Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/_227wBGnul1A-rWr84k8Q5jPDxU.roa
File: _227wBGnul1A-rWr84k8Q5jPDxU.roa (raw, json)
Hash identifier: bY3KTaRkyy52pW3yc4L2LzyNE/PY2T8/EnchbZyJTRk=
Subject key identifier: FF:6D:BB:C0:11:A7:BA:5D:40:FA:B5:AB:F3:89:3C:43:98:CF:0F:15
Certificate issuer: /CN=845d042f65e1b1303a44e43e0e02748a75837b44
Certificate serial: 018F191C8F40C70A1C94657E7E421435C739
Authority key identifier: 84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/_227wBGnul1A-rWr84k8Q5jPDxU.roa
Signing time: Fri 26 Apr 2024 06:34:13 +0000
ROA not before: Fri 26 Apr 2024 06:34:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207604
IP address blocks: 185.119.88.0/24 maxlen: 24
185.119.89.0/24 maxlen: 24
185.119.90.0/24 maxlen: 24
185.119.91.0/24 maxlen: 24
185.241.212.0/24 maxlen: 24
185.241.214.0/24 maxlen: 24
2a0c:bf80:5a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 17:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:1c:8f:40:c7:0a:1c:94:65:7e:7e:42:14:35:c7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=845d042f65e1b1303a44e43e0e02748a75837b44
Validity
Not Before: Apr 26 06:34:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff6dbbc011a7ba5d40fab5abf3893c4398cf0f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b9:ff:f6:f6:19:c7:4d:7a:8b:b9:cb:7f:8e:
a8:af:c0:21:8b:b3:41:da:31:cf:d5:51:8d:af:b2:
cf:b1:98:f1:26:86:66:68:ae:cd:93:25:dc:cc:1d:
e3:83:7a:f7:8e:23:e6:93:15:95:89:f0:39:d1:a8:
34:eb:d2:24:ef:c2:1c:74:9e:60:bb:45:2f:01:04:
53:20:2f:d3:78:da:dd:6e:c7:0f:87:47:df:c5:cf:
eb:d2:b6:91:5e:26:d2:71:5f:1c:a5:df:a5:7e:51:
6b:9e:e3:f1:b0:83:b4:1b:bf:85:04:ca:4e:e2:8a:
a5:8f:b8:db:50:e5:85:05:0f:fb:b6:25:7f:f0:bb:
d1:f8:af:57:66:54:36:4d:b6:40:2a:fd:35:9d:3e:
17:06:9d:d0:fe:3e:97:1a:26:5b:b4:91:48:40:5a:
c8:2c:77:73:8e:94:20:a1:26:51:8f:61:bc:09:18:
04:1b:c0:7b:73:a3:33:0b:07:cc:8e:30:20:5a:fc:
b5:39:ea:69:77:8e:a5:5e:8c:e8:95:d5:39:71:13:
38:22:c6:df:c0:be:7e:01:6a:83:f6:17:a9:c8:b2:
4c:f1:aa:0e:9d:66:75:e9:4e:d2:61:5c:ee:b7:c2:
72:ad:d7:ba:c5:94:2d:46:59:6c:33:b2:f9:23:90:
62:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:6D:BB:C0:11:A7:BA:5D:40:FA:B5:AB:F3:89:3C:43:98:CF:0F:15
X509v3 Authority Key Identifier:
keyid:84:5D:04:2F:65:E1:B1:30:3A:44:E4:3E:0E:02:74:8A:75:83:7B:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/_227wBGnul1A-rWr84k8Q5jPDxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/96dbcd-6a39-4c20-9128-d8c351d93ec6/1/hF0EL2XhsTA6ROQ-DgJ0inWDe0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.88.0/22
