Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/762006-f158-4e5a-b956-7fb6ea89637f/1/oJOuDRKu6Efe4U50wHA-P0Ws9pI.roa
File: oJOuDRKu6Efe4U50wHA-P0Ws9pI.roa (raw, json)
Hash identifier: rueMrrrO8ieCuqvV9R07OwPzv42OsOeUMZDjCusrWG8=
Subject key identifier: A0:93:AE:0D:12:AE:E8:47:DE:E1:4E:74:C0:70:3E:3F:45:AC:F6:92
Certificate issuer: /CN=cd060238d0668d45a041618ac5df767f59a0c4ae
Certificate serial: 018CCA99C7B72FA1DD2C88C89179298FE974
Authority key identifier: CD:06:02:38:D0:66:8D:45:A0:41:61:8A:C5:DF:76:7F:59:A0:C4:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQYCONBmjUWgQWGKxd92f1mgxK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/762006-f158-4e5a-b956-7fb6ea89637f/1/oJOuDRKu6Efe4U50wHA-P0Ws9pI.roa
Signing time: Tue 02 Jan 2024 14:35:24 +0000
ROA not before: Tue 02 Jan 2024 14:35:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201618
IP address blocks: 185.68.223.0/24 maxlen: 24
185.68.220.0/23 maxlen: 23
185.68.220.0/24 maxlen: 24
185.68.221.0/24 maxlen: 24
185.68.222.0/24 maxlen: 24
185.68.222.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/762006-f158-4e5a-b956-7fb6ea89637f/1/zQYCONBmjUWgQWGKxd92f1mgxK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/762006-f158-4e5a-b956-7fb6ea89637f/1/zQYCONBmjUWgQWGKxd92f1mgxK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zQYCONBmjUWgQWGKxd92f1mgxK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:c7:b7:2f:a1:dd:2c:88:c8:91:79:29:8f:e9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd060238d0668d45a041618ac5df767f59a0c4ae
Validity
Not Before: Jan 2 14:35:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a093ae0d12aee847dee14e74c0703e3f45acf692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:66:ff:75:c6:0b:6d:91:df:d8:dc:b6:93:4f:
f3:1e:b2:0d:17:eb:71:f0:a5:c7:06:9c:8c:6e:de:
eb:ee:d3:9e:33:2d:54:c7:a7:16:ab:b3:0b:70:40:
58:71:99:59:6d:0b:a1:4d:56:d2:0b:cc:77:fe:61:
26:46:62:53:93:0c:6d:66:ad:e3:0b:3b:0e:b0:d2:
b0:17:cf:55:e9:dc:25:4a:61:e5:68:32:cb:92:07:
08:a2:b8:e9:eb:c9:73:1e:f4:10:dc:ad:8c:c7:b3:
33:99:ed:e8:e7:1c:13:53:5a:f5:e8:62:f5:f4:d5:
e9:83:61:86:fc:79:16:a9:7c:81:4d:65:70:6b:07:
f9:f3:e6:65:e2:0a:09:b8:8e:30:90:4c:ec:dd:40:
92:e3:c6:26:14:38:d4:08:3a:2f:04:9c:52:3f:99:
85:77:91:cb:52:cc:be:4e:50:73:b8:09:17:05:c5:
d5:66:c5:81:b5:b5:cb:00:ec:5e:32:34:5d:14:3b:
86:b1:54:7a:d0:af:38:ee:47:e8:97:85:4d:fd:4e:
53:5b:dc:af:1b:60:c8:90:9f:b3:8b:19:6e:58:dc:
0d:09:9d:19:64:94:9d:1b:be:bd:cc:7a:54:9c:71:
29:9e:fe:f8:d3:7b:fc:8d:17:ea:51:3f:84:d6:f7:
23:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:93:AE:0D:12:AE:E8:47:DE:E1:4E:74:C0:70:3E:3F:45:AC:F6:92
X509v3 Authority Key Identifier:
