Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/62a01d-feec-40fd-98ed-bc8c6d286f1c/1/k-dOspRiW_zKJLOnl4sYfbMN2N8.roa
File: k-dOspRiW_zKJLOnl4sYfbMN2N8.roa (raw, json)
Hash identifier: GRWQItdR2MSvnb5H5nHvbI0zGWF3XotdQbyuI5plZuM=
Subject key identifier: 93:E7:4E:B2:94:62:5B:FC:CA:24:B3:A7:97:8B:18:7D:B3:0D:D8:DF
Certificate issuer: /CN=b8155ac34b6ec15f226ae9913d6aecfca7a784d4
Certificate serial: 018CC3B6D1FC921202D5181AB5F57B089547
Authority key identifier: B8:15:5A:C3:4B:6E:C1:5F:22:6A:E9:91:3D:6A:EC:FC:A7:A7:84:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uBVaw0tuwV8iaumRPWrs_KenhNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/62a01d-feec-40fd-98ed-bc8c6d286f1c/1/k-dOspRiW_zKJLOnl4sYfbMN2N8.roa
Signing time: Mon 01 Jan 2024 06:29:47 +0000
ROA not before: Mon 01 Jan 2024 06:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61094
IP address blocks: 185.103.216.0/22 maxlen: 24
185.245.12.0/22 maxlen: 24
185.111.190.0/23 maxlen: 24
2a02:e220::/30 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/62a01d-feec-40fd-98ed-bc8c6d286f1c/1/uBVaw0tuwV8iaumRPWrs_KenhNQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/62a01d-feec-40fd-98ed-bc8c6d286f1c/1/uBVaw0tuwV8iaumRPWrs_KenhNQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uBVaw0tuwV8iaumRPWrs_KenhNQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d1:fc:92:12:02:d5:18:1a:b5:f5:7b:08:95:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8155ac34b6ec15f226ae9913d6aecfca7a784d4
Validity
Not Before: Jan 1 06:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93e74eb294625bfcca24b3a7978b187db30dd8df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ea:09:9b:d8:cb:de:61:d9:55:67:cf:c7:9e:
d8:bc:9a:0e:9a:1e:07:66:74:0f:0c:d3:43:f5:70:
e4:7c:db:35:bc:2e:15:3f:75:09:24:33:50:b7:cf:
bd:2f:27:80:19:94:12:b8:51:b0:6d:d1:bb:62:fb:
9e:1a:a9:c4:43:91:cb:ed:0d:6f:8c:ce:6b:66:7c:
3c:71:e6:52:85:f4:62:5e:a8:12:56:31:c9:f6:d7:
e2:2a:34:59:b9:eb:25:82:3b:2c:72:48:31:87:64:
f4:90:69:36:ba:14:32:43:fa:3e:a3:46:5b:ce:dc:
e4:87:7e:a7:51:04:31:7f:62:4a:d1:bf:79:f8:ff:
d9:e2:b0:fa:bf:5a:2f:45:66:7c:5e:5a:99:23:d0:
94:b0:b6:0d:18:3c:4e:49:d7:02:6f:ee:a9:10:6d:
6a:64:15:65:01:27:fb:17:6e:d3:de:e9:31:59:22:
eb:86:ce:c0:60:53:ed:46:d1:7c:3a:46:b9:4d:f2:
5c:0b:47:0b:61:4d:72:e6:b5:ec:f3:fc:c8:96:20:
87:f7:05:af:58:54:c0:df:b7:84:51:60:1b:18:32:
dd:0e:01:20:72:95:e1:21:e6:28:5f:af:bd:06:38:
5b:79:f9:2a:66:78:66:0a:58:76:d7:94:f0:38:42:
83:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:E7:4E:B2:94:62:5B:FC:CA:24:B3:A7:97:8B:18:7D:B3:0D:D8:DF
X509v3 Authority Key Identifier:
keyid:B8:15:5A:C3:4B:6E:C1:5F:22:6A:E9:91:3D:6A:EC:FC:A7:A7:84:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uBVaw0tuwV8iaumRPWrs_KenhNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/62a01d-feec-40fd-98ed-bc8c6d286f1c/1/k-dOspRiW_zKJLOnl4sYfbMN2N8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/62a01d-feec-40fd-98ed-bc8c6d286f1c/1/uBVaw0tuwV8iaumRPWrs_KenhNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.216.0/22
