Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/8pqaI-YDI4hwIgjoXtZrWQJcnNw.roa
File: 8pqaI-YDI4hwIgjoXtZrWQJcnNw.roa (raw, json)
Hash identifier: t2XAT7hss6eXZ0RFessn4piDD0RYuEaDgMP4R/hES60=
Subject key identifier: F2:9A:9A:23:E6:03:23:88:70:22:08:E8:5E:D6:6B:59:02:5C:9C:DC
Certificate issuer: /CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Certificate serial: 018CC493719F688EF0274DF35A39D7CBB649
Authority key identifier: 9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/8pqaI-YDI4hwIgjoXtZrWQJcnNw.roa
Signing time: Mon 01 Jan 2024 10:30:46 +0000
ROA not before: Mon 01 Jan 2024 10:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51559
IP address blocks: 185.83.147.0/24 maxlen: 24
185.83.146.0/24 maxlen: 24
185.83.144.0/24 maxlen: 24
185.83.145.0/24 maxlen: 24
185.174.30.0/24 maxlen: 24
185.174.29.0/24 maxlen: 24
185.174.28.0/24 maxlen: 24
2a0b:8100:9::/48 maxlen: 48
2a0b:8100:4::/48 maxlen: 48
2a0b:8100:f::/48 maxlen: 48
2a0b:8100:a::/48 maxlen: 48
2a0b:8100:d::/48 maxlen: 48
2a0b:8100:8::/48 maxlen: 48
2a0b:8100:3::/48 maxlen: 48
2a0b:8100:e::/48 maxlen: 48
2a0b:8100:1::/48 maxlen: 48
2a0b:8100:c::/48 maxlen: 48
2a0b:8100:7::/48 maxlen: 48
2a0b:8100:2::/48 maxlen: 48
2a0b:8100:5::/48 maxlen: 48
2a0b:8100::/48 maxlen: 48
2a0b:8100:b::/48 maxlen: 48
2a0b:8100:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 19:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:71:9f:68:8e:f0:27:4d:f3:5a:39:d7:cb:b6:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Validity
Not Before: Jan 1 10:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f29a9a23e6032388702208e85ed66b59025c9cdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:91:5f:21:ec:f4:7b:f7:2c:12:ba:05:36:a2:
d3:b0:8d:b6:b0:78:2c:d9:63:bd:fa:19:a9:e5:c0:
63:71:df:1e:67:23:72:31:9d:60:22:98:97:cc:64:
e7:73:ee:1c:c1:fd:90:0c:03:2e:54:71:65:c5:01:
d4:bc:50:20:fb:7b:a6:5e:17:2f:c5:c7:e4:92:53:
2b:fd:9c:66:4a:10:d2:49:54:fb:f5:55:22:e9:eb:
b9:be:c7:c0:cd:6a:6a:3a:b3:09:e2:4f:00:7d:25:
0f:b1:3d:b4:97:1a:21:6b:95:a9:40:4d:8f:c3:88:
60:03:31:67:a8:06:6d:b4:ed:07:4b:62:d3:b4:b5:
da:4b:38:e7:a7:fb:11:cc:3d:63:ed:6c:ab:92:81:
a2:04:ad:4c:de:ab:bd:40:3d:ac:11:09:61:52:57:
ba:41:1a:a4:d5:f6:4a:b6:fd:cd:ad:01:33:e2:63:
f9:05:54:d5:3f:de:f3:da:5f:78:86:bf:76:99:36:
d1:3a:30:40:06:a8:48:f1:6a:e7:f7:f9:57:a1:80:
12:a0:5f:cf:d3:84:6f:10:ef:0f:63:75:11:e7:26:
22:81:41:9a:c6:2b:22:c0:a6:f5:31:6f:c7:b2:6c:
f3:c7:9b:83:79:84:07:85:29:fb:e4:1c:0c:8f:ff:
98:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9A:9A:23:E6:03:23:88:70:22:08:E8:5E:D6:6B:59:02:5C:9C:DC
X509v3 Authority Key Identifier:
