Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/1-8r0Snwsfvao5A0oz_oJCcOPIgc.roa
File: 1-8r0Snwsfvao5A0oz_oJCcOPIgc.roa (raw, json)
Hash identifier: hawxFVDKJdbQL1r4WBg9v13skX4gkNJM/TcjmA9VAIY=
Subject key identifier: FB:CA:F4:4A:7C:2C:7E:F6:A8:E4:0D:28:CF:FA:09:09:C3:8F:22:07
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 018E1D18FEA2789F0E14E83A9F0FDFF18204
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/1-8r0Snwsfvao5A0oz_oJCcOPIgc.roa
Signing time: Fri 08 Mar 2024 08:06:01 +0000
ROA not before: Fri 08 Mar 2024 08:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60117
IP address blocks: 185.45.192.0/24 maxlen: 24
185.45.194.0/24 maxlen: 24
185.45.195.0/24 maxlen: 24
185.82.200.0/24 maxlen: 24
185.82.202.0/24 maxlen: 24
185.106.120.0/24 maxlen: 24
185.106.122.0/24 maxlen: 24
185.106.123.0/24 maxlen: 24
185.117.72.0/24 maxlen: 24
185.117.73.0/24 maxlen: 24
185.141.24.0/24 maxlen: 24
185.141.27.0/24 maxlen: 24
185.183.97.0/24 maxlen: 24
185.183.98.0/24 maxlen: 24
185.198.56.0/24 maxlen: 24
185.198.58.0/24 maxlen: 24
185.198.59.0/24 maxlen: 24
185.244.148.0/24 maxlen: 24
185.244.149.0/24 maxlen: 24
185.244.151.0/24 maxlen: 24
188.116.36.0/24 maxlen: 24
194.36.188.0/24 maxlen: 24
194.36.190.0/24 maxlen: 24
194.36.191.0/24 maxlen: 24
212.8.251.0/24 maxlen: 24
2a03:660::/32 maxlen: 32
2a04:dd00::/29 maxlen: 29
2a04:dd00::/32 maxlen: 32
2a04:dd01::/32 maxlen: 32
2a04:dd02::/32 maxlen: 32
2a05:9340::/29 maxlen: 29
2a05:9340::/32 maxlen: 32
2a05:9341::/32 maxlen: 32
2a05:9342::/32 maxlen: 32
2a06:3d80::/29 maxlen: 29
2a0e:df40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1d:18:fe:a2:78:9f:0e:14:e8:3a:9f:0f:df:f1:82:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: Mar 8 08:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbcaf44a7c2c7ef6a8e40d28cffa0909c38f2207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c7:4b:60:d4:7f:d4:88:9a:21:8d:d0:b2:96:
bc:89:42:19:ac:c4:71:e4:97:e0:b7:b1:ad:d4:da:
7d:c4:64:26:fa:bb:04:1b:3d:c9:ba:b7:e8:c4:fe:
13:f5:29:6d:10:82:5c:5c:03:3e:62:fc:77:4f:31:
0f:c2:6c:31:fb:42:1a:df:64:9e:2c:26:52:17:40:
2b:b8:69:71:e8:0b:05:a3:78:e2:f7:f0:88:fd:e3:
3e:19:d3:d1:07:52:6a:78:c4:db:84:9c:c9:32:4c:
36:a7:fa:45:cf:9a:72:25:e7:04:89:f4:ce:06:74:
72:5d:a9:99:89:70:ad:1e:e1:6d:d7:63:05:44:11:
c7:78:9e:a1:57:8e:e0:9e:5f:e5:68:8a:7d:3b:1b:
d7:99:da:87:1b:63:5f:f5:ff:8f:94:f2:80:ba:59:
c4:94:59:45:d2:3f:24:07:c7:dd:2d:7f:23:32:f1:
16:4c:87:32:13:39:ae:7f:92:60:5a:df:6b:bf:50:
9f:e4:c7:1a:c3:8d:e8:fa:6b:c5:3e:c1:06:d2:ad:
cd:f9:23:26:70:46:74:f2:93:c4:db:2e:91:20:2a:
15:60:a9:62:a2:1a:a5:e4:d7:d0:6a:e4:f9:8b:6d:
ef:a4:2a:b6:51:0d:39:af:99:72:be:d1:67:44:af:
e8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:CA:F4:4A:7C:2C:7E:F6:A8:E4:0D:28:CF:FA:09:09:C3:8F:22:07
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/1-8r0Snwsfvao5A0oz_oJCcOPIgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.192.0/24
185.45.194.0/23
