Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/aN8UljDEm_o4M7UpCKHXqtl4tC8.roa
File: aN8UljDEm_o4M7UpCKHXqtl4tC8.roa (raw, json)
Hash identifier: c/++N5dSkVvG6l1KY47hs3LQEim1sNgBP02+4pU5EpQ=
Subject key identifier: 68:DF:14:96:30:C4:9B:FA:38:33:B5:29:08:A1:D7:AA:D9:78:B4:2F
Certificate issuer: /CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Certificate serial: 018CC5001FDDB809A71FA54F94872FD2D256
Authority key identifier: CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/aN8UljDEm_o4M7UpCKHXqtl4tC8.roa
Signing time: Mon 01 Jan 2024 12:29:28 +0000
ROA not before: Mon 01 Jan 2024 12:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20485
IP address blocks: 188.168.184.0/23 maxlen: 23
188.168.186.0/24 maxlen: 24
188.168.208.0/22 maxlen: 22
188.168.138.0/23 maxlen: 23
188.168.136.0/22 maxlen: 22
188.168.60.0/22 maxlen: 22
188.168.68.0/23 maxlen: 23
188.168.80.0/21 maxlen: 21
188.168.88.0/22 maxlen: 22
188.168.100.0/22 maxlen: 22
188.244.192.0/20 maxlen: 20
188.168.248.0/21 maxlen: 21
188.168.34.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1f:dd:b8:09:a7:1f:a5:4f:94:87:2f:d2:d2:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf4a717f8fa1bb0359274223acdae22b70e66bec
Validity
Not Before: Jan 1 12:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68df149630c49bfa3833b52908a1d7aad978b42f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:94:39:c8:e3:10:d9:19:25:b8:c9:25:82:2b:
0e:20:c7:63:f3:23:55:6a:2d:c2:62:84:80:1e:1e:
e5:ad:cc:2e:8e:ae:88:de:a4:95:ac:d4:08:20:cf:
2b:6f:01:a6:8a:a5:08:36:40:af:a0:8f:9c:88:63:
26:ab:46:1f:15:ec:b1:74:1b:15:44:7a:f3:b9:ba:
7e:f8:6b:4c:d9:5b:44:c5:a4:00:93:83:f4:67:7e:
6e:38:4f:1a:9b:f5:8d:72:5b:73:b9:ee:37:3d:d5:
e9:a2:7c:ba:14:2e:31:6b:58:68:9a:c6:0b:c3:a9:
fb:1b:7b:db:74:79:40:1d:d7:79:fe:c2:ec:2e:f9:
51:58:ec:28:fb:0b:c3:c9:da:b8:9a:76:b0:5c:74:
5b:ed:b7:c8:f3:82:a5:df:d5:eb:2d:d8:f7:b5:5b:
53:b2:15:a5:a1:46:10:4d:97:20:b3:9a:1d:5d:5d:
1c:5b:8c:7b:da:b1:a1:32:74:d8:77:f7:75:60:16:
71:b7:47:f3:8b:fe:d1:ab:2c:91:bf:2d:b8:37:00:
45:46:6b:90:d5:1b:96:11:02:51:15:8d:9b:4b:fb:
0d:8a:b3:10:17:24:4b:b1:ee:7a:44:dc:48:05:4b:
ed:ca:ae:7b:47:14:a1:89:dd:8d:96:a6:b1:ed:31:
8b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DF:14:96:30:C4:9B:FA:38:33:B5:29:08:A1:D7:AA:D9:78:B4:2F
X509v3 Authority Key Identifier:
keyid:CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/aN8UljDEm_o4M7UpCKHXqtl4tC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.168.34.0/23
188.168.60.0/22
188.168.68.0/23
188.168.80.0-188.168.91.255
188.168.100.0/22
188.168.136.0/22
