Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/ddf559-433b-408f-a5b2-3fb5adde6040/1/CMYWjbAtGJROWTbiI420oSKGsGg.roa
File: CMYWjbAtGJROWTbiI420oSKGsGg.roa (raw, json)
Hash identifier: pNzudDsJObybxNTJ4JivTwtEXvodKnEq9u3F2jFI6+U=
Subject key identifier: 08:C6:16:8D:B0:2D:18:94:4E:59:36:E2:23:8D:B4:A1:22:86:B0:68
Certificate issuer: /CN=23a7b593c804a683f0c8fa3eda9335af92a89044
Certificate serial: 018CC2DB2EB2A21ADC09FE38184891FA8885
Authority key identifier: 23:A7:B5:93:C8:04:A6:83:F0:C8:FA:3E:DA:93:35:AF:92:A8:90:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6e1k8gEpoPwyPo-2pM1r5KokEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/ddf559-433b-408f-a5b2-3fb5adde6040/1/CMYWjbAtGJROWTbiI420oSKGsGg.roa
Signing time: Mon 01 Jan 2024 02:29:53 +0000
ROA not before: Mon 01 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47164
IP address blocks: 185.174.181.0/24 maxlen: 24
185.174.182.0/24 maxlen: 24
185.174.180.0/24 maxlen: 24
185.174.183.0/24 maxlen: 24
185.174.180.0/22 maxlen: 22
185.227.104.0/24 maxlen: 24
185.227.104.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/ddf559-433b-408f-a5b2-3fb5adde6040/1/I6e1k8gEpoPwyPo-2pM1r5KokEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/ddf559-433b-408f-a5b2-3fb5adde6040/1/I6e1k8gEpoPwyPo-2pM1r5KokEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/I6e1k8gEpoPwyPo-2pM1r5KokEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2e:b2:a2:1a:dc:09:fe:38:18:48:91:fa:88:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23a7b593c804a683f0c8fa3eda9335af92a89044
Validity
Not Before: Jan 1 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08c6168db02d18944e5936e2238db4a12286b068
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:74:09:b3:60:f2:f6:bc:ed:35:29:21:3e:3c:
9b:ba:bc:29:67:f2:0f:6d:38:98:33:d4:05:96:b7:
86:06:60:33:e2:61:b8:8d:5a:fe:6c:fd:59:46:e6:
74:90:9a:32:b6:ce:06:ba:0e:3c:81:6b:6d:ff:b9:
61:35:93:0a:37:4f:5b:b7:30:06:c0:9f:5e:dd:3b:
d0:1e:38:74:e0:94:d8:62:c5:a4:a4:2b:48:e5:96:
d3:c1:d8:9f:68:e0:94:32:87:b4:e0:76:e4:3a:d0:
cf:d8:bd:1b:8a:58:45:10:1a:b4:39:0a:32:f8:f1:
a6:b6:fa:b6:c3:dc:99:7e:e1:fc:85:5b:3f:7e:b0:
27:46:8e:91:ed:69:d7:d2:61:17:19:97:c8:b5:a9:
98:47:e7:03:53:49:c7:e2:d7:4b:ad:8c:dd:b2:dd:
df:90:89:9e:3a:b6:17:00:cc:c0:e1:76:35:0c:25:
12:c3:85:19:e1:9e:fa:f0:11:72:2a:7d:46:b4:20:
c3:4c:c0:cf:13:42:5e:e5:54:7b:45:29:a1:eb:9e:
b2:71:ab:d5:d6:4b:6e:fe:d3:a8:51:a6:5b:7f:17:
3f:17:8d:a9:1f:08:2e:13:29:6c:6a:ce:47:42:93:
4a:7b:53:5c:46:4b:41:60:52:4b:66:04:71:13:de:
81:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C6:16:8D:B0:2D:18:94:4E:59:36:E2:23:8D:B4:A1:22:86:B0:68
X509v3 Authority Key Identifier:
keyid:23:A7:B5:93:C8:04:A6:83:F0:C8:FA:3E:DA:93:35:AF:92:A8:90:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6e1k8gEpoPwyPo-2pM1r5KokEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ddf559-433b-408f-a5b2-3fb5adde6040/1/CMYWjbAtGJROWTbiI420oSKGsGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/ddf559-433b-408f-a5b2-3fb5adde6040/1/I6e1k8gEpoPwyPo-2pM1r5KokEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.180.0/22
185.227.104.0/22
Signature Algorithm: sha256WithRSAEncryption
42:08:7b:2e:04:19:4c:a5:dd:c0:69:cd:e0:e2:3d:f4:b8:55:
4d:5f:c3:ed:d4:7b:fb:5d:39:d2:2e:fd:09:14:71:c8:94:05:
7a:75:84:c0:e9:cd:bb:06:b8:cd:c3:88:60:7e:45:91:8a:80:
83:8c:4e:03:85:bd:84:83:76:6f:1d:58:ba:8e:b8:3b:c6:e9:
f0:bc:ad:cb:1a:f0:ed:64:c8:7c:d1:b3:c8:4d:9b:81:26:c9:
e2:fb:19:30:3a:7d:e3:1d:7f:07:66:23:cd:cb:22:1f:11:70:
ca:02:e0:5b:b6:1f:e8:25:7c:77:e9:86:f0:7b:9d:42:33:02:
30:5f:17:51:97:e1:a5:48:54:2c:86:1b:72:d2:e9:d6:68:73:
4a:83:74:9d:f0:ce:61:64:46:dc:69:e4:9a:04:0f:c5:d1:f1:
63:94:77:b9:88:92:25:43:f4:7a:fd:49:a0:11:0f:19:1d:01:
41:ab:9e:22:10:67:46:f2:ab:b1:f7:68:73:bb:c5:c0:ec:ac:
75:86:04:89:ad:9f:e9:40:7d:ce:a1:7b:63:b8:90:ce:a7:39:
45:2a:a8:bc:10:ec:48:e2:57:eb:a0:29:ba:56:a3:16:03:92:
18:ee:ed:83:18:6c:0e:c6:bc:c6:da:7c:e4:27:28:61:79:cc:
38:e9:25:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2y6yohrcCf44GEiR+oiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTdiNTkzYzgwNGE2ODNmMGM4ZmEzZWRhOTMzNWFmOTJh
ODkwNDQwHhcNMjQwMTAxMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGM2MTY4ZGIwMmQxODk0NGU1OTM2ZTIyMzhkYjRhMTIyODZiMDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHQJs2Dy9rztNSkhPjyburwpZ/IP
bTiYM9QFlreGBmAz4mG4jVr+bP1ZRuZ0kJoyts4Gug48gWtt/7lhNZMKN09btzAG
wJ9e3TvQHjh04JTYYsWkpCtI5ZbTwdifaOCUMoe04HbkOtDP2L0bilhFEBq0OQoy
+PGmtvq2w9yZfuH8hVs/frAnRo6R7WnX0mEXGZfItamYR+cDU0nH4tdLrYzdst3f
kImeOrYXAMzA4XY1DCUSw4UZ4Z768BFyKn1GtCDDTMDPE0Je5VR7RSmh656ycavV
1ktu/tOoUaZbfxc/F42pHwguEylsas5HQpNKe1NcRktBYFJLZgRxE96BjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAjGFo2wLRiUTlk24iONtKEihrBoMB8GA1UdIwQY
MBaAFCOntZPIBKaD8Mj6PtqTNa+SqJBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZlMWs4Z0Vwb1B3eVBvLTJwTTFyNUtva0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9kZGY1NTktNDMzYi00MDhmLWE1YjIt
M2ZiNWFkZGU2MDQwLzEvQ01ZV2piQXRHSlJPV1RiaUk0MjBvU0tHc0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9kZGY1NTktNDMzYi00MDhmLWE1YjItM2ZiNWFkZGU2MDQw
LzEvSTZlMWs4Z0Vwb1B3eVBvLTJwTTFyNUtva0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCua60AwQC
ueNoMA0GCSqGSIb3DQEBCwUAA4IBAQBCCHsuBBlMpd3Aac3g4j30uFVNX8Pt1Hv7
XTnSLv0JFHHIlAV6dYTA6c27BrjNw4hgfkWRioCDjE4Dhb2Eg3ZvHVi6jrg7xunw
vK3LGvDtZMh80bPITZuBJsni+xkwOn3jHX8HZiPNyyIfEXDKAuBbth/oJXx36Ybw
e51CMwIwXxdRl+GlSFQshhty0unWaHNKg3Sd8M5hZEbcaeSaBA/F0fFjlHe5iJIl
Q/R6/UmgEQ8ZHQFBq54iEGdG8qux92hzu8XA7Kx1hgSJrZ/pQH3OoXtjuJDOpzlF
Kqi8EOxI4lfroCm6VqMWA5IY7u2DGGwOxrzG2nzkJyhhecw46SWs
-----END CERTIFICATE-----
Generated at Wed May 22 08:04:53 2024 by rpki-client on console-ams.rpki-client.org