Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/Ciug6WQkPP4eyI8gzDkVMspZHJQ.roa
File: Ciug6WQkPP4eyI8gzDkVMspZHJQ.roa (raw, json)
Hash identifier: yEhBlkjBfi5fEy8oAG5CooA6BmHWw4LslIe6qUcAXtg=
Subject key identifier: 0A:2B:A0:E9:64:24:3C:FE:1E:C8:8F:20:CC:39:15:32:CA:59:1C:94
Certificate issuer: /CN=efa842e67147252505f41551f0f735b7f72e3e97
Certificate serial: 018E96D462DD4D7DAF91BC789E896C040218
Authority key identifier: EF:A8:42:E6:71:47:25:25:05:F4:15:51:F0:F7:35:B7:F7:2E:3E:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/Ciug6WQkPP4eyI8gzDkVMspZHJQ.roa
Signing time: Sun 31 Mar 2024 23:24:45 +0000
ROA not before: Sun 31 Mar 2024 23:24:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 185.30.233.0/24 maxlen: 24
185.142.236.0/24 maxlen: 24
185.142.238.0/24 maxlen: 24
185.142.239.0/24 maxlen: 24
185.165.188.0/24 maxlen: 24
185.165.190.0/24 maxlen: 24
185.165.191.0/24 maxlen: 24
195.144.21.0/24 maxlen: 24
2a07:85c0::/48 maxlen: 48
2a07:85c1::/48 maxlen: 48
2a07:85c3::/48 maxlen: 48
2a07:85c5::/48 maxlen: 48
2a07:85c6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:96:d4:62:dd:4d:7d:af:91:bc:78:9e:89:6c:04:02:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa842e67147252505f41551f0f735b7f72e3e97
Validity
Not Before: Mar 31 23:24:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a2ba0e964243cfe1ec88f20cc391532ca591c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:09:48:7f:e7:58:53:87:72:14:8d:99:30:36:
ca:c6:59:a1:76:4f:8f:82:90:bf:da:d8:44:ef:e8:
98:ff:f3:e5:d6:e1:b3:28:38:3b:6b:b7:96:1a:f6:
91:61:fd:ac:7c:6d:4e:78:3f:96:cf:9a:67:ec:26:
bb:38:77:e7:f3:1d:0a:b7:0d:4b:9a:10:8f:52:f8:
96:bf:a1:53:07:41:7d:3e:61:ec:f5:2d:76:b1:70:
76:8a:92:b8:06:d0:05:f7:1d:0d:5a:eb:d4:33:15:
26:8e:7f:b5:7d:40:af:c6:ed:60:95:6c:3d:58:4b:
34:e2:c2:77:a9:9a:73:fe:4d:91:89:41:b9:d5:f9:
dd:a5:1d:a3:1f:fd:85:38:87:71:4d:50:b6:bd:bb:
12:2d:b4:77:9c:c8:86:21:a8:84:8d:2d:60:15:91:
e2:1b:8c:56:61:74:5e:a0:fe:de:13:39:c2:1c:8c:
a3:a7:3d:c6:fb:fb:96:4c:1f:7e:94:ed:56:83:f4:
37:35:7a:0a:2f:e0:58:84:da:e0:8b:3b:55:8e:4c:
15:31:34:9f:6f:87:6c:43:e8:19:d7:db:e4:70:84:
d9:e2:a8:9b:47:a9:76:92:7f:a6:be:05:46:71:6c:
fe:58:7d:03:f8:f8:4f:c3:b8:bb:b5:03:08:35:48:
92:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2B:A0:E9:64:24:3C:FE:1E:C8:8F:20:CC:39:15:32:CA:59:1C:94
X509v3 Authority Key Identifier:
keyid:EF:A8:42:E6:71:47:25:25:05:F4:15:51:F0:F7:35:B7:F7:2E:3E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/Ciug6WQkPP4eyI8gzDkVMspZHJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.233.0/24
185.142.236.0/24
185.142.238.0/23
185.165.188.0/24
185.165.190.0/23
195.144.21.0/24
IPv6:
2a07:85c0::/48
2a07:85c1::/48
2a07:85c3::/48
2a07:85c5::/48
