Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/kdT3CWNf0iL3GwkkPlfxY3Bbydc.roa
File: kdT3CWNf0iL3GwkkPlfxY3Bbydc.roa (raw, json)
Hash identifier: QNIgV4InOsH44bcL0rILLHN85HUzOrBdPfOUMs+Bz6Q=
Subject key identifier: 91:D4:F7:09:63:5F:D2:22:F7:1B:09:24:3E:57:F1:63:70:5B:C9:D7
Certificate issuer: /CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Certificate serial: 018CC94E580EA152D3CE567FF1755EF7A9D8
Authority key identifier: F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/kdT3CWNf0iL3GwkkPlfxY3Bbydc.roa
Signing time: Tue 02 Jan 2024 08:33:23 +0000
ROA not before: Tue 02 Jan 2024 08:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51167
IP address blocks: 185.137.122.0/24 maxlen: 32
94.250.202.0/24 maxlen: 32
94.250.201.0/24 maxlen: 32
94.250.203.0/24 maxlen: 32
176.57.150.0/24 maxlen: 32
176.57.184.0/24 maxlen: 32
176.57.188.0/24 maxlen: 32
176.57.189.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:58:0e:a1:52:d3:ce:56:7f:f1:75:5e:f7:a9:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Validity
Not Before: Jan 2 08:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91d4f709635fd222f71b09243e57f163705bc9d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:20:aa:fd:a1:60:af:d7:3c:1a:37:bb:58:92:
3d:1f:5b:7f:f4:4c:ad:61:b0:0e:be:74:40:fe:76:
37:21:0a:24:3a:57:dd:98:67:ab:db:73:06:f8:af:
1d:07:61:07:74:82:e1:d0:8e:e2:95:97:e3:bb:92:
49:32:7b:f2:b4:2f:8e:64:c0:00:a8:62:ee:2a:6d:
47:66:18:7b:72:00:10:d7:4e:87:52:78:01:e7:ca:
ef:ce:00:c4:4d:da:31:a6:5d:c1:1d:7c:aa:af:43:
10:4d:90:74:15:15:23:93:b6:66:c1:e5:81:d6:46:
15:55:9e:a1:3e:0b:8e:95:51:6e:27:0a:c8:f3:d9:
55:34:63:3a:ff:1f:a9:16:1c:10:f9:94:c2:45:d8:
ba:08:f6:0a:da:8a:b4:c3:cf:8f:82:6b:b2:0a:ee:
84:9d:79:6e:13:e1:71:93:1a:5f:2e:62:0a:44:39:
d9:b8:77:85:b1:c0:99:60:7f:a0:84:a1:19:31:58:
74:47:01:e0:bf:0f:8f:3c:14:a1:44:0b:fb:41:e7:
64:8e:c9:2c:e3:83:93:e6:ee:5d:36:6f:b9:90:ee:
ea:b8:4c:19:11:b9:0b:39:d4:e5:9d:02:70:7b:78:
86:56:5a:b0:ee:ff:52:12:87:e9:66:00:42:88:f5:
f9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D4:F7:09:63:5F:D2:22:F7:1B:09:24:3E:57:F1:63:70:5B:C9:D7
X509v3 Authority Key Identifier:
keyid:F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/kdT3CWNf0iL3GwkkPlfxY3Bbydc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.201.0-94.250.203.255
176.57.150.0/24
176.57.184.0/24
176.57.188.0/23
185.137.122.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:30:db:ea:0a:33:2c:e0:2c:eb:fe:40:c3:08:a1:3c:dd:cc:
16:6a:4d:ec:e0:e2:cd:61:56:6a:ec:c9:c6:dc:ae:5f:36:aa:
ee:a9:73:8b:e0:a0:3c:29:ee:97:df:af:79:ed:33:be:b0:86:
00:b1:54:1b:9b:74:02:f6:54:cb:ce:c2:d1:94:84:45:67:02:
a4:b2:9e:3f:e3:7e:ab:0f:79:8f:55:be:c5:a9:76:da:8f:0f:
4d:22:ab:58:1c:ef:0b:c8:24:7c:ff:dd:21:dc:4e:0c:c5:ec:
d1:1f:16:b4:41:3e:69:fc:d3:5a:9b:e7:f2:a6:44:44:b5:8e:
89:91:6c:f8:30:6e:b6:c6:5c:a8:f9:a4:db:85:1f:ce:20:f6:
83:a0:94:58:c1:9d:72:48:14:65:c6:ca:4b:60:c6:f9:ec:6f:
86:ee:1b:83:c4:2a:c1:5f:6e:b7:59:51:dd:8c:ad:a6:d0:ac:
8b:17:d0:51:fe:7c:0d:01:3d:90:79:3f:ba:02:5f:40:4d:9f:
a4:37:c5:5e:2d:13:03:df:0e:cb:e6:69:a1:25:7a:8d:cf:a6:
2a:4e:c3:65:9e:d4:8c:c2:a8:7a:b6:4e:3f:76:d7:aa:f0:d4:
b6:5d:d8:f8:cc:63:e7:ef:b9:9a:a3:ad:bc:71:4d:b9:ac:61:
0e:8e:97:e0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzJTlgOoVLTzlZ/8XVe96nYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ODU3ZWNmNDQxZTVlYTFkNzE4MWZlYzdlOTdlNmRiYzEy
MjBmYzIwHhcNMjQwMTAyMDgzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWQ0ZjcwOTYzNWZkMjIyZjcxYjA5MjQzZTU3ZjE2MzcwNWJjOWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCCq/aFgr9c8Gje7WJI9H1t/9Eyt
YbAOvnRA/nY3IQokOlfdmGer23MG+K8dB2EHdILh0I7ilZfju5JJMnvytC+OZMAA
qGLuKm1HZhh7cgAQ106HUngB58rvzgDETdoxpl3BHXyqr0MQTZB0FRUjk7ZmweWB
1kYVVZ6hPguOlVFuJwrI89lVNGM6/x+pFhwQ+ZTCRdi6CPYK2oq0w8+PgmuyCu6E
nXluE+FxkxpfLmIKRDnZuHeFscCZYH+ghKEZMVh0RwHgvw+PPBShRAv7Qedkjsks
44OT5u5dNm+5kO7quEwZEbkLOdTlnQJwe3iGVlqw7v9SEofpZgBCiPX5jwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJHU9wljX9Ii9xsJJD5X8WNwW8nXMB8GA1UdIwQY
MBaAFPiFfs9EHl6h1xgf7H6X5tvBIg/CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JVi16MFFlWHFIWEdCX3NmcGZtMjhFaUQ4SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQz
LWE4OWY4MTc3NjQwNi8xL2tkVDNDV05mMGlMM0d3a2tQbGZ4WTNCYnlkYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQzLWE4OWY4MTc3NjQw
Ni8xLzEtSVYtejBRZVhxSFhHQl9zZnBmbTI4RWlEOEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMCwEAgABMCYwDAMEAF76
yQMEAl76yAMEALA5lgMEALA5uAMEAbA5vAMEALmJejANBgkqhkiG9w0BAQsFAAOC
AQEAajDb6gozLOAs6/5AwwihPN3MFmpN7ODizWFWauzJxtyuXzaq7qlzi+CgPCnu
l9+vee0zvrCGALFUG5t0AvZUy87C0ZSERWcCpLKeP+N+qw95j1W+xal22o8PTSKr
WBzvC8gkfP/dIdxODMXs0R8WtEE+afzTWpvn8qZERLWOiZFs+DButsZcqPmk24Uf
ziD2g6CUWMGdckgUZcbKS2DG+exvhu4bg8QqwV9ut1lR3YytptCsixfQUf58DQE9
kHk/ugJfQE2fpDfFXi0TA98Oy+ZpoSV6jc+mKk7DZZ7UjMKoerZOP3bXqvDUtl3Y
+Mxj5++5mqOtvHFNuaxhDo6X4A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:28 2024 by rpki-client on console-ams.rpki-client.org