Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/mG0KAoY7EkWKviOIMlck76jYIp8.roa
File: mG0KAoY7EkWKviOIMlck76jYIp8.roa (raw, json)
Hash identifier: 26wmbcGzOZTLHJRFa6Nkxf+laPqfzO4UtWtXAoy4Qvc=
Subject key identifier: 98:6D:0A:02:86:3B:12:45:8A:BE:23:88:32:57:24:EF:A8:D8:22:9F
Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Certificate serial: 0192D80063830293554471812490E7604729
Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/mG0KAoY7EkWKviOIMlck76jYIp8.roa
Signing time: Tue 29 Oct 2024 11:19:16 +0000
ROA not before: Tue 29 Oct 2024 11:19:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20986
IP address blocks: 185.249.140.0/22 maxlen: 22
185.249.140.0/24 maxlen: 24
185.249.141.0/24 maxlen: 24
185.249.142.0/24 maxlen: 24
185.249.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft
rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:00:63:83:02:93:55:44:71:81:24:90:e7:60:47:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb
Validity
Not Before: Oct 29 11:19:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=986d0a02863b12458abe2388325724efa8d8229f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6c:25:8b:e4:05:b6:f1:14:62:69:d5:f1:30:
2f:07:d9:af:4a:b8:d8:bd:a2:b3:57:da:e6:96:22:
f2:7f:11:fa:e6:60:d3:41:14:fe:49:14:f8:ff:4d:
3b:ba:00:5b:f3:d5:ed:6e:b6:4a:e1:11:7b:11:eb:
df:23:4e:66:e8:03:19:81:1a:20:c0:96:34:0c:7a:
2a:74:41:e4:da:12:c7:75:53:09:7e:78:fc:da:ee:
2f:90:a8:6b:ce:f4:cb:c2:66:cc:06:b3:59:cd:24:
51:10:b2:0f:da:0e:09:37:d8:6f:05:98:7b:24:6b:
3f:60:88:22:26:a5:4f:bd:8e:d9:95:91:e6:90:31:
09:4c:26:83:9f:f8:cb:f8:c3:a1:d6:ff:32:e8:7a:
90:a8:c0:ec:08:af:93:40:18:3d:87:91:4c:10:93:
ab:84:22:d0:9e:70:d3:e9:e9:ad:50:d3:10:5b:a1:
68:f3:4c:91:14:8b:b4:19:84:26:98:00:6d:b8:fb:
a8:53:90:17:0c:a6:c2:9e:f2:31:73:35:fa:72:3d:
9f:34:41:51:66:d2:b5:8a:ea:cb:18:ae:85:76:34:
c4:7f:6e:18:a3:1f:c6:67:1e:f3:9f:66:80:76:aa:
6a:b4:dc:91:0b:ca:c2:32:09:71:61:32:64:3a:43:
d7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6D:0A:02:86:3B:12:45:8A:BE:23:88:32:57:24:EF:A8:D8:22:9F
X509v3 Authority Key Identifier:
keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/mG0KAoY7EkWKviOIMlck76jYIp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.140.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:15:9c:be:37:2f:f1:49:60:f1:e8:9a:c8:b3:f4:8a:1b:25:
93:26:2a:d3:4d:9c:af:fc:c9:71:28:8d:33:02:92:70:65:b3:
51:29:94:e0:ff:f5:92:2b:82:1a:03:01:54:03:6a:0f:6f:3c:
9c:12:96:4b:85:ad:8a:76:a5:f0:80:03:eb:6d:ad:ef:ae:b3:
8d:82:41:be:1e:63:f5:f1:0e:fb:b4:7b:4a:e1:ca:e6:19:09:
12:01:4c:10:d0:43:b2:a0:d3:12:ed:d6:ea:58:ee:ec:c9:db:
73:dd:6d:62:e7:3c:9c:b1:6e:a9:6d:9d:31:ba:e3:ad:1e:90:
39:5b:7d:2f:b2:da:9b:da:4f:9e:b6:e8:f9:79:a2:de:0b:65:
da:fa:17:69:c8:12:83:3e:41:09:38:00:c6:01:f9:cc:4b:49:
7b:ad:a0:a9:71:e1:1b:d6:32:5c:ad:3b:c2:9b:c2:2f:ba:52:
c9:b9:de:0d:b6:76:4d:b8:c6:e8:fa:f5:06:8a:5e:70:a4:df:
30:31:5e:7e:1c:56:ce:bc:b5:11:64:a1:b7:69:83:0c:67:d0:
70:d1:d5:10:ce:1d:d7:c3:2d:9e:40:0d:76:ea:c2:86:70:09:
c8:14:0e:d4:42:22:0b:be:73:47:19:80:f9:d6:ae:00:f0:e2:
f5:75:be:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLYAGODApNVRHGBJJDnYEcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh
MzdlZWIwHhcNMjQxMDI5MTExOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODZkMGEwMjg2M2IxMjQ1OGFiZTIzODgzMjU3MjRlZmE4ZDgyMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGwli+QFtvEUYmnV8TAvB9mvSrjY
vaKzV9rmliLyfxH65mDTQRT+SRT4/007ugBb89XtbrZK4RF7EevfI05m6AMZgRog
wJY0DHoqdEHk2hLHdVMJfnj82u4vkKhrzvTLwmbMBrNZzSRRELIP2g4JN9hvBZh7
JGs/YIgiJqVPvY7ZlZHmkDEJTCaDn/jL+MOh1v8y6HqQqMDsCK+TQBg9h5FMEJOr
hCLQnnDT6emtUNMQW6Fo80yRFIu0GYQmmABtuPuoU5AXDKbCnvIxczX6cj2fNEFR
ZtK1iurLGK6FdjTEf24Yox/GZx7zn2aAdqpqtNyRC8rCMglxYTJkOkPXzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhtCgKGOxJFir4jiDJXJO+o2CKfMB8GA1UdIwQY
MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt
MGM0ODFmMGFkMjBlLzEvbUcwS0FvWTdFa1dLdmlPSU1sY2s3NmpZSXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl
LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufmMMA0G
CSqGSIb3DQEBCwUAA4IBAQAeFZy+Ny/xSWDx6JrIs/SKGyWTJirTTZyv/MlxKI0z
ApJwZbNRKZTg//WSK4IaAwFUA2oPbzycEpZLha2KdqXwgAPrba3vrrONgkG+HmP1
8Q77tHtK4crmGQkSAUwQ0EOyoNMS7dbqWO7sydtz3W1i5zycsW6pbZ0xuuOtHpA5
W30vstqb2k+etuj5eaLeC2Xa+hdpyBKDPkEJOADGAfnMS0l7raCpceEb1jJcrTvC
m8IvulLJud4NtnZNuMbo+vUGil5wpN8wMV5+HFbOvLURZKG3aYMMZ9Bw0dUQzh3X
wy2eQA126sKGcAnIFA7UQiILvnNHGYD51q4A8OL1db7U
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:33 2024 by rpki-client on console-ams.rpki-client.org