:9b:68:e2:73:05:f4:
d8:07:25:64:65:3c:b9:70:d7:b3:a9:09:0e:14:54:9b:b9:fa:
28:ca:3a:d4:26:19:5a:b1:84:1c:ff:0f:e2:07:2e:3b:f8:38:
79:ef:9a:8d:68:66:b2:03:e0:89:9b:a2:81:6d:7c:6b:85:95:
eb:a5:53:ff:3d:28:d9:ce:3b:2e:ea:6c:3d:a7:61:18:43:23:
7c:09:f0:aa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIcSs3TsbbuE/hDzV5A9g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyODkzYTRiMjg0YWNiNWQ4YTQxNjQyODkwNDU0OTIxMDk1
MTE2ODgwHhcNMjQwMTAyMDQzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGU1ZDQxMDRlODY0ZGM2ZWRjNjZmMjBlOGMwZTk4OGZlYzYwMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1CU19MvK92IqgrnJJ6oVdD6HJDzb
9qrgP1fmQlAo1Ca9/JNQNST0J9Rh6SeAk9K+DI72UKAKpRWxW/UgSouD4qxgOTyU
EA3A0wKfenPxnO+sA/HRjI8+5CDOYtcTGEeZaDQ3MQsEVeDT2KtkCpxC+L90gDLF
Nii1Hmbjz8rmNiXUdVpl0x/rDFfaCMHgBFSJiC/OVRrYkgNorgsl4EISMSBaz26o
2dmeJqUZIojHYeWSLcVFrocPVxsSlis8HESuPOoUqW0w/sT3JazG+4/PvNx+P3GK
6OKBZ8Cy2DqxVNS9cZZPFfuLbi/M4W24RDtXS9XuccDXzbqSk34F/JfhtQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFATl1BBOhk3G7cZvIOjA6Yj+xgH2MB8GA1UdIwQY
MBaAFKKJOksoSstdikFkKJBFSSEJURaIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgt
YTVkM2NiOTE4MjA2LzEvQk9YVUVFNkdUY2J0eG04ZzZNRHBpUDdHQWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgtYTVkM2NiOTE4MjA2
LzEvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLUNkAwQC
LVeoAwQCX9aIAwQCuRmcAwQCua+gAwQCubbwMA0GCSqGSIb3DQEBCwUAA4IBAQCO
NT4GQwYrNN0/kiUmLzBHjLQEUNnz4R4ediZr2wEdR8aCXS61kXxaRxaNJJyVaRl5
PkciAbG2b8tJbV6yoSztmbvQlq662TRWrdJPdwlPZOOmfWaUAWkkuskDpoGiKgPU
FnPOF+wQ4yX7KOnK27gtG+AxRDknG1oI+bifmzxZwKPQ4UPpyEfuCPWrp56Vv3/M
FC80KlGsD+fE5dW5X2AEY8xCniIXMjQRTo4L1xKbaOJzBfTYByVkZTy5cNezqQkO
FFSbufooyjrUJhlasYQc/w/iBy47+Dh575qNaGayA+CJm6KBbXxrhZXrpVP/PSjZ
zjsu6mw9p2EYQyN8CfCq
-----END CERTIFICATE-----
Generated at Sat Apr 27 13:55:32 2024 by rpki-client on console-ams.rpki-client.org