Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/udWn9bvIs66wmmnv0eQCa520HS0.roa
File: udWn9bvIs66wmmnv0eQCa520HS0.roa (raw, json)
Hash identifier: 1SeGbhWl1wula5+wANQeBx3/gOFeGZW2aniKMJGd2P0=
Subject key identifier: B9:D5:A7:F5:BB:C8:B3:AE:B0:9A:69:EF:D1:E4:02:6B:9D:B4:1D:2D
Certificate issuer: /CN=88727fad5b5c06852e1dafa071ce4767a799e050
Certificate serial: 019015818A49650E70CC7717784B01D377C7
Authority key identifier: 88:72:7F:AD:5B:5C:06:85:2E:1D:AF:A0:71:CE:47:67:A7:99:E0:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/udWn9bvIs66wmmnv0eQCa520HS0.roa
Signing time: Fri 14 Jun 2024 06:48:49 +0000
ROA not before: Fri 14 Jun 2024 06:48:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48944
IP address blocks: 185.193.208.0/22 maxlen: 22
185.193.208.0/23 maxlen: 23
185.193.208.0/24 maxlen: 24
185.193.209.0/24 maxlen: 24
185.193.210.0/23 maxlen: 23
185.193.210.0/24 maxlen: 24
185.193.211.0/24 maxlen: 24
185.214.36.0/22 maxlen: 22
185.214.36.0/23 maxlen: 23
185.214.36.0/24 maxlen: 24
185.214.37.0/24 maxlen: 24
185.214.38.0/23 maxlen: 23
185.214.38.0/24 maxlen: 24
185.214.39.0/24 maxlen: 24
185.226.132.0/22 maxlen: 22
185.226.132.0/24 maxlen: 24
185.226.133.0/24 maxlen: 24
185.226.134.0/24 maxlen: 24
185.226.135.0/24 maxlen: 24
2a0a:3e40::/29 maxlen: 29
2a0b:92c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:15:81:8a:49:65:0e:70:cc:77:17:78:4b:01:d3:77:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88727fad5b5c06852e1dafa071ce4767a799e050
Validity
Not Before: Jun 14 06:48:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9d5a7f5bbc8b3aeb09a69efd1e4026b9db41d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0c:cf:fe:73:79:e3:69:7d:28:38:de:fa:c8:
31:1b:34:e2:dd:21:78:b9:94:06:80:3f:31:9a:e9:
5c:45:4a:82:78:f7:f0:f2:43:d0:b9:79:3b:e3:8f:
1d:f0:a7:f3:ba:d7:70:7d:d2:fb:50:b2:e9:64:01:
9e:3c:5e:ca:58:87:4f:68:c9:ae:c6:12:46:b1:4c:
c5:0d:5a:4a:1f:43:85:e4:99:46:57:3e:47:5a:26:
b6:67:94:06:7e:ba:b7:64:e5:99:d1:fa:0c:c0:bb:
23:c9:22:8a:f8:d7:9b:66:c4:ed:45:0d:12:9f:a3:
6c:ef:52:3e:68:35:f0:b8:0a:db:7d:9f:3e:e1:54:
db:eb:e5:f3:7b:33:14:c5:82:9f:b6:5b:15:a3:b9:
fe:7f:3b:61:8a:2e:01:62:4c:81:c4:6d:b2:62:fe:
03:e3:3b:06:35:7d:2c:7f:b5:19:64:73:67:c3:15:
66:cf:a5:37:db:1d:1d:09:2a:2d:94:15:94:15:0f:
9b:45:69:79:26:13:97:90:99:01:5a:f4:0a:3e:7e:
8b:cf:ef:33:7d:a3:6d:7a:bb:27:14:b0:b2:07:cc:
61:c7:59:77:f6:c5:46:55:f5:06:e7:24:16:93:ed:
f5:be:57:26:a6:1c:24:c0:cc:08:89:9b:5f:b1:ea:
21:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D5:A7:F5:BB:C8:B3:AE:B0:9A:69:EF:D1:E4:02:6B:9D:B4:1D:2D
X509v3 Authority Key Identifier:
keyid:88:72:7F:AD:5B:5C:06:85:2E:1D:AF:A0:71:CE:47:67:A7:99:E0:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/udWn9bvIs66wmmnv0eQCa520HS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/a4a260-84b0-468e-b497-5a41926fed7c/1/iHJ_rVtcBoUuHa-gcc5HZ6eZ4FA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.208.0/22
