Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/0sgoD6aJeFTD6HYv5yJCd51zydw.roa
File: 0sgoD6aJeFTD6HYv5yJCd51zydw.roa (raw, json)
Hash identifier: M4KVBErkT0yZXP9ywJlJd4HaAwTOJUBDoedQW8VZOjQ=
Subject key identifier: D2:C8:28:0F:A6:89:78:54:C3:E8:76:2F:E7:22:42:77:9D:73:C9:DC
Certificate issuer: /CN=0502861f923c7ec1132b548f7abb861baca1f406
Certificate serial: 018CC86F057CEE2488AFACFD0C2F88B503B4
Authority key identifier: 05:02:86:1F:92:3C:7E:C1:13:2B:54:8F:7A:BB:86:1B:AC:A1:F4:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/0sgoD6aJeFTD6HYv5yJCd51zydw.roa
Signing time: Tue 02 Jan 2024 04:29:28 +0000
ROA not before: Tue 02 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206281
IP address blocks: 185.104.31.0/24 maxlen: 24
185.104.28.0/24 maxlen: 24
185.104.29.0/24 maxlen: 24
185.104.30.0/24 maxlen: 24
2a06:2ec0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/BQKGH5I8fsETK1SPeruGG6yh9AY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/BQKGH5I8fsETK1SPeruGG6yh9AY.mft
rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:05:7c:ee:24:88:af:ac:fd:0c:2f:88:b5:03:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0502861f923c7ec1132b548f7abb861baca1f406
Validity
Not Before: Jan 2 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2c8280fa6897854c3e8762fe72242779d73c9dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fc:ab:16:4c:ca:91:c6:c2:c5:d6:bd:fd:d5:
92:b0:1b:8f:b3:5b:b8:8a:33:d6:55:10:56:a6:8a:
86:3e:8d:39:61:83:8e:c7:dc:f7:b2:03:ef:65:33:
ef:30:a6:90:54:52:72:bd:12:af:66:b0:3c:26:68:
bf:e1:cd:f3:13:ee:4a:7e:fb:80:04:3b:dc:3f:4e:
f3:25:a3:e8:61:6c:5b:45:48:ab:93:b5:f3:ef:e6:
9d:be:6b:bc:d4:ca:cc:2a:1a:af:f8:91:0b:d8:cc:
86:6f:94:80:76:18:60:7f:d9:95:b9:51:fd:4d:af:
bb:7e:df:fe:59:52:2d:75:b5:24:7e:44:98:1d:47:
e5:61:b4:54:d5:28:a2:a0:bb:1a:f3:da:8e:ba:3e:
6b:9d:52:7f:4e:85:16:c7:0f:7f:9f:c7:7e:95:d6:
4d:a8:86:d9:27:42:40:f4:04:8c:5b:dc:f6:75:a4:
30:b1:cd:0e:4c:d2:94:90:04:88:32:34:89:fb:53:
a2:10:69:38:33:9f:55:37:6e:21:f2:05:71:1a:42:
e3:60:9f:84:00:e2:ce:8c:89:29:88:85:86:78:74:
0e:b2:8d:9b:7f:c6:0c:32:e8:ac:ac:55:97:93:6a:
a2:b7:44:1d:a4:b4:4c:f0:0b:84:87:c0:da:1f:b3:
16:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C8:28:0F:A6:89:78:54:C3:E8:76:2F:E7:22:42:77:9D:73:C9:DC
X509v3 Authority Key Identifier:
keyid:05:02:86:1F:92:3C:7E:C1:13:2B:54:8F:7A:BB:86:1B:AC:A1:F4:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQKGH5I8fsETK1SPeruGG6yh9AY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/0sgoD6aJeFTD6HYv5yJCd51zydw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a9276f-e8c1-45d6-a42d-0c64debe9ec4/1/BQKGH5I8fsETK1SPeruGG6yh9AY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.28.0/22
