Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/guxaUIlRsekGpVJb03Xf8_k0ucE.roa
File: guxaUIlRsekGpVJb03Xf8_k0ucE.roa (raw, json)
Hash identifier: KkprOUwvjusgBp2SnuVsU4KT9C8VYZ0j2sXA4OfMn00=
Subject key identifier: 82:EC:5A:50:89:51:B1:E9:06:A5:52:5B:D3:75:DF:F3:F9:34:B9:C1
Certificate issuer: /CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Certificate serial: 018CC80218922EB5314BB6C50ADDA8DA695F
Authority key identifier: B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/guxaUIlRsekGpVJb03Xf8_k0ucE.roa
Signing time: Tue 02 Jan 2024 02:30:29 +0000
ROA not before: Tue 02 Jan 2024 02:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202552
IP address blocks: 185.156.148.0/23 maxlen: 23
185.156.148.0/22 maxlen: 22
185.156.150.0/24 maxlen: 24
81.200.128.0/23 maxlen: 23
81.200.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.mft
rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 04:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:18:92:2e:b5:31:4b:b6:c5:0a:dd:a8:da:69:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Validity
Not Before: Jan 2 02:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82ec5a508951b1e906a5525bd375dff3f934b9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:85:69:bd:0e:3d:a8:5b:f4:64:10:d8:4e:17:
09:8d:8c:b4:d6:dc:c2:53:0e:28:d0:51:6b:f3:00:
8c:e4:67:97:c5:57:5d:86:17:da:25:78:9f:99:b1:
8b:30:93:36:d6:24:78:c7:97:a1:20:9b:f6:36:5c:
76:ce:bc:c0:23:f6:29:f9:56:98:c6:c2:20:22:f3:
54:9f:96:4a:30:11:50:75:08:2a:5c:a3:a9:67:0c:
36:30:4f:3d:79:0e:7c:30:8e:1b:b8:d7:09:87:45:
cd:31:91:a0:b4:a0:da:e7:0b:c6:9a:05:f0:9b:bd:
5c:70:cd:34:03:fe:57:4e:59:47:a3:ef:68:9f:a5:
5c:e4:6e:c5:60:3e:c3:0c:c8:ab:6b:29:f5:8e:0b:
25:63:22:92:76:ee:ac:41:8b:99:21:a2:bc:d4:34:
5f:63:d0:3b:67:fc:16:97:ab:6c:6f:0c:08:ef:65:
c8:d2:e2:80:37:bd:4a:33:41:f1:53:76:9a:d8:a5:
78:ec:c6:3c:68:f2:65:fd:2b:fc:ba:8f:d1:b9:f1:
48:36:2f:73:da:02:a3:38:5b:62:14:53:6e:79:f9:
bf:af:ce:c2:20:ba:cb:72:e4:76:9e:cf:f2:08:3d:
fe:a1:3a:0e:88:52:5b:81:5b:7f:58:96:4c:42:14:
a6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:EC:5A:50:89:51:B1:E9:06:A5:52:5B:D3:75:DF:F3:F9:34:B9:C1
X509v3 Authority Key Identifier:
keyid:B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/guxaUIlRsekGpVJb03Xf8_k0ucE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.128.0/23
81.200.140.0/22
185.156.148.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:06:e0:66:46:af:2a:0d:64:c5:5b:55:77:32:e2:c8:a7:3f:
60:69:56:59:b1:30:00:f3:7f:ea:ff:5a:0b:42:1a:b5:17:6e:
a6:07:5d:64:60:40:10:79:0e:29:57:bc:a1:90:f7:0b:24:33:
5a:77:55:92:cd:a6:de:61:6f:45:77:c6:58:7a:b4:2f:e0:38:
93:e0:04:9b:02:7c:a1:1a:38:bf:30:ef:2a:de:90:66:80:a7:
0f:1f:d0:3d:91:45:e5:fc:05:98:b4:b2:98:78:96:f3:f5:95:
8e:b8:ce:76:58:0a:a3:8e:91:e7:9b:47:e4:b2:12:ee:1b:5c:
5e:a8:ba:a8:75:3a:85:13:0f:38:58:4a:d7:54:a2:46:d1:ca:
1e:42:de:c5:cb:2c:f3:d5:ad:fe:86:4c:1d:8a:91:79:c9:42:
67:c9:ef:4e:fb:8d:0b:bf:13:09:7e:a0:39:3e:c3:f9:b5:13:
88:84:6c:50:8f:0e:02:66:ca:d3:26:28:81:bd:00:da:fb:b0:
a6:ee:23:09:c4:f2:7b:29:7a:d3:fd:3b:54:46:43:cc:2b:48:
fd:16:9c:d0:b0:0b:0f:55:91:01:db:89:f6:14:88:38:7e:2b:
ec:6b:21:23:e6:82:b3:66:ff:75:0a:a8:54:4e:49:3b:65:2d:
c8:dc:18:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAhiSLrUxS7bFCt2o2mlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZTBmNzk4NDFjMDIxMGQ5NWI0ZWY1NmZmNjg0NDFjMmFh
OWZjMGYwHhcNMjQwMTAyMDIzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmVjNWE1MDg5NTFiMWU5MDZhNTUyNWJkMzc1ZGZmM2Y5MzRiOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIVpvQ49qFv0ZBDYThcJjYy01tzC
Uw4o0FFr8wCM5GeXxVddhhfaJXifmbGLMJM21iR4x5ehIJv2Nlx2zrzAI/Yp+VaY
xsIgIvNUn5ZKMBFQdQgqXKOpZww2ME89eQ58MI4buNcJh0XNMZGgtKDa5wvGmgXw
m71ccM00A/5XTllHo+9on6Vc5G7FYD7DDMirayn1jgslYyKSdu6sQYuZIaK81DRf
Y9A7Z/wWl6tsbwwI72XI0uKAN71KM0HxU3aa2KV47MY8aPJl/Sv8uo/RufFINi9z
2gKjOFtiFFNuefm/r87CILrLcuR2ns/yCD3+oToOiFJbgVt/WJZMQhSmyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFILsWlCJUbHpBqVSW9N13/P5NLnBMB8GA1UdIwQY
MBaAFLjg95hBwCENlbTvVv9oRBwqqfwPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2Mt
NmVhM2NiZmQzYTg0LzEvZ3V4YVVJbFJzZWtHcFZKYjAzWGY4X2swdWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9jOWU3MDQtOTU4ZC00MTNmLThhY2MtNmVhM2NiZmQzYTg0
LzEvdU9EM21FSEFJUTJWdE85V18yaEVIQ3FwX0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUciAAwQC
UciMAwQCuZyUMA0GCSqGSIb3DQEBCwUAA4IBAQCyBuBmRq8qDWTFW1V3MuLIpz9g
aVZZsTAA83/q/1oLQhq1F26mB11kYEAQeQ4pV7yhkPcLJDNad1WSzabeYW9Fd8ZY
erQv4DiT4ASbAnyhGji/MO8q3pBmgKcPH9A9kUXl/AWYtLKYeJbz9ZWOuM52WAqj
jpHnm0fkshLuG1xeqLqodTqFEw84WErXVKJG0coeQt7Fyyzz1a3+hkwdipF5yUJn
ye9O+40LvxMJfqA5PsP5tROIhGxQjw4CZsrTJiiBvQDa+7Cm7iMJxPJ7KXrT/TtU
RkPMK0j9FpzQsAsPVZEB24n2FIg4fivsayEj5oKzZv91CqhUTkk7ZS3I3BhT
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:08:41 2024 by rpki-client on console-ams.rpki-client.org