Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/IPeB_4oFUosWM_xpZez_bTsnFr4.roa
File: IPeB_4oFUosWM_xpZez_bTsnFr4.roa (raw, json)
Hash identifier: uGGbyq/v5AW/NTT8wHa5ucEHEe+2ry5QXVT1i+SbQlw=
Subject key identifier: 20:F7:81:FF:8A:05:52:8B:16:33:FC:69:65:EC:FF:6D:3B:27:16:BE
Certificate issuer: /CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
Certificate serial: 018CCA2A3955EFCA99849E015996B765D088
Authority key identifier: C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/IPeB_4oFUosWM_xpZez_bTsnFr4.roa
Signing time: Tue 02 Jan 2024 12:33:33 +0000
ROA not before: Tue 02 Jan 2024 12:33:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212865
IP address blocks: 185.82.103.0/24 maxlen: 24
2a05:8f00:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.mft
rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:39:55:ef:ca:99:84:9e:01:59:96:b7:65:d0:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
Validity
Not Before: Jan 2 12:33:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20f781ff8a05528b1633fc6965ecff6d3b2716be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cc:ba:de:b4:e7:ae:21:13:0c:bf:4d:48:ca:
a4:ba:c2:dd:d9:55:89:3a:a9:b1:1e:2e:9e:fb:26:
8a:65:35:43:2e:84:13:87:31:c8:67:c9:09:60:53:
e1:7a:7f:b9:d4:89:72:66:c4:a5:cf:85:a9:b2:05:
f4:fd:69:12:0c:e9:2b:68:66:0c:e3:d7:40:80:b0:
24:d1:05:10:9f:e4:ec:4e:79:cd:09:4c:df:d6:de:
65:85:17:67:21:5e:00:fd:9a:0e:aa:92:4f:3a:d9:
d0:0d:af:bf:ca:64:84:b7:07:b2:9b:68:8f:4f:24:
29:17:42:1b:5a:30:3c:84:2a:28:cd:ea:e2:0a:55:
54:6c:53:1e:e1:39:cb:4a:39:c7:78:6a:3c:89:fc:
75:91:19:8f:82:1c:24:0b:6b:9e:82:55:82:24:4d:
7c:b0:2e:8e:77:96:e3:7b:41:e8:d8:3c:0b:7b:90:
9e:f6:ac:d2:1a:5f:9c:86:97:18:94:44:2e:23:29:
8d:d1:ab:75:3b:d6:47:15:e8:de:24:74:d9:3c:4a:
51:83:c1:2e:41:2f:7a:15:c2:56:c5:56:01:48:99:
00:55:3d:0e:3e:2a:9e:59:e5:ba:af:a6:4f:6c:d0:
ba:e7:c8:0a:5c:c0:08:5f:fd:9b:28:13:5d:04:ac:
37:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F7:81:FF:8A:05:52:8B:16:33:FC:69:65:EC:FF:6D:3B:27:16:BE
X509v3 Authority Key Identifier:
keyid:C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/IPeB_4oFUosWM_xpZez_bTsnFr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.103.0/24
IPv6:
2a05:8f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
97:80:db:15:53:7c:cd:f5:0c:ba:ff:cb:3e:be:c7:9f:0c:64:
a6:3c:7a:2a:ad:8d:ad:ce:37:dc:57:c2:f0:17:d3:c0:be:d0:
7e:64:b5:99:20:a3:c7:5d:d7:9b:fd:98:97:1b:0a:3c:26:cb:
b2:89:5f:f4:9a:24:12:7b:04:e2:b0:58:be:8f:11:6d:91:89:
43:98:f3:43:85:1b:b2:25:50:1d:4a:72:6a:50:f4:69:cd:aa:
5e:a1:a9:f0:c3:d8:32:79:24:00:4d:a9:c4:c3:d0:a5:78:8c:
f5:04:11:08:10:78:13:c2:ad:d3:62:e3:4d:2c:fa:f5:0e:c9:
81:12:9d:30:3f:36:48:f5:35:5d:d7:9e:e7:10:58:6b:8d:0f:
3d:fb:da:d4:6a:8e:af:93:13:a1:5c:31:19:f9:d7:71:8a:76:
16:5c:ea:6b:08:07:07:52:47:43:ec:33:31:5a:31:7e:9b:d3:
dd:9d:60:a8:9a:7f:fc:ba:c1:7d:c1:b4:60:20:11:03:96:c1:
64:e6:8f:c6:8e:da:c0:56:a0:54:e3:73:05:fa:17:3f:e7:93:
72:fe:2a:b9:2c:8a:7b:67:27:13:d3:d1:0b:67:34:ac:62:0a:
f3:9d:8d:03:be:75:61:fa:d8:3e:3a:99:f7:bb:c6:b1:c3:5f:
07:fe:c8:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKKjlV78qZhJ4BWZa3ZdCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZmU3MDNkMzc5MGNkYjg1MTRhNjAzZTdhNDVlZTUwZWVm
ZmE5NjIwHhcNMjQwMTAyMTIzMzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGY3ODFmZjhhMDU1MjhiMTYzM2ZjNjk2NWVjZmY2ZDNiMjcxNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8y63rTnriETDL9NSMqkusLd2VWJ
OqmxHi6e+yaKZTVDLoQThzHIZ8kJYFPhen+51IlyZsSlz4WpsgX0/WkSDOkraGYM
49dAgLAk0QUQn+TsTnnNCUzf1t5lhRdnIV4A/ZoOqpJPOtnQDa+/ymSEtweym2iP
TyQpF0IbWjA8hCoozeriClVUbFMe4TnLSjnHeGo8ifx1kRmPghwkC2ueglWCJE18
sC6Od5bje0Ho2DwLe5Ce9qzSGl+chpcYlEQuIymN0at1O9ZHFejeJHTZPEpRg8Eu
QS96FcJWxVYBSJkAVT0OPiqeWeW6r6ZPbNC658gKXMAIX/2bKBNdBKw3hQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCD3gf+KBVKLFjP8aWXs/207Jxa+MB8GA1UdIwQY
MBaAFMn+cD03kM24UUpgPnpF7lDu/6liMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgt
NzRjOGRhMjk0ZDVjLzEvSVBlQl80b0ZVb3NXTV94cFplel9iVHNuRnI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgtNzRjOGRhMjk0ZDVj
LzEveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuVJnMA8E
AgACMAkDBwAqBY8AAAgwDQYJKoZIhvcNAQELBQADggEBAJeA2xVTfM31DLr/yz6+
x58MZKY8eiqtja3ON9xXwvAX08C+0H5ktZkgo8dd15v9mJcbCjwmy7KJX/SaJBJ7
BOKwWL6PEW2RiUOY80OFG7IlUB1KcmpQ9GnNql6hqfDD2DJ5JABNqcTD0KV4jPUE
EQgQeBPCrdNi400s+vUOyYESnTA/Nkj1NV3XnucQWGuNDz372tRqjq+TE6FcMRn5
13GKdhZc6msIBwdSR0PsMzFaMX6b092dYKiaf/y6wX3BtGAgEQOWwWTmj8aO2sBW
oFTjcwX6Fz/nk3L+KrksintnJxPT0QtnNKxiCvOdjQO+dWH62D46mfe7xrHDXwf+
yFI=
-----END CERTIFICATE-----
Generated at Sat Jun 1 19:58:09 2024 by rpki-client on console-ams.rpki-client.org