Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/pEgVC0dHW2Fv6IosgkPwQSiq7VE.roa
File: pEgVC0dHW2Fv6IosgkPwQSiq7VE.roa (raw, json)
Hash identifier: MGnv49Ou7E0pXFTtt96nq8hOEmoeUIA4LTVBQXICBHs=
Subject key identifier: A4:48:15:0B:47:47:5B:61:6F:E8:8A:2C:82:43:F0:41:28:AA:ED:51
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018CC56E12571C827A9B164F9718B3F4931C
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/pEgVC0dHW2Fv6IosgkPwQSiq7VE.roa
Signing time: Mon 01 Jan 2024 14:29:34 +0000
ROA not before: Mon 01 Jan 2024 14:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199565
IP address blocks: 188.255.224.0/24 maxlen: 24
188.255.221.0/24 maxlen: 24
188.255.146.0/24 maxlen: 24
188.255.169.0/24 maxlen: 24
188.255.173.0/24 maxlen: 24
188.255.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:12:57:1c:82:7a:9b:16:4f:97:18:b3:f4:93:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 1 14:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a448150b47475b616fe88a2c8243f04128aaed51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c3:a0:89:9b:b9:67:f9:00:bf:e3:ba:43:f3:
44:a5:81:d7:33:33:cb:0e:79:2f:23:20:37:74:57:
0a:1e:d3:16:7f:a9:36:3c:03:e2:b1:8e:8f:74:f4:
f9:be:53:f2:5b:de:42:19:91:ad:78:3f:39:ad:fb:
0a:ab:ed:0b:91:d2:22:48:25:a9:d4:64:c6:8c:31:
98:8d:cc:f8:d7:8e:45:a6:65:28:a2:3d:4b:70:c0:
7c:52:9a:6d:21:f9:fa:00:d6:fc:f4:c8:d8:fd:46:
46:4a:34:74:91:f1:a5:79:83:ef:e5:98:a6:c2:9f:
f3:95:37:8f:ee:1a:93:63:81:aa:34:5e:4e:63:d5:
cd:ad:25:e0:2f:b2:33:2b:75:c7:89:f6:a8:71:7f:
44:13:f8:21:0e:1c:3c:1a:b2:3f:06:0c:f5:ec:ec:
b0:13:0d:77:11:43:2d:25:fd:99:5d:28:99:db:47:
10:2f:b0:52:56:e3:e9:d4:1e:e4:ba:8f:c9:2a:ec:
2d:b9:fc:27:f9:83:54:d6:e7:c1:5c:c9:dd:c1:ec:
4c:ef:b4:95:1a:fd:5a:57:08:48:24:80:f0:f5:47:
32:56:aa:dc:ba:8d:3e:f2:a4:7c:a8:2e:e2:ef:20:
23:9b:3e:23:e6:6c:3c:87:cc:5e:d9:3a:43:1d:c5:
7d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:48:15:0B:47:47:5B:61:6F:E8:8A:2C:82:43:F0:41:28:AA:ED:51
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/pEgVC0dHW2Fv6IosgkPwQSiq7VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.255.146.0/24
188.255.169.0/24
188.255.173.0/24
188.255.184.0/24
188.255.221.0/24
188.255.224.0/24
Signature Algorithm: sha256WithRSAEncryption
80:5c:3c:9e:3d:2e:53:0b:40:ea:17:9c:7d:20:c9:a5:1b:12:
c8:c1:b6:4f:36:5e:da:c0:4b:89:07:9c:27:72:57:fb:18:67:
73:e3:74:23:65:97:31:f4:e7:b7:22:92:0f:c2:2f:41:ff:f3:
f1:36:46:84:93:f0:de:d2:43:78:27:3a:12:d8:7d:68:54:54:
33:b3:ec:ea:36:41:04:ff:a8:4e:0f:4c:ea:3f:41:75:4b:f0:
90:0c:75:e3:6c:47:15:92:0d:54:16:70:63:8c:8e:a8:18:45:
d1:5f:ee:39:a7:cd:9a:e2:28:dd:01:3b:0a:8c:9c:93:e2:a8:
e4:29:f4:7b:96:40:eb:f5:30:f4:04:6d:27:cd:e4:ae:e4:7c:
a3:5e:e9:07:e5:7a:04:75:a5:fd:f2:79:09:38:e5:87:06:7a:
00:61:2c:4f:f6:16:89:87:da:9e:4b:89:ab:31:53:b4:db:2e:
f0:2e:6e:80:e5:d0:04:49:b4:6a:95:69:20:7b:b2:9a:86:7b:
9b:b9:50:71:1e:60:3d:55:49:8e:f8:ca:06:ac:20:8d:cc:71:
d1:17:72:b5:81:5e:b5:2c:bf:b1:55:35:c4:72:d5:4c:0c:37:
63:77:50:61:ff:f8:52:72:5f:62:88:79:75:99:e8:03:93:71:
d0:0d:69:f5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFbhJXHIJ6mxZPlxiz9JMcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTAxMTQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDQ4MTUwYjQ3NDc1YjYxNmZlODhhMmM4MjQzZjA0MTI4YWFlZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcOgiZu5Z/kAv+O6Q/NEpYHXMzPL
DnkvIyA3dFcKHtMWf6k2PAPisY6PdPT5vlPyW95CGZGteD85rfsKq+0LkdIiSCWp
1GTGjDGYjcz4145FpmUooj1LcMB8UpptIfn6ANb89MjY/UZGSjR0kfGleYPv5Zim
wp/zlTeP7hqTY4GqNF5OY9XNrSXgL7IzK3XHifaocX9EE/ghDhw8GrI/Bgz17Oyw
Ew13EUMtJf2ZXSiZ20cQL7BSVuPp1B7kuo/JKuwtufwn+YNU1ufBXMndwexM77SV
Gv1aVwhIJIDw9UcyVqrcuo0+8qR8qC7i7yAjmz4j5mw8h8xe2TpDHcV9XQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKRIFQtHR1thb+iKLIJD8EEoqu1RMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvcEVnVkMwZEhXMkZ2Nklvc2drUHdRU2lxN1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAvP+SAwQA
vP+pAwQAvP+tAwQAvP+4AwQAvP/dAwQAvP/gMA0GCSqGSIb3DQEBCwUAA4IBAQCA
XDyePS5TC0DqF5x9IMmlGxLIwbZPNl7awEuJB5wnclf7GGdz43QjZZcx9Oe3IpIP
wi9B//PxNkaEk/De0kN4JzoS2H1oVFQzs+zqNkEE/6hOD0zqP0F1S/CQDHXjbEcV
kg1UFnBjjI6oGEXRX+45p82a4ijdATsKjJyT4qjkKfR7lkDr9TD0BG0nzeSu5Hyj
XukH5XoEdaX98nkJOOWHBnoAYSxP9haJh9qeS4mrMVO02y7wLm6A5dAESbRqlWkg
e7KahnubuVBxHmA9VUmO+MoGrCCNzHHRF3K1gV61LL+xVTXEctVMDDdjd1Bh//hS
cl9iiHl1megDk3HQDWn1
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:43:19 2024 by rpki-client on console-fra.rpki-client.org