Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/x2rQNN6pmyzpmgiceBxuM9k0beQ.roa
File: x2rQNN6pmyzpmgiceBxuM9k0beQ.roa (raw, json)
Hash identifier: RNAj6Q/YeHXrJBYk7uNbWiQVqz3wEYhzgnrnOnscMqQ=
Subject key identifier: C7:6A:D0:34:DE:A9:9B:2C:E9:9A:08:9C:78:1C:6E:33:D9:34:6D:E4
Certificate issuer: /CN=f04d278485ffaea79e910a262533a80b5ab91c8a
Certificate serial: 018CC42538C43722A6EFFC4488F4C263B830
Authority key identifier: F0:4D:27:84:85:FF:AE:A7:9E:91:0A:26:25:33:A8:0B:5A:B9:1C:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E0nhIX_rqeekQomJTOoC1q5HIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/x2rQNN6pmyzpmgiceBxuM9k0beQ.roa
Signing time: Mon 01 Jan 2024 08:30:22 +0000
ROA not before: Mon 01 Jan 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201216
IP address blocks: 185.253.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/8E0nhIX_rqeekQomJTOoC1q5HIo.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/8E0nhIX_rqeekQomJTOoC1q5HIo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8E0nhIX_rqeekQomJTOoC1q5HIo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 07:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:38:c4:37:22:a6:ef:fc:44:88:f4:c2:63:b8:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04d278485ffaea79e910a262533a80b5ab91c8a
Validity
Not Before: Jan 1 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c76ad034dea99b2ce99a089c781c6e33d9346de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cf:79:65:ed:11:94:9b:66:64:dd:b1:03:b9:
f3:c1:7b:35:62:1c:9e:a7:7e:8d:ee:53:5c:44:fb:
08:8a:1d:e0:01:ad:ef:ea:ca:ac:4b:31:7e:26:e7:
95:2c:3d:4e:84:e4:54:f0:0e:7a:f9:37:87:3d:7e:
ce:e2:50:11:17:61:4a:45:84:bb:f5:61:5c:d6:1d:
ba:8f:86:7a:74:7f:a7:47:81:65:65:70:99:e9:bf:
79:f4:eb:ce:7d:86:ae:1f:60:0f:c2:03:4b:8b:9d:
ed:f4:5f:f7:29:bc:3e:07:70:49:fc:9e:66:ac:5a:
9a:69:3e:81:ef:71:b9:93:5a:28:9f:d3:70:c1:c1:
22:aa:6e:93:35:40:08:95:be:1f:17:54:45:85:78:
f6:6d:21:aa:b6:b3:db:48:52:fe:08:a2:66:e6:fc:
80:78:e4:64:ec:a7:53:2c:d3:7a:8d:06:cf:1d:1d:
05:04:83:13:b0:fe:d0:00:88:6c:6c:7e:ee:2e:18:
91:bf:d2:c4:88:f7:a0:98:65:a8:22:7a:6e:d5:4b:
b1:23:ed:26:ab:9f:13:0f:8d:b3:17:8a:1b:b5:7a:
ae:f4:80:13:34:e7:fe:33:f2:03:ea:92:fb:d9:8f:
93:fb:f9:b9:00:c8:fb:bd:68:07:ac:1e:23:04:36:
2e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:6A:D0:34:DE:A9:9B:2C:E9:9A:08:9C:78:1C:6E:33:D9:34:6D:E4
X509v3 Authority Key Identifier:
keyid:F0:4D:27:84:85:FF:AE:A7:9E:91:0A:26:25:33:A8:0B:5A:B9:1C:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E0nhIX_rqeekQomJTOoC1q5HIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/x2rQNN6pmyzpmgiceBxuM9k0beQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/8E0nhIX_rqeekQomJTOoC1q5HIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.108.0/24
