Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/REFsfrGVesJKFWudGVC2bUEaQxg.roa
File: REFsfrGVesJKFWudGVC2bUEaQxg.roa (raw, json)
Hash identifier: TMggVMykwpt2yA42VHi/avWLczFqO/OejGkHA5dvyT0=
Subject key identifier: 44:41:6C:7E:B1:95:7A:C2:4A:15:6B:9D:19:50:B6:6D:41:1A:43:18
Certificate issuer: /CN=8536146119b044539082e326cca903200b8d4b1a
Certificate serial: 018F34111F1E80CCBA48576BF39F495C9FEA
Authority key identifier: 85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/REFsfrGVesJKFWudGVC2bUEaQxg.roa
Signing time: Wed 01 May 2024 12:11:28 +0000
ROA not before: Wed 01 May 2024 12:11:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202269
IP address blocks: 185.110.188.0/24 maxlen: 24
185.110.189.0/24 maxlen: 24
185.110.190.0/24 maxlen: 24
185.110.191.0/24 maxlen: 24
185.208.172.0/24 maxlen: 24
185.208.173.0/24 maxlen: 24
2a14:7980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:11:1f:1e:80:cc:ba:48:57:6b:f3:9f:49:5c:9f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8536146119b044539082e326cca903200b8d4b1a
Validity
Not Before: May 1 12:11:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44416c7eb1957ac24a156b9d1950b66d411a4318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3e:f8:47:60:46:a9:0f:ea:62:47:e5:d4:71:
20:25:4f:57:be:6e:d8:8b:13:40:6c:d5:cf:a1:8d:
06:96:1e:c7:37:23:10:05:7b:1f:22:b3:3b:92:0c:
b4:0c:c1:59:b0:76:5b:bd:48:c1:d4:86:cd:38:6b:
01:61:dd:28:24:a0:49:5b:e8:0e:68:15:d9:2e:9e:
08:49:e7:df:d5:f3:3a:d4:3a:e4:49:8b:c5:16:be:
b5:b8:a6:14:f2:f8:02:c8:06:a7:73:e1:41:92:ba:
72:82:54:a1:04:a9:76:57:03:9f:26:26:25:35:22:
70:c1:b5:7f:3a:0d:ad:76:c0:6e:fc:1a:83:e3:25:
5b:5b:a7:92:83:c0:24:38:be:d9:70:05:65:2c:e7:
ef:24:56:b2:d6:ba:3d:83:73:f9:c0:77:47:db:6c:
0a:86:03:6d:69:25:02:00:63:2c:ba:8b:02:49:5e:
57:7c:eb:04:82:bd:13:a4:04:d0:af:09:68:a7:ae:
d2:91:81:0f:e1:5b:dd:22:09:8c:c5:b6:6b:78:80:
c0:fb:79:1b:0f:6a:99:53:06:7a:d0:12:39:96:92:
07:d9:af:60:90:ee:3c:1e:c6:f1:5b:c6:c9:a3:c1:
11:77:41:87:fa:0f:2f:89:da:2e:c5:0b:0c:9f:ec:
bb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:41:6C:7E:B1:95:7A:C2:4A:15:6B:9D:19:50:B6:6D:41:1A:43:18
X509v3 Authority Key Identifier:
keyid:85:36:14:61:19:B0:44:53:90:82:E3:26:CC:A9:03:20:0B:8D:4B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTYUYRmwRFOQguMmzKkDIAuNSxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/REFsfrGVesJKFWudGVC2bUEaQxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d5f93-ac5a-41e3-80c3-0c67217cc96b/1/hTYUYRmwRFOQguMmzKkDIAuNSxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.188.0/22
