Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/h0kmkGrFBOzt5v0CadgdRMML0Vs.roa
File: h0kmkGrFBOzt5v0CadgdRMML0Vs.roa (raw, json)
Hash identifier: KySeJR1ImOZjk3OXHk4uL03a+8VhH+bgym0fdLvSRMI=
Subject key identifier: 87:49:26:90:6A:C5:04:EC:ED:E6:FD:02:69:D8:1D:44:C3:0B:D1:5B
Certificate issuer: /CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Certificate serial: 018CC26CFA315E6E1BEFB010104EC7E0F6C9
Authority key identifier: A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/h0kmkGrFBOzt5v0CadgdRMML0Vs.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.66.203.0/24 maxlen: 24
185.66.202.0/24 maxlen: 24
185.237.4.0/24 maxlen: 24
185.237.7.0/24 maxlen: 24
185.237.6.0/24 maxlen: 24
185.237.5.0/24 maxlen: 24
82.115.214.0/24 maxlen: 24
2a07:e3c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.mft
rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fa:31:5e:6e:1b:ef:b0:10:10:4e:c7:e0:f6:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8801be2363f211bd2f57818adeaf9c0dbe14bdb
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=874926906ac504ecede6fd0269d81d44c30bd15b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fb:ca:0f:e8:d1:d4:dd:a8:c3:d2:0b:8d:96:
48:69:45:a4:69:2f:b0:8c:93:9f:23:84:5b:e7:97:
8f:14:92:ee:be:34:8d:62:8c:15:66:ac:49:30:a6:
e3:56:b2:55:07:23:de:19:a1:16:20:e6:24:8d:9c:
a3:8b:a7:61:51:23:05:95:c4:77:13:77:a5:41:c1:
ba:08:80:eb:41:54:0e:27:f6:a0:a1:9b:e0:6a:70:
f4:f4:45:80:0f:dd:90:4e:d4:ce:4c:51:3b:54:cb:
90:53:15:7f:bb:76:5d:33:35:4c:3c:5d:cf:04:4d:
d9:d7:ee:79:7e:4b:05:a1:ed:c7:f8:74:00:e2:d4:
fe:91:b7:4b:6f:1b:04:b0:09:47:aa:64:6e:b2:20:
00:5e:43:60:ae:9d:35:38:47:9e:ba:dc:44:a8:fe:
4b:a7:f6:43:d3:7a:1a:6d:a1:e8:c2:7d:e4:af:92:
e6:bf:19:f2:ac:50:ef:67:78:f3:5f:c9:01:a4:2e:
1c:6a:80:ff:b4:66:2a:30:95:06:84:8a:eb:df:2d:
6d:56:ac:a1:a8:5b:24:6a:6a:d5:dd:25:99:86:da:
73:82:09:fd:07:8b:0d:1e:13:b9:c4:2e:42:af:e6:
bb:ab:33:30:da:e5:c3:08:55:7c:da:bf:3f:b3:32:
09:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:49:26:90:6A:C5:04:EC:ED:E6:FD:02:69:D8:1D:44:C3:0B:D1:5B
X509v3 Authority Key Identifier:
keyid:A8:80:1B:E2:36:3F:21:1B:D2:F5:78:18:AD:EA:F9:C0:DB:E1:4B:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIAb4jY_IRvS9XgYrer5wNvhS9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/h0kmkGrFBOzt5v0CadgdRMML0Vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/811e73-cf30-494d-acac-8420ae9e0622/1/qIAb4jY_IRvS9XgYrer5wNvhS9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.214.0/24
185.66.202.0/23
185.237.4.0/22
IPv6:
2a07:e3c0::/48
Signature Algorithm: sha256WithRSAEncryption
