Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/4hjTK9t80-M4MSMOPKAQ4cHAMyA.roa
File: 4hjTK9t80-M4MSMOPKAQ4cHAMyA.roa (raw, json)
Hash identifier: zrs2R3lvYCjBBe+S8a00r+YasywPDi8h2a2i9F6l/uY=
Subject key identifier: E2:18:D3:2B:DB:7C:D3:E3:38:31:23:0E:3C:A0:10:E1:C1:C0:33:20
Certificate issuer: /CN=856f0c90073afb8ecde7e83409ceabdb93b41a4e
Certificate serial: 018CC86F3387ED61DA33063A20C1564635AD
Authority key identifier: 85:6F:0C:90:07:3A:FB:8E:CD:E7:E8:34:09:CE:AB:DB:93:B4:1A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hW8MkAc6-47N5-g0Cc6r25O0Gk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/4hjTK9t80-M4MSMOPKAQ4cHAMyA.roa
Signing time: Tue 02 Jan 2024 04:29:40 +0000
ROA not before: Tue 02 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21276
IP address blocks: 185.110.92.0/24 maxlen: 32
93.187.111.0/24 maxlen: 32
185.110.95.0/24 maxlen: 32
2a14:5400::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/hW8MkAc6-47N5-g0Cc6r25O0Gk4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/hW8MkAc6-47N5-g0Cc6r25O0Gk4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hW8MkAc6-47N5-g0Cc6r25O0Gk4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:33:87:ed:61:da:33:06:3a:20:c1:56:46:35:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=856f0c90073afb8ecde7e83409ceabdb93b41a4e
Validity
Not Before: Jan 2 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e218d32bdb7cd3e33831230e3ca010e1c1c03320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:81:5a:0e:72:d9:04:35:b5:45:e6:a7:8b:53:
cb:f4:14:d8:17:d7:91:6d:ef:44:bb:7e:ec:73:a6:
6e:10:ca:aa:18:5b:6e:d2:2e:8f:3e:af:bb:cd:5d:
c0:a5:4d:be:2d:ec:d6:26:1a:12:2f:65:63:1a:dc:
29:bd:87:2b:9a:f8:b2:67:80:d5:e5:ee:fd:e7:28:
87:83:59:0b:cd:cf:d4:3b:04:0a:db:1a:1e:d2:9a:
2a:85:12:e5:31:96:0d:b8:7e:55:06:40:74:2e:28:
f2:de:bc:80:58:e2:91:8a:68:cd:bc:65:81:4e:81:
59:17:d5:67:d1:bd:07:b6:0d:bc:6d:fb:28:48:bd:
25:84:2b:d0:5f:9c:80:30:34:54:e8:05:47:a6:19:
61:f8:3b:b6:94:78:ac:8e:95:74:20:7d:bc:a2:68:
ee:76:d5:00:e1:c0:01:16:60:0b:ae:a7:1e:f5:25:
33:79:63:c3:25:80:97:c2:93:81:66:4f:0a:e3:4b:
30:3f:4a:99:b1:7d:d3:46:79:3b:12:ab:c3:32:e4:
01:41:72:cb:45:4e:e0:8e:1c:91:85:72:2b:c3:6b:
df:0a:95:9a:db:70:42:0b:8b:ec:f0:cf:5e:9a:95:
9d:c2:8d:f2:1e:1c:02:0a:1a:2d:0e:df:94:38:7f:
23:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:18:D3:2B:DB:7C:D3:E3:38:31:23:0E:3C:A0:10:E1:C1:C0:33:20
X509v3 Authority Key Identifier:
keyid:85:6F:0C:90:07:3A:FB:8E:CD:E7:E8:34:09:CE:AB:DB:93:B4:1A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hW8MkAc6-47N5-g0Cc6r25O0Gk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/4hjTK9t80-M4MSMOPKAQ4cHAMyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/hW8MkAc6-47N5-g0Cc6r25O0Gk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.111.0/24