185.208.172.0/23
IPv6:
2a14:7980::/32
Signature Algorithm: sha256WithRSAEncryption
59:4d:5c:7f:7e:7f:9c:08:e4:a0:37:2b:ea:70:36:a4:a0:09:
51:ee:bc:e0:4b:59:16:a3:8c:77:9c:d0:61:04:e9:3d:75:cb:
c0:67:df:d4:91:92:3e:64:41:2c:05:28:95:40:71:5f:ad:55:
d4:d9:5d:fe:fa:f2:d3:ec:a8:e2:5b:7b:88:c3:c6:83:16:63:
ad:dc:92:ea:c2:77:41:0e:b6:8b:27:5f:e2:15:1b:cf:71:63:
70:c8:36:6a:0f:71:7a:6a:15:1f:af:19:3c:ce:0a:63:b0:80:
67:4b:fa:b0:42:59:18:96:e5:74:08:3e:d3:5f:4e:34:e5:38:
7b:64:7c:ce:75:e2:ef:af:50:71:67:c3:27:d5:a7:bd:65:1e:
88:de:cd:f7:28:5a:8e:4b:ee:95:89:15:95:df:1f:e6:f8:91:
66:67:46:b1:52:2b:bb:fd:d5:c8:ea:54:9e:b2:e0:e0:38:62:
6e:c9:a4:ec:79:ad:63:29:07:64:10:17:a2:a1:04:0e:fd:49:
ac:fb:00:73:76:14:98:4d:09:ab:57:ec:ad:bc:18:c6:02:35:
20:df:78:b8:ee:bd:e4:d1:b1:d4:79:78:fc:f0:6b:61:95:00:
7d:51:de:e0:51:a8:f6:0f:f0:14:bc:d9:c0:5a:55:01:c4:7b:
3f:8c:9f:8a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY80ER8egMy6SFdr859JXJ/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzYxNDYxMTliMDQ0NTM5MDgyZTMyNmNjYTkwMzIwMGI4
ZDRiMWEwHhcNMjQwNTAxMTIxMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDQxNmM3ZWIxOTU3YWMyNGExNTZiOWQxOTUwYjY2ZDQxMWE0MzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD74R2BGqQ/qYkfl1HEgJU9Xvm7Y
ixNAbNXPoY0Glh7HNyMQBXsfIrM7kgy0DMFZsHZbvUjB1IbNOGsBYd0oJKBJW+gO
aBXZLp4ISeff1fM61DrkSYvFFr61uKYU8vgCyAanc+FBkrpyglShBKl2VwOfJiYl
NSJwwbV/Og2tdsBu/BqD4yVbW6eSg8AkOL7ZcAVlLOfvJFay1ro9g3P5wHdH22wK
hgNtaSUCAGMsuosCSV5XfOsEgr0TpATQrwlop67SkYEP4VvdIgmMxbZreIDA+3kb
D2qZUwZ60BI5lpIH2a9gkO48HsbxW8bJo8ERd0GH+g8vidouxQsMn+y7zwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFERBbH6xlXrCShVrnRlQtm1BGkMYMB8GA1UdIwQY
MBaAFIU2FGEZsERTkILjJsypAyALjUsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMt
MGM2NzIxN2NjOTZiLzEvUkVGc2ZyR1Zlc0pLRld1ZEdWQzJiVUVhUXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDVmOTMtYWM1YS00MWUzLTgwYzMtMGM2NzIxN2NjOTZi
LzEvaFRZVVlSbXdSRk9RZ3VNbXpLa0RJQXVOU3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuW68AwQB
udCsMA0EAgACMAcDBQAqFHmAMA0GCSqGSIb3DQEBCwUAA4IBAQBZTVx/fn+cCOSg
NyvqcDakoAlR7rzgS1kWo4x3nNBhBOk9dcvAZ9/UkZI+ZEEsBSiVQHFfrVXU2V3+
+vLT7KjiW3uIw8aDFmOt3JLqwndBDraLJ1/iFRvPcWNwyDZqD3F6ahUfrxk8zgpj
sIBnS/qwQlkYluV0CD7TX0405Th7ZHzOdeLvr1BxZ8Mn1ae9ZR6I3s33KFqOS+6V
iRWV3x/m+JFmZ0axUiu7/dXI6lSesuDgOGJuyaTsea1jKQdkEBeioQQO/Ums+wBz
dhSYTQmrV+ytvBjGAjUg33i47r3k0bHUeXj88GthlQB9Ud7gUaj2D/AUvNnAWlUB
xHs/jJ+K
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:08:08 2024 by rpki-client on console-fra.rpki-client.org