Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/2EiJNuuw1XEiTDtOIBLnaKqb7rM.roa
File: 2EiJNuuw1XEiTDtOIBLnaKqb7rM.roa (raw, json)
Hash identifier: uExp4IujxrCXCbCE1x3EHK/PxFAL9UqTWuNgcYZDXXI=
Subject key identifier: D8:48:89:36:EB:B0:D5:71:22:4C:3B:4E:20:12:E7:68:AA:9B:EE:B3
Certificate issuer: /CN=c355722b4e8a48240acdf5f337838aa206aa02da
Certificate serial: 018CC8DF69D5CB947FC9697FD4EBF727891D
Authority key identifier: C3:55:72:2B:4E:8A:48:24:0A:CD:F5:F3:37:83:8A:A2:06:AA:02:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w1VyK06KSCQKzfXzN4OKogaqAto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/2EiJNuuw1XEiTDtOIBLnaKqb7rM.roa
Signing time: Tue 02 Jan 2024 06:32:13 +0000
ROA not before: Tue 02 Jan 2024 06:32:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60458
IP address blocks: 185.144.54.0/24 maxlen: 24
185.144.55.0/24 maxlen: 24
185.144.52.0/24 maxlen: 24
185.144.53.0/24 maxlen: 24
185.164.100.0/22 maxlen: 22
185.254.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/w1VyK06KSCQKzfXzN4OKogaqAto.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/w1VyK06KSCQKzfXzN4OKogaqAto.mft
rsync://rpki.ripe.net/repository/DEFAULT/w1VyK06KSCQKzfXzN4OKogaqAto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:69:d5:cb:94:7f:c9:69:7f:d4:eb:f7:27:89:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c355722b4e8a48240acdf5f337838aa206aa02da
Validity
Not Before: Jan 2 06:32:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8488936ebb0d571224c3b4e2012e768aa9beeb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3d:a8:56:2d:25:58:8a:25:3a:f7:cc:95:74:
b0:af:4b:a7:b3:9f:25:30:a6:e9:73:ff:d7:96:ae:
78:90:89:c1:5b:eb:79:21:fe:2b:e9:d7:af:20:35:
be:c9:ee:4e:e7:3f:e0:68:1d:11:b7:52:0e:14:30:
84:5e:25:0c:dd:4c:11:14:fa:ab:1c:fd:7b:cc:b2:
0b:a6:f1:6a:a0:8b:fa:5f:87:d9:09:93:9f:ad:b5:
88:aa:6e:9a:f9:14:97:21:ba:58:b1:6e:ec:6f:df:
53:7b:75:03:06:11:e6:07:42:eb:67:71:8b:af:2f:
bc:bd:b5:f8:69:e9:58:5e:45:15:9e:5f:90:ed:57:
f2:e6:1c:48:0d:3f:fd:cc:2d:49:c2:d8:f6:1b:b6:
5f:f7:09:22:4e:90:b0:30:3a:9d:6e:d7:91:12:6b:
d7:01:66:9b:93:4a:82:ec:c7:44:dd:23:37:87:2e:
8e:b8:a7:c3:10:ce:d8:c9:97:86:3c:41:88:bb:c0:
bf:0a:dd:92:17:45:eb:41:ca:99:c1:f5:90:96:3c:
20:c0:42:d2:27:fc:4b:37:2d:24:10:9d:a3:49:d5:
e0:3e:4b:6c:21:4e:47:5f:38:80:67:1b:60:32:c7:
e4:59:e5:a4:c2:5e:3b:11:00:f6:7d:e5:59:a5:b9:
8e:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:48:89:36:EB:B0:D5:71:22:4C:3B:4E:20:12:E7:68:AA:9B:EE:B3
X509v3 Authority Key Identifier:
keyid:C3:55:72:2B:4E:8A:48:24:0A:CD:F5:F3:37:83:8A:A2:06:AA:02:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w1VyK06KSCQKzfXzN4OKogaqAto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/2EiJNuuw1XEiTDtOIBLnaKqb7rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1e9958-9ff2-4123-9b5f-a2ef90c9e913/1/w1VyK06KSCQKzfXzN4OKogaqAto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.52.0/22