2a07:85c6::/48
Signature Algorithm: sha256WithRSAEncryption
73:3a:40:2f:ac:f8:32:ec:ca:b5:26:3b:16:08:ad:77:95:e4:
df:45:77:a5:3f:53:c8:40:83:24:e7:da:ec:b4:ad:a2:31:9b:
ff:08:af:4a:78:59:4f:ae:07:68:c6:51:b1:74:e6:7f:4a:2c:
0c:5d:b7:ff:4d:5e:1a:45:1e:ca:87:5e:23:40:f2:e5:b3:20:
e2:2c:e0:40:df:69:bb:46:46:b8:be:3f:dc:ff:d0:91:3b:69:
b6:dc:26:f2:7e:c9:93:12:75:76:e6:1d:b5:61:e0:94:56:0e:
18:cd:70:54:32:c6:de:7c:ff:b5:95:26:01:5a:f0:f2:a4:ae:
ae:5e:ab:06:c4:4d:78:ba:77:d4:e4:a5:5a:a1:5a:7c:71:8e:
71:71:5a:23:c7:16:cf:e6:2f:af:91:be:26:0a:cd:0d:c9:98:
bd:a9:47:7c:f2:d7:61:b7:4b:6b:c3:0e:21:1e:9e:59:8a:c3:
60:ec:ef:c4:02:cb:5f:3a:6b:8e:71:7f:68:cf:c6:7b:86:33:
9a:fd:2d:04:15:7f:c3:60:a2:f9:9c:33:7b:24:bb:3e:a1:63:
66:85:b2:90:d7:38:d6:a4:7f:25:f6:60:64:57:6f:30:de:dc:
e5:31:62:74:3f:63:dc:94:2e:95:9b:27:3d:93:4a:1b:56:8f:
3e:9d:50:48
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY6W1GLdTX2vkbx4nolsBAIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTg0MmU2NzE0NzI1MjUwNWY0MTU1MWYwZjczNWI3Zjcy
ZTNlOTcwHhcNMjQwMzMxMjMyNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTJiYTBlOTY0MjQzY2ZlMWVjODhmMjBjYzM5MTUzMmNhNTkxYzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwlIf+dYU4dyFI2ZMDbKxlmhdk+P
gpC/2thE7+iY//Pl1uGzKDg7a7eWGvaRYf2sfG1OeD+Wz5pn7Ca7OHfn8x0Ktw1L
mhCPUviWv6FTB0F9PmHs9S12sXB2ipK4BtAF9x0NWuvUMxUmjn+1fUCvxu1glWw9
WEs04sJ3qZpz/k2RiUG51fndpR2jH/2FOIdxTVC2vbsSLbR3nMiGIaiEjS1gFZHi
G4xWYXReoP7eEznCHIyjpz3G+/uWTB9+lO1Wg/Q3NXoKL+BYhNrgiztVjkwVMTSf
b4dsQ+gZ19vkcITZ4qibR6l2kn+mvgVGcWz+WH0D+PhPw7i7tQMINUiSpQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFAoroOlkJDz+HsiPIMw5FTLKWRyUMB8GA1UdIwQY
MBaAFO+oQuZxRyUlBfQVUfD3Nbf3Lj6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZoQzVuRkhKU1VGOUJWUjhQYzF0X2N1UHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9lOWM4ZTktYjk1NC00ZDIwLWE0MjYt
OGUwYzMxMjIzZGI4LzEvQ2l1ZzZXUWtQUDRleUk4Z3pEa1ZNc3BaSEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9lOWM4ZTktYjk1NC00ZDIwLWE0MjYtOGUwYzMxMjIzZGI4
LzEvNzZoQzVuRkhKU1VGOUJWUjhQYzF0X2N1UHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTAqBAIAATAkAwQAuR7pAwQA
uY7sAwQBuY7uAwQAuaW8AwQBuaW+AwQAw5AVMDMEAgACMC0DBwAqB4XAAAADBwAq
B4XBAAADBwAqB4XDAAADBwAqB4XFAAADBwAqB4XGAAAwDQYJKoZIhvcNAQELBQAD
ggEBAHM6QC+s+DLsyrUmOxYIrXeV5N9Fd6U/U8hAgyTn2uy0raIxm/8Ir0p4WU+u
B2jGUbF05n9KLAxdt/9NXhpFHsqHXiNA8uWzIOIs4EDfabtGRri+P9z/0JE7abbc
JvJ+yZMSdXbmHbVh4JRWDhjNcFQyxt58/7WVJgFa8PKkrq5eqwbETXi6d9TkpVqh
WnxxjnFxWiPHFs/mL6+RviYKzQ3JmL2pR3zy12G3S2vDDiEenlmKw2Ds78QCy186
a45xf2jPxnuGM5r9LQQVf8NgovmcM3skuz6hY2aFspDXONakfyX2YGRXbzDe3OUx
YnQ/Y9yULpWbJz2TShtWjz6dUEg=
-----END CERTIFICATE-----
Generated at Thu May 2 17:58:11 2024 by rpki-client on console-ams.rpki-client.org