185.82.200.0/24
185.82.202.0/24
185.106.120.0/24
185.106.122.0/23
185.117.72.0/23
185.141.24.0/24
185.141.27.0/24
185.183.97.0-185.183.98.255
185.198.56.0/24
185.198.58.0/23
185.244.148.0/23
185.244.151.0/24
188.116.36.0/24
194.36.188.0/24
194.36.190.0/23
212.8.251.0/24
IPv6:
2a03:660::/32
2a04:dd00::/29
2a05:9340::/29
2a06:3d80::/29
2a0e:df40::/32
Signature Algorithm: sha256WithRSAEncryption
c1:e9:0c:53:67:f1:46:02:4c:28:ad:f9:e5:bf:e8:1a:73:bb:
2a:dd:0d:e4:0c:d2:67:94:3e:3f:17:6a:e8:90:a3:73:37:43:
bd:eb:32:dc:13:b4:6d:bd:db:d9:be:b4:85:2a:b5:ee:b7:bd:
31:54:ae:18:f4:2c:57:0a:a6:f4:4e:ef:d2:ba:d1:86:fc:68:
98:e3:f9:14:a9:ac:9a:0e:4b:91:04:52:64:2d:12:e2:2b:f4:
61:d1:ae:d6:a0:61:86:e1:53:d8:25:1a:60:6c:b0:bf:ee:ff:
dd:6f:6e:8b:ee:41:f2:0d:ab:d9:b5:c2:f0:6f:1d:ae:2a:82:
92:b0:a2:85:ae:58:c9:b7:89:c1:47:cb:33:f7:9f:3b:82:55:
0a:62:8a:6a:e2:8e:a5:4a:a2:fe:71:91:40:07:24:6e:46:d3:
9f:41:80:08:1d:f2:0f:33:46:38:3c:13:08:97:7b:5f:d8:d8:
b4:f3:71:49:a5:6c:92:9d:37:5f:80:7f:01:59:db:2a:90:99:
8e:da:c3:39:9c:05:3b:a1:86:57:f6:c0:7f:59:27:6b:a4:6d:
e5:12:0f:73:af:c6:06:f8:93:ad:ed:a2:c0:5f:13:50:ba:41:
5e:40:85:07:ef:00:3b:50:e7:b7:d3:66:72:dd:49:67:31:40:
43:e5:10:ea
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY4dGP6ieJ8OFOg6nw/f8YIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjQwMzA4MDgwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmNhZjQ0YTdjMmM3ZWY2YThlNDBkMjhjZmZhMDkwOWMzOGYyMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicdLYNR/1IiaIY3Qspa8iUIZrMRx
5Jfgt7Gt1Np9xGQm+rsEGz3JurfoxP4T9SltEIJcXAM+Yvx3TzEPwmwx+0Ia32Se
LCZSF0AruGlx6AsFo3ji9/CI/eM+GdPRB1JqeMTbhJzJMkw2p/pFz5pyJecEifTO
BnRyXamZiXCtHuFt12MFRBHHeJ6hV47gnl/laIp9OxvXmdqHG2Nf9f+PlPKAulnE
lFlF0j8kB8fdLX8jMvEWTIcyEzmuf5JgWt9rv1Cf5Mcaw43o+mvFPsEG0q3N+SMm
cEZ08pPE2y6RICoVYKliohql5NfQauT5i23vpCq2UQ05r5lyvtFnRK/oYQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFPvK9Ep8LH72qOQNKM/6CQnDjyIHMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEvMS04cjBTbndzZnZhbzVBMG96X29KQ2NPUElnYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvZWM0OGJlLTkyNTAtNGY3Yy05Yzg3LTY0MWI4ZTYwZDNl
Mi8xL2xKU09YeS1nU3lJcWJwYUlPNFFQY1NSVEZWWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBugYIKwYBBQUHAQcBAf8EgaowgacwegQCAAEwdAMEALkt
wAMEAbktwgMEALlSyAMEALlSygMEALlqeAMEAblqegMEAbl1SAMEALmNGAMEALmN
GzAMAwQAubdhAwQAubdiAwQAucY4AwQBucY6AwQBufSUAwQAufSXAwQAvHQkAwQA
wiS8AwQBwiS+AwQA1Aj7MCkEAgACMCMDBQAqAwZgAwUDKgTdAAMFAyoFk0ADBQMq
Bj2AAwUAKg7fQDANBgkqhkiG9w0BAQsFAAOCAQEAwekMU2fxRgJMKK355b/oGnO7
Kt0N5AzSZ5Q+Pxdq6JCjczdDvesy3BO0bb3b2b60hSq17re9MVSuGPQsVwqm9E7v
0rrRhvxomOP5FKmsmg5LkQRSZC0S4iv0YdGu1qBhhuFT2CUaYGywv+7/3W9ui+5B
8g2r2bXC8G8driqCkrCiha5YybeJwUfLM/efO4JVCmKKauKOpUqi/nGRQAckbkbT
n0GACB3yDzNGODwTCJd7X9jYtPNxSaVskp03X4B/AVnbKpCZjtrDOZwFO6GGV/bA
f1kna6Rt5RIPc6/GBviTre2iwF8TULpBXkCFB+8AO1Dnt9Nmct1JZzFAQ+UQ6g==
-----END CERTIFICATE-----
Generated at Sun May 5 03:03:56 2024 by rpki-client on console-fra.rpki-client.org