185.164.100.0/22
185.254.24.0/22
Signature Algorithm: sha256WithRSAEncryption
41:e2:a6:9e:45:1a:55:33:db:db:6a:fc:63:4c:9c:d9:a5:0f:
38:28:38:5f:43:52:6c:06:9f:3d:82:aa:cb:60:f0:b7:7e:19:
e4:11:98:81:3c:fe:47:3d:26:60:ec:50:06:74:68:0f:25:b9:
de:d5:60:fb:71:cb:b2:d2:5e:1d:59:cc:ff:d3:e2:d8:ad:7c:
fd:e5:b2:48:ad:22:ff:62:0b:a8:54:fd:a4:c7:83:a5:e1:5b:
c6:5f:42:36:75:d8:ec:97:ee:79:2e:32:50:f0:d8:d4:ac:6f:
ae:ca:f5:c4:67:2e:94:3e:f2:1c:34:ab:bc:75:2a:26:68:c6:
3f:0c:d5:0a:ce:af:f8:e5:45:a5:6c:73:9f:d3:b2:e7:9a:de:
f6:0f:8c:b6:39:b8:af:41:20:42:ec:82:c2:42:93:a2:82:59:
0a:18:ed:4e:bb:73:7e:15:c9:d6:66:7a:04:eb:5b:c2:22:c8:
64:62:f7:fe:94:c3:6b:f2:4f:f5:3e:95:be:92:ee:ad:1a:e7:
92:ef:e7:7e:83:c8:af:88:23:20:3f:f1:ed:cd:ff:72:8e:61:
a3:27:8e:d6:3b:c5:ce:61:65:77:bf:10:17:31:8e:4e:c0:0a:
37:f6:0f:20:31:27:34:69:43:75:2a:d0:c5:87:b9:31:ca:ec:
f9:4e:42:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI32nVy5R/yWl/1Ov3J4kdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNTU3MjJiNGU4YTQ4MjQwYWNkZjVmMzM3ODM4YWEyMDZh
YTAyZGEwHhcNMjQwMTAyMDYzMjEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQ4ODkzNmViYjBkNTcxMjI0YzNiNGUyMDEyZTc2OGFhOWJlZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhz2oVi0lWIolOvfMlXSwr0uns58l
MKbpc//Xlq54kInBW+t5If4r6devIDW+ye5O5z/gaB0Rt1IOFDCEXiUM3UwRFPqr
HP17zLILpvFqoIv6X4fZCZOfrbWIqm6a+RSXIbpYsW7sb99Te3UDBhHmB0LrZ3GL
ry+8vbX4aelYXkUVnl+Q7Vfy5hxIDT/9zC1Jwtj2G7Zf9wkiTpCwMDqdbteREmvX
AWabk0qC7MdE3SM3hy6OuKfDEM7YyZeGPEGIu8C/Ct2SF0XrQcqZwfWQljwgwELS
J/xLNy0kEJ2jSdXgPktsIU5HXziAZxtgMsfkWeWkwl47EQD2feVZpbmOJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNhIiTbrsNVxIkw7TiAS52iqm+6zMB8GA1UdIwQY
MBaAFMNVcitOikgkCs318zeDiqIGqgLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzFWeUswNktTQ1FLemZYek40T0tvZ2FxQXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xZTk5NTgtOWZmMi00MTIzLTliNWYt
YTJlZjkwYzllOTEzLzEvMkVpSk51dXcxWEVpVER0T0lCTG5hS3FiN3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xZTk5NTgtOWZmMi00MTIzLTliNWYtYTJlZjkwYzllOTEz
LzEvdzFWeUswNktTQ1FLemZYek40T0tvZ2FxQXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuZA0AwQC
uaRkAwQCuf4YMA0GCSqGSIb3DQEBCwUAA4IBAQBB4qaeRRpVM9vbavxjTJzZpQ84
KDhfQ1JsBp89gqrLYPC3fhnkEZiBPP5HPSZg7FAGdGgPJbne1WD7ccuy0l4dWcz/
0+LYrXz95bJIrSL/YguoVP2kx4Ol4VvGX0I2ddjsl+55LjJQ8NjUrG+uyvXEZy6U
PvIcNKu8dSomaMY/DNUKzq/45UWlbHOf07Lnmt72D4y2ObivQSBC7ILCQpOiglkK
GO1Ou3N+FcnWZnoE61vCIshkYvf+lMNr8k/1PpW+ku6tGueS7+d+g8iviCMgP/Ht
zf9yjmGjJ47WO8XOYWV3vxAXMY5OwAo39g8gMSc0aUN1KtDFh7kxyuz5TkKs
-----END CERTIFICATE-----
Generated at Sun May 5 19:30:58 2024 by rpki-client on console-ams.rpki-client.org