185.214.36.0/22
185.226.132.0/22
IPv6:
2a0a:3e40::/29
2a0b:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
66:e6:c2:bc:60:f6:e2:91:0a:00:f5:4f:ce:56:73:35:82:9a:
66:9d:dd:0a:9c:7b:00:ac:2c:70:82:b8:d7:3f:13:f0:df:14:
e7:9a:d2:85:ab:73:01:6a:78:ce:b0:7a:9b:0e:4f:75:9b:8a:
76:a8:62:f3:d2:f2:b0:d4:f2:e4:f0:86:a1:63:78:7e:14:3a:
5d:1e:a3:10:c2:21:fd:4a:8c:f4:2e:73:ee:5e:00:ef:39:3c:
86:ca:5e:d5:e4:f2:cc:15:25:f9:78:be:73:d5:8d:29:f6:75:
39:51:5e:19:e9:09:4b:8d:2b:c7:94:f4:33:98:ac:21:3f:bb:
39:5c:82:74:71:9e:e4:01:18:6a:c1:3f:a4:a8:12:9c:80:e8:
5b:4f:3f:1c:66:83:b6:3b:20:de:e0:af:6c:4e:9a:b2:7a:0d:
75:52:54:bc:80:2f:00:9f:e6:bd:75:b0:48:1f:e7:70:40:42:
c0:a8:7e:1f:11:00:03:cd:38:a5:ce:f3:fc:78:e5:1f:ea:6f:
67:0e:c1:2b:9d:4a:42:55:60:5b:01:a1:b4:c8:05:4a:71:92:
40:05:22:4c:0c:06:c7:07:fd:57:81:99:a5:45:63:25:39:97:
8d:9e:5f:e1:30:f9:a7:28:9d:ec:51:50:54:03:68:e9:ea:f3:
17:ac:1e:af
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZAVgYpJZQ5wzHcXeEsB03fHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NzI3ZmFkNWI1YzA2ODUyZTFkYWZhMDcxY2U0NzY3YTc5
OWUwNTAwHhcNMjQwNjE0MDY0ODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWQ1YTdmNWJiYzhiM2FlYjA5YTY5ZWZkMWU0MDI2YjlkYjQxZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgzP/nN542l9KDje+sgxGzTi3SF4
uZQGgD8xmulcRUqCePfw8kPQuXk7448d8KfzutdwfdL7ULLpZAGePF7KWIdPaMmu
xhJGsUzFDVpKH0OF5JlGVz5HWia2Z5QGfrq3ZOWZ0foMwLsjySKK+NebZsTtRQ0S
n6Ns71I+aDXwuArbfZ8+4VTb6+XzezMUxYKftlsVo7n+fzthii4BYkyBxG2yYv4D
4zsGNX0sf7UZZHNnwxVmz6U32x0dCSotlBWUFQ+bRWl5JhOXkJkBWvQKPn6Lz+8z
faNtersnFLCyB8xhx1l39sVGVfUG5yQWk+31vlcmphwkwMwIiZtfseohkwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLnVp/W7yLOusJpp79HkAmudtB0tMB8GA1UdIwQY
MBaAFIhyf61bXAaFLh2voHHOR2enmeBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUhKX3JWdGNCb1V1SGEtZ2NjNUhaNmVaNEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9hNGEyNjAtODRiMC00NjhlLWI0OTct
NWE0MTkyNmZlZDdjLzEvdWRXbjlidklzNjZ3bW1udjBlUUNhNTIwSFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9hNGEyNjAtODRiMC00NjhlLWI0OTctNWE0MTkyNmZlZDdj
LzEvaUhKX3JWdGNCb1V1SGEtZ2NjNUhaNmVaNEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCucHQAwQC
udYkAwQCueKEMBQEAgACMA4DBQMqCj5AAwUDKguSwDANBgkqhkiG9w0BAQsFAAOC
AQEAZubCvGD24pEKAPVPzlZzNYKaZp3dCpx7AKwscIK41z8T8N8U55rShatzAWp4
zrB6mw5PdZuKdqhi89LysNTy5PCGoWN4fhQ6XR6jEMIh/UqM9C5z7l4A7zk8hspe
1eTyzBUl+Xi+c9WNKfZ1OVFeGekJS40rx5T0M5isIT+7OVyCdHGe5AEYasE/pKgS
nIDoW08/HGaDtjsg3uCvbE6asnoNdVJUvIAvAJ/mvXWwSB/ncEBCwKh+HxEAA804
pc7z/HjlH+pvZw7BK51KQlVgWwGhtMgFSnGSQAUiTAwGxwf9V4GZpUVjJTmXjZ5f
4TD5pyid7FFQVANo6erzF6werw==
-----END CERTIFICATE-----