Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/f7977e-ad30-4cb7-8ed3-29f4cd0ba804/1/h4Ouyy1iSkAjLLqkWDUO2clKMmE.roa
File: h4Ouyy1iSkAjLLqkWDUO2clKMmE.roa (raw, json)
Hash identifier: IzHdDgfI0M/CNSQom4AXq2GCX4sZdY1eEA5lo1KYRZo=
Subject key identifier: 87:83:AE:CB:2D:62:4A:40:23:2C:BA:A4:58:35:0E:D9:C9:4A:32:61
Certificate issuer: /CN=13cd87027d7d3a3b9f7c4ba4495e49e21ad5a4bb
Certificate serial: 018CC56E31E64EDDD7903746397D120881CD
Authority key identifier: 13:CD:87:02:7D:7D:3A:3B:9F:7C:4B:A4:49:5E:49:E2:1A:D5:A4:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E82HAn19OjuffEukSV5J4hrVpLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/f7977e-ad30-4cb7-8ed3-29f4cd0ba804/1/h4Ouyy1iSkAjLLqkWDUO2clKMmE.roa
Signing time: Mon 01 Jan 2024 14:29:42 +0000
ROA not before: Mon 01 Jan 2024 14:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211756
IP address blocks: 185.242.178.0/24 maxlen: 24
2a10:98c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/f7977e-ad30-4cb7-8ed3-29f4cd0ba804/1/E82HAn19OjuffEukSV5J4hrVpLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/f7977e-ad30-4cb7-8ed3-29f4cd0ba804/1/E82HAn19OjuffEukSV5J4hrVpLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/E82HAn19OjuffEukSV5J4hrVpLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:31:e6:4e:dd:d7:90:37:46:39:7d:12:08:81:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13cd87027d7d3a3b9f7c4ba4495e49e21ad5a4bb
Validity
Not Before: Jan 1 14:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8783aecb2d624a40232cbaa458350ed9c94a3261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bc:63:aa:aa:73:c4:d7:0a:63:9c:88:6b:d3:
e2:d7:ef:10:b7:13:28:b9:7d:ea:2d:8a:a2:7f:2a:
a4:f9:68:ff:ad:fd:61:d1:b8:cc:cc:7a:48:89:de:
88:66:64:21:17:7e:f6:f5:04:23:64:a0:c2:eb:06:
17:54:ae:5f:3d:ed:6c:bf:c3:f5:9e:a8:0a:7a:75:
92:51:f8:7b:00:3e:c0:cb:3c:23:46:c2:98:9a:8c:
bf:90:d8:2f:c6:2f:c5:e3:f4:fc:70:23:d0:2a:eb:
96:90:e1:45:d2:1a:b3:26:76:c5:38:83:76:af:8a:
2e:e4:bf:c0:79:9e:ea:07:eb:ce:fa:d2:e9:4e:e3:
c8:2c:bc:81:63:f7:c4:3a:fa:60:b1:33:0f:f8:3e:
e5:8c:64:26:3e:2c:3c:2c:05:c4:24:14:a4:a8:c7:
b7:3e:13:20:d8:4c:5b:3a:83:fe:02:37:1a:2d:c6:
dc:ba:19:28:d3:10:c0:55:e2:b0:87:9c:a7:73:7c:
07:19:f8:14:da:6e:5e:32:f9:e4:a8:e7:1f:a0:bf:
3c:57:d7:88:57:27:0c:59:d9:64:70:ad:57:0c:14:
1b:1d:a4:d3:7c:e4:7c:1c:cf:12:55:4f:dd:4f:8c:
96:df:8f:3a:55:56:c7:50:3d:b8:a5:90:c1:70:a4:
fa:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:83:AE:CB:2D:62:4A:40:23:2C:BA:A4:58:35:0E:D9:C9:4A:32:61
X509v3 Authority Key Identifier:
keyid:13:CD:87:02:7D:7D:3A:3B:9F:7C:4B:A4:49:5E:49:E2:1A:D5:A4:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E82HAn19OjuffEukSV5J4hrVpLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/f7977e-ad30-4cb7-8ed3-29f4cd0ba804/1/h4Ouyy1iSkAjLLqkWDUO2clKMmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/f7977e-ad30-4cb7-8ed3-29f4cd0ba804/1/E82HAn19OjuffEukSV5J4hrVpLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.178.0/24
