Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/a0hvPX27dDzt_VwF-WdZm2IjO7c.roa
File: a0hvPX27dDzt_VwF-WdZm2IjO7c.roa (raw, json)
Hash identifier: gZkL9IOKh+dxnXB1LQ1g0DOS7h7g7VvDIDf4toHMsp0=
Subject key identifier: 6B:48:6F:3D:7D:BB:74:3C:ED:FD:5C:05:F9:67:59:9B:62:23:3B:B7
Certificate issuer: /CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Certificate serial: 018DAE3442C6AD0DACD281DDA8F7CA6B627A
Authority key identifier: AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/a0hvPX27dDzt_VwF-WdZm2IjO7c.roa
Signing time: Thu 15 Feb 2024 19:17:57 +0000
ROA not before: Thu 15 Feb 2024 19:17:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2872
IP address blocks: 2.58.40.0/22 maxlen: 22
2.58.40.0/24 maxlen: 24
2.58.41.0/24 maxlen: 24
2.58.42.0/24 maxlen: 24
89.43.206.0/24 maxlen: 24
89.43.207.0/24 maxlen: 24
185.123.0.0/22 maxlen: 22
185.123.0.0/24 maxlen: 24
185.123.1.0/24 maxlen: 24
185.123.2.0/24 maxlen: 24
185.123.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.mft
rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ae:34:42:c6:ad:0d:ac:d2:81:dd:a8:f7:ca:6b:62:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8f5438073a621aea772f5cb7a4efd58c6b774c
Validity
Not Before: Feb 15 19:17:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b486f3d7dbb743cedfd5c05f967599b62233bb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:16:39:5a:6a:5f:35:76:f7:60:45:be:4e:a5:
51:cc:84:03:9a:4d:f1:0d:a9:54:34:a2:ed:a5:e8:
bc:e7:bb:84:e4:5b:44:2a:72:34:7d:77:80:13:e9:
c3:fd:b0:c0:5a:53:05:17:2f:71:5d:2e:35:f3:c3:
30:d3:ad:b5:fe:b3:eb:db:01:0e:63:f0:13:5c:6f:
ee:37:d7:7e:68:8c:34:e5:7c:8a:a0:cc:3f:a8:3e:
46:33:88:76:42:48:85:4c:1e:46:e3:76:de:31:7c:
26:a5:54:99:9a:37:ad:19:2b:0f:05:95:f3:67:4d:
25:52:47:fb:cb:32:f5:03:08:e1:1b:56:3f:eb:b6:
21:ec:fc:d5:74:15:34:70:4d:c9:66:06:70:b8:73:
72:32:d8:6c:34:47:68:3a:88:de:3c:b7:01:95:72:
01:f7:9e:23:d7:70:2c:60:0e:ca:3d:6c:96:54:86:
84:c4:e2:b0:d0:d0:6c:53:b7:07:f3:87:8b:d8:23:
f2:a6:28:ee:a3:ff:ee:79:74:95:87:22:57:43:b9:
00:23:fc:f1:fb:ed:44:7d:f1:b9:bc:32:6c:69:5d:
6b:cf:a3:88:f9:4a:0a:94:b4:b1:dc:14:ae:c1:be:
ac:ab:f2:89:c2:04:21:f5:ea:8d:53:3c:5e:64:f7:
62:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:48:6F:3D:7D:BB:74:3C:ED:FD:5C:05:F9:67:59:9B:62:23:3B:B7
X509v3 Authority Key Identifier:
keyid:AD:8F:54:38:07:3A:62:1A:EA:77:2F:5C:B7:A4:EF:D5:8C:6B:77:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/a0hvPX27dDzt_VwF-WdZm2IjO7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/d14ef5-f4db-43bc-8ccf-1778ba25d8b9/1/rY9UOAc6Yhrqdy9ct6Tv1Yxrd0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.40.0/22
