Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/fQuRmOcvLIMQ9CbI9OaQA7wOmDk.roa
File: fQuRmOcvLIMQ9CbI9OaQA7wOmDk.roa (raw, json)
Hash identifier: RVxtwKpPpjkjtK1v/UPtn8EAs50T0kt7fEfsORH1u5k=
Subject key identifier: 7D:0B:91:98:E7:2F:2C:83:10:F4:26:C8:F4:E6:90:03:BC:0E:98:39
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018CCA2A539DD49D65BA0902A6E77A894516
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/fQuRmOcvLIMQ9CbI9OaQA7wOmDk.roa
Signing time: Tue 02 Jan 2024 12:33:40 +0000
ROA not before: Tue 02 Jan 2024 12:33:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205591
IP address blocks: 185.133.208.0/24 maxlen: 24
2a06:e881:2102::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:53:9d:d4:9d:65:ba:09:02:a6:e7:7a:89:45:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 12:33:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d0b9198e72f2c8310f426c8f4e69003bc0e9839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:98:4e:c9:df:e6:f7:3c:32:98:ee:5e:a4:5d:
e6:b7:dc:93:90:89:a8:c8:63:e9:89:3f:da:b4:b5:
a5:2e:88:65:65:ce:0b:b8:c0:59:fc:c3:64:66:ac:
80:5d:0e:82:26:59:61:a0:76:bb:c8:22:23:72:a5:
2d:37:c9:b6:ae:07:18:d5:52:ba:72:22:5a:11:95:
ba:36:ca:7d:ed:51:1c:83:3c:5e:fe:3f:05:08:e4:
83:32:20:0a:f0:43:ae:82:60:91:4c:73:47:69:5a:
cb:7d:a1:5b:45:ab:c9:a0:75:5c:cf:50:cc:7e:dd:
14:cc:68:f2:23:aa:fa:68:0f:2a:ca:1f:3c:20:e2:
93:b4:f4:09:f5:99:cf:3c:6d:de:c5:59:e4:da:3c:
45:ff:9a:5f:8a:ad:52:d2:08:ee:a0:a0:73:1f:10:
55:15:c6:ec:bf:db:8f:95:11:94:8b:55:46:3b:98:
e3:ea:78:86:b1:5e:72:60:73:e6:e3:fb:75:4b:02:
a1:bd:12:b6:77:b4:b8:72:f5:18:80:e9:c8:74:83:
1f:72:59:57:09:14:12:20:47:15:a1:13:8d:3c:7b:
cb:05:39:4c:5e:69:d9:4b:cf:82:98:75:ab:67:28:
6d:f2:18:34:ad:85:4c:ed:da:d2:0e:cd:02:f8:6d:
a5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:0B:91:98:E7:2F:2C:83:10:F4:26:C8:F4:E6:90:03:BC:0E:98:39
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/fQuRmOcvLIMQ9CbI9OaQA7wOmDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.208.0/24
IPv6:
2a06:e881:2102::/48
Signature Algorithm: sha256WithRSAEncryption
6c:1d:fd:a4:5b:88:0d:51:de:9c:0a:be:13:ce:5c:8a:d9:e6:
f5:de:01:6f:72:cc:bf:20:64:65:c9:3a:e4:a8:dd:32:b1:cc:
6e:b3:a9:72:cc:37:d4:ba:8a:39:04:b2:05:67:d5:d0:31:f8:
9c:3c:08:d8:af:8c:57:7d:a8:2e:d2:b3:a1:0e:4b:21:57:17:
ef:d4:6f:d5:be:9d:d5:10:87:f1:4b:06:20:d2:f6:49:5c:39:
6c:25:f1:34:6c:43:12:3f:68:f4:58:8a:84:1e:05:99:e6:1e:
fd:6b:b9:48:87:a2:7a:b4:7e:6a:d7:87:88:69:d6:1f:a7:0f:
b8:e7:63:f8:e4:f7:b7:9a:1e:61:59:b2:ed:20:a3:5a:a7:04:
e5:ac:e5:3f:21:01:cf:18:6e:10:2c:6f:98:0b:b8:7f:f4:d2:
5a:6c:ae:8a:04:3c:7f:3f:ba:5e:f0:89:96:52:13:5f:c3:ae:
a1:97:fb:6e:b4:4d:c7:2b:78:b9:f5:7c:57:83:36:d9:23:de:
3a:c8:60:00:54:37:e1:39:31:ed:ba:7a:32:48:d6:50:87:5f:
bc:83:5c:bc:7f:8d:9e:60:3f:42:6b:53:4d:43:de:b5:ca:85:
c8:65:39:ef:ad:a3:20:e4:fa:f8:9a:e6:10:a7:cf:c0:74:b9:
56:c2:4e:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKKlOd1J1lugkCpud6iUUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwMTAyMTIzMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDBiOTE5OGU3MmYyYzgzMTBmNDI2YzhmNGU2OTAwM2JjMGU5ODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhphOyd/m9zwymO5epF3mt9yTkImo
yGPpiT/atLWlLohlZc4LuMBZ/MNkZqyAXQ6CJllhoHa7yCIjcqUtN8m2rgcY1VK6
ciJaEZW6Nsp97VEcgzxe/j8FCOSDMiAK8EOugmCRTHNHaVrLfaFbRavJoHVcz1DM
ft0UzGjyI6r6aA8qyh88IOKTtPQJ9ZnPPG3exVnk2jxF/5pfiq1S0gjuoKBzHxBV
Fcbsv9uPlRGUi1VGO5jj6niGsV5yYHPm4/t1SwKhvRK2d7S4cvUYgOnIdIMfcllX
CRQSIEcVoRONPHvLBTlMXmnZS8+CmHWrZyht8hg0rYVM7drSDs0C+G2lnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH0LkZjnLyyDEPQmyPTmkAO8Dpg5MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvZlF1Um1PY3ZMSU1ROUNiSTlPYVFBN3dPbURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuYXQMA8E
AgACMAkDBwAqBuiBIQIwDQYJKoZIhvcNAQELBQADggEBAGwd/aRbiA1R3pwKvhPO
XIrZ5vXeAW9yzL8gZGXJOuSo3TKxzG6zqXLMN9S6ijkEsgVn1dAx+Jw8CNivjFd9
qC7Ss6EOSyFXF+/Ub9W+ndUQh/FLBiDS9klcOWwl8TRsQxI/aPRYioQeBZnmHv1r
uUiHonq0fmrXh4hp1h+nD7jnY/jk97eaHmFZsu0go1qnBOWs5T8hAc8YbhAsb5gL
uH/00lpsrooEPH8/ul7wiZZSE1/DrqGX+260TccreLn1fFeDNtkj3jrIYABUN+E5
Me26ejJI1lCHX7yDXLx/jZ5gP0JrU01D3rXKhchlOe+toyDk+via5hCnz8B0uVbC
ThE=
-----END CERTIFICATE-----
Generated at Wed May 15 23:16:48 2024 by rpki-client on console-fra.rpki-client.org