IPv6:
2a10:98c0::/29
Signature Algorithm: sha256WithRSAEncryption
c0:16:e0:44:0e:9d:ff:19:c2:f1:7b:94:2f:40:fc:4b:42:1d:
7c:a2:f9:c6:b7:1c:04:4f:d2:5e:1b:c3:ee:48:f8:c2:9c:2c:
f7:ac:0d:d9:ac:ad:0f:ef:bd:4e:d0:26:e4:6e:22:76:36:ce:
3a:b4:aa:ea:4b:62:e1:50:4d:79:d4:ab:8d:b5:8b:ec:f7:8a:
64:d5:6d:ef:80:67:90:44:90:f6:de:6f:1c:e2:af:76:d1:ea:
1a:d9:16:7b:12:76:bb:fa:48:bd:7a:99:1c:b5:c0:ca:e0:e1:
2b:ac:81:d8:59:a4:85:dd:fb:8e:d0:16:2b:66:de:7d:1d:56:
5b:35:51:1d:28:1a:6c:5d:e9:e8:4a:3b:f5:08:5a:e2:6d:44:
a1:8f:1a:e2:75:48:fa:bd:5a:0f:5b:6d:a1:ec:96:dd:28:e3:
0a:0b:33:6a:e6:92:92:67:d8:1b:43:f3:8f:9a:ac:83:cf:86:
1d:4f:3c:da:fc:a3:77:05:e7:21:62:de:db:bc:73:92:6d:be:
3d:5b:2b:c0:80:cb:dc:a5:f1:06:44:08:bf:68:7b:8f:16:22:
13:8a:94:61:93:5e:2a:d2:39:8b:a5:4e:06:de:b9:e2:78:03:
81:78:f5:2b:ef:de:56:aa:21:10:fb:34:c7:d1:65:87:4b:ae:
76:40:c3:69
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbjHmTt3XkDdGOX0SCIHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzY2Q4NzAyN2Q3ZDNhM2I5ZjdjNGJhNDQ5NWU0OWUyMWFk
NWE0YmIwHhcNMjQwMTAxMTQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzgzYWVjYjJkNjI0YTQwMjMyY2JhYTQ1ODM1MGVkOWM5NGEzMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLxjqqpzxNcKY5yIa9Pi1+8QtxMo
uX3qLYqifyqk+Wj/rf1h0bjMzHpIid6IZmQhF3729QQjZKDC6wYXVK5fPe1sv8P1
nqgKenWSUfh7AD7AyzwjRsKYmoy/kNgvxi/F4/T8cCPQKuuWkOFF0hqzJnbFOIN2
r4ou5L/AeZ7qB+vO+tLpTuPILLyBY/fEOvpgsTMP+D7ljGQmPiw8LAXEJBSkqMe3
PhMg2ExbOoP+AjcaLcbcuhko0xDAVeKwh5ync3wHGfgU2m5eMvnkqOcfoL88V9eI
VycMWdlkcK1XDBQbHaTTfOR8HM8SVU/dT4yW3486VVbHUD24pZDBcKT6gwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIeDrsstYkpAIyy6pFg1DtnJSjJhMB8GA1UdIwQY
MBaAFBPNhwJ9fTo7n3xLpEleSeIa1aS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTgySEFuMTlPanVmZkV1a1NWNUo0aHJWcExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9mNzk3N2UtYWQzMC00Y2I3LThlZDMt
MjlmNGNkMGJhODA0LzEvaDRPdXl5MWlTa0FqTExxa1dEVU8yY2xLTW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9mNzk3N2UtYWQzMC00Y2I3LThlZDMtMjlmNGNkMGJhODA0
LzEvRTgySEFuMTlPanVmZkV1a1NWNUo0aHJWcExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufKyMA0E
AgACMAcDBQMqEJjAMA0GCSqGSIb3DQEBCwUAA4IBAQDAFuBEDp3/GcLxe5QvQPxL
Qh18ovnGtxwET9JeG8PuSPjCnCz3rA3ZrK0P771O0CbkbiJ2Ns46tKrqS2LhUE15
1KuNtYvs94pk1W3vgGeQRJD23m8c4q920eoa2RZ7Ena7+ki9epkctcDK4OErrIHY
WaSF3fuO0BYrZt59HVZbNVEdKBpsXenoSjv1CFribUShjxridUj6vVoPW22h7Jbd
KOMKCzNq5pKSZ9gbQ/OPmqyDz4YdTzza/KN3BechYt7bvHOSbb49WyvAgMvcpfEG
RAi/aHuPFiITipRhk14q0jmLpU4G3rnieAOBePUr795WqiEQ+zTH0WWHS652QMNp
-----END CERTIFICATE-----
Generated at Wed May 29 03:18:05 2024 by rpki-client on console-fra.rpki-client.org