Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/589a15-9c52-4a1b-8d32-b8aab3323524/1/SAEoiBnx1yT3ztOk-5cfD2JdBuY.roa
File: SAEoiBnx1yT3ztOk-5cfD2JdBuY.roa (raw, json)
Hash identifier: icJuTUwJbwZGlsNa6r/yMYu5GVuBkng4g+d0J39KI3A=
Subject key identifier: 48:01:28:88:19:F1:D7:24:F7:CE:D3:A4:FB:97:1F:0F:62:5D:06:E6
Certificate issuer: /CN=0ec3ad5ff65b8dcb476229f12d457d7761a0b97c
Certificate serial: 018CC56E330B070F8791FDF26FA1217E53BC
Authority key identifier: 0E:C3:AD:5F:F6:5B:8D:CB:47:62:29:F1:2D:45:7D:77:61:A0:B9:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DsOtX_ZbjctHYinxLUV9d2GguXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/589a15-9c52-4a1b-8d32-b8aab3323524/1/SAEoiBnx1yT3ztOk-5cfD2JdBuY.roa
Signing time: Mon 01 Jan 2024 14:29:42 +0000
ROA not before: Mon 01 Jan 2024 14:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201722
IP address blocks: 185.82.112.0/24 maxlen: 24
185.82.114.0/24 maxlen: 24
185.82.115.0/24 maxlen: 24
185.82.113.0/24 maxlen: 24
2a05:8f80::/32 maxlen: 32
2a05:8f81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/589a15-9c52-4a1b-8d32-b8aab3323524/1/DsOtX_ZbjctHYinxLUV9d2GguXw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/589a15-9c52-4a1b-8d32-b8aab3323524/1/DsOtX_ZbjctHYinxLUV9d2GguXw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DsOtX_ZbjctHYinxLUV9d2GguXw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 19:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:33:0b:07:0f:87:91:fd:f2:6f:a1:21:7e:53:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ec3ad5ff65b8dcb476229f12d457d7761a0b97c
Validity
Not Before: Jan 1 14:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4801288819f1d724f7ced3a4fb971f0f625d06e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:10:3c:a6:31:32:bb:f0:af:0b:5e:aa:88:82:
e9:a8:34:dd:b6:31:73:df:52:34:55:0c:12:5a:ab:
a4:d1:86:c7:b0:5c:0c:37:2d:f8:81:ee:1a:85:fd:
a0:0a:c7:30:b7:2c:48:a9:d6:21:47:6a:6b:c8:2e:
ce:5a:96:f5:f4:86:3b:5d:70:db:a8:56:d2:72:c4:
f6:aa:50:10:15:b8:9f:82:d8:cf:30:72:ee:04:ee:
85:ea:80:3d:ff:6a:7c:6a:0e:4a:24:ff:e5:6b:c4:
93:4b:20:6a:17:50:4a:d6:f9:cf:3d:10:ca:7a:50:
03:bf:50:0b:f5:8d:a6:19:21:a4:f7:4c:98:ce:d5:
00:2e:67:59:8a:c0:c1:6e:58:84:f3:d7:6a:6b:c0:
29:32:3e:ee:ff:cb:e3:13:75:31:9f:c5:5d:50:01:
ec:68:b5:01:c1:15:86:91:fb:44:6d:ec:df:d0:8a:
34:23:65:d6:f7:ad:26:5f:16:89:00:52:fd:c4:a0:
ce:7a:17:ba:dd:96:56:ce:1d:4f:28:5a:ad:bb:27:
57:46:83:c1:72:81:7e:64:8e:b4:43:94:0a:2f:51:
14:4d:2a:55:2c:05:b6:cb:e6:d3:2d:62:cc:c6:7e:
2d:e1:e3:bb:5e:dd:34:1d:e4:a2:40:55:5d:51:a6:
2c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:01:28:88:19:F1:D7:24:F7:CE:D3:A4:FB:97:1F:0F:62:5D:06:E6
X509v3 Authority Key Identifier:
keyid:0E:C3:AD:5F:F6:5B:8D:CB:47:62:29:F1:2D:45:7D:77:61:A0:B9:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DsOtX_ZbjctHYinxLUV9d2GguXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/589a15-9c52-4a1b-8d32-b8aab3323524/1/SAEoiBnx1yT3ztOk-5cfD2JdBuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/589a15-9c52-4a1b-8d32-b8aab3323524/1/DsOtX_ZbjctHYinxLUV9d2GguXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.112.0/22
IPv6:
2a05:8f80::/31
Signature Algorithm: sha256WithRSAEncryption
7d:0a:5f:9c:1c:1c:c6:99:1f:4b:a5:3f:e0:13:38:29:74:6e:
c3:ad:a0:b9:b8:0a:e3:c8:4e:c5:33:25:cb:f3:8a:da:61:bd:
6f:9e:b4:f6:6a:94:1e:c0:cb:16:45:b5:97:21:82:67:5e:43:
e0:57:b0:f9:ed:7a:62:16:37:1e:c9:d6:88:02:4b:d8:94:f9:
a6:ba:30:3c:66:06:37:45:e9:92:8c:a2:b5:52:17:db:c6:78:
3d:99:33:d0:59:9e:0c:6a:c7:5c:63:fa:a7:b3:7a:94:9d:42:
5d:61:61:7c:24:d9:a9:4c:b9:39:5f:c5:28:04:c0:d6:31:c7:
ff:ca:be:c1:61:37:22:c7:f8:3a:e1:5e:db:cb:86:d6:98:4c:
99:d4:d1:be:98:8b:05:bd:47:f0:cb:58:51:13:a3:a0:95:db:
f1:45:47:68:c6:7a:86:b1:1f:c6:19:07:fd:73:5a:f6:c8:4b:
2d:8a:96:fc:9e:f4:3c:49:76:c6:8e:61:47:ae:f5:b6:f5:3d:
b7:95:32:3f:4e:85:57:3d:ec:be:e5:e7:84:16:e8:29:2a:d7:
38:fc:77:1f:45:65:ae:34:8a:a3:36:0a:38:ed:92:cd:77:77:
e4:b4:04:4f:62:b6:e1:6a:4d:14:b5:97:77:72:1d:2f:4a:f7:
51:36:74:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbjMLBw+Hkf3yb6EhflO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYzNhZDVmZjY1YjhkY2I0NzYyMjlmMTJkNDU3ZDc3NjFh
MGI5N2MwHhcNMjQwMTAxMTQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODAxMjg4ODE5ZjFkNzI0ZjdjZWQzYTRmYjk3MWYwZjYyNWQwNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBA8pjEyu/CvC16qiILpqDTdtjFz
31I0VQwSWquk0YbHsFwMNy34ge4ahf2gCscwtyxIqdYhR2pryC7OWpb19IY7XXDb
qFbScsT2qlAQFbifgtjPMHLuBO6F6oA9/2p8ag5KJP/la8STSyBqF1BK1vnPPRDK
elADv1AL9Y2mGSGk90yYztUALmdZisDBbliE89dqa8ApMj7u/8vjE3Uxn8VdUAHs
aLUBwRWGkftEbezf0Io0I2XW960mXxaJAFL9xKDOehe63ZZWzh1PKFqtuydXRoPB
coF+ZI60Q5QKL1EUTSpVLAW2y+bTLWLMxn4t4eO7Xt00HeSiQFVdUaYsWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEgBKIgZ8dck987TpPuXHw9iXQbmMB8GA1UdIwQY
MBaAFA7DrV/2W43LR2Ip8S1FfXdhoLl8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHNPdFhfWmJqY3RIWWlueExVVjlkMkdndVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81ODlhMTUtOWM1Mi00YTFiLThkMzIt
YjhhYWIzMzIzNTI0LzEvU0FFb2lCbngxeVQzenRPay01Y2ZEMkpkQnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81ODlhMTUtOWM1Mi00YTFiLThkMzItYjhhYWIzMzIzNTI0
LzEvRHNPdFhfWmJqY3RIWWlueExVVjlkMkdndVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVJwMA0E
AgACMAcDBQEqBY+AMA0GCSqGSIb3DQEBCwUAA4IBAQB9Cl+cHBzGmR9LpT/gEzgp
dG7DraC5uArjyE7FMyXL84raYb1vnrT2apQewMsWRbWXIYJnXkPgV7D57XpiFjce
ydaIAkvYlPmmujA8ZgY3RemSjKK1Uhfbxng9mTPQWZ4MasdcY/qns3qUnUJdYWF8
JNmpTLk5X8UoBMDWMcf/yr7BYTcix/g64V7by4bWmEyZ1NG+mIsFvUfwy1hRE6Og
ldvxRUdoxnqGsR/GGQf9c1r2yEstipb8nvQ8SXbGjmFHrvW29T23lTI/ToVXPey+
5eeEFugpKtc4/HcfRWWuNIqjNgo47ZLNd3fktARPYrbhak0UtZd3ch0vSvdRNnQb
-----END CERTIFICATE-----
Generated at Mon May 20 02:39:10 2024 by rpki-client on console-ams.rpki-client.org