Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/P6wlXmtMaELDeVXx4zWPOYYK3qg.roa
File: P6wlXmtMaELDeVXx4zWPOYYK3qg.roa (raw, json)
Hash identifier: dvFTxiwfVS9OKQvbm7xo1xt9JZ/wGzw7RhN+XjGqIMU=
Subject key identifier: 3F:AC:25:5E:6B:4C:68:42:C3:79:55:F1:E3:35:8F:39:86:0A:DE:A8
Certificate issuer: /CN=215a409d27b9a69346324004694da11beae02dbb
Certificate serial: 0191C22494316F59A6080618C33003607457
Authority key identifier: 21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/P6wlXmtMaELDeVXx4zWPOYYK3qg.roa
Signing time: Thu 05 Sep 2024 12:24:22 +0000
ROA not before: Thu 05 Sep 2024 12:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50500
IP address blocks: 185.114.88.0/24 maxlen: 24
185.114.89.0/24 maxlen: 24
185.114.90.0/24 maxlen: 24
185.114.91.0/24 maxlen: 24
185.134.177.0/24 maxlen: 24
185.134.178.0/24 maxlen: 24
185.134.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 15:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c2:24:94:31:6f:59:a6:08:06:18:c3:30:03:60:74:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=215a409d27b9a69346324004694da11beae02dbb
Validity
Not Before: Sep 5 12:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fac255e6b4c6842c37955f1e3358f39860adea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:3d:81:88:bd:93:47:d7:14:18:21:c8:b2:63:
62:a1:3e:42:11:ad:9d:f0:11:4b:4c:93:be:55:3f:
23:24:42:e4:b1:fe:ff:22:4a:bd:34:f1:83:e9:09:
2f:f8:4d:60:d4:a7:7d:a4:6b:39:d0:e4:ba:cd:21:
6d:8e:2c:6a:a7:4e:94:c8:c8:00:fd:b6:0e:9a:63:
e9:9e:25:6b:c1:a2:f9:29:42:85:e8:d1:f7:9e:e2:
50:ed:ac:5e:df:de:2b:a4:4c:96:e6:76:2c:0a:a4:
4b:c7:f3:ce:84:f3:f7:a5:4f:2d:ce:02:17:3a:4d:
24:52:60:73:c0:27:eb:d8:6f:45:b1:53:9c:a3:14:
58:9b:e1:e5:45:c8:59:38:b3:8d:f3:5a:90:e6:27:
ee:a8:19:e7:24:6d:99:88:9d:67:86:11:42:fc:c2:
fa:c9:35:43:85:7f:bf:34:0f:28:17:cd:77:f3:74:
8e:74:05:ed:e9:e0:26:1c:ce:2e:37:61:16:e3:04:
49:72:4a:56:bf:da:18:69:6e:22:bd:d5:9f:84:55:
ab:e3:16:96:c9:e9:57:87:ee:26:0a:7f:d7:84:8f:
f0:ff:5f:65:27:eb:cc:0f:f3:26:88:99:c7:cd:f0:
20:61:a9:0d:65:b7:d5:c7:3f:b1:31:20:0f:aa:38:
50:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:AC:25:5E:6B:4C:68:42:C3:79:55:F1:E3:35:8F:39:86:0A:DE:A8
X509v3 Authority Key Identifier:
keyid:21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/P6wlXmtMaELDeVXx4zWPOYYK3qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.88.0/22
185.134.177.0-185.134.179.255
