Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/hA1kaSkD77-TU6UCb0iQuxe6nvA.roa
File: hA1kaSkD77-TU6UCb0iQuxe6nvA.roa (raw, json)
Hash identifier: 0Gt3yqMrII4kNS80OEQfyiKT8Ll6Fm0e0HWuqdb1T0g=
Subject key identifier: 84:0D:64:69:29:03:EF:BF:93:53:A5:02:6F:48:90:BB:17:BA:9E:F0
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018CC424F29B1EDD607D440B63FBE886EC89
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/hA1kaSkD77-TU6UCb0iQuxe6nvA.roa
Signing time: Mon 01 Jan 2024 08:30:04 +0000
ROA not before: Mon 01 Jan 2024 08:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29262
IP address blocks: 185.87.24.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.189.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.98.60.0/24 maxlen: 24
2a0c:67c0::/29 maxlen: 29
2a0b:6780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 13:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f2:9b:1e:dd:60:7d:44:0b:63:fb:e8:86:ec:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 08:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=840d64692903efbf9353a5026f4890bb17ba9ef0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:45:bc:73:b3:68:15:50:0f:4b:35:bd:43:5c:
20:e2:59:3f:0c:d6:6b:85:85:94:f8:29:9d:d8:df:
0d:6f:3b:ef:1c:c9:23:c5:6c:ac:b4:9f:80:8f:bc:
de:70:f8:ef:ab:02:28:3d:29:1d:ab:ae:44:29:1a:
65:75:4d:64:88:2b:14:8d:b1:49:a4:8c:74:db:0b:
0b:dd:f3:1a:8b:27:99:74:a5:40:6f:c6:4b:11:76:
a2:7e:8e:9f:06:fd:10:cb:d7:be:4a:f0:0b:e2:88:
96:c8:10:70:ed:a5:78:64:65:49:f3:d2:5d:29:83:
0d:c4:b6:d8:2a:96:79:71:0d:6a:10:a7:7f:27:79:
cf:66:62:47:ab:f8:1e:d0:ec:4e:ff:f1:ea:32:e6:
52:f6:ac:cc:1b:a4:1c:e0:e0:c0:bb:74:cc:20:a1:
84:bd:f6:74:ba:5d:c6:db:4e:04:38:93:1a:22:6a:
10:32:d6:ae:d0:b6:a5:ab:f3:97:cd:73:17:95:0a:
1d:ab:db:d7:81:7a:1c:c7:32:8f:3b:ca:42:77:91:
30:31:86:7b:1e:8a:49:cb:4b:a1:c2:47:17:77:64:
6f:d3:d2:da:bd:4b:cd:e1:ef:4a:7b:b5:71:7b:69:
94:46:aa:fe:f2:4e:18:b8:27:04:60:12:00:ef:4e:
6c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0D:64:69:29:03:EF:BF:93:53:A5:02:6F:48:90:BB:17:BA:9E:F0
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/hA1kaSkD77-TU6UCb0iQuxe6nvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.98.60.0/24
185.119.80.0/22
185.141.32.0/24
IPv6:
2a0b:6780::/29
2a0c:67c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:63:e5:3b:3b:da:53:7d:b2:54:06:c0:ea:42:62:78:e0:5f:
41:a3:80:b2:fa:19:43:20:bc:25:e3:4a:04:ae:a3:be:6c:9c:
a9:c3:cc:59:e5:a0:6e:9c:46:af:da:ab:70:83:58:fa:b5:49:
68:49:d2:38:08:dd:ef:8d:fb:02:ca:82:0a:ea:dc:0a:e2:b2:
bd:36:fa:b8:cb:17:84:93:af:87:fd:ab:7c:a0:56:50:44:3a:
a9:98:00:7f:86:05:30:b8:3f:0c:78:58:63:41:f4:bd:2a:9c:
5c:44:f4:c6:90:4f:2e:41:22:b9:f7:a8:8c:f2:e2:34:c3:82:
39:37:37:b2:90:ab:fb:a7:a5:f0:7e:1c:6d:f7:75:0b:46:59:
a0:1d:89:3b:fe:84:3d:d9:7b:f8:cd:93:f1:cd:6a:af:fc:83:
76:c7:dc:95:3c:4f:e7:86:56:31:c5:d3:67:73:65:d9:d7:27:
da:89:dd:dc:a1:86:ef:bb:35:1f:6b:42:11:69:6e:21:16:db:
16:fd:9a:d3:fe:7b:73:ff:f1:1e:e2:ad:1b:88:7e:3d:ad:53:
cc:14:d2:d7:45:29:f3:50:69:5c:0d:d9:69:46:74:7c:86:ea:
9f:17:68:ac:5f:28:bb:31:71:c8:1e:f4:06:7f:ba:d8:d9:88:
69:df:9a:67
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzEJPKbHt1gfUQLY/vohuyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDBkNjQ2OTI5MDNlZmJmOTM1M2E1MDI2ZjQ4OTBiYjE3YmE5ZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0W8c7NoFVAPSzW9Q1wg4lk/DNZr
hYWU+Cmd2N8NbzvvHMkjxWystJ+Aj7zecPjvqwIoPSkdq65EKRpldU1kiCsUjbFJ
pIx02wsL3fMaiyeZdKVAb8ZLEXaifo6fBv0Qy9e+SvAL4oiWyBBw7aV4ZGVJ89Jd
KYMNxLbYKpZ5cQ1qEKd/J3nPZmJHq/ge0OxO//HqMuZS9qzMG6Qc4ODAu3TMIKGE
vfZ0ul3G204EOJMaImoQMtau0Lalq/OXzXMXlQodq9vXgXocxzKPO8pCd5EwMYZ7
HopJy0uhwkcXd2Rv09LavUvN4e9Ke7Vxe2mURqr+8k4YuCcEYBIA705sMwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFIQNZGkpA++/k1OlAm9IkLsXup7wMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvaEExa2FTa0Q3Ny1UVTZVQ2IwaVF1eGU2bnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBuBAIAATBoMAwDBAC5
Vb0DBAa5VYAwDAMEALlV7QMEBLlV4AMEALlWBQMEALlWDTAMAwQAuVaZAwQAuVaa
AwQCuVakAwQAuVcYAwQBuVcaMAwDBAC5V3kDBAK5V3gDBAC5YjwDBAK5d1ADBAC5
jSAwFAQCAAIwDgMFAyoLZ4ADBQMqDGfAMA0GCSqGSIb3DQEBCwUAA4IBAQBvY+U7
O9pTfbJUBsDqQmJ44F9Bo4Cy+hlDILwl40oErqO+bJypw8xZ5aBunEav2qtwg1j6
tUloSdI4CN3vjfsCyoIK6twK4rK9Nvq4yxeEk6+H/at8oFZQRDqpmAB/hgUwuD8M
eFhjQfS9KpxcRPTGkE8uQSK596iM8uI0w4I5NzeykKv7p6Xwfhxt93ULRlmgHYk7
/oQ92Xv4zZPxzWqv/IN2x9yVPE/nhlYxxdNnc2XZ1yfaid3coYbvuzUfa0IRaW4h
FtsW/ZrT/ntz//Ee4q0biH49rVPMFNLXRSnzUGlcDdlpRnR8huqfF2isXyi7MXHI
HvQGf7rY2Yhp35pn
-----END CERTIFICATE-----
Generated at Tue Apr 30 19:22:09 2024 by rpki-client on console-fra.rpki-client.org