Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e8c2bd-98fa-4bdf-80bb-c5eee57ed2e6/1/4oweBRtQfp7VorxsAJO8tm5Qd_I.roa
File: 4oweBRtQfp7VorxsAJO8tm5Qd_I.roa (raw, json)
Hash identifier: EPu/kU2GkqZ/0mGGWxe1ClHCYfdHGcrXibLeVm8SR7o=
Subject key identifier: E2:8C:1E:05:1B:50:7E:9E:D5:A2:BC:6C:00:93:BC:B6:6E:50:77:F2
Certificate issuer: /CN=c4f2d8ba1b19211fa9f9c0db551545133102ccbb
Certificate serial: 018CC9BCF2F7644616A7CC73358036EB8A66
Authority key identifier: C4:F2:D8:BA:1B:19:21:1F:A9:F9:C0:DB:55:15:45:13:31:02:CC:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xPLYuhsZIR-p-cDbVRVFEzECzLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e8c2bd-98fa-4bdf-80bb-c5eee57ed2e6/1/4oweBRtQfp7VorxsAJO8tm5Qd_I.roa
Signing time: Tue 02 Jan 2024 10:34:12 +0000
ROA not before: Tue 02 Jan 2024 10:34:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199516
IP address blocks: 185.13.80.0/24 maxlen: 24
185.13.83.0/24 maxlen: 24
185.13.80.0/22 maxlen: 22
185.13.81.0/24 maxlen: 24
185.13.82.0/24 maxlen: 24
2a02:f380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/e8c2bd-98fa-4bdf-80bb-c5eee57ed2e6/1/xPLYuhsZIR-p-cDbVRVFEzECzLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/e8c2bd-98fa-4bdf-80bb-c5eee57ed2e6/1/xPLYuhsZIR-p-cDbVRVFEzECzLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/xPLYuhsZIR-p-cDbVRVFEzECzLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 22:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:f2:f7:64:46:16:a7:cc:73:35:80:36:eb:8a:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4f2d8ba1b19211fa9f9c0db551545133102ccbb
Validity
Not Before: Jan 2 10:34:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e28c1e051b507e9ed5a2bc6c0093bcb66e5077f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f2:c9:89:76:ad:3e:bb:87:bf:e2:1a:33:8b:
4c:27:92:e4:2a:7b:f9:7e:b5:59:79:c6:d1:19:c0:
37:26:05:49:1d:ac:f9:b5:2d:29:51:8b:e9:33:7f:
8f:22:79:1f:4b:f6:53:8d:f1:4f:df:aa:1d:cf:b4:
bf:59:db:86:5a:fb:43:9e:58:9d:93:d5:06:1a:92:
45:56:4a:2e:e2:44:72:c5:a9:18:e3:5d:b0:8f:27:
6f:be:61:67:4c:d7:0b:71:7a:fb:09:2b:c0:a0:e0:
02:3e:5c:61:53:48:7b:21:f8:1c:2e:d0:5b:83:ab:
fa:e7:f1:cd:26:b3:a9:54:02:6d:be:8f:43:fb:6e:
36:21:1f:38:ba:7d:03:3d:a2:e8:6c:8d:2b:02:56:
d5:e6:aa:48:52:ba:9b:d4:7f:c4:4d:0d:17:45:e8:
c5:18:86:b1:c2:a7:00:f9:ea:d9:c7:2c:7b:b6:39:
fa:14:7f:0b:5b:da:31:2d:7f:64:f0:67:46:b7:6e:
58:f6:df:7e:f3:8d:8f:c7:b4:c4:82:bb:90:8c:f7:
13:ff:d6:57:08:6c:71:1b:7a:54:cd:6f:2a:5a:96:
26:65:5f:f3:3a:67:9e:25:02:2c:58:f2:d4:82:c1:
b2:ee:0f:ab:e3:60:a1:8f:c8:24:80:3c:b1:45:6a:
4a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:8C:1E:05:1B:50:7E:9E:D5:A2:BC:6C:00:93:BC:B6:6E:50:77:F2
X509v3 Authority Key Identifier:
keyid:C4:F2:D8:BA:1B:19:21:1F:A9:F9:C0:DB:55:15:45:13:31:02:CC:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xPLYuhsZIR-p-cDbVRVFEzECzLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e8c2bd-98fa-4bdf-80bb-c5eee57ed2e6/1/4oweBRtQfp7VorxsAJO8tm5Qd_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e8c2bd-98fa-4bdf-80bb-c5eee57ed2e6/1/xPLYuhsZIR-p-cDbVRVFEzECzLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.80.0/22
IPv6:
2a02:f380::/29
Signature Algorithm: sha256WithRSAEncryption
c8:53:6b:6b:ae:48:39:81:c0:89:22:b0:58:30:e6:42:2b:b3:
a1:67:41:1c:2b:62:94:8d:ec:bb:e7:f6:8f:3b:5d:a3:cb:cb:
8c:b6:21:2d:ee:7f:c0:52:34:f0:f3:e6:b4:28:32:93:2f:45:
e7:d7:42:94:06:72:67:dd:8d:32:bd:88:0d:89:b0:61:b5:bf:
fb:a5:9a:53:be:bd:e1:25:b4:69:92:24:bb:7b:c4:55:ad:ad:
97:7a:68:8b:7e:9e:5d:0c:df:d9:dc:c3:9d:b1:fb:cf:96:f4:
1b:9b:b8:bc:f9:68:79:4c:48:f4:1b:6d:97:06:c7:17:ee:c7:
58:f5:2f:04:31:03:52:6c:59:f5:d6:5c:a2:81:84:fd:77:f1:
da:42:84:f9:3b:84:3f:74:a7:a3:38:cd:48:46:b6:e8:ff:dd:
38:00:45:e0:8a:0e:e2:f9:8d:e0:a5:51:d3:f1:33:1b:e5:bc:
e1:d8:ad:e6:5d:c8:d1:e1:06:f2:c2:07:53:cd:50:d5:2d:d7:
09:79:74:db:ab:ac:92:fa:87:3e:5c:a5:a7:28:87:c9:e9:16:
21:dd:b9:6a:c1:f5:14:00:1e:0d:a9:b1:5b:30:41:52:dc:f9:
9a:c4:c5:46:e5:d0:2a:52:59:5b:8c:57:23:3f:76:1c:1b:4a:
7e:b0:1e:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvPL3ZEYWp8xzNYA264pmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZjJkOGJhMWIxOTIxMWZhOWY5YzBkYjU1MTU0NTEzMzEw
MmNjYmIwHhcNMjQwMTAyMTAzNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjhjMWUwNTFiNTA3ZTllZDVhMmJjNmMwMDkzYmNiNjZlNTA3N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfLJiXatPruHv+IaM4tMJ5LkKnv5
frVZecbRGcA3JgVJHaz5tS0pUYvpM3+PInkfS/ZTjfFP36odz7S/WduGWvtDnlid
k9UGGpJFVkou4kRyxakY412wjydvvmFnTNcLcXr7CSvAoOACPlxhU0h7IfgcLtBb
g6v65/HNJrOpVAJtvo9D+242IR84un0DPaLobI0rAlbV5qpIUrqb1H/ETQ0XRejF
GIaxwqcA+erZxyx7tjn6FH8LW9oxLX9k8GdGt25Y9t9+842Px7TEgruQjPcT/9ZX
CGxxG3pUzW8qWpYmZV/zOmeeJQIsWPLUgsGy7g+r42Chj8gkgDyxRWpKFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOKMHgUbUH6e1aK8bACTvLZuUHfyMB8GA1UdIwQY
MBaAFMTy2LobGSEfqfnA21UVRRMxAsy7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFBMWXVoc1pJUi1wLWNEYlZSVkZFekVDekxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lOGMyYmQtOThmYS00YmRmLTgwYmIt
YzVlZWU1N2VkMmU2LzEvNG93ZUJSdFFmcDdWb3J4c0FKTzh0bTVRZF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lOGMyYmQtOThmYS00YmRmLTgwYmItYzVlZWU1N2VkMmU2
LzEveFBMWXVoc1pJUi1wLWNEYlZSVkZFekVDekxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ1QMA0E
AgACMAcDBQMqAvOAMA0GCSqGSIb3DQEBCwUAA4IBAQDIU2trrkg5gcCJIrBYMOZC
K7OhZ0EcK2KUjey75/aPO12jy8uMtiEt7n/AUjTw8+a0KDKTL0Xn10KUBnJn3Y0y
vYgNibBhtb/7pZpTvr3hJbRpkiS7e8RVra2XemiLfp5dDN/Z3MOdsfvPlvQbm7i8
+Wh5TEj0G22XBscX7sdY9S8EMQNSbFn11lyigYT9d/HaQoT5O4Q/dKejOM1IRrbo
/904AEXgig7i+Y3gpVHT8TMb5bzh2K3mXcjR4QbywgdTzVDVLdcJeXTbq6yS+oc+
XKWnKIfJ6RYh3blqwfUUAB4NqbFbMEFS3PmaxMVG5dAqUllbjFcjP3YcG0p+sB5e
-----END CERTIFICATE-----
Generated at Mon Jun 17 06:28:45 2024 by rpki-client on console-ams.rpki-client.org