Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/pm0209an-ukKB6jpgVSDJiTRLJw.roa
File: pm0209an-ukKB6jpgVSDJiTRLJw.roa (raw, json)
Hash identifier: G3JPR74+CJz62Z45iSMSey4Uk6WS+n2IWK8Fc/cnIJI=
Subject key identifier: A6:6D:36:D3:D6:A7:FA:E9:0A:07:A8:E9:81:54:83:26:24:D1:2C:9C
Certificate issuer: /CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Certificate serial: 018CCA2A2A3DD37B936983E5BBF81D307694
Authority key identifier: 5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/pm0209an-ukKB6jpgVSDJiTRLJw.roa
Signing time: Tue 02 Jan 2024 12:33:30 +0000
ROA not before: Tue 02 Jan 2024 12:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15544
IP address blocks: 185.104.144.0/24 maxlen: 24
185.104.144.0/22 maxlen: 22
185.104.145.0/24 maxlen: 24
185.104.146.0/24 maxlen: 24
185.104.147.0/24 maxlen: 24
213.140.132.0/24 maxlen: 24
213.140.131.0/24 maxlen: 24
213.140.128.0/24 maxlen: 24
213.140.130.0/24 maxlen: 24
213.140.128.0/19 maxlen: 19
213.140.129.0/24 maxlen: 24
213.140.133.0/24 maxlen: 24
213.140.135.0/24 maxlen: 24
213.140.134.0/24 maxlen: 24
213.140.137.0/24 maxlen: 24
213.140.136.0/24 maxlen: 24
213.140.139.0/24 maxlen: 24
213.140.138.0/24 maxlen: 24
213.140.143.0/24 maxlen: 24
213.140.146.0/24 maxlen: 24
2a02:2298:4000::/36 maxlen: 36
2a02:2298:8000::/36 maxlen: 36
2a02:2298::/36 maxlen: 36
2a02:2298::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 19:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:2a:3d:d3:7b:93:69:83:e5:bb:f8:1d:30:76:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Validity
Not Before: Jan 2 12:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a66d36d3d6a7fae90a07a8e98154832624d12c9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:08:62:ea:54:0d:d6:e1:54:7c:fc:90:72:dc:
62:68:40:1d:9b:15:45:41:f1:51:5d:ad:40:e6:cc:
b8:9f:e2:7c:59:3f:10:d5:f5:ef:4f:e4:b0:dd:7a:
85:f5:46:28:82:0d:42:44:7a:5f:75:0d:82:19:5f:
b7:08:e0:b4:19:8e:fa:45:a4:39:d9:2a:ba:62:8b:
40:67:c1:a7:2d:09:18:59:c6:a8:5d:b2:92:dc:f2:
60:c0:64:3b:e2:f3:11:ad:81:43:b9:a1:57:ae:2c:
84:ef:f4:a7:9a:64:7b:51:bd:97:44:61:64:46:33:
54:49:37:f2:fc:ab:82:9d:3e:c5:88:65:5a:b6:7d:
58:fe:29:db:da:4e:3b:73:9d:c6:39:be:63:10:61:
d1:ad:7c:3f:25:a4:8e:2e:7e:1d:e1:c9:18:a0:69:
1d:96:2c:a7:59:ee:b6:a9:b9:89:64:1c:df:5e:8b:
2e:75:b8:fc:7c:7f:1f:51:d1:fe:50:f3:dc:dc:4d:
3e:93:60:26:8a:b1:88:b0:f8:19:93:e2:dc:d9:42:
63:b0:a2:6b:09:df:92:6e:35:ca:e6:ca:c7:f6:a3:
2e:5a:4f:47:50:5f:31:22:ef:c7:d8:91:8a:ca:c1:
b8:ee:e6:3c:6d:48:50:c2:0e:f9:8a:59:c8:c9:87:
c9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6D:36:D3:D6:A7:FA:E9:0A:07:A8:E9:81:54:83:26:24:D1:2C:9C
X509v3 Authority Key Identifier:
