Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/de0d16-2f24-4c53-84b8-5d97b19fa595/1/g-Hf0dYSPXRhEg3IlBB6c4bDNzM.roa
File: g-Hf0dYSPXRhEg3IlBB6c4bDNzM.roa (raw, json)
Hash identifier: 6n1LnisbFYxB1TAjgxigzaB0pUB4Gvh3wYbPsApesGg=
Subject key identifier: 83:E1:DF:D1:D6:12:3D:74:61:12:0D:C8:94:10:7A:73:86:C3:37:33
Certificate issuer: /CN=f94f2f2e21bc98d0c61b2c14c0ee019d331eae58
Certificate serial: 018CC26D0042E2CE2775DE76241BEB1D79CC
Authority key identifier: F9:4F:2F:2E:21:BC:98:D0:C6:1B:2C:14:C0:EE:01:9D:33:1E:AE:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-U8vLiG8mNDGGywUwO4BnTMerlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/de0d16-2f24-4c53-84b8-5d97b19fa595/1/g-Hf0dYSPXRhEg3IlBB6c4bDNzM.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202882
IP address blocks: 185.151.220.0/22 maxlen: 22
2a07:7bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/de0d16-2f24-4c53-84b8-5d97b19fa595/1/1-U8vLiG8mNDGGywUwO4BnTMerlg.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/de0d16-2f24-4c53-84b8-5d97b19fa595/1/1-U8vLiG8mNDGGywUwO4BnTMerlg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-U8vLiG8mNDGGywUwO4BnTMerlg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:00:42:e2:ce:27:75:de:76:24:1b:eb:1d:79:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f94f2f2e21bc98d0c61b2c14c0ee019d331eae58
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83e1dfd1d6123d7461120dc894107a7386c33733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:82:04:bd:1c:c9:d2:a4:4b:02:bb:69:e3:ca:
14:89:ab:3d:4a:8a:72:27:68:23:6d:a7:32:f2:4b:
ba:7f:d8:44:54:1f:96:01:db:a6:bc:15:86:cf:63:
93:fb:32:5c:23:74:82:90:91:64:77:bf:a8:6e:82:
12:81:c1:5b:d6:06:77:3f:ea:a7:95:39:35:90:68:
91:4e:0a:ca:40:22:7f:7e:66:5d:51:17:dd:be:ab:
07:be:59:c1:ae:97:46:5f:a4:15:5a:ec:b9:b8:a0:
8c:7d:ad:25:ff:5c:e5:15:7f:70:bf:d8:ad:92:6a:
ee:1f:a9:40:21:c8:a8:d0:32:b5:8a:11:0c:1a:77:
7e:49:cf:bd:d5:e7:8c:b2:14:67:22:ad:fe:1d:d0:
63:d2:e5:48:c4:81:19:72:35:7b:63:01:d3:22:37:
6e:47:b8:20:1d:22:34:d5:b5:bb:40:d5:e3:aa:ca:
7d:4b:a6:1b:e5:07:f2:f9:e3:fb:a6:16:50:73:04:
b8:e9:ec:56:13:8a:ae:4e:2e:df:46:c7:15:19:e5:
79:b5:54:54:2c:89:21:a3:10:2c:50:fd:6b:2d:50:
71:ce:1d:a5:7b:54:64:ba:d8:0c:4d:4a:eb:4f:ca:
48:b7:8b:a9:b8:46:ec:0f:65:d4:a0:25:3f:78:e9:
c7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E1:DF:D1:D6:12:3D:74:61:12:0D:C8:94:10:7A:73:86:C3:37:33
X509v3 Authority Key Identifier:
keyid:F9:4F:2F:2E:21:BC:98:D0:C6:1B:2C:14:C0:EE:01:9D:33:1E:AE:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-U8vLiG8mNDGGywUwO4BnTMerlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/de0d16-2f24-4c53-84b8-5d97b19fa595/1/g-Hf0dYSPXRhEg3IlBB6c4bDNzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/de0d16-2f24-4c53-84b8-5d97b19fa595/1/1-U8vLiG8mNDGGywUwO4BnTMerlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.220.0/22
