Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/9f536d-0dd6-43ea-a914-9c088c345ae6/1/8kXKPLfqNX8t_Kg3Y6knQgG6R80.roa
File: 8kXKPLfqNX8t_Kg3Y6knQgG6R80.roa (raw, json)
Hash identifier: eBCjC0ABs0DwXSn6ajWZZEpDFipQaUudKldv5EtFv5o=
Subject key identifier: F2:45:CA:3C:B7:EA:35:7F:2D:FC:A8:37:63:A9:27:42:01:BA:47:CD
Certificate issuer: /CN=c5c5acc7f7ec2b45b43d2547c96464c008933d52
Certificate serial: 018CC94E56C7B1BAFAFC7BAB23514C15C7C5
Authority key identifier: C5:C5:AC:C7:F7:EC:2B:45:B4:3D:25:47:C9:64:64:C0:08:93:3D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xcWsx_fsK0W0PSVHyWRkwAiTPVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/9f536d-0dd6-43ea-a914-9c088c345ae6/1/8kXKPLfqNX8t_Kg3Y6knQgG6R80.roa
Signing time: Tue 02 Jan 2024 08:33:23 +0000
ROA not before: Tue 02 Jan 2024 08:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199229
IP address blocks: 185.2.20.0/22 maxlen: 22
2a02:6740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/9f536d-0dd6-43ea-a914-9c088c345ae6/1/xcWsx_fsK0W0PSVHyWRkwAiTPVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/9f536d-0dd6-43ea-a914-9c088c345ae6/1/xcWsx_fsK0W0PSVHyWRkwAiTPVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/xcWsx_fsK0W0PSVHyWRkwAiTPVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:56:c7:b1:ba:fa:fc:7b:ab:23:51:4c:15:c7:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5c5acc7f7ec2b45b43d2547c96464c008933d52
Validity
Not Before: Jan 2 08:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f245ca3cb7ea357f2dfca83763a9274201ba47cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9b:29:65:9f:4a:fe:33:a4:41:31:97:b1:02:
8a:ee:60:6d:df:ff:15:02:2b:42:59:da:7f:f0:12:
d1:f3:3b:22:02:1a:fd:ae:b8:6c:55:3c:3d:b1:80:
2a:0a:10:e2:59:bd:1c:b2:c6:0a:1f:31:2b:98:86:
6a:26:e0:da:34:a6:d9:73:44:56:49:20:9c:42:0b:
8b:a0:0d:e3:c5:5f:5d:7d:32:8c:b6:77:26:57:bb:
db:00:2f:21:71:fa:8c:95:3d:06:b7:3e:48:46:23:
fc:bb:5d:70:e4:40:69:45:df:bf:12:06:82:69:0b:
7e:29:8e:e8:77:70:c4:04:df:7d:ae:ff:42:3f:05:
43:3a:fc:cb:53:e1:4e:66:b2:e3:a5:1b:5d:8d:ec:
2e:b0:9a:ed:b5:af:26:fc:2c:c9:a2:d0:81:60:50:
26:d9:97:3b:f6:3c:05:cc:2f:fa:e4:51:38:55:03:
5d:65:8e:c6:50:ee:72:94:bb:cd:77:29:0d:bb:d3:
dc:50:c6:9b:8a:a6:75:4f:4b:de:66:82:28:b2:c2:
b6:cb:71:b4:5e:bc:5c:60:da:07:35:b9:37:4c:d1:
ef:d7:d6:b0:66:cd:8c:8e:0c:de:6c:f5:ba:e6:d8:
92:3e:bd:ac:22:d0:18:72:9b:9d:f9:8c:41:5a:ee:
90:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:45:CA:3C:B7:EA:35:7F:2D:FC:A8:37:63:A9:27:42:01:BA:47:CD
X509v3 Authority Key Identifier:
keyid:C5:C5:AC:C7:F7:EC:2B:45:B4:3D:25:47:C9:64:64:C0:08:93:3D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xcWsx_fsK0W0PSVHyWRkwAiTPVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/9f536d-0dd6-43ea-a914-9c088c345ae6/1/8kXKPLfqNX8t_Kg3Y6knQgG6R80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/9f536d-0dd6-43ea-a914-9c088c345ae6/1/xcWsx_fsK0W0PSVHyWRkwAiTPVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.20.0/22
