Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/0005b2-d28b-4bf9-9bce-cd81fc580f47/1/Dbh4fugCRQ6c7VSZ4OTRZl4bxdI.roa
File: Dbh4fugCRQ6c7VSZ4OTRZl4bxdI.roa (raw, json)
Hash identifier: LJpe/mrBDJVEGwclK/l1Kj/0yIerCDk5bPZqV+XN09E=
Subject key identifier: 0D:B8:78:7E:E8:02:45:0E:9C:ED:54:99:E0:E4:D1:66:5E:1B:C5:D2
Certificate issuer: /CN=502718ba6839397c6c57eced6d509571eaeceddf
Certificate serial: 018CC727511C502A2CF594238EADD099602A
Authority key identifier: 50:27:18:BA:68:39:39:7C:6C:57:EC:ED:6D:50:95:71:EA:EC:ED:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UCcYumg5OXxsV-ztbVCVcers7d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/0005b2-d28b-4bf9-9bce-cd81fc580f47/1/Dbh4fugCRQ6c7VSZ4OTRZl4bxdI.roa
Signing time: Mon 01 Jan 2024 22:31:31 +0000
ROA not before: Mon 01 Jan 2024 22:31:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206132
IP address blocks: 185.195.166.0/24 maxlen: 24
185.195.164.0/24 maxlen: 24
185.195.164.0/23 maxlen: 23
185.195.164.0/22 maxlen: 22
185.195.165.0/24 maxlen: 24
185.195.166.0/23 maxlen: 23
185.195.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/0005b2-d28b-4bf9-9bce-cd81fc580f47/1/UCcYumg5OXxsV-ztbVCVcers7d8.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/0005b2-d28b-4bf9-9bce-cd81fc580f47/1/UCcYumg5OXxsV-ztbVCVcers7d8.mft
rsync://rpki.ripe.net/repository/DEFAULT/UCcYumg5OXxsV-ztbVCVcers7d8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:51:1c:50:2a:2c:f5:94:23:8e:ad:d0:99:60:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=502718ba6839397c6c57eced6d509571eaeceddf
Validity
Not Before: Jan 1 22:31:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0db8787ee802450e9ced5499e0e4d1665e1bc5d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:87:38:d7:70:0e:fe:0c:27:f0:a7:e1:fb:28:
af:a1:b9:0e:a1:28:d9:e6:e5:5b:e0:49:c2:d4:8d:
39:7a:4e:08:db:46:a8:a9:f8:57:a7:25:0a:92:8a:
87:dd:b3:a6:38:2b:92:3f:67:00:db:6c:b8:3f:2e:
dc:31:b6:23:38:5b:eb:63:09:0a:b4:14:6f:b3:81:
15:b5:2c:c6:ba:71:77:40:8c:ad:ae:61:b0:15:51:
94:50:85:8f:9f:68:6e:47:82:3a:61:b3:d1:07:a7:
7f:da:d2:61:bb:21:1a:60:2f:76:7d:1c:4d:26:51:
a6:ef:8f:ed:9e:5a:95:72:79:31:91:9f:d7:74:90:
4e:74:10:35:e8:69:64:4d:05:0c:d7:f9:31:b3:47:
4f:79:40:19:39:b3:63:43:d8:57:ff:8f:7d:88:9d:
83:33:a7:a8:c3:ca:df:da:75:bd:b9:d3:08:6d:55:
d4:0e:ee:f7:60:b5:0e:76:47:7d:74:de:38:bf:08:
b3:1f:63:a5:2f:4b:92:c7:b9:18:2c:84:fa:1b:2f:
63:80:d2:dd:b7:d6:4c:8e:4a:1e:71:17:d0:75:cc:
a3:ef:37:fd:e5:c7:5e:20:31:8a:8d:1a:37:20:70:
88:c2:0a:aa:d2:01:08:81:93:fa:ce:4f:22:90:fb:
1f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B8:78:7E:E8:02:45:0E:9C:ED:54:99:E0:E4:D1:66:5E:1B:C5:D2
X509v3 Authority Key Identifier:
keyid:50:27:18:BA:68:39:39:7C:6C:57:EC:ED:6D:50:95:71:EA:EC:ED:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UCcYumg5OXxsV-ztbVCVcers7d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0005b2-d28b-4bf9-9bce-cd81fc580f47/1/Dbh4fugCRQ6c7VSZ4OTRZl4bxdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/0005b2-d28b-4bf9-9bce-cd81fc580f47/1/UCcYumg5OXxsV-ztbVCVcers7d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.164.0/22
Signature Algorithm: sha256WithRSAEncryption
64:2c:9c:30:dc:c0:a5:de:70:d9:5f:3c:c4:92:fa:e1:f6:e9:
4e:36:2d:71:ff:bc:c6:b4:c6:08:6d:4f:3d:8e:1b:e8:01:25:
2c:23:8e:46:c7:af:39:ca:b9:81:cb:c0:b1:d5:1c:31:a0:17:
c7:c8:c3:4d:94:4f:47:8d:31:87:32:a9:12:f6:7b:46:5a:bb:
74:3d:f4:43:0b:11:21:19:5b:90:8b:05:bd:d6:17:6c:41:c3:
51:d0:d5:60:a0:dc:3b:a7:7b:8e:6c:16:3a:77:dd:6a:ed:d7:
d2:37:6b:11:77:15:cc:49:59:13:61:ae:d3:8f:e1:89:9d:c7:
f9:d8:63:ae:93:de:f2:50:8c:16:22:cb:41:f2:eb:b6:71:4b:
45:d6:e1:72:08:e1:61:58:7a:28:6c:db:72:aa:04:b5:4a:d0:
54:64:7e:d2:3c:75:6e:e6:75:4b:80:ba:cf:56:5e:6e:d2:2c:
6e:99:de:2c:6b:8f:41:1b:93:0d:db:b6:3e:08:e1:b8:fe:7f:
48:d9:3a:a7:2e:7a:95:a3:30:7b:26:46:5b:3e:7b:10:54:d7:
37:4d:c8:4e:cb:79:9f:0f:d6:3b:c8:88:b9:90:1f:6f:e2:2d:
1c:c7:6d:43:7c:9c:95:e7:b9:bf:cc:fc:52:d6:fe:9f:dd:3d:
e7:75:bb:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ1EcUCos9ZQjjq3QmWAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMjcxOGJhNjgzOTM5N2M2YzU3ZWNlZDZkNTA5NTcxZWFl
Y2VkZGYwHhcNMjQwMTAxMjIzMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGI4Nzg3ZWU4MDI0NTBlOWNlZDU0OTllMGU0ZDE2NjVlMWJjNWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIc413AO/gwn8Kfh+yivobkOoSjZ
5uVb4EnC1I05ek4I20aoqfhXpyUKkoqH3bOmOCuSP2cA22y4Py7cMbYjOFvrYwkK
tBRvs4EVtSzGunF3QIytrmGwFVGUUIWPn2huR4I6YbPRB6d/2tJhuyEaYC92fRxN
JlGm74/tnlqVcnkxkZ/XdJBOdBA16GlkTQUM1/kxs0dPeUAZObNjQ9hX/499iJ2D
M6eow8rf2nW9udMIbVXUDu73YLUOdkd9dN44vwizH2OlL0uSx7kYLIT6Gy9jgNLd
t9ZMjkoecRfQdcyj7zf95cdeIDGKjRo3IHCIwgqq0gEIgZP6zk8ikPsfgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA24eH7oAkUOnO1UmeDk0WZeG8XSMB8GA1UdIwQY
MBaAFFAnGLpoOTl8bFfs7W1QlXHq7O3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUNjWXVtZzVPWHhzVi16dGJWQ1ZjZXJzN2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8wMDA1YjItZDI4Yi00YmY5LTliY2Ut
Y2Q4MWZjNTgwZjQ3LzEvRGJoNGZ1Z0NSUTZjN1ZTWjRPVFJabDRieGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8wMDA1YjItZDI4Yi00YmY5LTliY2UtY2Q4MWZjNTgwZjQ3
LzEvVUNjWXVtZzVPWHhzVi16dGJWQ1ZjZXJzN2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucOkMA0G
CSqGSIb3DQEBCwUAA4IBAQBkLJww3MCl3nDZXzzEkvrh9ulONi1x/7zGtMYIbU89
jhvoASUsI45Gx685yrmBy8Cx1RwxoBfHyMNNlE9HjTGHMqkS9ntGWrt0PfRDCxEh
GVuQiwW91hdsQcNR0NVgoNw7p3uObBY6d91q7dfSN2sRdxXMSVkTYa7Tj+GJncf5
2GOuk97yUIwWIstB8uu2cUtF1uFyCOFhWHoobNtyqgS1StBUZH7SPHVu5nVLgLrP
Vl5u0ixumd4sa49BG5MN27Y+COG4/n9I2TqnLnqVozB7JkZbPnsQVNc3TchOy3mf
D9Y7yIi5kB9v4i0cx21DfJyV57m/zPxS1v6f3T3ndbtb
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:32:53 2024 by rpki-client on console-fra.rpki-client.org