IPv6:
2a07:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
43:96:ef:1e:a2:cf:c4:c1:7e:29:21:88:60:c3:d9:46:78:67:
87:9c:8d:4b:0e:fb:d2:ca:26:ab:f4:db:66:e8:39:aa:09:28:
f7:63:b0:7b:ce:67:02:6a:12:7c:61:13:5a:66:1a:39:a9:6e:
2b:bd:d1:1b:81:b1:01:38:c3:75:b5:0f:d8:e1:c6:31:80:c6:
41:fb:32:c3:50:ef:09:e3:40:ae:45:e9:c1:36:25:f9:60:59:
8a:57:9c:58:2c:22:d8:a8:1b:3a:54:69:37:2d:6e:1d:a9:4d:
df:6a:f1:c5:c4:2c:ec:33:7d:08:52:1c:6d:1d:54:fb:ea:9a:
74:0e:3c:ca:56:47:62:07:ec:51:2e:4d:29:24:5b:01:e9:ab:
4b:15:b6:73:53:57:32:64:02:8f:ec:f2:d5:dc:04:2b:33:10:
00:21:9c:0e:99:11:2d:e8:6f:10:0f:44:0c:33:3d:eb:60:b9:
a4:5e:2f:c9:c2:d1:b8:6a:04:37:1e:bf:e2:2a:39:ed:e4:c8:
19:ac:65:3e:b6:e9:d0:23:a2:e0:3e:4d:85:8a:ac:1e:ac:69:
53:fa:8e:b0:64:33:17:ac:3d:4e:96:b1:b2:f7:76:2b:51:6c:
66:ed:d2:c3:98:b8:dc:14:74:3d:e3:51:50:c7:78:1a:8c:f1:
a8:23:fe:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbQBC4s4ndd52JBvrHXnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NGYyZjJlMjFiYzk4ZDBjNjFiMmMxNGMwZWUwMTlkMzMx
ZWFlNTgwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2UxZGZkMWQ2MTIzZDc0NjExMjBkYzg5NDEwN2E3Mzg2YzMzNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4IEvRzJ0qRLArtp48oUias9Sopy
J2gjbacy8ku6f9hEVB+WAdumvBWGz2OT+zJcI3SCkJFkd7+oboISgcFb1gZ3P+qn
lTk1kGiRTgrKQCJ/fmZdURfdvqsHvlnBrpdGX6QVWuy5uKCMfa0l/1zlFX9wv9it
kmruH6lAIcio0DK1ihEMGnd+Sc+91eeMshRnIq3+HdBj0uVIxIEZcjV7YwHTIjdu
R7ggHSI01bW7QNXjqsp9S6Yb5Qfy+eP7phZQcwS46exWE4quTi7fRscVGeV5tVRU
LIkhoxAsUP1rLVBxzh2le1RkutgMTUrrT8pIt4upuEbsD2XUoCU/eOnHawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIPh39HWEj10YRINyJQQenOGwzczMB8GA1UdIwQY
MBaAFPlPLy4hvJjQxhssFMDuAZ0zHq5YMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1VOHZMaUc4bU5ER0d5d1V3TzRCblRNZXJsZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEvZGUwZDE2LTJmMjQtNGM1My04NGI4
LTVkOTdiMTlmYTU5NS8xL2ctSGYwZFlTUFhSaEVnM0lsQkI2YzRiRE56TS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTEvZGUwZDE2LTJmMjQtNGM1My04NGI4LTVkOTdiMTlmYTU5
NS8xLzEtVTh2TGlHOG1OREdHeXdVd080Qm5UTWVybGcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5l9ww
DQQCAAIwBwMFAyoHe8AwDQYJKoZIhvcNAQELBQADggEBAEOW7x6iz8TBfikhiGDD
2UZ4Z4ecjUsO+9LKJqv022boOaoJKPdjsHvOZwJqEnxhE1pmGjmpbiu90RuBsQE4
w3W1D9jhxjGAxkH7MsNQ7wnjQK5F6cE2JflgWYpXnFgsItioGzpUaTctbh2pTd9q
8cXELOwzfQhSHG0dVPvqmnQOPMpWR2IH7FEuTSkkWwHpq0sVtnNTVzJkAo/s8tXc
BCszEAAhnA6ZES3obxAPRAwzPetguaReL8nC0bhqBDcev+IqOe3kyBmsZT626dAj
ouA+TYWKrB6saVP6jrBkMxesPU6WsbL3ditRbGbt0sOYuNwUdD3jUVDHeBqM8agj
/oE=
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:51:29 2024 by rpki-client on console-fra.rpki-client.org