Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/59e14e-415f-401a-adce-e1df45980c78/1/94hMd4Y2QYBZYZ6-QAuaLVwcheE.roa
File: 94hMd4Y2QYBZYZ6-QAuaLVwcheE.roa (raw, json)
Hash identifier: NK7IFZ/3hsHm5dm0aBnq1U7ewCFhL6CoC5sH+4ywi4M=
Subject key identifier: F7:88:4C:77:86:36:41:80:59:61:9E:BE:40:0B:9A:2D:5C:1C:85:E1
Certificate issuer: /CN=e2c144ee32fdd75013e7f1b8c2d807d3daed8bbe
Certificate serial: 018CC8DF2DBB1E4D55B5781C7F464292B005
Authority key identifier: E2:C1:44:EE:32:FD:D7:50:13:E7:F1:B8:C2:D8:07:D3:DA:ED:8B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sFE7jL911AT5_G4wtgH09rti74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/59e14e-415f-401a-adce-e1df45980c78/1/94hMd4Y2QYBZYZ6-QAuaLVwcheE.roa
Signing time: Tue 02 Jan 2024 06:31:58 +0000
ROA not before: Tue 02 Jan 2024 06:31:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205834
IP address blocks: 185.202.176.0/22 maxlen: 24
2a0e:c000::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/59e14e-415f-401a-adce-e1df45980c78/1/4sFE7jL911AT5_G4wtgH09rti74.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/59e14e-415f-401a-adce-e1df45980c78/1/4sFE7jL911AT5_G4wtgH09rti74.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sFE7jL911AT5_G4wtgH09rti74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:2d:bb:1e:4d:55:b5:78:1c:7f:46:42:92:b0:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c144ee32fdd75013e7f1b8c2d807d3daed8bbe
Validity
Not Before: Jan 2 06:31:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7884c778636418059619ebe400b9a2d5c1c85e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:80:87:89:1e:aa:6a:30:66:cd:7f:19:68:24:
d2:34:98:26:bd:1e:0a:e8:df:a5:a6:75:ed:27:41:
ce:48:7a:44:a8:27:3d:d4:cb:25:6f:73:b0:a5:03:
6c:96:62:9a:e4:c7:83:51:f6:9b:1a:5a:fc:0b:02:
5d:6c:e4:17:21:17:e8:02:ad:aa:6c:9d:b5:5d:ec:
e0:12:bc:09:73:d6:70:18:0c:53:61:e3:80:6a:46:
00:14:31:0e:6e:b5:eb:64:92:02:ea:31:85:6c:0f:
06:7d:0e:b8:00:46:34:c8:5f:fb:07:ca:6c:cf:e7:
57:83:59:f4:ba:79:c4:fd:ff:53:13:ef:59:c0:9b:
67:4b:0a:c8:21:ec:b3:8b:a0:00:31:a1:83:d9:8d:
72:5b:e6:a4:b8:7e:27:2c:92:c7:a2:5d:22:c5:5f:
ed:78:46:68:3b:32:89:eb:67:23:a8:9d:31:75:a6:
91:13:cf:ed:38:21:cb:42:1b:64:13:c4:de:d9:98:
33:fb:50:f2:ac:03:7d:a0:0d:20:6a:e1:81:d6:7a:
91:c0:11:9e:fd:cf:32:51:fa:2f:33:14:63:bf:47:
c0:eb:58:53:27:5e:d6:31:55:1c:56:c1:b3:a4:10:
4d:3c:ee:fc:fe:d3:73:3b:3f:87:ac:2e:a9:57:57:
0d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:88:4C:77:86:36:41:80:59:61:9E:BE:40:0B:9A:2D:5C:1C:85:E1
X509v3 Authority Key Identifier:
keyid:E2:C1:44:EE:32:FD:D7:50:13:E7:F1:B8:C2:D8:07:D3:DA:ED:8B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sFE7jL911AT5_G4wtgH09rti74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/59e14e-415f-401a-adce-e1df45980c78/1/94hMd4Y2QYBZYZ6-QAuaLVwcheE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/59e14e-415f-401a-adce-e1df45980c78/1/4sFE7jL911AT5_G4wtgH09rti74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.176.0/22