185.241.212.0/24
185.241.214.0/24
IPv6:
2a0c:bf80:5a::/48
Signature Algorithm: sha256WithRSAEncryption
c7:e9:72:38:cd:01:f5:f8:4f:cd:03:d0:15:5b:a3:e0:66:25:
51:3b:38:85:b0:c1:10:08:25:93:91:ed:be:5c:d3:df:8a:f2:
79:86:2b:71:ca:4d:63:d4:2c:f9:9e:49:06:1a:8c:e9:04:23:
1c:7c:b0:bc:92:0e:15:85:ad:c6:6e:7d:2d:6f:71:d6:c5:17:
3a:8f:f9:e0:97:4a:21:00:91:43:1f:45:70:86:bb:ed:91:6c:
5e:27:2b:cd:cf:8d:50:1d:c9:db:d4:f9:47:eb:25:82:73:e2:
fe:fe:75:2d:aa:8b:52:bc:7a:f0:61:8b:23:3d:58:87:fc:7a:
76:d3:b5:1a:1b:e3:a0:4c:0f:27:73:c0:55:77:43:7a:50:cf:
ad:0a:78:2c:a5:c5:39:0c:e1:f4:04:cd:8c:01:db:3d:e9:3d:
e0:2f:0f:f2:71:5b:61:57:bc:75:b3:02:f9:d0:37:34:e9:ca:
47:4a:77:2f:eb:48:a4:98:05:8b:6d:f1:d3:01:bc:d3:4d:24:
60:ab:4d:3c:27:49:d7:9b:bc:8a:9e:fd:49:a0:d2:eb:e1:56:
21:44:c4:0b:d7:00:06:35:23:77:f5:5d:ef:43:69:79:10:2b:
87:4c:dd:98:d3:00:ab:0a:37:e6:8d:e6:29:83:c5:72:94:42:
e5:66:53:db
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY8ZHI9AxwoclGV+fkIUNcc5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NWQwNDJmNjVlMWIxMzAzYTQ0ZTQzZTBlMDI3NDhhNzU4
MzdiNDQwHhcNMjQwNDI2MDYzNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjZkYmJjMDExYTdiYTVkNDBmYWI1YWJmMzg5M2M0Mzk4Y2YwZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprn/9vYZx016i7nLf46or8Ahi7NB
2jHP1VGNr7LPsZjxJoZmaK7NkyXczB3jg3r3jiPmkxWVifA50ag069Ik78IcdJ5g
u0UvAQRTIC/TeNrdbscPh0ffxc/r0raRXibScV8cpd+lflFrnuPxsIO0G7+FBMpO
4oqlj7jbUOWFBQ/7tiV/8LvR+K9XZlQ2TbZAKv01nT4XBp3Q/j6XGiZbtJFIQFrI
LHdzjpQgoSZRj2G8CRgEG8B7c6MzCwfMjjAgWvy1Oeppd46lXozoldU5cRM4Isbf
wL5+AWqD9hepyLJM8aoOnWZ16U7SYVzut8Jyrde6xZQtRllsM7L5I5BiWwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFP9tu8ARp7pdQPq1q/OJPEOYzw8VMB8GA1UdIwQY
MBaAFIRdBC9l4bEwOkTkPg4CdIp1g3tEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgt
ZDhjMzUxZDkzZWM2LzEvXzIyN3dCR251bDFBLXJXcjg0azhRNWpQRHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85NmRiY2QtNmEzOS00YzIwLTkxMjgtZDhjMzUxZDkzZWM2
LzEvaEYwRUwyWGhzVEE2Uk9RLURnSjBpbldEZTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuXdYAwQA
ufHUAwQAufHWMA8EAgACMAkDBwAqDL+AAFowDQYJKoZIhvcNAQELBQADggEBAMfp
cjjNAfX4T80D0BVbo+BmJVE7OIWwwRAIJZOR7b5c09+K8nmGK3HKTWPULPmeSQYa
jOkEIxx8sLySDhWFrcZufS1vcdbFFzqP+eCXSiEAkUMfRXCGu+2RbF4nK83PjVAd
ydvU+UfrJYJz4v7+dS2qi1K8evBhiyM9WIf8enbTtRob46BMDydzwFV3Q3pQz60K
eCylxTkM4fQEzYwB2z3pPeAvD/JxW2FXvHWzAvnQNzTpykdKdy/rSKSYBYtt8dMB
vNNNJGCrTTwnSdebvIqe/Umg0uvhViFExAvXAAY1I3f1Xe9DaXkQK4dM3ZjTAKsK
N+aN5imDxXKUQuVmU9s=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:23:19 2024 by rpki-client on console-ams.rpki-client.org