IPv6:
2a06:2ec0::/32
Signature Algorithm: sha256WithRSAEncryption
6e:cb:3f:b7:42:4a:e1:3c:4d:97:8d:91:5b:29:66:a9:67:de:
7a:ae:d5:37:7b:64:2c:55:d0:e7:b7:94:7a:8f:5a:28:61:1f:
15:5c:56:48:6f:08:6c:c1:9c:15:4c:f6:e7:be:e7:c1:63:aa:
f1:aa:55:02:16:0d:be:79:5f:2d:52:0b:02:6f:c0:58:26:17:
a3:58:7a:ad:56:01:a7:32:5a:1e:36:b6:e4:a3:17:88:b4:54:
b0:31:3e:02:20:92:10:e0:63:92:e7:af:43:90:d4:d6:c2:51:
6d:d3:e0:71:6a:a9:01:0a:e4:7f:f6:3c:52:0a:6c:62:55:e4:
2a:f6:f9:5c:f5:27:03:bc:c5:58:94:07:6b:76:1f:05:94:6c:
60:44:1a:6e:f9:e8:00:af:46:e3:22:e1:d0:51:0d:2c:3b:76:
9c:8b:5d:8a:ff:75:66:8f:9d:1e:bf:3e:a9:6e:ae:72:01:6f:
30:83:bf:ef:82:4c:b0:3f:87:d2:7d:68:c1:10:a0:fc:bd:b0:
f1:c8:23:21:88:fc:7b:56:03:a6:6d:e9:61:d0:01:b3:01:09:
3a:e4:48:4d:a4:db:8c:ad:4f:50:55:23:59:cb:89:f3:03:08:
7d:38:da:63:6f:d8:89:9e:5c:c2:c6:7c:f6:79:31:79:b8:81:
58:1d:d8:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbwV87iSIr6z9DC+ItQO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI4NjFmOTIzYzdlYzExMzJiNTQ4ZjdhYmI4NjFiYWNh
MWY0MDYwHhcNMjQwMTAyMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmM4MjgwZmE2ODk3ODU0YzNlODc2MmZlNzIyNDI3NzlkNzNjOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifyrFkzKkcbCxda9/dWSsBuPs1u4
ijPWVRBWpoqGPo05YYOOx9z3sgPvZTPvMKaQVFJyvRKvZrA8Jmi/4c3zE+5KfvuA
BDvcP07zJaPoYWxbRUirk7Xz7+advmu81MrMKhqv+JEL2MyGb5SAdhhgf9mVuVH9
Ta+7ft/+WVItdbUkfkSYHUflYbRU1SiioLsa89qOuj5rnVJ/ToUWxw9/n8d+ldZN
qIbZJ0JA9ASMW9z2daQwsc0OTNKUkASIMjSJ+1OiEGk4M59VN24h8gVxGkLjYJ+E
AOLOjIkpiIWGeHQOso2bf8YMMuisrFWXk2qit0QdpLRM8AuEh8DaH7MWiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNLIKA+miXhUw+h2L+ciQnedc8ncMB8GA1UdIwQY
MBaAFAUChh+SPH7BEytUj3q7hhusofQGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFLR0g1SThmc0VUSzFTUGVydUdHNnloOUFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hOTI3NmYtZThjMS00NWQ2LWE0MmQt
MGM2NGRlYmU5ZWM0LzEvMHNnb0Q2YUplRlRENkhZdjV5SkNkNTF6eWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hOTI3NmYtZThjMS00NWQ2LWE0MmQtMGM2NGRlYmU5ZWM0
LzEvQlFLR0g1SThmc0VUSzFTUGVydUdHNnloOUFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWgcMA0E
AgACMAcDBQAqBi7AMA0GCSqGSIb3DQEBCwUAA4IBAQBuyz+3QkrhPE2XjZFbKWap
Z956rtU3e2QsVdDnt5R6j1ooYR8VXFZIbwhswZwVTPbnvufBY6rxqlUCFg2+eV8t
UgsCb8BYJhejWHqtVgGnMloeNrbkoxeItFSwMT4CIJIQ4GOS569DkNTWwlFt0+Bx
aqkBCuR/9jxSCmxiVeQq9vlc9ScDvMVYlAdrdh8FlGxgRBpu+egAr0bjIuHQUQ0s
O3aci12K/3Vmj50evz6pbq5yAW8wg7/vgkywP4fSfWjBEKD8vbDxyCMhiPx7VgOm
belh0AGzAQk65EhNpNuMrU9QVSNZy4nzAwh9ONpjb9iJnlzCxnz2eTF5uIFYHdhX
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:51:01 2024 by rpki-client on console-fra.rpki-client.org