Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/S2nfnVUfa2HDorF-sCFwWgmPavk.roa
File: S2nfnVUfa2HDorF-sCFwWgmPavk.roa (raw, json)
Hash identifier: w2d+Nv/GqdVKxdkYEcenwUlxRXLEsNf9ACD9X+tOQqE=
Subject key identifier: 4B:69:DF:9D:55:1F:6B:61:C3:A2:B1:7E:B0:21:70:5A:09:8F:6A:F9
Certificate issuer: /CN=9a1a08692f228da0c41b317c6fa7cc5c3bec51e1
Certificate serial: 01909BDF944ADBCAE38E3724D02BD14106A9
Authority key identifier: 9A:1A:08:69:2F:22:8D:A0:C4:1B:31:7C:6F:A7:CC:5C:3B:EC:51:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/S2nfnVUfa2HDorF-sCFwWgmPavk.roa
Signing time: Wed 10 Jul 2024 09:00:39 +0000
ROA not before: Wed 10 Jul 2024 09:00:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204903
IP address blocks: 185.236.104.0/22 maxlen: 22
185.236.104.0/24 maxlen: 24
185.236.105.0/24 maxlen: 24
185.236.106.0/24 maxlen: 24
185.236.107.0/24 maxlen: 24
2a12:7bc0::/32 maxlen: 32
2a12:7bc0:102::/48 maxlen: 48
2a12:7bc0:103::/48 maxlen: 48
2a12:7bc0:104::/48 maxlen: 48
2a12:7bc0:105::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/mhoIaS8ijaDEGzF8b6fMXDvsUeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/mhoIaS8ijaDEGzF8b6fMXDvsUeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:df:94:4a:db:ca:e3:8e:37:24:d0:2b:d1:41:06:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1a08692f228da0c41b317c6fa7cc5c3bec51e1
Validity
Not Before: Jul 10 09:00:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b69df9d551f6b61c3a2b17eb021705a098f6af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:da:54:4f:c6:7a:ba:9e:3c:b7:47:52:67:2d:
60:12:cb:8c:20:8b:4c:e7:d5:66:0b:ef:3f:67:ba:
a3:f7:30:f9:36:ff:c2:fb:28:b7:b0:96:4b:98:bd:
5c:9d:46:0b:af:d9:eb:11:77:f4:7d:cb:dc:c0:7e:
0e:ac:49:98:c6:84:1f:39:c1:e5:2f:24:e2:5a:e7:
76:14:a3:ba:94:20:11:c0:6a:59:fd:a9:5f:40:92:
27:91:f7:da:2d:00:a7:1e:51:9e:09:b8:36:e3:f6:
55:8e:3c:b8:d2:4c:a1:fa:4e:7a:f6:2d:8a:07:ec:
a4:c9:58:27:8c:47:30:b8:f7:6f:f4:69:f6:77:cb:
35:b5:91:5f:9c:7d:2a:91:f7:c9:1d:20:e5:0b:05:
40:27:e4:32:28:d3:9b:5a:e8:08:af:6a:ee:24:31:
c9:45:e8:c8:98:a5:1c:25:7a:9c:41:fc:0d:52:06:
7a:ea:05:77:10:c9:d0:58:fa:bf:34:47:6a:c5:ad:
28:4a:7a:a5:0b:1f:8a:91:81:07:11:19:46:29:2e:
f3:c5:b2:c4:e7:f2:91:64:a4:86:27:c6:08:6c:e4:
95:08:80:40:72:02:a3:18:d6:24:d7:cc:2c:79:be:
fa:01:f5:d4:eb:d9:4d:7d:bd:c3:68:41:97:4d:f0:
88:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:69:DF:9D:55:1F:6B:61:C3:A2:B1:7E:B0:21:70:5A:09:8F:6A:F9
X509v3 Authority Key Identifier:
keyid:9A:1A:08:69:2F:22:8D:A0:C4:1B:31:7C:6F:A7:CC:5C:3B:EC:51:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mhoIaS8ijaDEGzF8b6fMXDvsUeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/S2nfnVUfa2HDorF-sCFwWgmPavk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d0fad1-b8b1-4960-b67f-02edf08f7cf8/1/mhoIaS8ijaDEGzF8b6fMXDvsUeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.104.0/22
