Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/cDk6SNrWIYfeQv6n0TF-iFDMb70.roa
File: cDk6SNrWIYfeQv6n0TF-iFDMb70.roa (raw, json)
Hash identifier: JF+lRWFvj3PJrLeIWoMNIbJ9ykg1P5zZJNFnrADV2Po=
Subject key identifier: 70:39:3A:48:DA:D6:21:87:DE:42:FE:A7:D1:31:7E:88:50:CC:6F:BD
Certificate issuer: /CN=2928db241541d6b6a6490004060aa71ad6ec189c
Certificate serial: 018CC34919D689993D5AA06122D89EB0A2EE
Authority key identifier: 29:28:DB:24:15:41:D6:B6:A6:49:00:04:06:0A:A7:1A:D6:EC:18:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KSjbJBVB1ramSQAEBgqnGtbsGJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/cDk6SNrWIYfeQv6n0TF-iFDMb70.roa
Signing time: Mon 01 Jan 2024 04:29:56 +0000
ROA not before: Mon 01 Jan 2024 04:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213075
IP address blocks: 185.243.84.0/22 maxlen: 22
185.243.84.0/23 maxlen: 23
185.243.86.0/23 maxlen: 23
185.243.86.0/24 maxlen: 24
185.243.87.0/24 maxlen: 24
193.200.250.0/24 maxlen: 24
2a0d:d81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/KSjbJBVB1ramSQAEBgqnGtbsGJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/KSjbJBVB1ramSQAEBgqnGtbsGJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/KSjbJBVB1ramSQAEBgqnGtbsGJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:19:d6:89:99:3d:5a:a0:61:22:d8:9e:b0:a2:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2928db241541d6b6a6490004060aa71ad6ec189c
Validity
Not Before: Jan 1 04:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70393a48dad62187de42fea7d1317e8850cc6fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f0:de:f1:3a:dd:ca:4e:7e:2d:8e:00:64:4a:
68:55:2f:07:c4:a9:85:9f:35:ab:64:d5:1f:f1:74:
f8:5b:ae:0c:4a:d4:25:7e:22:6e:d3:70:b8:ba:03:
65:31:ae:a1:66:5d:f6:e6:98:66:7f:e5:b8:53:e9:
f2:fa:50:65:f1:60:65:e5:16:01:bf:ed:2d:48:da:
4d:9b:cf:2f:aa:93:03:dc:74:fa:da:d3:cc:25:88:
f6:b9:3f:62:90:12:05:71:df:01:26:f3:54:7e:14:
e7:a8:55:35:e9:7e:90:1e:0b:4d:21:a6:ad:bc:04:
33:2c:d7:49:33:fa:58:89:5f:68:d1:69:b2:ef:ca:
be:c8:f5:f2:a7:26:69:16:30:1d:ec:80:b2:f1:f8:
80:c5:1b:48:6a:32:6e:6c:00:e5:39:05:54:85:aa:
08:8b:16:b9:f5:31:25:05:7e:51:e6:d5:bd:cb:d9:
e8:c5:7b:db:61:42:c1:83:9b:1f:e8:9e:0c:d9:6e:
6e:aa:a9:2a:68:12:dd:8b:e9:c1:4f:c2:0a:48:c9:
8d:67:33:6f:29:d6:1c:5a:f0:0f:0f:be:22:cb:1a:
b3:55:55:a2:3d:07:1b:d8:b3:ec:92:3a:2d:c0:43:
27:8b:8d:4d:3a:8f:14:2a:87:39:a3:6a:60:25:2b:
2d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:39:3A:48:DA:D6:21:87:DE:42:FE:A7:D1:31:7E:88:50:CC:6F:BD
X509v3 Authority Key Identifier:
keyid:29:28:DB:24:15:41:D6:B6:A6:49:00:04:06:0A:A7:1A:D6:EC:18:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KSjbJBVB1ramSQAEBgqnGtbsGJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/cDk6SNrWIYfeQv6n0TF-iFDMb70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/a47475-179b-477f-b554-29356341c5fd/1/KSjbJBVB1ramSQAEBgqnGtbsGJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.84.0/22