keyid:9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/8pqaI-YDI4hwIgjoXtZrWQJcnNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.144.0/22
185.174.28.0-185.174.30.255
IPv6:
2a0b:8100::/44
Signature Algorithm: sha256WithRSAEncryption
86:d2:78:27:4f:86:0d:bc:db:15:01:ef:23:1e:f3:6c:4c:ed:
13:bd:39:ad:55:24:29:3c:b0:18:17:e6:09:7f:98:58:67:69:
98:68:a9:78:e5:02:35:30:16:a8:9d:73:2c:96:9f:4e:ca:33:
81:aa:58:9b:54:91:2b:bc:b5:08:e3:e3:d3:44:e6:56:56:2e:
35:b0:a8:ab:a5:23:f0:e6:36:0c:da:a1:d1:32:a1:d4:3f:7b:
2e:ef:7a:ea:94:0c:30:28:2a:b8:20:d3:b8:0b:18:f6:7d:07:
36:d3:74:d2:48:12:31:83:fe:b0:cd:fc:a9:5f:a6:2f:10:e6:
68:17:9c:de:fd:ef:1b:42:51:0e:70:df:4e:0c:fa:db:b7:99:
04:1c:31:37:04:4e:46:60:cf:c9:a5:ed:14:7a:0a:92:14:e8:
c0:60:6f:1f:e2:15:86:0b:dc:b3:9c:0f:65:37:d2:83:1f:5a:
c5:21:24:c5:40:b3:54:25:a0:f9:fb:b4:05:8b:d8:e1:36:80:
65:0a:69:0f:9b:fc:85:3b:64:ea:b1:7b:aa:d1:fd:01:40:ad:
9c:b7:12:83:c8:dd:27:25:cd:4f:3a:91:23:0f:a7:c3:16:4f:
86:1f:8f:ae:ef:07:61:e9:38:fb:15:1b:cf:af:c0:c8:65:4f:
e0:c9:68:3a
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzEk3GfaI7wJ03zWjnXy7ZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTEzOGUxZmFjZjdiNjVkYmI1NzVmYTdkNDcyNDBjMjc4
YjM0ZGYwHhcNMjQwMTAxMTAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjlhOWEyM2U2MDMyMzg4NzAyMjA4ZTg1ZWQ2NmI1OTAyNWM5Y2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5FfIez0e/csEroFNqLTsI22sHgs
2WO9+hmp5cBjcd8eZyNyMZ1gIpiXzGTnc+4cwf2QDAMuVHFlxQHUvFAg+3umXhcv
xcfkklMr/ZxmShDSSVT79VUi6eu5vsfAzWpqOrMJ4k8AfSUPsT20lxoha5WpQE2P
w4hgAzFnqAZttO0HS2LTtLXaSzjnp/sRzD1j7WyrkoGiBK1M3qu9QD2sEQlhUle6
QRqk1fZKtv3NrQEz4mP5BVTVP97z2l94hr92mTbROjBABqhI8Wrn9/lXoYASoF/P
04RvEO8PY3UR5yYigUGaxisiwKb1MW/Hsmzzx5uDeYQHhSn75BwMj/+Y9wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPKamiPmAyOIcCII6F7Wa1kCXJzcMB8GA1UdIwQY
MBaAFJ1ROOH6z3tl27V1+n1HJAwnizTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2Qt
YzJlZmViM2IzMmE1LzEvOHBxYUktWURJNGh3SWdqb1h0WnJXUUpjbk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2QtYzJlZmViM2IzMmE1
LzEvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQCuVOQMAwD
BAK5rhwDBAC5rh4wDwQCAAIwCQMHBCoLgQAAADANBgkqhkiG9w0BAQsFAAOCAQEA
htJ4J0+GDbzbFQHvIx7zbEztE705rVUkKTywGBfmCX+YWGdpmGipeOUCNTAWqJ1z
LJafTsozgapYm1SRK7y1COPj00TmVlYuNbCoq6Uj8OY2DNqh0TKh1D97Lu966pQM
MCgquCDTuAsY9n0HNtN00kgSMYP+sM38qV+mLxDmaBec3v3vG0JRDnDfTgz627eZ
BBwxNwRORmDPyaXtFHoKkhTowGBvH+IVhgvcs5wPZTfSgx9axSEkxUCzVCWg+fu0
BYvY4TaAZQppD5v8hTtk6rF7qtH9AUCtnLcSg8jdJyXNTzqRIw+nwxZPhh+Pru8H
Yek4+xUbz6/AyGVP4MloOg==
-----END CERTIFICATE-----
Generated at Sat May 4 00:04:31 2024 by rpki-client on console-fra.rpki-client.org