IPv6:
2a0e:c000::/29
Signature Algorithm: sha256WithRSAEncryption
5b:b0:23:84:38:e5:25:80:f9:61:94:78:1a:ec:0c:cf:67:80:
0d:14:63:ef:b4:01:0a:0e:17:0c:3e:d6:1e:2c:1d:41:90:ee:
1d:b6:62:e2:6f:38:40:22:e4:35:fe:1a:32:1f:a2:97:17:51:
ec:37:80:cc:b3:93:2b:55:0c:66:dc:65:b1:44:5e:89:c3:d9:
1c:66:61:b4:ec:da:ef:fe:a7:b7:cf:d4:c2:6d:9e:87:fd:1d:
f3:5d:2d:14:17:4a:13:84:d2:f5:cc:11:f8:e5:bd:90:a3:8a:
5e:c4:26:75:4c:c6:1f:62:19:8e:10:02:40:22:cb:14:6d:6b:
ca:a8:87:b5:e2:59:a9:23:59:1c:dd:11:7e:1e:a0:62:b2:5b:
2a:48:f4:53:8a:a8:01:59:5a:36:a4:f6:6b:0a:60:54:cd:c4:
ae:86:ef:a9:2b:a3:08:96:f3:5e:47:97:cb:77:13:b9:ef:63:
21:5d:3a:1f:22:00:02:e1:66:05:32:7b:d8:12:b9:36:16:a9:
d9:3c:78:91:29:37:d1:17:ed:77:97:c9:58:4d:88:d5:2d:14:
c5:ef:e1:63:b2:00:f6:39:94:a3:30:0c:93:74:5e:66:74:1b:
2a:2d:cb:75:2e:15:48:84:dd:ac:99:d9:f3:c1:a9:0e:46:ec:
5b:61:5e:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3y27Hk1VtXgcf0ZCkrAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzE0NGVlMzJmZGQ3NTAxM2U3ZjFiOGMyZDgwN2QzZGFl
ZDhiYmUwHhcNMjQwMTAyMDYzMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzg4NGM3Nzg2MzY0MTgwNTk2MTllYmU0MDBiOWEyZDVjMWM4NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoCHiR6qajBmzX8ZaCTSNJgmvR4K
6N+lpnXtJ0HOSHpEqCc91Mslb3OwpQNslmKa5MeDUfabGlr8CwJdbOQXIRfoAq2q
bJ21XezgErwJc9ZwGAxTYeOAakYAFDEObrXrZJIC6jGFbA8GfQ64AEY0yF/7B8ps
z+dXg1n0unnE/f9TE+9ZwJtnSwrIIeyzi6AAMaGD2Y1yW+akuH4nLJLHol0ixV/t
eEZoOzKJ62cjqJ0xdaaRE8/tOCHLQhtkE8Te2Zgz+1DyrAN9oA0gauGB1nqRwBGe
/c8yUfovMxRjv0fA61hTJ17WMVUcVsGzpBBNPO78/tNzOz+HrC6pV1cNRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPeITHeGNkGAWWGevkALmi1cHIXhMB8GA1UdIwQY
MBaAFOLBRO4y/ddQE+fxuMLYB9Pa7Yu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNGRTdqTDkxMUFUNV9HNHd0Z0gwOXJ0aTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC81OWUxNGUtNDE1Zi00MDFhLWFkY2Ut
ZTFkZjQ1OTgwYzc4LzEvOTRoTWQ0WTJRWUJaWVo2LVFBdWFMVndjaGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC81OWUxNGUtNDE1Zi00MDFhLWFkY2UtZTFkZjQ1OTgwYzc4
LzEvNHNGRTdqTDkxMUFUNV9HNHd0Z0gwOXJ0aTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucqwMA0E
AgACMAcDBQMqDsAAMA0GCSqGSIb3DQEBCwUAA4IBAQBbsCOEOOUlgPlhlHga7AzP
Z4ANFGPvtAEKDhcMPtYeLB1BkO4dtmLibzhAIuQ1/hoyH6KXF1HsN4DMs5MrVQxm
3GWxRF6Jw9kcZmG07Nrv/qe3z9TCbZ6H/R3zXS0UF0oThNL1zBH45b2Qo4pexCZ1
TMYfYhmOEAJAIssUbWvKqIe14lmpI1kc3RF+HqBislsqSPRTiqgBWVo2pPZrCmBU
zcSuhu+pK6MIlvNeR5fLdxO572MhXTofIgAC4WYFMnvYErk2FqnZPHiRKTfRF+13
l8lYTYjVLRTF7+FjsgD2OZSjMAyTdF5mdBsqLct1LhVIhN2smdnzwakORuxbYV7Q
-----END CERTIFICATE-----
Generated at Sun May 19 07:47:38 2024 by rpki-client on console-fra.rpki-client.org