Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/sL4aXJHvxyoKoJQl43SrZ8tUvj0.roa
File: sL4aXJHvxyoKoJQl43SrZ8tUvj0.roa (raw, json)
Hash identifier: cUwC11AtC5URON0wuKpLkHQEC1E0/ekwRUbMQjhvvOI=
Subject key identifier: B0:BE:1A:5C:91:EF:C7:2A:0A:A0:94:25:E3:74:AB:67:CB:54:BE:3D
Certificate issuer: /CN=8cf0b0b46a08d1e70fcbdd877ad939a0132e1269
Certificate serial: 018CC3B71397D3891EDDC54525FCCAA065A7
Authority key identifier: 8C:F0:B0:B4:6A:08:D1:E7:0F:CB:DD:87:7A:D9:39:A0:13:2E:12:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/sL4aXJHvxyoKoJQl43SrZ8tUvj0.roa
Signing time: Mon 01 Jan 2024 06:30:04 +0000
ROA not before: Mon 01 Jan 2024 06:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206255
IP address blocks: 185.174.196.0/24 maxlen: 24
185.174.199.0/24 maxlen: 24
185.174.198.0/24 maxlen: 24
185.174.197.0/24 maxlen: 24
2a11:b880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:13:97:d3:89:1e:dd:c5:45:25:fc:ca:a0:65:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cf0b0b46a08d1e70fcbdd877ad939a0132e1269
Validity
Not Before: Jan 1 06:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0be1a5c91efc72a0aa09425e374ab67cb54be3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6e:2a:41:2b:f1:e4:d4:ee:72:c9:ff:ba:77:
e6:7b:2a:36:44:a8:e0:56:34:a1:68:61:1a:1b:ad:
6a:93:6c:e6:f4:45:41:4d:67:2a:79:96:a3:bf:69:
38:b6:54:e5:b3:dd:c8:f6:e0:d8:2c:08:97:eb:4a:
b3:51:43:c9:62:5b:59:a3:c0:23:18:cd:0e:78:88:
15:ea:78:8e:86:13:ae:1a:eb:3f:e0:fa:b3:f5:0e:
fb:2b:99:3d:b3:b4:87:d3:d1:4c:39:a2:c7:74:17:
1e:10:4d:1b:45:11:f5:74:2d:a3:bf:4f:ca:4d:40:
31:b9:79:fd:d9:39:fd:65:0a:1c:fc:e5:af:0f:78:
16:96:b2:28:6a:65:a1:d2:98:79:10:e4:ce:18:a8:
66:b6:95:3e:f4:3d:a2:3b:04:7c:95:c9:b0:05:8d:
c0:36:ff:2f:05:0a:12:86:d5:17:5f:1d:8e:bf:9c:
aa:cd:b5:26:06:98:b0:19:70:e1:58:7c:bc:7e:ab:
61:8b:0b:db:94:53:4b:d1:48:97:62:a9:6a:b1:61:
8e:59:f7:6e:f4:d2:66:b1:7f:bc:01:4f:3a:b0:45:
36:c5:fe:bf:5c:2f:b7:10:3e:f2:42:45:87:11:ce:
d2:c7:dd:79:7b:4c:cf:9b:92:9d:0f:f0:c9:bb:19:
7b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:BE:1A:5C:91:EF:C7:2A:0A:A0:94:25:E3:74:AB:67:CB:54:BE:3D
X509v3 Authority Key Identifier:
keyid:8C:F0:B0:B4:6A:08:D1:E7:0F:CB:DD:87:7A:D9:39:A0:13:2E:12:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/sL4aXJHvxyoKoJQl43SrZ8tUvj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.196.0/22
IPv6:
2a11:b880::/29
Signature Algorithm: sha256WithRSAEncryption
10:83:fd:cc:45:3b:fa:7d:18:f6:03:b2:f8:51:f8:fe:02:cb:
94:22:68:5a:c3:37:d2:1e:c9:42:0e:70:56:ca:cd:7e:5a:11:
e7:90:72:e3:6b:ad:9c:60:8b:b7:e6:22:a2:d7:e1:af:d2:1b:
a4:e1:d5:d8:1c:0f:88:1c:3a:bf:6d:c8:09:09:69:fe:6b:40:
b5:31:8b:c0:47:91:84:32:73:7e:70:14:fe:17:2b:f2:e7:00:
d4:ee:cb:f7:f2:41:18:97:0e:b3:d8:3e:84:aa:2f:ec:92:b4:
76:aa:ed:e0:63:01:31:22:f1:01:37:27:85:e3:a9:4e:c5:0d:
2c:87:e0:40:4b:ec:16:d4:8a:19:dc:96:4a:47:01:c4:eb:6e:
b3:bc:bb:c1:f4:11:e6:b6:00:82:31:07:4e:93:2e:7e:a0:8c:
e8:10:00:10:58:fa:3d:79:c8:db:79:53:6b:d0:ce:06:d0:4f:
4a:ef:9e:4e:0d:2f:da:b1:41:8b:76:aa:ad:8b:5c:63:ca:54:
f5:61:37:ce:c0:1e:c2:57:c7:3b:95:33:b6:e1:89:b8:ac:57:
03:71:ba:47:3b:f4:7a:2a:78:d9:b7:18:36:fc:4e:1f:ef:19:
49:58:b8:a4:8a:41:c9:af:f3:56:9b:99:5e:e0:7e:aa:1e:9f:
9c:3a:c0:50
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtxOX04ke3cVFJfzKoGWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZjBiMGI0NmEwOGQxZTcwZmNiZGQ4NzdhZDkzOWEwMTMy
ZTEyNjkwHhcNMjQwMTAxMDYzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGJlMWE1YzkxZWZjNzJhMGFhMDk0MjVlMzc0YWI2N2NiNTRiZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW4qQSvx5NTucsn/unfmeyo2RKjg
VjShaGEaG61qk2zm9EVBTWcqeZajv2k4tlTls93I9uDYLAiX60qzUUPJYltZo8Aj
GM0OeIgV6niOhhOuGus/4Pqz9Q77K5k9s7SH09FMOaLHdBceEE0bRRH1dC2jv0/K
TUAxuXn92Tn9ZQoc/OWvD3gWlrIoamWh0ph5EOTOGKhmtpU+9D2iOwR8lcmwBY3A
Nv8vBQoShtUXXx2Ov5yqzbUmBpiwGXDhWHy8fqthiwvblFNL0UiXYqlqsWGOWfdu
9NJmsX+8AU86sEU2xf6/XC+3ED7yQkWHEc7Sx915e0zPm5KdD/DJuxl7JQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLC+GlyR78cqCqCUJeN0q2fLVL49MB8GA1UdIwQY
MBaAFIzwsLRqCNHnD8vdh3rZOaATLhJpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalBDd3RHb0kwZWNQeTkySGV0azVvQk11RW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80ODhmOTAtMjI0ZS00NjM0LTk2N2Yt
OGYxODFkM2EzZThmLzEvc0w0YVhKSHZ4eW9Lb0pRbDQzU3JaOHRVdmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80ODhmOTAtMjI0ZS00NjM0LTk2N2YtOGYxODFkM2EzZThm
LzEvalBDd3RHb0kwZWNQeTkySGV0azVvQk11RW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua7EMA0E
AgACMAcDBQMqEbiAMA0GCSqGSIb3DQEBCwUAA4IBAQAQg/3MRTv6fRj2A7L4Ufj+
AsuUImhawzfSHslCDnBWys1+WhHnkHLja62cYIu35iKi1+Gv0huk4dXYHA+IHDq/
bcgJCWn+a0C1MYvAR5GEMnN+cBT+Fyvy5wDU7sv38kEYlw6z2D6Eqi/skrR2qu3g
YwExIvEBNyeF46lOxQ0sh+BAS+wW1IoZ3JZKRwHE626zvLvB9BHmtgCCMQdOky5+
oIzoEAAQWPo9ecjbeVNr0M4G0E9K755ODS/asUGLdqqti1xjylT1YTfOwB7CV8c7
lTO24Ym4rFcDcbpHO/R6KnjZtxg2/E4f7xlJWLikikHJr/NWm5le4H6qHp+cOsBQ
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:04:54 2024 by rpki-client on console-ams.rpki-client.org