Signature Algorithm: sha256WithRSAEncryption
94:05:d6:62:ba:4d:50:0e:a0:67:e0:dd:bc:2a:88:17:82:96:
26:76:23:c3:7e:33:8c:02:42:9c:e3:5d:8f:1c:3c:1f:47:79:
79:a9:9d:20:77:3f:98:8f:39:ef:f4:22:5d:a5:ce:c6:3d:dc:
f7:4e:fc:b1:01:fe:1c:f8:12:a4:08:d0:a7:b0:b0:bc:0e:59:
c7:41:6f:7f:af:a5:2d:ab:29:8e:83:2d:bb:41:06:aa:05:86:
96:7d:9c:97:01:12:f2:cd:1a:0e:cd:8f:71:e4:d2:c3:05:8c:
a8:94:c9:0f:fe:4c:be:f1:89:33:f3:db:03:eb:db:d3:94:18:
40:83:e4:00:c6:e6:14:5b:e0:a0:70:13:0b:04:57:79:32:62:
03:67:d0:ad:6b:b6:07:11:8f:6d:83:44:c9:9e:dd:ab:c8:6c:
b4:fd:3e:52:7e:44:df:eb:15:ee:9e:83:33:a0:24:60:e2:29:
be:33:a8:69:f5:d0:4b:34:b7:40:7c:a3:67:99:4d:ed:4c:ca:
1c:09:5c:6b:9e:00:fc:56:8c:30:af:3b:01:8a:2a:c5:f5:7b:
ed:89:26:f4:ad:91:f4:06:c9:6a:e7:40:12:31:e2:21:52:c6:
20:b5:48:9c:02:05:42:b8:56:ca:cd:6e:ab:02:4a:79:76:55:
91:7d:82:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJTjENyKm7/xEiPTCY7gwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGQyNzg0ODVmZmFlYTc5ZTkxMGEyNjI1MzNhODBiNWFi
OTFjOGEwHhcNMjQwMTAxMDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzZhZDAzNGRlYTk5YjJjZTk5YTA4OWM3ODFjNmUzM2Q5MzQ2ZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc95Ze0RlJtmZN2xA7nzwXs1Yhye
p36N7lNcRPsIih3gAa3v6sqsSzF+JueVLD1OhORU8A56+TeHPX7O4lARF2FKRYS7
9WFc1h26j4Z6dH+nR4FlZXCZ6b959OvOfYauH2APwgNLi53t9F/3Kbw+B3BJ/J5m
rFqaaT6B73G5k1oon9NwwcEiqm6TNUAIlb4fF1RFhXj2bSGqtrPbSFL+CKJm5vyA
eORk7KdTLNN6jQbPHR0FBIMTsP7QAIhsbH7uLhiRv9LEiPegmGWoInpu1UuxI+0m
q58TD42zF4obtXqu9IATNOf+M/ID6pL72Y+T+/m5AMj7vWgHrB4jBDYuDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMdq0DTeqZss6ZoInHgcbjPZNG3kMB8GA1UdIwQY
MBaAFPBNJ4SF/66nnpEKJiUzqAtauRyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEUwbmhJWF9ycWVla1FvbUpUT29DMXE1SElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9hYTc0MjYtNzExZC00ZjNlLThkZjkt
NWMwZTMxNmQyOGI4LzEveDJyUU5ONnBteXpwbWdpY2VCeHVNOWswYmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9hYTc0MjYtNzExZC00ZjNlLThkZjktNWMwZTMxNmQyOGI4
LzEvOEUwbmhJWF9ycWVla1FvbUpUT29DMXE1SElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf1sMA0G
CSqGSIb3DQEBCwUAA4IBAQCUBdZiuk1QDqBn4N28KogXgpYmdiPDfjOMAkKc412P
HDwfR3l5qZ0gdz+Yjznv9CJdpc7GPdz3TvyxAf4c+BKkCNCnsLC8DlnHQW9/r6Ut
qymOgy27QQaqBYaWfZyXARLyzRoOzY9x5NLDBYyolMkP/ky+8Ykz89sD69vTlBhA
g+QAxuYUW+CgcBMLBFd5MmIDZ9Cta7YHEY9tg0TJnt2ryGy0/T5SfkTf6xXunoMz
oCRg4im+M6hp9dBLNLdAfKNnmU3tTMocCVxrngD8VowwrzsBiirF9XvtiSb0rZH0
Bslq50ASMeIhUsYgtUicAgVCuFbKzW6rAkp5dlWRfYL+
-----END CERTIFICATE-----
Generated at Thu May 23 13:49:58 2024 by rpki-client on console-fra.rpki-client.org