Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/671ee4-ad81-454f-965f-62a4e675eaeb/1/KEsgpvv1CTLpwhSzUVIiph5HL1E.roa
File: KEsgpvv1CTLpwhSzUVIiph5HL1E.roa (raw, json)
Hash identifier: l9uGk/J0suUPMGQw2miejMLz6jB+Y4M4lENmHOcpF98=
Subject key identifier: 28:4B:20:A6:FB:F5:09:32:E9:C2:14:B3:51:52:22:A6:1E:47:2F:51
Certificate issuer: /CN=f9df80f7c692e86d3cd6b755d06cf7ce9c137ff2
Certificate serial: 018CC6B78BCFE7A47F51296FCC462A285B8F
Authority key identifier: F9:DF:80:F7:C6:92:E8:6D:3C:D6:B7:55:D0:6C:F7:CE:9C:13:7F:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-d-A98aS6G081rdV0Gz3zpwTf_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/671ee4-ad81-454f-965f-62a4e675eaeb/1/KEsgpvv1CTLpwhSzUVIiph5HL1E.roa
Signing time: Mon 01 Jan 2024 20:29:26 +0000
ROA not before: Mon 01 Jan 2024 20:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5505
IP address blocks: 185.123.204.0/24 maxlen: 24
185.123.205.0/24 maxlen: 24
185.123.204.0/22 maxlen: 22
185.123.206.0/24 maxlen: 24
185.123.207.0/24 maxlen: 24
2a03:9320::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/671ee4-ad81-454f-965f-62a4e675eaeb/1/1-d-A98aS6G081rdV0Gz3zpwTf_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/671ee4-ad81-454f-965f-62a4e675eaeb/1/1-d-A98aS6G081rdV0Gz3zpwTf_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-d-A98aS6G081rdV0Gz3zpwTf_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 01:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8b:cf:e7:a4:7f:51:29:6f:cc:46:2a:28:5b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9df80f7c692e86d3cd6b755d06cf7ce9c137ff2
Validity
Not Before: Jan 1 20:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=284b20a6fbf50932e9c214b3515222a61e472f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8d:e3:97:e5:8e:b9:8a:97:53:6c:86:51:fc:
59:60:63:67:04:2e:01:35:db:6c:91:47:b2:5c:df:
01:04:5e:37:40:bf:42:9c:fa:a9:f7:a9:e3:e7:be:
6b:04:19:1d:5d:50:0f:fa:a0:ea:45:e2:5c:4e:f1:
68:9f:e8:34:1d:5b:df:26:4e:76:2f:be:82:52:a2:
ac:b3:64:42:39:67:0a:03:e1:30:0b:8d:fa:15:5d:
b3:e8:54:19:a9:46:15:db:c4:47:95:08:d9:3b:9b:
de:56:f2:22:fa:fe:06:38:0f:6a:a6:57:86:92:9b:
95:a0:d9:62:ff:d1:a1:32:0b:28:9c:5c:ba:14:a9:
97:33:23:a4:e0:2c:f8:cd:2a:50:3a:68:9c:b0:77:
d5:1f:77:71:62:04:2d:15:17:19:3f:5b:21:5f:5b:
f7:77:b0:94:5a:00:d4:32:be:a5:26:c9:60:b5:ef:
a1:d8:a2:ca:cb:61:eb:c2:40:71:48:09:13:89:45:
65:b6:bd:73:11:8b:a7:dc:73:50:05:4c:69:fc:c5:
95:91:20:45:3f:4d:1f:4c:5f:0d:a2:80:2a:14:8b:
36:32:7a:37:32:85:db:b6:12:a2:53:92:58:dd:9a:
0d:9d:f3:6f:b4:b5:b1:20:a5:d5:f7:ac:48:ab:c7:
82:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:4B:20:A6:FB:F5:09:32:E9:C2:14:B3:51:52:22:A6:1E:47:2F:51
X509v3 Authority Key Identifier:
keyid:F9:DF:80:F7:C6:92:E8:6D:3C:D6:B7:55:D0:6C:F7:CE:9C:13:7F:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-d-A98aS6G081rdV0Gz3zpwTf_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/671ee4-ad81-454f-965f-62a4e675eaeb/1/KEsgpvv1CTLpwhSzUVIiph5HL1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/671ee4-ad81-454f-965f-62a4e675eaeb/1/1-d-A98aS6G081rdV0Gz3zpwTf_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.204.0/22
IPv6:
2a03:9320::/32
Signature Algorithm: sha256WithRSAEncryption
45:78:87:a9:68:8b:6d:48:6f:59:15:15:04:40:54:54:43:07:
d7:c1:2f:0d:91:30:3b:6d:f7:97:fc:ab:4d:53:08:51:d7:f0:
50:38:88:c4:4c:e1:f0:43:7a:10:cb:af:4f:fc:9d:f1:62:15:
b2:67:47:04:43:6e:c8:88:e9:01:02:5f:32:c5:ab:44:1c:35:
a9:58:85:8f:9d:46:84:58:47:ac:44:78:0b:cd:95:a3:9d:b4:
6c:f0:4b:b0:9f:82:af:bf:c2:00:f7:3b:74:fc:ee:00:1a:94:
b7:16:38:ba:1b:06:28:fc:7e:00:e2:0f:2d:ef:cd:a7:db:ac:
db:f9:3c:04:2b:65:23:ca:ac:f7:e4:f6:94:02:09:30:f3:09:
11:63:4e:18:bc:ca:25:69:29:ca:74:00:23:f1:38:ba:d6:f7:
19:7c:94:0a:0d:fd:37:da:fa:b3:95:1e:13:3c:02:8e:6e:e6:
fd:8f:8b:65:9a:17:97:b5:31:4a:dd:3a:b0:b7:f9:aa:2b:d0:
32:db:10:ff:e8:c6:04:41:a4:05:e4:85:98:0d:c7:8d:e6:81:
b4:60:ce:ed:dc:ee:67:f8:0b:0a:46:a1:5a:3c:c1:8a:cb:af:
c8:c6:ed:e6:e1:da:b5:61:cc:6d:df:32:5f:a5:69:f9:4d:c2:
dc:c9:10:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGt4vP56R/USlvzEYqKFuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ZGY4MGY3YzY5MmU4NmQzY2Q2Yjc1NWQwNmNmN2NlOWMx
MzdmZjIwHhcNMjQwMTAxMjAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODRiMjBhNmZiZjUwOTMyZTljMjE0YjM1MTUyMjJhNjFlNDcyZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgI3jl+WOuYqXU2yGUfxZYGNnBC4B
NdtskUeyXN8BBF43QL9CnPqp96nj575rBBkdXVAP+qDqReJcTvFon+g0HVvfJk52
L76CUqKss2RCOWcKA+EwC436FV2z6FQZqUYV28RHlQjZO5veVvIi+v4GOA9qpleG
kpuVoNli/9GhMgsonFy6FKmXMyOk4Cz4zSpQOmicsHfVH3dxYgQtFRcZP1shX1v3
d7CUWgDUMr6lJslgte+h2KLKy2HrwkBxSAkTiUVltr1zEYun3HNQBUxp/MWVkSBF
P00fTF8NooAqFIs2Mno3MoXbthKiU5JY3ZoNnfNvtLWxIKXV96xIq8eCbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFChLIKb79Qky6cIUs1FSIqYeRy9RMB8GA1UdIwQY
MBaAFPnfgPfGkuhtPNa3VdBs986cE3/yMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1kLUE5OGFTNkcwODFyZFYwR3ozenB3VGZfSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcvNjcxZWU0LWFkODEtNDU0Zi05NjVm
LTYyYTRlNjc1ZWFlYi8xL0tFc2dwdnYxQ1RMcHdoU3pVVklpcGg1SEwxRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvNjcxZWU0LWFkODEtNDU0Zi05NjVmLTYyYTRlNjc1ZWFl
Yi8xLzEtZC1BOThhUzZHMDgxcmRWMEd6M3pwd1RmX0kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5e8ww
DQQCAAIwBwMFACoDkyAwDQYJKoZIhvcNAQELBQADggEBAEV4h6loi21Ib1kVFQRA
VFRDB9fBLw2RMDtt95f8q01TCFHX8FA4iMRM4fBDehDLr0/8nfFiFbJnRwRDbsiI
6QECXzLFq0QcNalYhY+dRoRYR6xEeAvNlaOdtGzwS7Cfgq+/wgD3O3T87gAalLcW
OLobBij8fgDiDy3vzafbrNv5PAQrZSPKrPfk9pQCCTDzCRFjThi8yiVpKcp0ACPx
OLrW9xl8lAoN/Tfa+rOVHhM8Ao5u5v2Pi2WaF5e1MUrdOrC3+aor0DLbEP/oxgRB
pAXkhZgNx43mgbRgzu3c7mf4CwpGoVo8wYrLr8jG7ebh2rVhzG3fMl+laflNwtzJ
EKs=
-----END CERTIFICATE-----
Generated at Sat May 18 05:55:50 2024 by rpki-client on console-ams.rpki-client.org