Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/h8XPCEl3Vo4TPJ9-ZN_Uy7RRsW8.roa
File: h8XPCEl3Vo4TPJ9-ZN_Uy7RRsW8.roa (raw, json)
Hash identifier: BEY557N+kqWrh68Nk7TPzU6/hYu4ljswskjP4iClE/U=
Subject key identifier: 87:C5:CF:08:49:77:56:8E:13:3C:9F:7E:64:DF:D4:CB:B4:51:B1:6F
Certificate issuer: /CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Certificate serial: 018CC8DEBB82190AE4E0E5BBDD9A0EE9E99E
Authority key identifier: D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/h8XPCEl3Vo4TPJ9-ZN_Uy7RRsW8.roa
Signing time: Tue 02 Jan 2024 06:31:29 +0000
ROA not before: Tue 02 Jan 2024 06:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44684
IP address blocks: 185.159.24.0/24 maxlen: 24
2a00:9b40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:bb:82:19:0a:e4:e0:e5:bb:dd:9a:0e:e9:e9:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Validity
Not Before: Jan 2 06:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87c5cf084977568e133c9f7e64dfd4cbb451b16f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:79:f8:43:a4:b8:28:87:c2:6e:0f:bc:0c:9f:
2a:54:6f:89:d0:f5:c9:b2:26:d5:e7:6b:d6:21:c3:
bf:35:c5:78:14:a2:27:e8:96:cf:0b:6d:67:73:e6:
ec:ab:43:8f:17:63:69:63:80:7a:6c:2f:31:bb:26:
a5:e5:04:40:67:db:53:0c:7f:a2:d2:5e:e2:7d:9d:
0a:54:fc:d3:6a:4a:31:2e:e7:51:5c:7c:96:d9:d2:
d6:84:73:24:ff:54:10:11:38:2c:77:08:4d:9d:79:
55:78:bf:60:1c:9a:6d:91:27:c2:3b:35:d5:2a:d7:
76:ba:17:9f:eb:26:69:bb:9c:59:4a:88:41:c1:d4:
11:66:09:8d:fb:a9:c2:56:65:e3:22:85:1e:6c:9c:
d2:c3:c2:3d:b6:5e:30:9d:41:46:3a:e1:e5:7f:db:
7e:1c:98:ce:e7:c2:c8:1d:d5:44:00:ad:5c:bd:d8:
46:8f:82:d8:bd:76:2f:4f:bc:55:9e:a1:29:49:7f:
90:2c:41:07:9e:4d:48:1c:ea:22:a0:b7:01:65:8a:
0a:5b:fc:ad:71:2c:e7:cc:ab:23:65:a7:f1:70:5e:
fc:6e:91:01:e1:19:fb:72:fc:65:15:14:43:d4:b9:
fb:b8:45:ac:41:cc:8b:5d:52:fc:c4:7e:5d:17:34:
9a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C5:CF:08:49:77:56:8E:13:3C:9F:7E:64:DF:D4:CB:B4:51:B1:6F
X509v3 Authority Key Identifier:
keyid:D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/h8XPCEl3Vo4TPJ9-ZN_Uy7RRsW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.24.0/24
IPv6:
2a00:9b40::/48
Signature Algorithm: sha256WithRSAEncryption
44:c2:a5:b1:ac:3f:49:04:0b:17:98:09:1e:ab:5c:c8:b8:d0:
ee:00:4b:3d:45:fe:23:1a:f2:30:e9:5d:1d:9b:d6:7e:6d:25:
f0:93:be:0a:ed:9d:da:95:99:99:53:3e:5a:2e:78:36:c7:52:
74:a4:72:a8:b0:4e:74:30:1e:cf:cd:3e:c6:5e:20:3e:af:98:
c3:00:76:ba:74:a6:91:6c:23:fb:ae:9f:10:a7:4e:da:d2:35:
be:34:fa:a1:bd:16:86:82:a3:fd:d5:fd:49:d5:a2:be:98:8e:
10:8b:61:02:2f:0f:28:54:fa:aa:af:0e:27:ba:c3:9c:96:4c:
0d:c5:3a:93:62:1c:3c:99:7e:49:cd:a3:d2:d1:36:11:84:0a:
53:3c:14:9e:4a:75:7b:db:cd:2d:7d:c4:78:5d:0d:70:f7:53:
03:00:30:44:bb:c7:91:f7:c9:9c:f3:69:33:6a:60:ec:4b:4f:
19:1d:e5:e1:07:7d:38:d6:18:5e:e0:88:66:ae:c9:e9:f2:78:
2e:90:e4:29:aa:ea:60:cb:71:1c:1e:63:6d:0e:bc:dd:9c:0f:
51:eb:18:47:03:59:00:d7:fa:af:f1:52:c3:63:dd:16:1a:fd:
dd:1f:5e:7a:d7:5d:ca:fc:30:bb:f8:ce:96:9c:72:63:0c:de:
39:99:18:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3ruCGQrk4OW73ZoO6emeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTU2ZTJkNjNhYzVkYTliZWQzNWRhMDFjYmZhZDIyNWYw
NGJlYjAwHhcNMjQwMTAyMDYzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2M1Y2YwODQ5Nzc1NjhlMTMzYzlmN2U2NGRmZDRjYmI0NTFiMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHn4Q6S4KIfCbg+8DJ8qVG+J0PXJ
sibV52vWIcO/NcV4FKIn6JbPC21nc+bsq0OPF2NpY4B6bC8xuyal5QRAZ9tTDH+i
0l7ifZ0KVPzTakoxLudRXHyW2dLWhHMk/1QQETgsdwhNnXlVeL9gHJptkSfCOzXV
Ktd2uhef6yZpu5xZSohBwdQRZgmN+6nCVmXjIoUebJzSw8I9tl4wnUFGOuHlf9t+
HJjO58LIHdVEAK1cvdhGj4LYvXYvT7xVnqEpSX+QLEEHnk1IHOoioLcBZYoKW/yt
cSznzKsjZafxcF78bpEB4Rn7cvxlFRRD1Ln7uEWsQcyLXVL8xH5dFzSa0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIfFzwhJd1aOEzyffmTf1Mu0UbFvMB8GA1UdIwQY
MBaAFNilbi1jrF2pvtNdoBy/rSJfBL6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4Njct
ZThkNDdiYmEyNWJmLzEvaDhYUENFbDNWbzRUUEo5LVpOX1V5N1JSc1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4NjctZThkNDdiYmEyNWJm
LzEvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuZ8YMA8E
AgACMAkDBwAqAJtAAAAwDQYJKoZIhvcNAQELBQADggEBAETCpbGsP0kECxeYCR6r
XMi40O4ASz1F/iMa8jDpXR2b1n5tJfCTvgrtndqVmZlTPloueDbHUnSkcqiwTnQw
Hs/NPsZeID6vmMMAdrp0ppFsI/uunxCnTtrSNb40+qG9FoaCo/3V/UnVor6YjhCL
YQIvDyhU+qqvDie6w5yWTA3FOpNiHDyZfknNo9LRNhGEClM8FJ5KdXvbzS19xHhd
DXD3UwMAMES7x5H3yZzzaTNqYOxLTxkd5eEHfTjWGF7giGauyenyeC6Q5Cmq6mDL
cRweY20OvN2cD1HrGEcDWQDX+q/xUsNj3RYa/d0fXnrXXcr8MLv4zpaccmMM3jmZ
GEU=
-----END CERTIFICATE-----
Generated at Sat May 25 01:55:18 2024 by rpki-client on console-ams.rpki-client.org