185.110.92.0/24
185.110.95.0/24
IPv6:
2a14:5400::/32
Signature Algorithm: sha256WithRSAEncryption
1d:0d:9d:91:e2:92:81:c1:e9:39:5f:e0:ae:51:21:00:42:e2:
15:fc:7a:e2:f2:56:b4:b0:15:31:42:8e:aa:5f:c5:aa:18:0e:
f9:3b:9b:99:05:c2:21:56:ab:b5:89:dc:68:f3:fc:ea:31:18:
25:4a:ce:6a:ef:6b:9b:94:db:05:21:64:f7:b2:a3:b1:b6:18:
ed:8c:ae:af:63:7b:f3:ba:16:ab:62:b1:3f:b7:a9:99:c3:9f:
09:4a:3c:da:d3:d9:88:e2:44:18:ba:e7:ce:f6:c6:8e:b5:a3:
28:17:42:5e:6e:39:c2:21:34:b1:26:03:2f:59:04:70:72:d9:
a4:52:e3:52:fa:fa:d8:24:ac:a4:d7:2d:c7:1c:92:ad:18:98:
ef:f2:ba:77:f4:e2:f7:df:2b:a0:d3:aa:72:45:a8:81:cb:4b:
db:aa:e7:02:f0:4c:2e:69:20:1d:a0:72:ad:cd:88:2d:cc:1c:
8e:d4:cb:cd:91:4c:b3:e0:59:4a:0f:d5:6a:cd:93:26:eb:69:
cf:2c:9c:7c:13:f4:ba:18:bb:b0:78:82:ad:4f:5f:b3:30:44:
ec:3f:9b:d3:02:4e:89:7e:62:47:73:02:3c:02:8f:57:af:52:
92:10:d3:6e:4d:2a:7e:ab:40:3b:54:5e:50:e3:b3:bb:2a:0d:
3c:96:3c:6a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIbzOH7WHaMwY6IMFWRjWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NmYwYzkwMDczYWZiOGVjZGU3ZTgzNDA5Y2VhYmRiOTNi
NDFhNGUwHhcNMjQwMTAyMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjE4ZDMyYmRiN2NkM2UzMzgzMTIzMGUzY2EwMTBlMWMxYzAzMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioFaDnLZBDW1Reani1PL9BTYF9eR
be9Eu37sc6ZuEMqqGFtu0i6PPq+7zV3ApU2+LezWJhoSL2VjGtwpvYcrmviyZ4DV
5e795yiHg1kLzc/UOwQK2xoe0poqhRLlMZYNuH5VBkB0Lijy3ryAWOKRimjNvGWB
ToFZF9Vn0b0Htg28bfsoSL0lhCvQX5yAMDRU6AVHphlh+Du2lHisjpV0IH28omju
dtUA4cABFmALrqce9SUzeWPDJYCXwpOBZk8K40swP0qZsX3TRnk7EqvDMuQBQXLL
RU7gjhyRhXIrw2vfCpWa23BCC4vs8M9empWdwo3yHhwCChotDt+UOH8jYQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOIY0yvbfNPjODEjDjygEOHBwDMgMB8GA1UdIwQY
MBaAFIVvDJAHOvuOzefoNAnOq9uTtBpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFc4TWtBYzYtNDdONS1nMENjNnIyNU8wR2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8yMDQyNjgtNjA3OC00YjUzLTk0ZDIt
NDRmZGU5NmI4YWVjLzEvNGhqVEs5dDgwLU00TVNNT1BLQVE0Y0hBTXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8yMDQyNjgtNjA3OC00YjUzLTk0ZDItNDRmZGU5NmI4YWVj
LzEvaFc4TWtBYzYtNDdONS1nMENjNnIyNU8wR2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXbtvAwQA
uW5cAwQAuW5fMA0EAgACMAcDBQAqFFQAMA0GCSqGSIb3DQEBCwUAA4IBAQAdDZ2R
4pKBwek5X+CuUSEAQuIV/Hri8la0sBUxQo6qX8WqGA75O5uZBcIhVqu1idxo8/zq
MRglSs5q72ublNsFIWT3sqOxthjtjK6vY3vzuharYrE/t6mZw58JSjza09mI4kQY
uufO9saOtaMoF0JebjnCITSxJgMvWQRwctmkUuNS+vrYJKyk1y3HHJKtGJjv8rp3
9OL33yug06pyRaiBy0vbqucC8EwuaSAdoHKtzYgtzByO1MvNkUyz4FlKD9VqzZMm
62nPLJx8E/S6GLuweIKtT1+zMETsP5vTAk6JfmJHcwI8Ao9Xr1KSENNuTSp+q0A7
VF5Q47O7Kg08ljxq
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:23:09 2024 by rpki-client on console-ams.rpki-client.org