Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/fRvCQJ5O6gEVOnh_jH4kbyiX3IA.roa
File: fRvCQJ5O6gEVOnh_jH4kbyiX3IA.roa (raw, json)
Hash identifier: g1zRLX5WycLOvBVJRmExPBoWabJP9pSzC3T9VLZ/QTA=
Subject key identifier: 7D:1B:C2:40:9E:4E:EA:01:15:3A:78:7F:8C:7E:24:6F:28:97:DC:80
Certificate issuer: /CN=0e9a5c3283a6a16b4d205a7c564a382641cd8691
Certificate serial: 018CC42517E511D3115C127307F1D85FBFE7
Authority key identifier: 0E:9A:5C:32:83:A6:A1:6B:4D:20:5A:7C:56:4A:38:26:41:CD:86:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DppcMoOmoWtNIFp8Vko4JkHNhpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/fRvCQJ5O6gEVOnh_jH4kbyiX3IA.roa
Signing time: Mon 01 Jan 2024 08:30:14 +0000
ROA not before: Mon 01 Jan 2024 08:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204804
IP address blocks: 185.239.145.0/24 maxlen: 24
89.20.48.0/24 maxlen: 24
193.162.28.0/24 maxlen: 24
185.239.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/DppcMoOmoWtNIFp8Vko4JkHNhpE.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/DppcMoOmoWtNIFp8Vko4JkHNhpE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DppcMoOmoWtNIFp8Vko4JkHNhpE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 11:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:17:e5:11:d3:11:5c:12:73:07:f1:d8:5f:bf:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e9a5c3283a6a16b4d205a7c564a382641cd8691
Validity
Not Before: Jan 1 08:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d1bc2409e4eea01153a787f8c7e246f2897dc80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b1:c0:20:f9:a1:5c:c2:bc:ac:dd:f3:86:07:
d8:92:bc:09:91:00:29:e8:a7:11:3e:e8:57:bd:8d:
4d:1f:dd:38:22:e4:9e:d3:36:f2:a4:ba:6c:0f:eb:
81:7e:f5:a3:a1:7b:e9:fb:23:7e:67:d2:4f:06:89:
df:91:29:4f:8e:29:9c:11:48:ed:64:71:55:08:77:
7e:fa:09:74:4a:40:e1:c4:d8:b9:84:b2:41:93:03:
c0:14:5f:bc:cd:52:b9:a0:c4:e2:26:8b:65:0a:fc:
55:f3:a9:1c:92:1a:70:90:28:36:c8:de:46:68:7a:
38:60:dd:a6:db:4e:91:a2:f3:ed:7f:e6:af:cb:8d:
9f:57:50:7c:7e:ad:b0:37:95:74:a2:e0:a8:bf:05:
63:81:01:c1:5a:b0:32:ae:93:0a:00:11:5e:dd:44:
04:99:f1:0d:6c:59:a5:b0:06:83:96:0c:b5:c5:de:
50:12:f8:de:6c:72:12:cb:7c:d5:7b:78:4b:d0:7e:
95:93:8d:78:6e:32:b2:4c:70:8f:bf:8f:01:30:ca:
dc:fe:bc:56:a1:0e:3f:04:db:eb:1a:8c:81:09:72:
9f:27:28:f3:c1:e6:c0:51:30:e2:61:26:4b:0c:f0:
49:e6:c3:aa:ae:7e:07:71:45:cb:65:7d:dd:8a:fc:
5d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1B:C2:40:9E:4E:EA:01:15:3A:78:7F:8C:7E:24:6F:28:97:DC:80
X509v3 Authority Key Identifier:
keyid:0E:9A:5C:32:83:A6:A1:6B:4D:20:5A:7C:56:4A:38:26:41:CD:86:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DppcMoOmoWtNIFp8Vko4JkHNhpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/fRvCQJ5O6gEVOnh_jH4kbyiX3IA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/df6f5f-e1ec-4343-9a21-a5cee11bbae8/1/DppcMoOmoWtNIFp8Vko4JkHNhpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.20.48.0/24
