Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/PUTpnKDEPs55Qpi7jMDGver3e_8.roa
File: PUTpnKDEPs55Qpi7jMDGver3e_8.roa (raw, json)
Hash identifier: GyN7Qxzxjl57af1HwgoJ8J1StKInZYL2l0mSHj+sdrI=
Subject key identifier: 3D:44:E9:9C:A0:C4:3E:CE:79:42:98:BB:8C:C0:C6:BD:EA:F7:7B:FF
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 018F2DB0A5D570801816681A46BF5613AF48
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/PUTpnKDEPs55Qpi7jMDGver3e_8.roa
Signing time: Tue 30 Apr 2024 06:28:22 +0000
ROA not before: Tue 30 Apr 2024 06:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3262
IP address blocks: 185.177.40.0/24 maxlen: 24
185.177.41.0/24 maxlen: 24
185.220.164.0/24 maxlen: 24
185.220.165.0/24 maxlen: 24
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.226.229.0/24 maxlen: 24
185.232.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2d:b0:a5:d5:70:80:18:16:68:1a:46:bf:56:13:af:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Apr 30 06:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d44e99ca0c43ece794298bb8cc0c6bdeaf77bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7e:f0:30:e5:c2:07:65:80:0d:e2:fb:08:7d:
88:dc:d0:ff:71:32:70:e3:68:36:c6:a4:90:97:58:
76:5d:c9:8e:05:90:de:ef:e3:ae:4b:d9:c3:88:db:
2f:e2:46:8c:5c:18:54:2e:0c:86:74:89:ca:3f:0c:
a6:72:a5:3c:4e:95:30:b5:5b:81:5b:44:c9:db:83:
24:f1:89:e9:90:ab:15:ba:11:8b:74:e6:35:3e:e0:
28:35:4d:59:52:65:5e:11:9e:80:db:62:59:55:4c:
80:16:6b:55:f8:3e:77:69:ba:76:83:6a:ab:da:29:
df:60:63:e2:aa:96:f5:b8:95:5a:46:c0:6e:35:43:
1a:3e:28:28:37:26:35:6f:af:90:93:02:24:f2:a5:
5d:28:af:4f:a3:fb:58:c3:dd:72:f4:23:a3:52:c6:
2e:ae:b9:d3:6f:1c:92:dd:2f:04:26:b2:8d:d2:c4:
05:4a:29:11:ec:ab:40:f4:a6:70:8f:4f:95:d9:01:
0e:c1:82:b9:b4:a9:8e:50:de:6c:39:63:d6:ca:69:
72:a8:f8:3f:e6:26:63:30:79:8f:c3:59:06:6d:09:
5e:05:11:9a:87:a4:59:a0:c2:89:34:2f:0e:98:72:
79:3b:2d:24:a6:c2:71:a7:68:97:37:e0:a5:df:e9:
62:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:44:E9:9C:A0:C4:3E:CE:79:42:98:BB:8C:C0:C6:BD:EA:F7:7B:FF
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/PUTpnKDEPs55Qpi7jMDGver3e_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.40.0/23
185.220.164.0/22
185.226.229.0/24
185.232.132.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:f9:09:00:fd:38:1e:6a:29:89:44:a6:9a:b1:86:32:94:26:
e0:bc:0a:08:70:08:cc:f0:76:3a:98:12:77:2f:40:a3:ba:b6:
ec:8b:27:f0:e1:1a:05:26:f0:93:71:9f:51:3d:45:77:6f:e6:
d0:73:ed:8d:a3:fb:06:52:7a:55:8c:0a:6c:c4:7d:68:99:a3:
2d:57:6c:3b:07:67:46:0e:06:00:17:9c:7b:46:4d:51:27:5d:
5f:72:bb:35:3b:d7:cc:97:ac:74:f6:d5:cb:55:3a:3f:49:0e:
4d:b5:a9:1d:ac:85:c8:3b:4a:59:05:c3:80:08:97:3a:6e:98:
e7:3b:02:b7:0f:d5:62:73:81:c5:57:50:97:93:49:b6:65:24:
3b:9c:bc:b4:32:28:73:a9:78:1d:48:20:6f:b7:35:7c:4b:70:
2a:a0:0a:bd:50:39:a5:83:f3:4a:e1:a9:be:12:d7:05:e5:eb:
cd:96:50:f7:8f:b6:cf:6a:08:78:c9:7d:40:fd:67:25:80:2f:
55:b1:5a:22:de:ce:b4:9a:a8:f3:ec:0e:ec:bc:87:3c:05:e1:
de:38:91:6c:5b:5d:d9:73:7c:e8:9e:0f:24:c3:2d:31:47:f2:
29:c5:f3:07:95:f8:62:77:27:1e:08:e3:f3:d4:a0:88:58:9d:
91:fe:fa:fc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8tsKXVcIAYFmgaRr9WE69IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjQwNDMwMDYyODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDQ0ZTk5Y2EwYzQzZWNlNzk0Mjk4YmI4Y2MwYzZiZGVhZjc3YmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn7wMOXCB2WADeL7CH2I3ND/cTJw
42g2xqSQl1h2XcmOBZDe7+OuS9nDiNsv4kaMXBhULgyGdInKPwymcqU8TpUwtVuB
W0TJ24Mk8YnpkKsVuhGLdOY1PuAoNU1ZUmVeEZ6A22JZVUyAFmtV+D53abp2g2qr
2infYGPiqpb1uJVaRsBuNUMaPigoNyY1b6+QkwIk8qVdKK9Po/tYw91y9COjUsYu
rrnTbxyS3S8EJrKN0sQFSikR7KtA9KZwj0+V2QEOwYK5tKmOUN5sOWPWymlyqPg/
5iZjMHmPw1kGbQleBRGah6RZoMKJNC8OmHJ5Oy0kpsJxp2iXN+Cl3+liDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD1E6ZygxD7OeUKYu4zAxr3q93v/MB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvUFVUcG5LREVQczU1UXBpN2pNREd2ZXIzZV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBubEoAwQC
udykAwQAueLlAwQAueiEMA0GCSqGSIb3DQEBCwUAA4IBAQBK+QkA/TgeaimJRKaa
sYYylCbgvAoIcAjM8HY6mBJ3L0Cjurbsiyfw4RoFJvCTcZ9RPUV3b+bQc+2No/sG
UnpVjApsxH1omaMtV2w7B2dGDgYAF5x7Rk1RJ11fcrs1O9fMl6x09tXLVTo/SQ5N
takdrIXIO0pZBcOACJc6bpjnOwK3D9Vic4HFV1CXk0m2ZSQ7nLy0MihzqXgdSCBv
tzV8S3AqoAq9UDmlg/NK4am+EtcF5evNllD3j7bPagh4yX1A/WclgC9VsVoi3s60
mqjz7A7svIc8BeHeOJFsW13Zc3zong8kwy0xR/IpxfMHlfhidyceCOPz1KCIWJ2R
/vr8
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:52:10 2024 by rpki-client on console-fra.rpki-client.org