Signature Algorithm: sha256WithRSAEncryption
40:05:90:28:7a:88:e6:c2:16:e6:69:64:ab:be:11:52:2e:23:
c0:0b:c5:ed:da:4d:fd:82:01:39:fb:57:59:af:36:30:da:fb:
4f:b1:d6:8c:27:16:c9:0a:6d:5e:b4:c9:db:cd:d4:8a:13:8f:
9f:c4:91:f5:f2:2d:b6:4e:19:98:1a:80:01:70:09:c0:57:b5:
27:b6:ab:78:30:cc:ba:89:b7:e3:e8:6f:ee:c5:92:67:3f:1a:
3d:c8:d1:ea:28:88:2e:e9:74:5a:b7:56:53:1a:51:ae:96:22:
c0:57:4f:a7:ce:75:70:14:ca:a1:b6:ab:47:67:0c:06:66:11:
90:21:62:20:f1:e8:45:77:d0:b0:b9:47:36:e0:22:43:db:77:
9c:de:40:f1:41:bc:de:ee:fb:84:a0:cd:c4:0e:a9:19:2a:e8:
5c:e3:b8:e8:c1:be:ae:eb:f5:bc:c1:63:23:e0:bf:c8:6d:5b:
95:10:56:b2:e9:b2:c0:62:09:1d:96:26:62:c0:62:f2:fd:49:
e0:97:d4:04:0d:6f:9b:3b:d1:14:34:03:a4:3a:c8:fb:e4:57:
ad:f1:64:d1:a4:f0:b7:5e:61:05:33:6b:e7:fe:c5:8c:30:26:
92:61:af:d1:04:46:47:20:af:85:62:81:13:19:28:ef:7a:2d:
6e:fd:83:67
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZHCJJQxb1mmCAYYwzADYHRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNWE0MDlkMjdiOWE2OTM0NjMyNDAwNDY5NGRhMTFiZWFl
MDJkYmIwHhcNMjQwOTA1MTIyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmFjMjU1ZTZiNGM2ODQyYzM3OTU1ZjFlMzM1OGYzOTg2MGFkZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6j2BiL2TR9cUGCHIsmNioT5CEa2d
8BFLTJO+VT8jJELksf7/Ikq9NPGD6Qkv+E1g1Kd9pGs50OS6zSFtjixqp06UyMgA
/bYOmmPpniVrwaL5KUKF6NH3nuJQ7axe394rpEyW5nYsCqRLx/POhPP3pU8tzgIX
Ok0kUmBzwCfr2G9FsVOcoxRYm+HlRchZOLON81qQ5ifuqBnnJG2ZiJ1nhhFC/ML6
yTVDhX+/NA8oF81383SOdAXt6eAmHM4uN2EW4wRJckpWv9oYaW4ivdWfhFWr4xaW
yelXh+4mCn/XhI/w/19lJ+vMD/MmiJnHzfAgYakNZbfVxz+xMSAPqjhQ4wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFD+sJV5rTGhCw3lV8eM1jzmGCt6oMB8GA1UdIwQY
MBaAFCFaQJ0nuaaTRjJABGlNoRvq4C27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2Ut
OThkMmZlZTBmODdhLzEvUDZ3bFhtdE1hRUxEZVZYeDR6V1BPWVlLM3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2UtOThkMmZlZTBmODdh
LzEvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuXJYMAwD
BAC5hrEDBAK5hrAwDQYJKoZIhvcNAQELBQADggEBAEAFkCh6iObCFuZpZKu+EVIu
I8ALxe3aTf2CATn7V1mvNjDa+0+x1ownFskKbV60ydvN1IoTj5/EkfXyLbZOGZga
gAFwCcBXtSe2q3gwzLqJt+Pob+7Fkmc/Gj3I0eooiC7pdFq3VlMaUa6WIsBXT6fO
dXAUyqG2q0dnDAZmEZAhYiDx6EV30LC5RzbgIkPbd5zeQPFBvN7u+4SgzcQOqRkq
6FzjuOjBvq7r9bzBYyPgv8htW5UQVrLpssBiCR2WJmLAYvL9SeCX1AQNb5s70RQ0
A6Q6yPvkV63xZNGk8LdeYQUza+f+xYwwJpJhr9EERkcgr4VigRMZKO96LW79g2c=
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:16:15 2024 by rpki-client on console-ams.rpki-client.org