89.43.206.0/23
185.123.0.0/22
Signature Algorithm: sha256WithRSAEncryption
74:8f:4f:ea:a4:fa:e1:a3:e8:f5:be:c4:7e:ac:93:e0:aa:66:
1e:60:1f:07:b8:ba:8b:86:44:e4:7a:f0:67:61:57:4f:a1:f3:
93:bc:ff:30:f7:0f:77:45:d9:0c:78:69:42:87:93:46:16:19:
ee:2d:0f:ff:58:9b:ed:62:9d:03:71:33:b9:2c:fb:d8:85:d0:
bd:24:15:ed:a5:34:52:eb:7b:9f:36:b9:3f:b9:aa:26:87:4d:
8c:35:ae:76:f3:d6:d1:b3:02:4e:77:4b:e0:ef:a1:06:c4:6e:
5b:4c:e5:a7:81:a7:c0:28:c1:61:9e:12:54:87:39:89:78:49:
b3:7d:e1:44:7b:61:87:6c:ae:6a:ab:47:28:68:5d:6b:6a:3e:
28:5f:0f:90:37:5a:d3:ea:39:28:99:60:ca:cc:d1:28:1f:aa:
14:82:0f:06:ce:41:c9:77:83:52:92:ce:15:72:8f:ea:71:dc:
54:37:89:32:a0:af:ab:c4:8c:2b:0d:52:a6:c4:09:ee:91:bb:
26:ac:f1:c2:ea:3c:67:f4:f8:9b:9a:10:b0:1d:47:f8:e2:96:
a1:9d:5a:f5:21:15:b8:17:f6:59:9b:a4:5d:97:c0:42:19:b6:
b7:dc:e8:72:6e:d1:66:95:cd:55:da:14:08:56:4f:9d:3e:5c:
60:bc:87:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY2uNELGrQ2s0oHdqPfKa2J6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGY1NDM4MDczYTYyMWFlYTc3MmY1Y2I3YTRlZmQ1OGM2
Yjc3NGMwHhcNMjQwMjE1MTkxNzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQ4NmYzZDdkYmI3NDNjZWRmZDVjMDVmOTY3NTk5YjYyMjMzYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBY5WmpfNXb3YEW+TqVRzIQDmk3x
DalUNKLtpei857uE5FtEKnI0fXeAE+nD/bDAWlMFFy9xXS4188Mw0621/rPr2wEO
Y/ATXG/uN9d+aIw05XyKoMw/qD5GM4h2QkiFTB5G43beMXwmpVSZmjetGSsPBZXz
Z00lUkf7yzL1AwjhG1Y/67Yh7PzVdBU0cE3JZgZwuHNyMthsNEdoOojePLcBlXIB
954j13AsYA7KPWyWVIaExOKw0NBsU7cH84eL2CPypijuo//ueXSVhyJXQ7kAI/zx
++1EffG5vDJsaV1rz6OI+UoKlLSx3BSuwb6sq/KJwgQh9eqNUzxeZPdiYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGtIbz19u3Q87f1cBflnWZtiIzu3MB8GA1UdIwQY
MBaAFK2PVDgHOmIa6ncvXLek79WMa3dMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2Yt
MTc3OGJhMjVkOGI5LzEvYTBodlBYMjdkRHp0X1Z3Ri1XZFptMklqTzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9kMTRlZjUtZjRkYi00M2JjLThjY2YtMTc3OGJhMjVkOGI5
LzEvclk5VU9BYzZZaHJxZHk5Y3Q2VHYxWXhyZDB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjooAwQB
WSvOAwQCuXsAMA0GCSqGSIb3DQEBCwUAA4IBAQB0j0/qpPrho+j1vsR+rJPgqmYe
YB8HuLqLhkTkevBnYVdPofOTvP8w9w93RdkMeGlCh5NGFhnuLQ//WJvtYp0DcTO5
LPvYhdC9JBXtpTRS63ufNrk/uaomh02MNa5289bRswJOd0vg76EGxG5bTOWngafA
KMFhnhJUhzmJeEmzfeFEe2GHbK5qq0coaF1raj4oXw+QN1rT6jkomWDKzNEoH6oU
gg8GzkHJd4NSks4Vco/qcdxUN4kyoK+rxIwrDVKmxAnukbsmrPHC6jxn9PibmhCw
HUf44pahnVr1IRW4F/ZZm6Rdl8BCGba33OhybtFmlc1V2hQIVk+dPlxgvIf1
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:39:08 2024 by rpki-client on console-ams.rpki-client.org