Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/e8f4b3-2120-4ecb-9609-cb9c58f510cb/1/uIKX8t6tTImBh1iZQn16or_6d3Q.roa
File: uIKX8t6tTImBh1iZQn16or_6d3Q.roa (raw, json)
Hash identifier: T1A//JrN/0KqesEvZD0WRnyQxl4tuAbyJYkUfGRrZpc=
Subject key identifier: B8:82:97:F2:DE:AD:4C:89:81:87:58:99:42:7D:7A:A2:BF:FA:77:74
Certificate issuer: /CN=af4ef4a8ed3711b6acd68c0f48f621831fd5aaae
Certificate serial: 018CC7958CA4DBD757E65E3E6C8BCA6C7FC1
Authority key identifier: AF:4E:F4:A8:ED:37:11:B6:AC:D6:8C:0F:48:F6:21:83:1F:D5:AA:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r070qO03Ebas1owPSPYhgx_Vqq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/e8f4b3-2120-4ecb-9609-cb9c58f510cb/1/uIKX8t6tTImBh1iZQn16or_6d3Q.roa
Signing time: Tue 02 Jan 2024 00:31:55 +0000
ROA not before: Tue 02 Jan 2024 00:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207141
IP address blocks: 185.164.253.0/24 maxlen: 24
185.164.252.0/24 maxlen: 24
185.164.252.0/22 maxlen: 24
185.206.237.0/24 maxlen: 24
185.206.239.0/24 maxlen: 24
185.206.236.0/24 maxlen: 24
185.206.236.0/22 maxlen: 24
185.206.238.0/24 maxlen: 24
2a0b:1b40::/29 maxlen: 29
2a0b:b400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/e8f4b3-2120-4ecb-9609-cb9c58f510cb/1/r070qO03Ebas1owPSPYhgx_Vqq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/e8f4b3-2120-4ecb-9609-cb9c58f510cb/1/r070qO03Ebas1owPSPYhgx_Vqq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/r070qO03Ebas1owPSPYhgx_Vqq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8c:a4:db:d7:57:e6:5e:3e:6c:8b:ca:6c:7f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af4ef4a8ed3711b6acd68c0f48f621831fd5aaae
Validity
Not Before: Jan 2 00:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b88297f2dead4c8981875899427d7aa2bffa7774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6a:95:e8:67:58:78:f0:f2:6b:81:89:2d:c8:
d5:61:7f:5f:14:47:65:88:5b:0f:1c:02:f5:12:ef:
66:42:22:b2:be:41:8c:a5:ba:90:b9:7f:60:8a:15:
39:ba:ed:1c:53:e3:2c:f5:89:0d:60:7c:f5:c8:0a:
db:e5:98:d9:25:22:3f:b6:87:f4:6e:8c:d7:c9:b5:
96:47:11:05:f8:47:02:f1:fd:ab:09:2b:9e:3b:a4:
5c:63:ce:0a:61:0b:91:4b:3b:dc:b1:94:07:51:99:
2c:e6:53:c0:ab:98:cc:ea:04:01:b6:47:88:78:25:
41:27:0c:df:b7:27:de:26:95:f9:9d:9c:2e:6f:f8:
d5:48:fe:31:0d:0c:29:74:7e:41:5a:94:b8:62:4a:
74:e4:b1:71:af:87:4a:f0:ba:02:88:ad:e8:d6:63:
8b:49:83:38:ba:c7:23:59:67:8f:ca:15:2d:77:a8:
39:de:8b:24:cf:ec:c7:70:18:4a:f5:2e:5c:d3:5c:
97:9e:f5:78:0a:bc:71:54:c1:b2:55:03:54:78:a7:
20:ce:87:c1:fa:bc:f4:c9:e5:ca:9d:0d:79:cc:28:
9f:1b:18:48:9b:de:e7:f1:ee:95:d9:93:a7:90:7b:
52:d1:fb:c8:d5:96:56:14:e3:a7:3a:6b:4a:d4:00:
4d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:82:97:F2:DE:AD:4C:89:81:87:58:99:42:7D:7A:A2:BF:FA:77:74
X509v3 Authority Key Identifier:
keyid:AF:4E:F4:A8:ED:37:11:B6:AC:D6:8C:0F:48:F6:21:83:1F:D5:AA:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r070qO03Ebas1owPSPYhgx_Vqq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/e8f4b3-2120-4ecb-9609-cb9c58f510cb/1/uIKX8t6tTImBh1iZQn16or_6d3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/e8f4b3-2120-4ecb-9609-cb9c58f510cb/1/r070qO03Ebas1owPSPYhgx_Vqq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.252.0/22
185.206.236.0/22
IPv6:
2a0b:1b40::/29
2a0b:b400::/29
Signature Algorithm: sha256WithRSAEncryption
32:bd:55:9d:a0:b6:b7:89:c9:be:19:98:fe:e6:24:78:ec:a9:
05:fc:1f:b1:5f:0f:7e:75:bc:79:1c:8e:84:de:5a:44:b1:bf:
19:e3:2e:0e:df:7b:e0:75:aa:7f:bf:0b:0b:76:f6:48:04:04:
00:12:aa:6d:bd:2e:d1:50:10:79:23:e6:e6:e0:1c:62:60:d4:
a1:c1:94:6e:91:18:45:3e:df:16:b5:49:65:3e:bf:27:65:6b:
ad:c0:64:e1:ee:7a:17:86:46:85:ce:0d:85:64:ab:fc:c1:52:
5a:80:22:9a:13:08:e1:2b:b9:10:db:b9:f7:73:04:17:77:e0:
16:ac:5f:d3:dc:fb:3b:9b:28:3c:f3:a3:d4:6a:17:4f:eb:f6:
46:43:a6:f6:d3:93:27:c3:00:ce:2f:f4:c9:c8:af:e5:9d:2c:
c4:1f:54:f9:f9:cb:ed:5b:c7:c4:3c:30:80:81:ea:5b:01:be:
bc:08:74:da:d2:0e:fb:46:3f:a3:de:ec:9d:d0:43:0d:38:dc:
79:11:f7:29:d5:60:2c:ef:d8:ea:80:6f:1e:35:50:36:e4:9c:
ac:99:76:52:b6:32:38:ce:3b:6a:48:d4:5f:8e:01:19:ba:15:
f0:eb:7f:0b:7f:23:ec:b1:a2:05:be:dd:f4:a2:d3:ad:20:6c:
c3:b9:6d:d8
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzHlYyk29dX5l4+bIvKbH/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNGVmNGE4ZWQzNzExYjZhY2Q2OGMwZjQ4ZjYyMTgzMWZk
NWFhYWUwHhcNMjQwMTAyMDAzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODgyOTdmMmRlYWQ0Yzg5ODE4NzU4OTk0MjdkN2FhMmJmZmE3Nzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymqV6GdYePDya4GJLcjVYX9fFEdl
iFsPHAL1Eu9mQiKyvkGMpbqQuX9gihU5uu0cU+Ms9YkNYHz1yArb5ZjZJSI/tof0
bozXybWWRxEF+EcC8f2rCSueO6RcY84KYQuRSzvcsZQHUZks5lPAq5jM6gQBtkeI
eCVBJwzftyfeJpX5nZwub/jVSP4xDQwpdH5BWpS4Ykp05LFxr4dK8LoCiK3o1mOL
SYM4uscjWWePyhUtd6g53oskz+zHcBhK9S5c01yXnvV4CrxxVMGyVQNUeKcgzofB
+rz0yeXKnQ15zCifGxhIm97n8e6V2ZOnkHtS0fvI1ZZWFOOnOmtK1ABN0wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLiCl/LerUyJgYdYmUJ9eqK/+nd0MB8GA1UdIwQY
MBaAFK9O9KjtNxG2rNaMD0j2IYMf1aquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjA3MHFPMDNFYmFzMW93UFNQWWhneF9WcXE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9lOGY0YjMtMjEyMC00ZWNiLTk2MDkt
Y2I5YzU4ZjUxMGNiLzEvdUlLWDh0NnRUSW1CaDFpWlFuMTZvcl82ZDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9lOGY0YjMtMjEyMC00ZWNiLTk2MDktY2I5YzU4ZjUxMGNi
LzEvcjA3MHFPMDNFYmFzMW93UFNQWWhneF9WcXE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuaT8AwQC
uc7sMBQEAgACMA4DBQMqCxtAAwUDKgu0ADANBgkqhkiG9w0BAQsFAAOCAQEAMr1V
naC2t4nJvhmY/uYkeOypBfwfsV8PfnW8eRyOhN5aRLG/GeMuDt974HWqf78LC3b2
SAQEABKqbb0u0VAQeSPm5uAcYmDUocGUbpEYRT7fFrVJZT6/J2VrrcBk4e56F4ZG
hc4NhWSr/MFSWoAimhMI4Su5ENu593MEF3fgFqxf09z7O5soPPOj1GoXT+v2RkOm
9tOTJ8MAzi/0yciv5Z0sxB9U+fnL7VvHxDwwgIHqWwG+vAh02tIO+0Y/o97sndBD
DTjceRH3KdVgLO/Y6oBvHjVQNuScrJl2UrYyOM47akjUX44BGboV8Ot/C38j7LGi
Bb7d9KLTrSBsw7lt2A==
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:42:06 2024 by rpki-client on console-ams.rpki-client.org