188.168.184.0-188.168.186.255
188.168.208.0/22
188.168.248.0/21
188.244.192.0/20
Signature Algorithm: sha256WithRSAEncryption
15:52:5e:65:12:b8:9e:8f:a0:c8:56:1f:5b:1a:e5:18:40:ce:
31:a6:43:65:d1:08:73:4a:41:fa:4a:30:89:22:6b:1a:f8:0b:
68:39:30:7a:2b:e0:c9:38:6f:0b:45:fe:45:b7:bc:7f:9f:39:
20:29:94:8a:cd:09:eb:49:49:ca:58:5b:1c:8e:27:cf:dd:71:
75:45:8e:54:b8:7a:e8:3d:1b:61:d7:a4:b1:0d:65:ff:94:75:
17:c9:ac:83:08:ae:89:9d:03:47:40:27:79:ab:78:0b:c7:f4:
d0:17:e5:a6:19:da:73:16:a4:4e:29:39:81:34:67:03:d5:1e:
d2:64:d6:e5:b5:f1:51:fa:ab:3c:13:df:f2:84:c5:fb:69:bd:
01:fd:c1:3a:35:78:da:ca:65:84:46:c7:40:ef:77:2c:8c:30:
ef:b4:d4:8e:f0:ae:c8:b8:aa:7c:41:cc:fc:01:77:64:e9:04:
0b:77:9d:59:89:5e:d5:fe:ef:87:f5:39:70:c1:ec:5b:87:6e:
e5:49:f3:e9:ee:7e:31:83:93:64:bb:f7:a3:0b:f7:89:7b:14:
41:5f:1c:d0:89:db:3b:57:52:6b:2c:41:37:33:df:4a:a4:34:
41:9d:8a:21:7b:37:a8:e4:47:0d:0e:dc:6f:b9:42:49:77:ea:
02:cd:97:86
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzFAB/duAmnH6VPlIcv0tJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNGE3MTdmOGZhMWJiMDM1OTI3NDIyM2FjZGFlMjJiNzBl
NjZiZWMwHhcNMjQwMTAxMTIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGRmMTQ5NjMwYzQ5YmZhMzgzM2I1MjkwOGExZDdhYWQ5NzhiNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZQ5yOMQ2RkluMklgisOIMdj8yNV
ai3CYoSAHh7lrcwujq6I3qSVrNQIIM8rbwGmiqUINkCvoI+ciGMmq0YfFeyxdBsV
RHrzubp++GtM2VtExaQAk4P0Z35uOE8am/WNcltzue43PdXpony6FC4xa1homsYL
w6n7G3vbdHlAHdd5/sLsLvlRWOwo+wvDydq4mnawXHRb7bfI84Kl39XrLdj3tVtT
shWloUYQTZcgs5odXV0cW4x72rGhMnTYd/d1YBZxt0fzi/7RqyyRvy24NwBFRmuQ
1RuWEQJRFY2bS/sNirMQFyRLse56RNxIBUvtyq57RxShid2Nlqax7TGLowIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFGjfFJYwxJv6ODO1KQih16rZeLQvMB8GA1UdIwQY
MBaAFM9KcX+PobsDWSdCI6za4itw5mvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTkt
NmFhYTZiMDIxNjBkLzEvYU44VWxqREVtX280TTdVcENLSFhxdGw0dEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTktNmFhYTZiMDIxNjBk
LzEvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQBvKgiAwQC
vKg8AwQBvKhEMAwDBAS8qFADBAK8qFgDBAK8qGQDBAK8qIgwDAMEA7youAMEALyo
ugMEAryo0AMEA7yo+AMEBLz0wDANBgkqhkiG9w0BAQsFAAOCAQEAFVJeZRK4no+g
yFYfWxrlGEDOMaZDZdEIc0pB+kowiSJrGvgLaDkweivgyThvC0X+Rbe8f585ICmU
is0J60lJylhbHI4nz91xdUWOVLh66D0bYdeksQ1l/5R1F8msgwiuiZ0DR0Aneat4
C8f00BflphnacxakTik5gTRnA9Ue0mTW5bXxUfqrPBPf8oTF+2m9Af3BOjV42spl
hEbHQO93LIww77TUjvCuyLiqfEHM/AF3ZOkEC3edWYle1f7vh/U5cMHsW4du5Unz
6e5+MYOTZLv3owv3iXsUQV8c0InbO1dSayxBNzPfSqQ0QZ2KIXs3qORHDQ7cb7lC
SXfqAs2Xhg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 11:17:08 2024 by rpki-client on console-fra.rpki-client.org