Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a22cfa-01f3-4f12-b6fd-4894f88beddc/1/RAIwJlLMmbi52uiNLBXpJx9fLmQ.roa
File: RAIwJlLMmbi52uiNLBXpJx9fLmQ.roa (raw, json)
Hash identifier: EJekfAHCd3zvMtM0pKY1yD8kGniJzrVRKhuNilqk3iQ=
Subject key identifier: 44:02:30:26:52:CC:99:B8:B9:DA:E8:8D:2C:15:E9:27:1F:5F:2E:64
Certificate issuer: /CN=dbc144ce154eee9dbb3562ce4cd3228338641333
Certificate serial: 018CC6B8A3BBD06CA0DA9131C3A14EA10832
Authority key identifier: DB:C1:44:CE:15:4E:EE:9D:BB:35:62:CE:4C:D3:22:83:38:64:13:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28FEzhVO7p27NWLOTNMigzhkEzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a22cfa-01f3-4f12-b6fd-4894f88beddc/1/RAIwJlLMmbi52uiNLBXpJx9fLmQ.roa
Signing time: Mon 01 Jan 2024 20:30:38 +0000
ROA not before: Mon 01 Jan 2024 20:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42853
IP address blocks: 185.25.245.0/24 maxlen: 24
185.25.244.0/24 maxlen: 24
185.25.244.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/a22cfa-01f3-4f12-b6fd-4894f88beddc/1/28FEzhVO7p27NWLOTNMigzhkEzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/a22cfa-01f3-4f12-b6fd-4894f88beddc/1/28FEzhVO7p27NWLOTNMigzhkEzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/28FEzhVO7p27NWLOTNMigzhkEzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 07:02:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:a3:bb:d0:6c:a0:da:91:31:c3:a1:4e:a1:08:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc144ce154eee9dbb3562ce4cd3228338641333
Validity
Not Before: Jan 1 20:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4402302652cc99b8b9dae88d2c15e9271f5f2e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3d:9e:99:1a:49:e2:c8:63:ad:12:59:af:cf:
68:36:7e:d7:85:85:90:08:70:df:8a:85:6d:06:9b:
38:da:cd:e4:66:e2:3d:4d:dd:75:2f:b1:d0:f7:c6:
21:c7:56:ac:e6:20:c9:6f:cc:16:64:f2:f3:41:36:
9b:d8:a5:9e:e6:c2:18:7f:95:63:35:5d:71:cd:6f:
c4:60:25:ae:a7:f0:fb:cc:f1:03:65:17:17:bd:49:
75:2e:1e:37:d2:83:ad:44:b1:8c:df:e1:be:9a:7c:
53:19:47:bb:61:da:c8:34:35:de:c6:6f:22:03:51:
57:42:d9:ab:fb:2a:5b:3d:49:fc:6e:2b:ad:dc:c7:
1e:6c:cf:ce:f7:29:a0:6e:a6:7c:55:dc:6c:71:df:
04:5f:95:cb:16:53:1d:cb:58:35:0c:e9:3e:28:fe:
39:ba:ec:67:25:d5:66:64:1b:14:f1:0a:b7:20:2d:
62:68:a1:d8:12:47:49:27:77:ef:e9:b9:36:64:d4:
31:b2:21:f4:f6:ef:3b:70:e2:34:78:66:36:08:2d:
c8:aa:c5:57:46:04:b5:21:2f:14:14:f3:67:36:63:
40:1e:74:9b:2d:4d:fc:67:c9:de:de:81:ca:61:84:
ba:ef:1f:25:33:1c:41:8a:bf:ab:76:a9:08:09:eb:
bf:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:02:30:26:52:CC:99:B8:B9:DA:E8:8D:2C:15:E9:27:1F:5F:2E:64
X509v3 Authority Key Identifier:
