Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/904vUlY6k3TFGLQzL_3HR7oGxjo.roa
File: 904vUlY6k3TFGLQzL_3HR7oGxjo.roa (raw, json)
Hash identifier: +mxDI2rDLpgEvk8E52qM83WtuOOhfflZ2v8kqYR9zH0=
Subject key identifier: F7:4E:2F:52:56:3A:93:74:C5:18:B4:33:2F:FD:C7:47:BA:06:C6:3A
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018CC7946CF401408534D945813EBAF09473
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/904vUlY6k3TFGLQzL_3HR7oGxjo.roa
Signing time: Tue 02 Jan 2024 00:30:42 +0000
ROA not before: Tue 02 Jan 2024 00:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150630
IP address blocks: 185.171.254.0/23 maxlen: 23
185.226.206.0/23 maxlen: 23
185.226.204.0/23 maxlen: 23
185.101.252.0/23 maxlen: 23
185.101.254.0/23 maxlen: 23
185.171.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 13:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:6c:f4:01:40:85:34:d9:45:81:3e:ba:f0:94:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 2 00:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f74e2f52563a9374c518b4332ffdc747ba06c63a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:11:18:66:54:f5:6b:2d:1d:19:a9:17:56:0b:
de:de:64:4b:82:70:0f:92:3a:51:27:4c:6b:42:9d:
ab:03:60:7b:18:d4:e3:fa:82:8e:20:bd:d3:c9:7d:
56:bc:d2:03:a5:87:9f:b7:8f:71:b1:01:4c:2a:82:
1e:a8:6b:7a:25:06:7d:64:b0:86:00:c0:ba:eb:22:
94:ed:f6:81:5e:01:1e:03:b9:91:ab:66:cc:81:86:
1a:f4:09:35:6a:09:63:24:f3:e8:74:fe:eb:ef:91:
d3:18:46:6e:95:f6:85:3f:b5:0f:85:18:55:d7:a1:
71:df:a9:12:84:00:03:2a:ff:de:34:4c:a8:db:17:
8d:18:d3:1c:e1:fa:b1:0a:53:11:95:5d:2f:00:42:
c8:a4:67:86:b6:14:53:4a:ba:7d:2b:62:77:f8:3d:
b1:96:79:2d:bc:c5:57:28:24:d7:33:b4:4e:4e:82:
9c:7a:79:7e:ab:61:e5:33:ad:73:72:f0:bc:59:c8:
66:9e:b1:2d:30:5a:75:d7:f5:a7:a2:19:92:c6:d2:
72:55:1a:4e:b4:ec:53:bd:9b:06:b6:ed:1f:e4:24:
55:bf:9b:95:cb:19:7a:d2:c0:37:9c:31:ae:5a:de:
17:e2:7e:66:05:ac:77:bd:8d:3c:f5:ea:9a:99:76:
9e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4E:2F:52:56:3A:93:74:C5:18:B4:33:2F:FD:C7:47:BA:06:C6:3A
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/904vUlY6k3TFGLQzL_3HR7oGxjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.252.0/22
185.171.252.0/22
185.226.204.0/22
Signature Algorithm: sha256WithRSAEncryption
04:9c:b5:63:13:2d:77:d1:b8:45:7c:40:65:5a:42:1f:6b:35:
2c:8a:e0:fb:26:d0:7e:77:d3:a2:e0:f4:8c:f3:33:78:13:2e:
7f:34:f5:f1:d9:5f:d0:f5:4e:06:fc:5d:0b:97:46:68:89:bf:
34:77:3b:3b:7d:2a:95:e0:cc:08:16:ec:2f:2b:69:a4:e8:be:
a0:73:53:fe:c9:3d:70:8e:9b:36:55:02:a7:19:92:00:94:16:
86:f9:55:4c:21:43:bf:c5:d8:5d:f6:8e:2e:bb:fa:82:a6:90:
8c:b2:19:69:d2:d7:26:89:4e:20:c7:48:97:9d:49:d2:84:26:
3d:c7:59:73:59:1a:72:28:84:b1:92:2c:05:ca:48:68:da:8a:
2b:d4:f1:50:0a:7c:9c:a2:be:65:b0:a3:59:6d:34:39:08:c1:
88:a5:d0:14:79:22:5f:4b:99:05:fe:dc:19:db:5a:91:b8:54:
2a:f0:92:a9:49:24:3c:b9:8e:11:1a:4f:8c:37:55:65:77:0f:
cd:d2:eb:68:d3:52:fe:e2:95:cf:22:e1:01:66:2f:fd:2c:58:
1d:67:14:8e:4f:09:0d:2b:84:89:38:40:c6:75:d8:fb:a0:b4:
5d:f6:d5:b7:b9:85:04:44:2a:21:74:0c:bc:d6:1f:7d:03:74:
8e:6f:eb:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlGz0AUCFNNlFgT668JRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwMTAyMDAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzRlMmY1MjU2M2E5Mzc0YzUxOGI0MzMyZmZkYzc0N2JhMDZjNjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxEYZlT1ay0dGakXVgve3mRLgnAP
kjpRJ0xrQp2rA2B7GNTj+oKOIL3TyX1WvNIDpYeft49xsQFMKoIeqGt6JQZ9ZLCG
AMC66yKU7faBXgEeA7mRq2bMgYYa9Ak1agljJPPodP7r75HTGEZulfaFP7UPhRhV
16Fx36kShAADKv/eNEyo2xeNGNMc4fqxClMRlV0vAELIpGeGthRTSrp9K2J3+D2x
lnktvMVXKCTXM7ROToKcenl+q2HlM61zcvC8WchmnrEtMFp11/WnohmSxtJyVRpO
tOxTvZsGtu0f5CRVv5uVyxl60sA3nDGuWt4X4n5mBax3vY089eqamXaeKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPdOL1JWOpN0xRi0My/9x0e6BsY6MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvOTA0dlVsWTZrM1RGR0xRekxfM0hSN29HeGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuWX8AwQC
uav8AwQCueLMMA0GCSqGSIb3DQEBCwUAA4IBAQAEnLVjEy130bhFfEBlWkIfazUs
iuD7JtB+d9Oi4PSM8zN4Ey5/NPXx2V/Q9U4G/F0Ll0Zoib80dzs7fSqV4MwIFuwv
K2mk6L6gc1P+yT1wjps2VQKnGZIAlBaG+VVMIUO/xdhd9o4uu/qCppCMshlp0tcm
iU4gx0iXnUnShCY9x1lzWRpyKISxkiwFykho2oor1PFQCnycor5lsKNZbTQ5CMGI
pdAUeSJfS5kF/twZ21qRuFQq8JKpSSQ8uY4RGk+MN1Vldw/N0uto01L+4pXPIuEB
Zi/9LFgdZxSOTwkNK4SJOEDGddj7oLRd9tW3uYUERCohdAy81h99A3SOb+sF
-----END CERTIFICATE-----
Generated at Sat May 4 18:13:36 2024 by rpki-client on console-ams.rpki-client.org