Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/B8kEP_kmTz2QS3xJJ4twOBOGveQ.roa
File: B8kEP_kmTz2QS3xJJ4twOBOGveQ.roa (raw, json)
Hash identifier: 8+7aBoUblC4XuDL3M2udIOtPFN8sipfgmBnvCDXg4zc=
Subject key identifier: 07:C9:04:3F:F9:26:4F:3D:90:4B:7C:49:27:8B:70:38:13:86:BD:E4
Certificate issuer: /CN=765ea3400a3748c3b6c61268d492f8bf0a908239
Certificate serial: 018CCA2B3C93CDD7236643D12D0270EB3A2F
Authority key identifier: 76:5E:A3:40:0A:37:48:C3:B6:C6:12:68:D4:92:F8:BF:0A:90:82:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/B8kEP_kmTz2QS3xJJ4twOBOGveQ.roa
Signing time: Tue 02 Jan 2024 12:34:40 +0000
ROA not before: Tue 02 Jan 2024 12:34:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207254
IP address blocks: 185.154.221.0/24 maxlen: 24
185.154.223.0/24 maxlen: 24
185.154.220.0/24 maxlen: 24
185.154.222.0/24 maxlen: 24
2a0b:6140:2::/48 maxlen: 48
2a0b:6140:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/dl6jQAo3SMO2xhJo1JL4vwqQgjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/dl6jQAo3SMO2xhJo1JL4vwqQgjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:3c:93:cd:d7:23:66:43:d1:2d:02:70:eb:3a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=765ea3400a3748c3b6c61268d492f8bf0a908239
Validity
Not Before: Jan 2 12:34:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07c9043ff9264f3d904b7c49278b70381386bde4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c5:57:55:21:40:b3:9c:8b:d0:b9:06:ae:dd:
3e:f5:70:42:18:a0:87:0d:8b:32:2f:40:9a:e3:6d:
1c:0c:57:97:11:94:2c:bf:26:f2:34:62:69:4c:2a:
0c:b4:ff:27:08:15:c6:68:ef:6a:7c:9d:21:7f:a1:
85:ab:a5:10:dd:e3:bc:52:79:38:d6:26:f4:b0:18:
e4:98:19:1d:d8:fe:e1:6f:14:6d:85:61:33:06:c3:
bd:5f:a1:19:7c:7d:81:97:7d:46:45:b5:ca:c7:15:
0c:99:d2:dd:54:cc:04:71:c4:78:c4:96:91:cc:6e:
56:6f:a6:64:59:09:58:2d:e1:9a:2c:65:07:41:be:
6e:d6:4f:76:a6:b1:e4:02:26:58:bc:05:88:8c:36:
8e:82:8f:e8:dd:1a:fa:90:8d:92:27:e8:2d:7f:dc:
6c:ab:d5:5e:b3:f9:3d:06:ed:fb:6f:eb:8e:61:32:
af:0e:59:e6:6d:71:c4:35:9a:87:50:91:f3:05:15:
e1:40:de:43:84:eb:15:5d:65:ad:62:28:c7:a4:fc:
21:33:da:2d:c3:48:c6:b3:36:77:5b:f2:95:a8:84:
db:e0:a0:86:b1:a2:da:6d:a7:cb:b6:9d:b0:50:84:
35:f3:45:e6:7b:3a:97:f0:d2:09:a0:47:83:f0:01:
3e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C9:04:3F:F9:26:4F:3D:90:4B:7C:49:27:8B:70:38:13:86:BD:E4
X509v3 Authority Key Identifier:
keyid:76:5E:A3:40:0A:37:48:C3:B6:C6:12:68:D4:92:F8:BF:0A:90:82:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dl6jQAo3SMO2xhJo1JL4vwqQgjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/B8kEP_kmTz2QS3xJJ4twOBOGveQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/74e15f-f487-4559-bfdd-0fc58e58cac9/1/dl6jQAo3SMO2xhJo1JL4vwqQgjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.154.220.0/22