keyid:DB:C1:44:CE:15:4E:EE:9D:BB:35:62:CE:4C:D3:22:83:38:64:13:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28FEzhVO7p27NWLOTNMigzhkEzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a22cfa-01f3-4f12-b6fd-4894f88beddc/1/RAIwJlLMmbi52uiNLBXpJx9fLmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a22cfa-01f3-4f12-b6fd-4894f88beddc/1/28FEzhVO7p27NWLOTNMigzhkEzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.244.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:39:0b:82:6c:c5:96:db:08:e2:f4:ab:0a:1c:7a:c6:a7:48:
c9:e5:d1:33:cd:97:b6:16:81:3b:a9:8c:a1:08:55:0c:59:56:
29:b3:b6:b3:e8:95:00:b9:85:b1:0b:81:a9:63:2f:b2:0b:40:
6b:d2:5d:9f:07:8b:33:5f:f0:45:5f:ab:61:10:80:20:72:e9:
31:db:68:b9:7d:38:f4:91:85:e0:32:b5:26:fe:3d:b2:41:87:
42:23:16:5d:5a:9a:0a:27:e9:09:33:d5:49:9c:ca:f2:f0:98:
ae:32:11:61:06:c3:68:ff:ea:d2:1b:73:91:7b:62:8a:cb:8a:
5e:51:59:9f:5c:d9:7e:b3:43:fc:90:7e:b0:3f:7f:7a:87:fa:
ea:b1:bf:68:71:65:ca:82:e2:bb:20:53:3f:44:50:d9:50:2a:
de:c6:6f:54:23:80:1b:76:4f:55:4b:00:0d:2a:6c:0a:e7:a2:
64:d9:e2:c7:66:88:14:c8:8d:e8:11:32:c7:49:7b:cb:48:7b:
c4:d2:32:42:ba:77:80:f1:00:61:92:ab:5c:7c:4c:6a:33:e0:
a6:30:a7:fb:7d:e8:a6:93:e0:d5:0c:4e:57:6c:53:4d:ec:1c:
45:c3:37:58:44:2a:64:43:f4:df:eb:c9:9d:da:4e:0c:73:48:
e8:78:e2:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuKO70Gyg2pExw6FOoQgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzE0NGNlMTU0ZWVlOWRiYjM1NjJjZTRjZDMyMjgzMzg2
NDEzMzMwHhcNMjQwMTAxMjAzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDAyMzAyNjUyY2M5OWI4YjlkYWU4OGQyYzE1ZTkyNzFmNWYyZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD2emRpJ4shjrRJZr89oNn7XhYWQ
CHDfioVtBps42s3kZuI9Td11L7HQ98Yhx1as5iDJb8wWZPLzQTab2KWe5sIYf5Vj
NV1xzW/EYCWup/D7zPEDZRcXvUl1Lh430oOtRLGM3+G+mnxTGUe7YdrINDXexm8i
A1FXQtmr+ypbPUn8biut3McebM/O9ymgbqZ8Vdxscd8EX5XLFlMdy1g1DOk+KP45
uuxnJdVmZBsU8Qq3IC1iaKHYEkdJJ3fv6bk2ZNQxsiH09u87cOI0eGY2CC3IqsVX
RgS1IS8UFPNnNmNAHnSbLU38Z8ne3oHKYYS67x8lMxxBir+rdqkICeu/5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQCMCZSzJm4udrojSwV6ScfXy5kMB8GA1UdIwQY
MBaAFNvBRM4VTu6duzVizkzTIoM4ZBMzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhGRXpoVk83cDI3TldMT1ROTWlnemhrRXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hMjJjZmEtMDFmMy00ZjEyLWI2ZmQt
NDg5NGY4OGJlZGRjLzEvUkFJd0psTE1tYmk1MnVpTkxCWHBKeDlmTG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hMjJjZmEtMDFmMy00ZjEyLWI2ZmQtNDg5NGY4OGJlZGRj
LzEvMjhGRXpoVk83cDI3TldMT1ROTWlnemhrRXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuRn0MA0G
CSqGSIb3DQEBCwUAA4IBAQBfOQuCbMWW2wji9KsKHHrGp0jJ5dEzzZe2FoE7qYyh
CFUMWVYps7az6JUAuYWxC4GpYy+yC0Br0l2fB4szX/BFX6thEIAgcukx22i5fTj0
kYXgMrUm/j2yQYdCIxZdWpoKJ+kJM9VJnMry8JiuMhFhBsNo/+rSG3ORe2KKy4pe
UVmfXNl+s0P8kH6wP396h/rqsb9ocWXKguK7IFM/RFDZUCrexm9UI4Abdk9VSwAN
KmwK56Jk2eLHZogUyI3oETLHSXvLSHvE0jJCuneA8QBhkqtcfExqM+CmMKf7feim
k+DVDE5XbFNN7BxFwzdYRCpkQ/Tf68md2k4Mc0joeOJ1
-----END CERTIFICATE-----
Generated at Thu May 23 17:25:02 2024 by rpki-client on console-ams.rpki-client.org