185.239.145.0-185.239.146.255
193.162.28.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:a5:3f:08:f6:aa:0a:c8:9f:87:19:30:cb:2b:a7:bc:bb:c7:
c6:a0:a7:03:48:af:b1:ad:50:04:78:1b:14:6d:2a:bf:ce:d3:
05:da:e4:02:8b:2e:0b:18:2a:9d:96:9c:bd:e2:2a:83:6d:8a:
3b:c8:60:36:60:0f:a8:7b:84:d2:7e:3d:6d:fd:67:e3:cd:2b:
ef:33:ff:b9:b2:b0:71:3c:23:88:32:72:97:c9:4f:5b:ad:c4:
81:49:d6:01:77:4d:5c:59:13:c2:9a:23:a6:b8:cc:ae:67:8d:
27:87:8f:e7:c8:9a:6a:f1:ba:6b:ed:b8:15:95:80:eb:22:57:
24:3c:dc:de:af:46:90:d7:1b:71:b6:82:7f:4f:4e:fb:78:a5:
13:5a:5c:42:b9:8a:6f:cb:61:ee:a1:8e:0a:ab:d3:90:5f:83:
b4:02:fa:24:fc:cb:23:3f:0e:76:b2:1c:24:a4:45:71:d3:3e:
ef:20:29:09:b3:fa:ec:91:01:ce:aa:3d:ce:3f:b5:de:7b:7b:
e3:18:8d:f2:51:b8:41:cf:1b:b2:96:d8:48:d1:9f:56:da:6d:
44:0a:ba:41:55:70:7b:fc:13:27:11:4f:19:85:e4:35:86:d1:
e2:05:05:94:b4:88:9c:af:f9:92:c0:3d:17:16:72:4c:48:c2:
af:84:bc:fd
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEJRflEdMRXBJzB/HYX7/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlOWE1YzMyODNhNmExNmI0ZDIwNWE3YzU2NGEzODI2NDFj
ZDg2OTEwHhcNMjQwMTAxMDgzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDFiYzI0MDllNGVlYTAxMTUzYTc4N2Y4YzdlMjQ2ZjI4OTdkYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7HAIPmhXMK8rN3zhgfYkrwJkQAp
6KcRPuhXvY1NH904IuSe0zbypLpsD+uBfvWjoXvp+yN+Z9JPBonfkSlPjimcEUjt
ZHFVCHd++gl0SkDhxNi5hLJBkwPAFF+8zVK5oMTiJotlCvxV86kckhpwkCg2yN5G
aHo4YN2m206RovPtf+avy42fV1B8fq2wN5V0ouCovwVjgQHBWrAyrpMKABFe3UQE
mfENbFmlsAaDlgy1xd5QEvjebHISy3zVe3hL0H6Vk414bjKyTHCPv48BMMrc/rxW
oQ4/BNvrGoyBCXKfJyjzwebAUTDiYSZLDPBJ5sOqrn4HcUXLZX3divxdKwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH0bwkCeTuoBFTp4f4x+JG8ol9yAMB8GA1UdIwQY
MBaAFA6aXDKDpqFrTSBafFZKOCZBzYaRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHBwY01vT21vV3ROSUZwOFZrbzRKa0hOaHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC9kZjZmNWYtZTFlYy00MzQzLTlhMjEt
YTVjZWUxMWJiYWU4LzEvZlJ2Q1FKNU82Z0VWT25oX2pINGtieWlYM0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC9kZjZmNWYtZTFlYy00MzQzLTlhMjEtYTVjZWUxMWJiYWU4
LzEvRHBwY01vT21vV3ROSUZwOFZrbzRKa0hOaHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWRQwMAwD
BAC575EDBAC575IDBADBohwwDQYJKoZIhvcNAQELBQADggEBAC6lPwj2qgrIn4cZ
MMsrp7y7x8agpwNIr7GtUAR4GxRtKr/O0wXa5AKLLgsYKp2WnL3iKoNtijvIYDZg
D6h7hNJ+PW39Z+PNK+8z/7mysHE8I4gycpfJT1utxIFJ1gF3TVxZE8KaI6a4zK5n
jSeHj+fImmrxumvtuBWVgOsiVyQ83N6vRpDXG3G2gn9PTvt4pRNaXEK5im/LYe6h
jgqr05Bfg7QC+iT8yyM/DnayHCSkRXHTPu8gKQmz+uyRAc6qPc4/td57e+MYjfJR
uEHPG7KW2EjRn1babUQKukFVcHv8EycRTxmF5DWG0eIFBZS0iJyv+ZLAPRcWckxI
wq+EvP0=
-----END CERTIFICATE-----
Generated at Sat Jun 15 17:43:56 2024 by rpki-client on console-ams.rpki-client.org