Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ukDtjMwzVP_G_tVDERsskX-Jlmc.roa
File: ukDtjMwzVP_G_tVDERsskX-Jlmc.roa (raw, json)
Hash identifier: 0VpWds26jOxXnybBPlfANOIYKApacKtw6DD4/ZaVdEc=
Subject key identifier: BA:40:ED:8C:CC:33:54:FF:C6:FE:D5:43:11:1B:2C:91:7F:89:96:67
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018CCA29D3EEFBF01D023C32E4F1FEDB7BC7
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ukDtjMwzVP_G_tVDERsskX-Jlmc.roa
Signing time: Tue 02 Jan 2024 12:33:08 +0000
ROA not before: Tue 02 Jan 2024 12:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 185.111.27.0/24 maxlen: 24
185.100.158.0/24 maxlen: 24
185.73.219.0/24 maxlen: 24
185.73.218.0/24 maxlen: 24
185.110.131.0/24 maxlen: 24
185.110.130.0/24 maxlen: 24
185.110.129.0/24 maxlen: 24
185.110.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d3:ee:fb:f0:1d:02:3c:32:e4:f1:fe:db:7b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 2 12:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba40ed8ccc3354ffc6fed543111b2c917f899667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0a:fb:ce:78:a9:93:7d:41:b6:36:f4:2b:ff:
a7:8f:2a:97:fa:1a:44:0b:6d:60:60:22:bb:76:a6:
9e:07:5a:0f:b9:44:d8:23:48:ce:f4:c7:12:31:0c:
c6:fa:ae:c1:03:d3:9e:2d:d6:01:b2:2b:0e:48:c1:
07:31:57:4f:68:f8:2e:a3:c4:51:9f:6e:9e:6a:b6:
0c:0f:60:95:73:59:47:7e:d4:c9:33:e7:11:d4:b9:
73:1a:cf:4f:cb:8d:59:66:65:29:38:39:2b:0a:24:
36:85:8c:64:ef:7a:8d:a4:c3:bd:78:a6:c2:fa:94:
dd:f5:17:58:0b:ce:30:d4:52:8d:21:9b:f0:10:f4:
42:18:a9:c4:bc:c9:8b:5d:6c:1f:ef:72:cc:49:90:
41:6b:25:25:c1:26:64:8f:20:74:bf:bf:1c:b8:54:
64:38:91:be:04:d2:4f:cf:d7:bc:f9:27:48:f4:a3:
20:8a:4e:37:00:ef:91:73:45:40:93:f7:33:06:a8:
d9:e7:ee:c6:78:92:f4:26:fd:29:e2:93:e1:c1:b3:
f2:8a:41:6b:32:eb:19:e8:0f:dc:ea:5f:84:3c:0b:
0e:3b:ad:ac:62:38:5d:2c:cd:fd:a3:24:86:86:c8:
e2:42:87:a6:b0:d6:e7:da:d1:63:7a:80:a2:81:aa:
03:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:40:ED:8C:CC:33:54:FF:C6:FE:D5:43:11:1B:2C:91:7F:89:96:67
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ukDtjMwzVP_G_tVDERsskX-Jlmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.218.0/23
185.100.158.0/24
185.110.128.0/22
185.111.27.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:e9:c3:f7:c3:a9:5c:75:c5:ce:20:17:39:0c:c1:9b:7a:12:
09:19:d6:86:50:ae:ec:2c:7e:97:23:43:72:f3:9b:7c:64:7f:
86:39:48:4f:ae:61:ae:21:c5:52:3c:68:26:51:d3:d5:dd:78:
25:58:19:42:28:9d:6c:2a:7e:0c:22:99:17:61:7f:0e:4f:eb:
ad:e6:b1:35:84:ce:1e:e0:44:d4:a9:4d:4e:b2:48:26:ab:3b:
c3:12:51:cf:08:32:85:1c:9f:6d:fe:c0:dc:8a:bf:24:20:38:
a7:27:1a:a3:45:9d:b5:a2:ee:b2:55:21:69:08:71:9a:f2:6d:
e9:d1:d6:b1:e2:f8:a8:5c:9b:45:fb:d8:0c:d1:d5:f8:95:b8:
ff:6b:5f:be:2a:79:da:52:6d:03:37:8d:2c:9c:cb:96:f5:40:
89:1e:ef:0f:b1:eb:55:89:6e:19:5f:51:b9:2f:e1:14:75:d7:
db:2c:df:e6:fe:91:c8:de:39:16:a7:ef:c7:a8:e0:6c:b8:4c:
ad:78:8b:63:f9:d6:59:22:55:fd:30:42:e6:5e:c9:f4:d1:c9:
6c:65:b0:64:3c:c5:82:cb:1c:65:5b:c2:44:1f:72:87:24:fc:
c9:d4:fb:6d:fb:bf:34:6f:10:84:99:88:88:6d:b2:b5:c3:13:
52:48:4d:f6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKKdPu+/AdAjwy5PH+23vHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwMTAyMTIzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTQwZWQ4Y2NjMzM1NGZmYzZmZWQ1NDMxMTFiMmM5MTdmODk5NjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwr7znipk31Btjb0K/+njyqX+hpE
C21gYCK7dqaeB1oPuUTYI0jO9McSMQzG+q7BA9OeLdYBsisOSMEHMVdPaPguo8RR
n26earYMD2CVc1lHftTJM+cR1LlzGs9Py41ZZmUpODkrCiQ2hYxk73qNpMO9eKbC
+pTd9RdYC84w1FKNIZvwEPRCGKnEvMmLXWwf73LMSZBBayUlwSZkjyB0v78cuFRk
OJG+BNJPz9e8+SdI9KMgik43AO+Rc0VAk/czBqjZ5+7GeJL0Jv0p4pPhwbPyikFr
MusZ6A/c6l+EPAsOO62sYjhdLM39oySGhsjiQoemsNbn2tFjeoCigaoDWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLpA7YzMM1T/xv7VQxEbLJF/iZZnMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvdWtEdGpNd3pWUF9HX3RWREVSc3NrWC1KbG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBuUnaAwQA
uWSeAwQCuW6AAwQAuW8bMA0GCSqGSIb3DQEBCwUAA4IBAQA+6cP3w6lcdcXOIBc5
DMGbehIJGdaGUK7sLH6XI0Ny85t8ZH+GOUhPrmGuIcVSPGgmUdPV3XglWBlCKJ1s
Kn4MIpkXYX8OT+ut5rE1hM4e4ETUqU1OskgmqzvDElHPCDKFHJ9t/sDcir8kIDin
JxqjRZ21ou6yVSFpCHGa8m3p0dax4vioXJtF+9gM0dX4lbj/a1++KnnaUm0DN40s
nMuW9UCJHu8PsetViW4ZX1G5L+EUddfbLN/m/pHI3jkWp+/HqOBsuEyteItj+dZZ
IlX9MELmXsn00clsZbBkPMWCyxxlW8JEH3KHJPzJ1Ptt+780bxCEmYiIbbK1wxNS
SE32
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:42:03 2024 by rpki-client on console-fra.rpki-client.org