IPv6:
2a02:6740::/32
Signature Algorithm: sha256WithRSAEncryption
ad:07:ea:be:55:ef:c5:dc:70:36:51:e1:ab:5e:a2:90:b6:9e:
69:f8:c2:88:1d:78:c5:f3:eb:cd:ca:7b:8e:ff:fa:69:94:c0:
96:fb:ac:a8:16:67:37:be:3a:f6:ff:5f:d1:db:60:15:1f:7f:
e6:51:26:b2:2d:17:d3:09:c9:1c:7c:d8:3f:40:b9:0b:2f:05:
f2:72:2b:f1:54:2d:e4:5d:b0:07:5c:8f:49:2c:eb:53:e9:26:
bb:5e:5d:94:bc:a0:d1:a0:e6:23:a5:a9:00:fe:33:bd:3a:83:
35:2d:56:cb:e5:45:98:c8:8c:e0:a1:8d:3c:ea:8d:4f:60:6c:
ac:5c:c5:e1:3c:6e:96:ba:9f:c2:11:7b:1f:9c:30:c6:b7:54:
b3:a7:e4:84:a3:9c:77:ac:63:98:a7:3d:1a:7a:75:3c:25:f9:
79:86:1f:93:7b:f6:0d:6d:16:3d:13:1d:cd:60:1a:b6:ca:8a:
ea:4d:46:8f:08:48:13:a7:72:17:7a:a7:a1:17:95:ff:ff:ef:
04:c4:88:7e:a2:88:7a:b0:74:2c:93:7a:24:9f:26:19:a9:bf:
f2:f0:b0:56:ac:5a:90:5d:65:11:cd:3a:e7:d4:53:11:27:54:
94:53:34:b9:10:b4:16:8d:0a:84:0d:20:42:66:17:47:43:3a:
c4:31:5e:df
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTlbHsbr6/HurI1FMFcfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YzVhY2M3ZjdlYzJiNDViNDNkMjU0N2M5NjQ2NGMwMDg5
MzNkNTIwHhcNMjQwMTAyMDgzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQ1Y2EzY2I3ZWEzNTdmMmRmY2E4Mzc2M2E5Mjc0MjAxYmE0N2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpspZZ9K/jOkQTGXsQKK7mBt3/8V
AitCWdp/8BLR8zsiAhr9rrhsVTw9sYAqChDiWb0cssYKHzErmIZqJuDaNKbZc0RW
SSCcQguLoA3jxV9dfTKMtncmV7vbAC8hcfqMlT0Gtz5IRiP8u11w5EBpRd+/EgaC
aQt+KY7od3DEBN99rv9CPwVDOvzLU+FOZrLjpRtdjewusJrtta8m/CzJotCBYFAm
2Zc79jwFzC/65FE4VQNdZY7GUO5ylLvNdykNu9PcUMabiqZ1T0veZoIossK2y3G0
XrxcYNoHNbk3TNHv19awZs2MjgzebPW65tiSPr2sItAYcpud+YxBWu6QZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPJFyjy36jV/LfyoN2OpJ0IBukfNMB8GA1UdIwQY
MBaAFMXFrMf37CtFtD0lR8lkZMAIkz1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGNXc3hfZnNLMFcwUFNWSHlXUmt3QWlUUFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My85ZjUzNmQtMGRkNi00M2VhLWE5MTQt
OWMwODhjMzQ1YWU2LzEvOGtYS1BMZnFOWDh0X0tnM1k2a25RZ0c2UjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My85ZjUzNmQtMGRkNi00M2VhLWE5MTQtOWMwODhjMzQ1YWU2
LzEveGNXc3hfZnNLMFcwUFNWSHlXUmt3QWlUUFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQIUMA0E
AgACMAcDBQAqAmdAMA0GCSqGSIb3DQEBCwUAA4IBAQCtB+q+Ve/F3HA2UeGrXqKQ
tp5p+MKIHXjF8+vNynuO//pplMCW+6yoFmc3vjr2/1/R22AVH3/mUSayLRfTCckc
fNg/QLkLLwXycivxVC3kXbAHXI9JLOtT6Sa7Xl2UvKDRoOYjpakA/jO9OoM1LVbL
5UWYyIzgoY086o1PYGysXMXhPG6Wup/CEXsfnDDGt1Szp+SEo5x3rGOYpz0aenU8
Jfl5hh+Te/YNbRY9Ex3NYBq2yorqTUaPCEgTp3IXeqehF5X//+8ExIh+ooh6sHQs
k3oknyYZqb/y8LBWrFqQXWURzTrn1FMRJ1SUUzS5ELQWjQqEDSBCZhdHQzrEMV7f
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:31:51 2024 by rpki-client on console-ams.rpki-client.org