IPv6:
2a12:7bc0::/32
Signature Algorithm: sha256WithRSAEncryption
7d:7c:d5:b4:73:d9:a1:04:63:30:f1:ba:57:09:53:3a:64:45:
44:1a:be:d2:9b:e4:26:ec:fb:8a:36:e2:97:97:eb:a3:79:19:
8f:7e:cc:33:18:c9:08:a2:8e:9b:72:e9:f4:04:c6:03:fa:0d:
09:80:f2:2d:9c:7d:bc:87:43:bf:9e:95:38:6b:4b:b5:25:f2:
dc:b0:e7:ca:39:3a:38:74:5a:41:7f:71:18:e7:ad:ba:17:d2:
d9:f6:54:ac:b5:63:73:49:75:a5:2a:00:35:9a:51:02:a4:27:
ca:dc:80:1d:eb:27:2a:c9:79:55:f1:f0:98:22:3c:08:6f:cc:
85:ec:90:bd:34:dc:9e:aa:8c:a7:ca:a3:40:53:38:40:05:ac:
23:fa:9f:a9:7f:94:4f:a9:fc:93:bd:1c:34:de:ef:e3:fb:f1:
24:2b:fa:1a:be:2a:1c:bb:d5:29:28:f4:0a:b8:be:9a:ee:5e:
c3:30:ef:f8:f5:e5:4c:82:b7:06:a2:33:38:c9:8e:08:c4:1d:
29:eb:94:60:63:87:df:f2:8f:1a:27:b4:08:e9:ec:42:38:4e:
fc:25:06:c2:b7:09:a4:e5:cb:ad:82:8a:4b:b8:19:67:de:1c:
be:2f:fa:7b:b0:04:8c:03:c9:83:fd:d0:ff:81:75:cc:c9:47:
e5:8f:be:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZCb35RK28rjjjck0CvRQQapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWEwODY5MmYyMjhkYTBjNDFiMzE3YzZmYTdjYzVjM2Jl
YzUxZTEwHhcNMjQwNzEwMDkwMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjY5ZGY5ZDU1MWY2YjYxYzNhMmIxN2ViMDIxNzA1YTA5OGY2YWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdpUT8Z6up48t0dSZy1gEsuMIItM
59VmC+8/Z7qj9zD5Nv/C+yi3sJZLmL1cnUYLr9nrEXf0fcvcwH4OrEmYxoQfOcHl
LyTiWud2FKO6lCARwGpZ/alfQJInkffaLQCnHlGeCbg24/ZVjjy40kyh+k569i2K
B+ykyVgnjEcwuPdv9Gn2d8s1tZFfnH0qkffJHSDlCwVAJ+QyKNObWugIr2ruJDHJ
RejImKUcJXqcQfwNUgZ66gV3EMnQWPq/NEdqxa0oSnqlCx+KkYEHERlGKS7zxbLE
5/KRZKSGJ8YIbOSVCIBAcgKjGNYk18wseb76AfXU69lNfb3DaEGXTfCIlQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEtp351VH2thw6KxfrAhcFoJj2r5MB8GA1UdIwQY
MBaAFJoaCGkvIo2gxBsxfG+nzFw77FHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWhvSWFTOGlqYURFR3pGOGI2Zk1YRHZzVWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kMGZhZDEtYjhiMS00OTYwLWI2N2Yt
MDJlZGYwOGY3Y2Y4LzEvUzJuZm5WVWZhMkhEb3JGLXNDRndXZ21QYXZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kMGZhZDEtYjhiMS00OTYwLWI2N2YtMDJlZGYwOGY3Y2Y4
LzEvbWhvSWFTOGlqYURFR3pGOGI2Zk1YRHZzVWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuexoMA0E
AgACMAcDBQAqEnvAMA0GCSqGSIb3DQEBCwUAA4IBAQB9fNW0c9mhBGMw8bpXCVM6
ZEVEGr7Sm+Qm7PuKNuKXl+ujeRmPfswzGMkIoo6bcun0BMYD+g0JgPItnH28h0O/
npU4a0u1JfLcsOfKOTo4dFpBf3EY5626F9LZ9lSstWNzSXWlKgA1mlECpCfK3IAd
6ycqyXlV8fCYIjwIb8yF7JC9NNyeqoynyqNAUzhABawj+p+pf5RPqfyTvRw03u/j
+/EkK/oaviocu9UpKPQKuL6a7l7DMO/49eVMgrcGojM4yY4IxB0p65RgY4ff8o8a
J7QI6exCOE78JQbCtwmk5cutgopLuBln3hy+L/p7sASMA8mD/dD/gXXMyUflj74E
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:55:30 2024 by rpki-client on console-ams.rpki-client.org