Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/1-evw_K3MVdKXizFnCTgJWMOqkeU.roa
File: 1-evw_K3MVdKXizFnCTgJWMOqkeU.roa (raw, json)
Hash identifier: CsW5c1MaUEJmmhImmoDd+z0opHCrv2Nwt+mb/emNW2s=
Subject key identifier: F9:EB:F0:FC:AD:CC:55:D2:97:8B:31:67:09:38:09:58:C3:AA:91:E5
Certificate issuer: /CN=c3b4351e0a495c26efdc6e415f0bb189fbbd6edf
Certificate serial: 018CC8715F6D1CB2D85E87C506E2CBFCF1E1
Authority key identifier: C3:B4:35:1E:0A:49:5C:26:EF:DC:6E:41:5F:0B:B1:89:FB:BD:6E:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/1-evw_K3MVdKXizFnCTgJWMOqkeU.roa
Signing time: Tue 02 Jan 2024 04:32:02 +0000
ROA not before: Tue 02 Jan 2024 04:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50910
IP address blocks: 109.232.152.0/21 maxlen: 21
109.232.152.0/22 maxlen: 22
109.232.152.0/24 maxlen: 24
109.232.155.0/24 maxlen: 24
109.232.154.0/24 maxlen: 24
109.232.153.0/24 maxlen: 24
109.232.159.0/24 maxlen: 24
109.232.158.0/24 maxlen: 24
109.232.156.0/23 maxlen: 23
80.85.213.0/24 maxlen: 24
80.85.212.0/22 maxlen: 22
80.85.212.0/24 maxlen: 24
80.85.210.0/23 maxlen: 23
80.85.209.0/24 maxlen: 24
80.85.208.0/24 maxlen: 24
80.85.219.0/24 maxlen: 24
80.85.216.0/21 maxlen: 21
80.85.216.0/22 maxlen: 22
80.85.214.0/23 maxlen: 23
80.85.220.0/23 maxlen: 23
80.85.223.0/24 maxlen: 24
80.85.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/w7Q1HgpJXCbv3G5BXwuxifu9bt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/w7Q1HgpJXCbv3G5BXwuxifu9bt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:5f:6d:1c:b2:d8:5e:87:c5:06:e2:cb:fc:f1:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3b4351e0a495c26efdc6e415f0bb189fbbd6edf
Validity
Not Before: Jan 2 04:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9ebf0fcadcc55d2978b316709380958c3aa91e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:31:b8:2b:1f:d1:f1:37:c0:d8:25:25:af:b4:
f9:b4:bd:3e:c9:bd:c9:10:57:5d:79:00:3d:01:8d:
8d:3d:9f:71:fa:d3:1e:73:e0:25:63:25:bd:bc:d7:
85:c7:64:e2:2d:fe:4b:91:81:6a:e8:39:7a:15:26:
34:4d:91:1b:da:23:9e:d4:27:0c:b1:56:f9:4d:b2:
73:be:8f:cf:28:bb:1f:f2:ab:18:15:e0:8f:30:69:
0a:53:04:6d:d5:e4:2b:dd:b2:a8:32:32:4c:aa:61:
ac:01:18:58:38:f0:81:f9:10:24:c9:4e:49:24:ec:
b1:d4:a1:12:3e:8d:d8:95:e9:28:56:e0:04:9d:9d:
ff:68:4e:44:b0:86:7f:63:cc:c1:68:a9:9c:49:89:
57:67:7f:88:b2:9f:8d:a0:7a:79:c6:ea:9e:5d:bf:
8a:f9:66:02:69:de:f2:6b:82:fb:85:cf:36:06:c9:
6c:5c:d3:de:3e:be:6c:15:de:3b:8d:11:c3:5a:f6:
25:8d:84:f6:4a:22:8d:a8:c7:72:dc:4f:20:bb:ec:
2b:3f:40:36:bd:99:1c:1e:47:42:0e:dd:3c:f5:6b:
71:57:f4:fe:32:24:b7:86:8e:c0:23:13:50:e9:05:
fc:95:1f:19:82:d1:e9:88:a2:c7:35:f5:31:8c:96:
43:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:EB:F0:FC:AD:CC:55:D2:97:8B:31:67:09:38:09:58:C3:AA:91:E5
X509v3 Authority Key Identifier:
keyid:C3:B4:35:1E:0A:49:5C:26:EF:DC:6E:41:5F:0B:B1:89:FB:BD:6E:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w7Q1HgpJXCbv3G5BXwuxifu9bt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/1-evw_K3MVdKXizFnCTgJWMOqkeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/37e363-84d1-470e-96a2-0ef1cac7418d/1/w7Q1HgpJXCbv3G5BXwuxifu9bt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.208.0/20
109.232.152.0/21
Signature Algorithm: sha256WithRSAEncryption
35:89:c5:88:f6:7f:1d:95:80:e7:3c:66:e7:50:ca:52:ac:10:
c2:14:6f:04:22:4b:13:29:8b:d5:8f:32:1d:89:eb:31:03:a0:
42:07:29:07:a3:33:01:4a:de:75:22:b5:40:0f:27:39:2c:5e:
e1:f9:9d:3f:e6:96:80:ad:d8:25:98:b5:38:8d:87:38:e9:2e:
11:b3:67:73:0f:44:6a:ab:e0:ce:f9:75:0e:d4:93:14:45:a8:
00:59:e2:7b:38:87:e0:2c:0e:22:e3:ab:8e:be:ce:4c:99:52:
58:26:d5:ff:8f:f3:08:6c:3e:4a:e2:d8:c8:aa:d5:70:24:50:
ef:85:10:b6:91:be:58:03:1d:69:8b:20:4c:99:11:f1:1d:44:
98:3a:ad:c5:76:14:77:3e:9d:d8:99:cf:a9:6c:05:49:d6:fc:
ee:80:41:f0:04:b6:43:c2:e5:c8:76:e8:6e:af:12:09:37:a8:
e6:8f:fc:27:d1:dc:1d:de:e1:a7:13:51:1d:c3:e0:ea:5c:98:
4f:21:ef:d6:5e:50:15:31:08:22:96:1b:a0:c2:a1:f6:96:0c:
31:78:d9:a7:6c:07:c3:ff:9f:48:a4:6a:b1:c0:13:8f:d5:2f:
4e:e2:9f:7c:8c:bc:b4:78:b6:b7:c6:18:f9:10:46:8d:a1:f9:
7b:e7:8a:c0
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzIcV9tHLLYXofFBuLL/PHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYjQzNTFlMGE0OTVjMjZlZmRjNmU0MTVmMGJiMTg5ZmJi
ZDZlZGYwHhcNMjQwMTAyMDQzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWViZjBmY2FkY2M1NWQyOTc4YjMxNjcwOTM4MDk1OGMzYWE5MWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszG4Kx/R8TfA2CUlr7T5tL0+yb3J
EFddeQA9AY2NPZ9x+tMec+AlYyW9vNeFx2TiLf5LkYFq6Dl6FSY0TZEb2iOe1CcM
sVb5TbJzvo/PKLsf8qsYFeCPMGkKUwRt1eQr3bKoMjJMqmGsARhYOPCB+RAkyU5J
JOyx1KESPo3YlekoVuAEnZ3/aE5EsIZ/Y8zBaKmcSYlXZ3+Isp+NoHp5xuqeXb+K
+WYCad7ya4L7hc82BslsXNPePr5sFd47jRHDWvYljYT2SiKNqMdy3E8gu+wrP0A2
vZkcHkdCDt089WtxV/T+MiS3ho7AIxNQ6QX8lR8ZgtHpiKLHNfUxjJZD/QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPnr8PytzFXSl4sxZwk4CVjDqpHlMB8GA1UdIwQY
MBaAFMO0NR4KSVwm79xuQV8LsYn7vW7fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzdRMUhncEpYQ2J2M0c1Qlh3dXhpZnU5YnQ4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zN2UzNjMtODRkMS00NzBlLTk2YTIt
MGVmMWNhYzc0MThkLzEvMS1ldndfSzNNVmRLWGl6Rm5DVGdKV01PcWtlVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTQvMzdlMzYzLTg0ZDEtNDcwZS05NmEyLTBlZjFjYWM3NDE4
ZC8xL3c3UTFIZ3BKWENidjNHNUJYd3V4aWZ1OWJ0OC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBFBV0AME
A23omDANBgkqhkiG9w0BAQsFAAOCAQEANYnFiPZ/HZWA5zxm51DKUqwQwhRvBCJL
EymL1Y8yHYnrMQOgQgcpB6MzAUredSK1QA8nOSxe4fmdP+aWgK3YJZi1OI2HOOku
EbNncw9Eaqvgzvl1DtSTFEWoAFnieziH4CwOIuOrjr7OTJlSWCbV/4/zCGw+SuLY
yKrVcCRQ74UQtpG+WAMdaYsgTJkR8R1EmDqtxXYUdz6d2JnPqWwFSdb87oBB8AS2
Q8LlyHbobq8SCTeo5o/8J9HcHd7hpxNRHcPg6lyYTyHv1l5QFTEIIpYboMKh9pYM
MXjZp2wHw/+fSKRqscATj9UvTuKffIy8tHi2t8YY+RBGjaH5e+eKwA==
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:23:04 2024 by rpki-client on console-ams.rpki-client.org