Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/awDf4S2orXiUCqTAIcseU7kv-h8.roa
File: awDf4S2orXiUCqTAIcseU7kv-h8.roa (raw, json)
Hash identifier: ydzIlEZ1bAg6MnrOxRorNIzQRYWq+DpMhJ9Y5vfD4eo=
Subject key identifier: 6B:00:DF:E1:2D:A8:AD:78:94:0A:A4:C0:21:CB:1E:53:B9:2F:FA:1F
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 018CC94E4AEAD68E3C5E82A129B6A6B6B824
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/awDf4S2orXiUCqTAIcseU7kv-h8.roa
Signing time: Tue 02 Jan 2024 08:33:20 +0000
ROA not before: Tue 02 Jan 2024 08:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197328
IP address blocks: 185.220.58.0/23 maxlen: 23
194.107.229.0/24 maxlen: 24
194.110.1.0/24 maxlen: 24
194.110.7.0/24 maxlen: 24
194.110.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4a:ea:d6:8e:3c:5e:82:a1:29:b6:a6:b6:b8:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Jan 2 08:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b00dfe12da8ad78940aa4c021cb1e53b92ffa1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:51:46:4e:b2:15:82:9d:0a:b3:01:b8:17:be:
90:5a:6f:72:7d:d8:1b:cc:98:71:cd:f6:96:ce:0f:
64:0c:82:50:13:15:d4:18:62:57:9d:bb:59:4b:0d:
31:ed:91:cc:f9:f3:65:0e:54:bc:d8:0d:a4:2d:f7:
4c:da:12:64:a9:03:d0:1f:4b:0f:55:3d:2d:09:19:
f6:80:df:a7:ba:ff:18:29:0e:48:64:07:e0:ec:50:
eb:da:52:2c:1f:dd:1b:10:4a:99:33:e1:22:89:33:
28:d1:a2:79:50:cd:9b:54:df:50:5e:c7:4e:4e:b4:
12:6a:92:e6:34:0c:eb:7a:07:f8:1c:53:01:ff:6a:
bb:2f:ff:20:f8:2a:07:d8:ca:83:52:7d:2d:65:3d:
6c:5c:54:bc:56:2f:d9:5f:19:c0:51:d4:5d:7f:27:
b0:44:83:5a:1f:64:80:91:69:33:de:65:b4:98:d3:
de:05:26:24:34:47:f3:09:22:ca:9c:46:18:e9:c5:
7b:53:eb:a4:3a:70:cd:84:63:bd:3e:f6:84:ce:b1:
00:c7:e8:60:1c:67:92:4d:27:1d:14:d8:0f:64:12:
34:54:8a:15:ff:8c:65:d6:57:65:26:98:d5:21:d5:
87:a8:bc:60:6a:20:f1:7e:3a:af:7b:cb:36:cb:61:
48:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:00:DF:E1:2D:A8:AD:78:94:0A:A4:C0:21:CB:1E:53:B9:2F:FA:1F
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/awDf4S2orXiUCqTAIcseU7kv-h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.58.0/23
194.107.229.0/24
194.110.1.0/24
194.110.7.0/24
194.110.19.0/24
Signature Algorithm: sha256WithRSAEncryption
55:19:10:e4:2b:d5:54:e4:6e:dc:34:d4:f6:75:e7:20:48:f8:
6b:b0:49:1b:61:db:c4:4a:ec:19:cc:89:03:1a:8d:3c:46:a5:
dd:52:26:09:49:29:a5:41:5a:75:ec:a7:5c:ab:92:5b:1a:82:
a3:53:32:c0:c0:b0:a0:2e:c5:64:fa:28:82:f4:35:e8:d4:b9:
19:81:5f:d0:75:aa:0d:d7:1a:76:d0:52:a4:a5:a4:a6:45:74:
2f:23:63:82:cb:d0:df:7d:17:97:7f:08:ab:10:5a:0a:73:75:
f5:bf:79:59:bb:be:0f:8a:d2:b1:1c:cd:62:15:49:e0:08:0f:
f1:37:db:07:3c:74:56:99:26:28:8f:59:73:7e:ec:65:6e:8c:
30:de:89:07:c3:5e:ad:1b:37:b4:23:36:f8:63:12:48:1e:67:
7f:76:ae:bb:d8:3e:f3:54:e6:05:bf:8b:91:99:10:29:23:d3:
cb:b2:5f:e2:48:84:68:07:01:23:d8:98:65:6f:11:0d:25:c5:
56:54:53:05:7b:f7:7e:53:a5:79:49:9d:bc:03:18:d3:62:d9:
cf:e9:5f:74:20:9d:53:c7:e2:a4:cf:fe:0f:ff:70:02:b8:63:
89:c2:09:bf:69:2b:82:1c:e1:b6:e9:14:0e:2b:4a:4b:87:04:
47:a6:b6:6b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTkrq1o48XoKhKbamtrgkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzUxODY1Yjc2N2RkN2I5YzIyMzE0YmZjODA1NWJkNTdk
YjAwNjUwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjAwZGZlMTJkYThhZDc4OTQwYWE0YzAyMWNiMWU1M2I5MmZmYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglFGTrIVgp0KswG4F76QWm9yfdgb
zJhxzfaWzg9kDIJQExXUGGJXnbtZSw0x7ZHM+fNlDlS82A2kLfdM2hJkqQPQH0sP
VT0tCRn2gN+nuv8YKQ5IZAfg7FDr2lIsH90bEEqZM+EiiTMo0aJ5UM2bVN9QXsdO
TrQSapLmNAzregf4HFMB/2q7L/8g+CoH2MqDUn0tZT1sXFS8Vi/ZXxnAUdRdfyew
RINaH2SAkWkz3mW0mNPeBSYkNEfzCSLKnEYY6cV7U+ukOnDNhGO9PvaEzrEAx+hg
HGeSTScdFNgPZBI0VIoV/4xl1ldlJpjVIdWHqLxgaiDxfjqve8s2y2FIgQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGsA3+EtqK14lAqkwCHLHlO5L/ofMB8GA1UdIwQY
MBaAFCE1GGW3Z917nCIxS/yAVb1X2wBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAt
MWU0ZTA0MDA4NDRiLzEvYXdEZjRTMm9yWGlVQ3FUQUljc2VVN2t2LWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAtMWU0ZTA0MDA4NDRi
LzEvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBudw6AwQA
wmvlAwQAwm4BAwQAwm4HAwQAwm4TMA0GCSqGSIb3DQEBCwUAA4IBAQBVGRDkK9VU
5G7cNNT2decgSPhrsEkbYdvESuwZzIkDGo08RqXdUiYJSSmlQVp17Kdcq5JbGoKj
UzLAwLCgLsVk+iiC9DXo1LkZgV/QdaoN1xp20FKkpaSmRXQvI2OCy9DffReXfwir
EFoKc3X1v3lZu74PitKxHM1iFUngCA/xN9sHPHRWmSYoj1lzfuxlboww3okHw16t
Gze0Izb4YxJIHmd/dq672D7zVOYFv4uRmRApI9PLsl/iSIRoBwEj2JhlbxENJcVW
VFMFe/d+U6V5SZ28AxjTYtnP6V90IJ1Tx+Kkz/4P/3ACuGOJwgm/aSuCHOG26RQO
K0pLhwRHprZr
-----END CERTIFICATE-----
Generated at Sun May 12 20:39:09 2024 by rpki-client on console-ams.rpki-client.org