keyid:5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/pm0209an-ukKB6jpgVSDJiTRLJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.144.0/22
213.140.128.0/19
IPv6:
2a02:2298::/32
Signature Algorithm: sha256WithRSAEncryption
15:a5:9f:7e:84:de:14:ba:af:ed:75:64:20:d8:0d:47:b3:9e:
e5:15:de:09:70:a1:31:c7:14:5d:75:7e:8a:2a:8b:68:b5:e1:
45:59:34:f5:79:c9:82:b5:15:16:09:77:da:e7:71:82:e7:ef:
fd:30:57:1b:30:cc:39:cb:69:ed:e0:db:20:19:13:d2:e8:84:
36:1f:4c:7c:bf:97:c9:6c:4d:51:98:8a:0d:af:14:7f:0d:52:
1c:56:ea:bd:ea:49:60:7d:cb:1c:cb:a4:0b:1d:0a:76:2e:fd:
1b:5f:26:22:76:22:24:55:c5:64:de:07:da:86:1e:c0:7f:56:
10:42:45:6c:18:b7:25:32:37:42:18:bd:ca:7d:78:eb:3d:99:
34:b7:6b:e9:6d:ca:86:b7:57:14:76:34:3c:74:ef:83:c8:c0:
3e:ff:31:7a:da:e3:f4:e1:c1:28:40:e8:9b:4c:22:66:15:af:
7e:43:92:78:ea:1a:31:f3:d3:81:76:4a:2a:ff:25:a3:d4:e0:
b2:5c:73:60:ce:fe:09:a9:87:1d:9a:e0:21:56:3b:81:c7:a2:
87:c5:70:78:e8:28:90:1f:1e:fd:6a:5b:56:b1:3f:1a:bc:f3:
1b:e4:32:ef:d4:13:54:c7:ef:59:b0:81:2f:0d:bc:f8:00:31:
7c:50:20:61
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKio903uTaYPlu/gdMHaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGE5ZmQ3YzUxOTI2ZTIyZWE4YWEzM2IzYjg4MzhlOTNl
OGJlZGQwHhcNMjQwMTAyMTIzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZkMzZkM2Q2YTdmYWU5MGEwN2E4ZTk4MTU0ODMyNjI0ZDEyYzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwhi6lQN1uFUfPyQctxiaEAdmxVF
QfFRXa1A5sy4n+J8WT8Q1fXvT+Sw3XqF9UYogg1CRHpfdQ2CGV+3COC0GY76RaQ5
2Sq6YotAZ8GnLQkYWcaoXbKS3PJgwGQ74vMRrYFDuaFXriyE7/SnmmR7Ub2XRGFk
RjNUSTfy/KuCnT7FiGVatn1Y/inb2k47c53GOb5jEGHRrXw/JaSOLn4d4ckYoGkd
liynWe62qbmJZBzfXosudbj8fH8fUdH+UPPc3E0+k2AmirGIsPgZk+Lc2UJjsKJr
Cd+SbjXK5srH9qMuWk9HUF8xIu/H2JGKysG47uY8bUhQwg75ilnIyYfJ/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKZtNtPWp/rpCgeo6YFUgyYk0SycMB8GA1UdIwQY
MBaAFF2Kn9fFGSbiLqiqM7O4g46T6L7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlxZjE4VVpKdUl1cUtvenM3aURqcFBvdnQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9iYjg2MWQtMzMwZi00YTk3LTlmOWMt
NjZjNTNmMmIxZjAyLzEvcG0wMjA5YW4tdWtLQjZqcGdWU0RKaVRSTEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9iYjg2MWQtMzMwZi00YTk3LTlmOWMtNjZjNTNmMmIxZjAy
LzEvWFlxZjE4VVpKdUl1cUtvenM3aURqcFBvdnQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWiQAwQF
1YyAMA0EAgACMAcDBQAqAiKYMA0GCSqGSIb3DQEBCwUAA4IBAQAVpZ9+hN4Uuq/t
dWQg2A1Hs57lFd4JcKExxxRddX6KKototeFFWTT1ecmCtRUWCXfa53GC5+/9MFcb
MMw5y2nt4NsgGRPS6IQ2H0x8v5fJbE1RmIoNrxR/DVIcVuq96klgfcscy6QLHQp2
Lv0bXyYidiIkVcVk3gfahh7Af1YQQkVsGLclMjdCGL3KfXjrPZk0t2vpbcqGt1cU
djQ8dO+DyMA+/zF62uP04cEoQOibTCJmFa9+Q5J46hox89OBdkoq/yWj1OCyXHNg
zv4JqYcdmuAhVjuBx6KHxXB46CiQHx79altWsT8avPMb5DLv1BNUx+9ZsIEvDbz4
ADF8UCBh
-----END CERTIFICATE-----
Generated at Fri Sep 27 23:50:01 2024 by rpki-client on console-ams.rpki-client.org