8a:40:ad:e5:ba:a9:e0:b7:8e:03:0b:10:43:80:d5:a4:aa:e9:
e6:87:b7:4c:5e:2b:57:15:8e:e9:bd:31:d4:87:76:79:dc:ff:
97:36:74:79:bd:cc:31:95:4e:98:ea:4e:e7:0f:6e:b8:85:0a:
1a:e8:c7:cd:27:0c:c9:fc:dc:13:5c:1d:2a:5f:b6:7a:98:b0:
2d:1d:ac:90:9a:22:19:ce:d6:be:df:97:15:e4:9b:b2:2d:b8:
07:01:1e:d9:6f:37:e8:24:6b:6a:41:57:00:55:3b:c5:39:74:
50:79:b8:c7:df:4a:43:9a:6b:7a:43:33:0a:31:d1:65:47:7e:
bc:a3:98:32:89:06:b3:ee:5b:c7:bc:e8:ce:ec:a9:d5:7a:9a:
1c:21:71:52:c4:22:cb:4c:fb:8a:74:95:8b:67:f7:8a:b3:0f:
05:60:ec:94:74:2e:54:b0:fd:52:1d:75:7a:36:0b:74:4e:e2:
30:b3:de:2e:23:e1:01:8d:ad:42:c5:25:37:41:11:9b:d8:bf:
81:8d:6b:bf:07:84:ca:b8:88:02:d3:84:2d:61:31:49:e7:95:
7b:21:c7:39:0b:90:39:fe:5d:ed:39:ca:f5:7e:1a:31:d5:b0:
dd:9c:b4:75:ad:20:47:9b:00:36:bb:63:a3:58:3f:22:f8:e6:
12:8e:5e:5c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzCbPoxXm4b77AQEE7H4PbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ODAxYmUyMzYzZjIxMWJkMmY1NzgxOGFkZWFmOWMwZGJl
MTRiZGIwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQ5MjY5MDZhYzUwNGVjZWRlNmZkMDI2OWQ4MWQ0NGMzMGJkMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifvKD+jR1N2ow9ILjZZIaUWkaS+w
jJOfI4Rb55ePFJLuvjSNYowVZqxJMKbjVrJVByPeGaEWIOYkjZyji6dhUSMFlcR3
E3elQcG6CIDrQVQOJ/agoZvganD09EWAD92QTtTOTFE7VMuQUxV/u3ZdMzVMPF3P
BE3Z1+55fksFoe3H+HQA4tT+kbdLbxsEsAlHqmRusiAAXkNgrp01OEeeutxEqP5L
p/ZD03oabaHown3kr5LmvxnyrFDvZ3jzX8kBpC4caoD/tGYqMJUGhIrr3y1tVqyh
qFskamrV3SWZhtpzggn9B4sNHhO5xC5Cr+a7qzMw2uXDCFV82r8/szIJrQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFIdJJpBqxQTs7eb9AmnYHUTDC9FbMB8GA1UdIwQY
MBaAFKiAG+I2PyEb0vV4GK3q+cDb4UvbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlBYjRqWV9JUnZTOVhnWXJlcjV3TnZoUzlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS84MTFlNzMtY2YzMC00OTRkLWFjYWMt
ODQyMGFlOWUwNjIyLzEvaDBrbWtHckZCT3p0NXYwQ2FkZ2RSTU1MMFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS84MTFlNzMtY2YzMC00OTRkLWFjYWMtODQyMGFlOWUwNjIy
LzEvcUlBYjRqWV9JUnZTOVhnWXJlcjV3TnZoUzlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAUnPWAwQB
uULKAwQCue0EMA8EAgACMAkDBwAqB+PAAAAwDQYJKoZIhvcNAQELBQADggEBAIpA
reW6qeC3jgMLEEOA1aSq6eaHt0xeK1cVjum9MdSHdnnc/5c2dHm9zDGVTpjqTucP
briFChrox80nDMn83BNcHSpftnqYsC0drJCaIhnO1r7flxXkm7ItuAcBHtlvN+gk
a2pBVwBVO8U5dFB5uMffSkOaa3pDMwox0WVHfryjmDKJBrPuW8e86M7sqdV6mhwh
cVLEIstM+4p0lYtn94qzDwVg7JR0LlSw/VIddXo2C3RO4jCz3i4j4QGNrULFJTdB
EZvYv4GNa78HhMq4iALThC1hMUnnlXshxzkLkDn+Xe05yvV+GjHVsN2ctHWtIEeb
ADa7Y6NYPyL45hKOXlw=
-----END CERTIFICATE-----
Generated at Thu May 2 18:40:13 2024 by rpki-client on console-fra.rpki-client.org