IPv6:
2a0b:6140:1::-2a0b:6140:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9b:69:15:32:c6:e0:4d:63:4a:93:bb:df:13:e6:b7:a4:e1:98:
f7:c5:e0:35:6a:b7:3c:81:76:92:c0:71:7c:73:ec:32:03:c0:
8e:39:b7:a5:76:36:11:2b:a0:8c:a2:31:dc:17:36:9e:87:1c:
31:46:0a:ec:1a:70:d2:29:27:3f:1c:9d:ab:55:3d:fe:32:6e:
79:09:e2:0c:0e:f2:72:74:5f:cf:20:4e:c4:d3:f1:ba:1b:1f:
ae:b7:80:7a:79:ce:b5:28:78:a4:43:2f:ee:b8:24:bb:bd:96:
f0:b1:92:57:d2:a3:a5:1f:45:b2:68:a7:b8:5e:9e:16:ef:6d:
9e:1b:99:60:3f:b4:31:7c:39:ab:7b:e6:de:32:97:c7:c3:e7:
33:04:ce:af:10:04:7f:26:df:20:5c:6b:8a:fb:f0:cd:0f:33:
f3:93:b2:17:86:c2:ff:90:05:bb:37:1f:b2:8b:29:e3:cd:99:
3c:8c:93:fd:ef:82:3a:f8:c9:35:09:2d:9d:18:25:75:0d:98:
8a:cc:31:65:b8:a3:be:d4:58:64:56:9b:e5:1d:78:f3:80:61:
29:90:fd:f2:2a:ae:dc:93:24:b6:86:67:38:cf:25:ca:22:e6:
1d:23:4c:8f:53:2a:72:83:09:44:7a:a4:c6:1a:c3:0a:ff:c7:
bc:eb:ee:73
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzKKzyTzdcjZkPRLQJw6zovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NWVhMzQwMGEzNzQ4YzNiNmM2MTI2OGQ0OTJmOGJmMGE5
MDgyMzkwHhcNMjQwMTAyMTIzNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2M5MDQzZmY5MjY0ZjNkOTA0YjdjNDkyNzhiNzAzODEzODZiZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcVXVSFAs5yL0LkGrt0+9XBCGKCH
DYsyL0Ca420cDFeXEZQsvybyNGJpTCoMtP8nCBXGaO9qfJ0hf6GFq6UQ3eO8Unk4
1ib0sBjkmBkd2P7hbxRthWEzBsO9X6EZfH2Bl31GRbXKxxUMmdLdVMwEccR4xJaR
zG5Wb6ZkWQlYLeGaLGUHQb5u1k92prHkAiZYvAWIjDaOgo/o3Rr6kI2SJ+gtf9xs
q9Ves/k9Bu37b+uOYTKvDlnmbXHENZqHUJHzBRXhQN5DhOsVXWWtYijHpPwhM9ot
w0jGszZ3W/KVqITb4KCGsaLabafLtp2wUIQ180XmezqX8NIJoEeD8AE+ZQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAfJBD/5Jk89kEt8SSeLcDgThr3kMB8GA1UdIwQY
MBaAFHZeo0AKN0jDtsYSaNSS+L8KkII5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGw2alFBbzNTTU8yeGhKbzFKTDR2d3FRZ2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS83NGUxNWYtZjQ4Ny00NTU5LWJmZGQt
MGZjNThlNThjYWM5LzEvQjhrRVBfa21UejJRUzN4Sko0dHdPQk9HdmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS83NGUxNWYtZjQ4Ny00NTU5LWJmZGQtMGZjNThlNThjYWM5
LzEvZGw2alFBbzNTTU8yeGhKbzFKTDR2d3FRZ2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuZrcMBoE
AgACMBQwEgMHACoLYUAAAQMHACoLYUAAAjANBgkqhkiG9w0BAQsFAAOCAQEAm2kV
MsbgTWNKk7vfE+a3pOGY98XgNWq3PIF2ksBxfHPsMgPAjjm3pXY2ESugjKIx3Bc2
noccMUYK7Bpw0iknPxydq1U9/jJueQniDA7ycnRfzyBOxNPxuhsfrreAennOtSh4
pEMv7rgku72W8LGSV9KjpR9FsminuF6eFu9tnhuZYD+0MXw5q3vm3jKXx8PnMwTO
rxAEfybfIFxrivvwzQ8z85OyF4bC/5AFuzcfsosp482ZPIyT/e+COvjJNQktnRgl
dQ2YiswxZbijvtRYZFab5R1484BhKZD98iqu3JMktoZnOM8lyiLmHSNMj1MqcoMJ
RHqkxhrDCv/HvOvucw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:13:04 2024 by rpki-client on console-fra.rpki-client.org