Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/H1d0iYw_QBOwlhTlmV7Pzyijdus.roa
File: H1d0iYw_QBOwlhTlmV7Pzyijdus.roa (raw, json)
Hash identifier: nnzSRq37ErBiac8a5B+RxOhTFr1LVbUm47/SGQkOm8o=
Subject key identifier: 1F:57:74:89:8C:3F:40:13:B0:96:14:E5:99:5E:CF:CF:28:A3:76:EB
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018CC871321761580F0441B8263338322B6F
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/H1d0iYw_QBOwlhTlmV7Pzyijdus.roa
Signing time: Tue 02 Jan 2024 04:31:50 +0000
ROA not before: Tue 02 Jan 2024 04:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202727
IP address blocks: 185.191.92.0/22 maxlen: 22
185.171.156.0/22 maxlen: 22
185.249.28.0/22 maxlen: 22
185.180.244.0/22 maxlen: 22
185.218.248.0/22 maxlen: 22
185.156.80.0/22 maxlen: 22
185.211.24.0/22 maxlen: 22
185.163.28.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:32:17:61:58:0f:04:41:b8:26:33:38:32:2b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 04:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f5774898c3f4013b09614e5995ecfcf28a376eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:91:71:2f:71:b5:bd:c8:e3:5a:1d:14:ca:f9:
b2:57:a0:cc:12:5e:0b:96:d2:4a:80:c2:44:ae:b5:
fe:82:be:52:94:06:1d:fa:ff:59:9f:6d:62:c7:b2:
aa:ee:b9:00:7e:07:da:13:d7:59:31:32:42:90:df:
c3:54:f4:20:44:8a:02:9d:d7:38:96:d1:38:1c:da:
21:1b:b1:c0:28:30:ce:b3:13:d9:10:7a:3a:09:1c:
68:e0:31:bf:9e:21:b7:a5:e2:7f:2b:d9:66:90:4a:
b2:b3:ae:86:2a:cb:c2:f0:9f:fb:fc:2b:f1:5a:d2:
1b:a8:9d:ea:45:35:a7:81:ec:71:e4:64:79:9b:88:
92:a1:9a:9a:e4:24:96:df:b9:be:92:a0:ef:09:75:
1e:f3:ad:c1:67:46:f5:f7:26:87:9d:6d:e5:0d:09:
84:b2:16:5a:53:2c:8f:e4:cf:ac:a2:fb:01:74:c9:
bb:5b:73:e0:11:4a:32:aa:75:bb:4b:82:6f:23:bb:
26:9c:d8:2c:5b:fd:39:bc:3b:28:ba:b1:7d:6c:c6:
0d:c1:d9:8c:fa:22:bf:1b:d8:b8:1b:02:8e:e1:bf:
e3:07:2e:e8:a0:1c:e3:f8:11:53:e3:eb:e7:5d:20:
90:84:1c:83:e2:7f:37:19:22:20:79:6a:c4:06:75:
a5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:57:74:89:8C:3F:40:13:B0:96:14:E5:99:5E:CF:CF:28:A3:76:EB
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/H1d0iYw_QBOwlhTlmV7Pzyijdus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.80.0/22
185.163.28.0/22
185.171.156.0/22
185.180.244.0/22
185.191.92.0/22
185.211.24.0/22
185.218.248.0/22
185.249.28.0/22
Signature Algorithm: sha256WithRSAEncryption
50:ae:2f:ca:d8:b4:c2:77:44:51:13:14:5f:97:80:90:ae:08:
21:71:1b:e8:bb:c3:e6:84:0c:65:40:5a:fc:dc:9c:66:45:d7:
1e:00:df:0c:f4:f0:06:e1:ea:df:79:6d:5d:70:ee:2b:57:3e:
43:3e:ea:26:4c:9b:a8:58:00:46:e4:8b:3f:04:d3:9b:ad:72:
c3:51:32:07:a5:d6:ed:de:b1:32:f3:42:88:21:9c:8b:f3:82:
9a:fb:86:51:11:ab:b8:1e:2c:0f:2f:5b:21:d6:4b:d0:16:9e:
3a:cf:69:82:ee:82:d5:b5:5b:0c:94:08:01:69:f8:89:10:dd:
2e:d4:83:bc:71:5a:d8:40:a3:48:77:6c:a5:2c:17:9d:ce:cb:
52:f5:ec:91:5f:c1:84:57:48:db:40:d8:db:98:79:9f:8f:4b:
ec:f8:9d:8c:49:2f:4f:ed:a8:3c:5b:ef:39:8b:4f:b2:f2:6f:
29:b4:57:33:48:3c:98:ce:57:68:63:dc:77:8f:f9:7b:c7:fe:
e3:e1:04:ad:e6:5b:c9:a3:35:f6:5c:05:ea:19:6d:b6:12:19:
75:37:12:cf:30:70:5b:f2:c5:01:07:8d:84:56:31:41:09:3e:
b4:82:4a:3c:bb:bb:ab:96:9f:0d:93:a1:50:43:a8:f3:30:29:
5e:ce:f2:28
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzIcTIXYVgPBEG4JjM4MitvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjQwMTAyMDQzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjU3NzQ4OThjM2Y0MDEzYjA5NjE0ZTU5OTVlY2ZjZjI4YTM3NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5FxL3G1vcjjWh0UyvmyV6DMEl4L
ltJKgMJErrX+gr5SlAYd+v9Zn21ix7Kq7rkAfgfaE9dZMTJCkN/DVPQgRIoCndc4
ltE4HNohG7HAKDDOsxPZEHo6CRxo4DG/niG3peJ/K9lmkEqys66GKsvC8J/7/Cvx
WtIbqJ3qRTWngexx5GR5m4iSoZqa5CSW37m+kqDvCXUe863BZ0b19yaHnW3lDQmE
shZaUyyP5M+sovsBdMm7W3PgEUoyqnW7S4JvI7smnNgsW/05vDsourF9bMYNwdmM
+iK/G9i4GwKO4b/jBy7ooBzj+BFT4+vnXSCQhByD4n83GSIgeWrEBnWlTQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFB9XdImMP0ATsJYU5Zlez88oo3brMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvSDFkMGlZd19RQk93bGhUbG1WN1B6eWlqZHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCuZxQAwQC
uaMcAwQCuaucAwQCubT0AwQCub9cAwQCudMYAwQCudr4AwQCufkcMA0GCSqGSIb3
DQEBCwUAA4IBAQBQri/K2LTCd0RRExRfl4CQrgghcRvou8PmhAxlQFr83JxmRdce
AN8M9PAG4erfeW1dcO4rVz5DPuomTJuoWABG5Is/BNObrXLDUTIHpdbt3rEy80KI
IZyL84Ka+4ZREau4HiwPL1sh1kvQFp46z2mC7oLVtVsMlAgBafiJEN0u1IO8cVrY
QKNId2ylLBedzstS9eyRX8GEV0jbQNjbmHmfj0vs+J2MSS9P7ag8W+85i0+y8m8p
tFczSDyYzldoY9x3j/l7x/7j4QSt5lvJozX2XAXqGW22Ehl1NxLPMHBb8sUBB42E
VjFBCT60gko8u7urlp8Nk6FQQ6jzMClezvIo
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:54:23 2024 by rpki-client on console-fra.rpki-client.org