keyid:CD:06:02:38:D0:66:8D:45:A0:41:61:8A:C5:DF:76:7F:59:A0:C4:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQYCONBmjUWgQWGKxd92f1mgxK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/762006-f158-4e5a-b956-7fb6ea89637f/1/oJOuDRKu6Efe4U50wHA-P0Ws9pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/762006-f158-4e5a-b956-7fb6ea89637f/1/zQYCONBmjUWgQWGKxd92f1mgxK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.220.0/22
Signature Algorithm: sha256WithRSAEncryption
38:7e:b6:04:ea:cc:2c:0b:e6:e5:fb:82:52:79:0d:1b:d3:42:
29:32:a0:08:da:4f:9b:2e:18:d2:05:30:ce:06:c8:3a:fa:24:
54:34:16:cb:59:b7:ea:78:9b:1f:2b:f4:f0:19:eb:6d:32:6b:
8c:17:3c:80:68:ac:7d:5b:37:b7:22:a5:ac:41:d5:48:4e:9a:
e8:5f:13:96:11:80:27:45:c6:ec:d5:cc:e1:19:2f:1f:15:ca:
3b:e4:4c:52:a4:08:55:6c:b1:9b:b1:59:17:ee:f4:c9:2f:42:
ce:9e:ce:d3:a6:93:d4:80:40:2c:72:95:9f:b1:de:19:c4:29:
8f:37:e5:9a:55:c4:4e:62:d0:ec:59:bb:a2:f3:66:2b:d5:59:
20:67:9c:c2:a6:a7:bc:06:9c:ac:03:15:b7:76:ed:6c:d5:31:
9c:43:59:4d:1e:7c:d1:71:a4:5c:32:6c:92:71:79:01:bc:ac:
59:46:5b:96:d3:e9:cf:e3:1d:5e:94:dc:62:98:99:52:d3:b0:
10:80:93:d7:a4:f6:56:17:6d:d3:11:b4:78:d8:38:73:95:9d:
d9:05:fa:12:ed:83:48:76:0c:a5:10:5a:7e:2b:be:4f:70:45:
82:09:72:b1:a3:8d:f8:58:8c:51:5c:bf:27:53:4f:23:60:e1:
1a:ce:7c:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmce3L6HdLIjIkXkpj+l0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMDYwMjM4ZDA2NjhkNDVhMDQxNjE4YWM1ZGY3NjdmNTlh
MGM0YWUwHhcNMjQwMTAyMTQzNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkzYWUwZDEyYWVlODQ3ZGVlMTRlNzRjMDcwM2UzZjQ1YWNmNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02b/dcYLbZHf2Ny2k0/zHrINF+tx
8KXHBpyMbt7r7tOeMy1Ux6cWq7MLcEBYcZlZbQuhTVbSC8x3/mEmRmJTkwxtZq3j
CzsOsNKwF89V6dwlSmHlaDLLkgcIorjp68lzHvQQ3K2Mx7Mzme3o5xwTU1r16GL1
9NXpg2GG/HkWqXyBTWVwawf58+Zl4goJuI4wkEzs3UCS48YmFDjUCDovBJxSP5mF
d5HLUsy+TlBzuAkXBcXVZsWBtbXLAOxeMjRdFDuGsVR60K847kfol4VN/U5TW9yv
G2DIkJ+zixluWNwNCZ0ZZJSdG769zHpUnHEpnv7403v8jRfqUT+E1vcjfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCTrg0SruhH3uFOdMBwPj9FrPaSMB8GA1UdIwQY
MBaAFM0GAjjQZo1FoEFhisXfdn9ZoMSuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelFZQ09OQm1qVVdnUVdHS3hkOTJmMW1neEs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS83NjIwMDYtZjE1OC00ZTVhLWI5NTYt
N2ZiNmVhODk2MzdmLzEvb0pPdURSS3U2RWZlNFU1MHdIQS1QMFdzOXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS83NjIwMDYtZjE1OC00ZTVhLWI5NTYtN2ZiNmVhODk2Mzdm
LzEvelFZQ09OQm1qVVdnUVdHS3hkOTJmMW1neEs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUTcMA0G
CSqGSIb3DQEBCwUAA4IBAQA4frYE6swsC+bl+4JSeQ0b00IpMqAI2k+bLhjSBTDO
Bsg6+iRUNBbLWbfqeJsfK/TwGettMmuMFzyAaKx9Wze3IqWsQdVITproXxOWEYAn
Rcbs1czhGS8fFco75ExSpAhVbLGbsVkX7vTJL0LOns7TppPUgEAscpWfsd4ZxCmP
N+WaVcROYtDsWbui82Yr1VkgZ5zCpqe8BpysAxW3du1s1TGcQ1lNHnzRcaRcMmyS
cXkBvKxZRluW0+nP4x1elNximJlS07AQgJPXpPZWF23TEbR42DhzlZ3ZBfoS7YNI
dgylEFp+K75PcEWCCXKxo434WIxRXL8nU08jYOEaznxg
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:08:42 2024 by rpki-client on console-fra.rpki-client.org