185.111.190.0/23
185.245.12.0/22
IPv6:
2a02:e220::/30
Signature Algorithm: sha256WithRSAEncryption
80:71:4f:04:4c:2d:c4:96:68:80:e0:e2:83:0f:50:d3:5f:dc:
7d:e1:8b:69:75:d0:db:ed:a2:c9:30:61:72:65:ec:0d:63:c8:
62:08:d1:0c:aa:64:dd:af:92:41:d6:40:c5:ff:98:26:2c:75:
fd:b2:2a:4a:9e:d1:2e:1a:39:bf:dd:de:8b:41:6d:38:ae:70:
e7:26:1e:71:68:66:92:6b:a7:f7:fb:b7:28:f0:04:ef:e2:63:
b9:91:ed:db:a3:26:2d:f1:f6:5d:cb:d1:18:a5:be:8c:94:d0:
fa:d7:d2:5d:dc:3d:af:c6:70:04:ff:fd:6d:7f:2c:bd:55:2f:
88:bb:ad:2b:a1:8c:b1:82:aa:f3:a0:86:7f:61:53:64:b4:cf:
41:8a:c2:fd:74:50:ab:31:03:18:29:fd:e0:ff:88:25:f2:48:
c1:e5:f5:04:69:25:7e:90:f8:78:05:09:61:dc:27:6d:22:40:
12:0c:ee:27:8f:d4:be:e1:31:d0:23:14:a5:9c:6f:78:c3:b9:
74:5d:3f:c8:f9:3a:2b:7b:a7:70:17:2f:d0:11:7f:a9:ae:8c:
59:d1:35:34:ec:4d:8d:96:51:85:96:c9:0c:94:25:57:a5:73:
68:91:61:dd:19:d0:1b:bd:76:17:8c:af:1c:bf:ff:8f:89:29:
60:db:f7:16
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDttH8khIC1RgatfV7CJVHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MTU1YWMzNGI2ZWMxNWYyMjZhZTk5MTNkNmFlY2ZjYTdh
Nzg0ZDQwHhcNMjQwMTAxMDYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2U3NGViMjk0NjI1YmZjY2EyNGIzYTc5NzhiMTg3ZGIzMGRkOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheoJm9jL3mHZVWfPx57YvJoOmh4H
ZnQPDNND9XDkfNs1vC4VP3UJJDNQt8+9LyeAGZQSuFGwbdG7YvueGqnEQ5HL7Q1v
jM5rZnw8ceZShfRiXqgSVjHJ9tfiKjRZueslgjssckgxh2T0kGk2uhQyQ/o+o0Zb
ztzkh36nUQQxf2JK0b95+P/Z4rD6v1ovRWZ8XlqZI9CUsLYNGDxOSdcCb+6pEG1q
ZBVlASf7F27T3ukxWSLrhs7AYFPtRtF8Oka5TfJcC0cLYU1y5rXs8/zIliCH9wWv
WFTA37eEUWAbGDLdDgEgcpXhIeYoX6+9BjhbefkqZnhmClh215TwOEKDMwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJPnTrKUYlv8yiSzp5eLGH2zDdjfMB8GA1UdIwQY
MBaAFLgVWsNLbsFfImrpkT1q7Pynp4TUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJWYXcwdHV3VjhpYXVtUlBXcnNfS2VuaE5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82MmEwMWQtZmVlYy00MGZkLTk4ZWQt
YmM4YzZkMjg2ZjFjLzEvay1kT3NwUmlXX3pLSkxPbmw0c1lmYk1OMk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82MmEwMWQtZmVlYy00MGZkLTk4ZWQtYmM4YzZkMjg2ZjFj
LzEvdUJWYXcwdHV3VjhpYXVtUlBXcnNfS2VuaE5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuWfYAwQB
uW++AwQCufUMMA0EAgACMAcDBQIqAuIgMA0GCSqGSIb3DQEBCwUAA4IBAQCAcU8E
TC3ElmiA4OKDD1DTX9x94YtpddDb7aLJMGFyZewNY8hiCNEMqmTdr5JB1kDF/5gm
LHX9sipKntEuGjm/3d6LQW04rnDnJh5xaGaSa6f3+7co8ATv4mO5ke3boyYt8fZd
y9EYpb6MlND619Jd3D2vxnAE//1tfyy9VS+Iu60roYyxgqrzoIZ/YVNktM9BisL9
dFCrMQMYKf3g/4gl8kjB5fUEaSV+kPh4BQlh3CdtIkASDO4nj9S+4THQIxSlnG94
w7l0XT/I+Tore6dwFy/QEX+proxZ0TU07E2NllGFlskMlCVXpXNokWHdGdAbvXYX
jK8cv/+PiSlg2/cW
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:41 2024 by rpki-client on console-ams.rpki-client.org