193.200.250.0/24
IPv6:
2a0d:d81::/32
Signature Algorithm: sha256WithRSAEncryption
5c:d6:8c:1c:2e:6b:4e:28:26:27:25:f0:40:97:25:c4:24:d5:
6f:30:09:ef:d2:72:19:bd:3c:38:13:06:e8:57:ae:fc:1f:88:
a2:28:46:56:ab:e6:ac:4a:a0:56:be:e4:83:ef:b8:3e:4a:b7:
ef:2a:40:d7:3d:b6:02:f6:58:02:3a:bc:cd:87:c8:26:56:b0:
99:fa:b1:3f:fb:7c:df:27:aa:d6:55:92:ff:1e:cc:ae:df:40:
a6:e0:83:f4:e8:59:70:10:bd:c3:19:98:f9:5a:09:2a:14:ff:
31:27:89:d2:31:ce:4c:b2:53:cc:64:3e:6a:62:42:69:7d:74:
4c:82:c2:0a:de:d5:4b:c0:c8:38:85:ae:28:6e:1a:3b:eb:69:
69:de:15:59:8f:19:ab:b4:10:fe:3c:5a:39:38:6d:98:e1:0f:
7a:ef:0c:ab:0a:24:a1:00:48:6d:62:39:4b:60:7a:d9:59:11:
f7:24:d7:77:78:9a:66:b7:74:c9:58:01:4e:83:60:0f:3d:12:
9e:31:2d:96:30:64:fa:ee:4b:29:87:be:00:50:5c:26:17:6b:
2e:ba:93:45:8f:a6:a3:70:78:5e:d5:47:fb:93:7f:ec:86:4c:
bb:1e:6c:13:da:3a:f7:34:5d:9e:91:a0:3f:7f:d2:3b:46:c1:
05:76:d3:26
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSRnWiZk9WqBhItiesKLuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MjhkYjI0MTU0MWQ2YjZhNjQ5MDAwNDA2MGFhNzFhZDZl
YzE4OWMwHhcNMjQwMTAxMDQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDM5M2E0OGRhZDYyMTg3ZGU0MmZlYTdkMTMxN2U4ODUwY2M2ZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPDe8Trdyk5+LY4AZEpoVS8HxKmF
nzWrZNUf8XT4W64MStQlfiJu03C4ugNlMa6hZl325phmf+W4U+ny+lBl8WBl5RYB
v+0tSNpNm88vqpMD3HT62tPMJYj2uT9ikBIFcd8BJvNUfhTnqFU16X6QHgtNIaat
vAQzLNdJM/pYiV9o0Wmy78q+yPXypyZpFjAd7ICy8fiAxRtIajJubADlOQVUhaoI
ixa59TElBX5R5tW9y9noxXvbYULBg5sf6J4M2W5uqqkqaBLdi+nBT8IKSMmNZzNv
KdYcWvAPD74iyxqzVVWiPQcb2LPskjotwEMni41NOo8UKoc5o2pgJSstjwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHA5Okja1iGH3kL+p9ExfohQzG+9MB8GA1UdIwQY
MBaAFCko2yQVQda2pkkABAYKpxrW7BicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1NqYkpCVkIxcmFtU1FBRUJncW5HdGJzR0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9hNDc0NzUtMTc5Yi00NzdmLWI1NTQt
MjkzNTYzNDFjNWZkLzEvY0RrNlNOcldJWWZlUXY2bjBURi1pRkRNYjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9hNDc0NzUtMTc5Yi00NzdmLWI1NTQtMjkzNTYzNDFjNWZk
LzEvS1NqYkpCVkIxcmFtU1FBRUJncW5HdGJzR0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufNUAwQA
wcj6MA0EAgACMAcDBQAqDQ2BMA0GCSqGSIb3DQEBCwUAA4IBAQBc1owcLmtOKCYn
JfBAlyXEJNVvMAnv0nIZvTw4EwboV678H4iiKEZWq+asSqBWvuSD77g+SrfvKkDX
PbYC9lgCOrzNh8gmVrCZ+rE/+3zfJ6rWVZL/Hsyu30Cm4IP06FlwEL3DGZj5Wgkq
FP8xJ4nSMc5MslPMZD5qYkJpfXRMgsIK3tVLwMg4ha4obho762lp3hVZjxmrtBD+
PFo5OG2Y4Q967wyrCiShAEhtYjlLYHrZWRH3JNd3eJpmt3TJWAFOg2APPRKeMS2W
MGT67ksph74AUFwmF2suupNFj6ajcHhe1Uf7k3/shky7HmwT2jr3NF2ekaA/f9I7
RsEFdtMm
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:52:52 2024 by rpki-client on console-fra.rpki-client.org