Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/8OVdKwOhY57XDykBQNaP8YRqnTo.roa
File: 8OVdKwOhY57XDykBQNaP8YRqnTo.roa (raw, json)
Hash identifier: aJZPkcUtR+5+AFBWVZ/HRKBt6nX25muP3CEUo9YNhF0=
Subject key identifier: F0:E5:5D:2B:03:A1:63:9E:D7:0F:29:01:40:D6:8F:F1:84:6A:9D:3A
Certificate issuer: /CN=8146de8cec01d052536c0f08dfe7a8b53f9aaec2
Certificate serial: 018CC793471628CD6AE79771899666AA1986
Authority key identifier: 81:46:DE:8C:EC:01:D0:52:53:6C:0F:08:DF:E7:A8:B5:3F:9A:AE:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gUbejOwB0FJTbA8I3-eotT-arsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/8OVdKwOhY57XDykBQNaP8YRqnTo.roa
Signing time: Tue 02 Jan 2024 00:29:27 +0000
ROA not before: Tue 02 Jan 2024 00:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209846
IP address blocks: 185.227.158.0/24 maxlen: 24
185.227.157.0/24 maxlen: 24
185.227.156.0/24 maxlen: 24
185.227.159.0/24 maxlen: 24
2a0c:be00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/gUbejOwB0FJTbA8I3-eotT-arsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/gUbejOwB0FJTbA8I3-eotT-arsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/gUbejOwB0FJTbA8I3-eotT-arsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:47:16:28:cd:6a:e7:97:71:89:96:66:aa:19:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8146de8cec01d052536c0f08dfe7a8b53f9aaec2
Validity
Not Before: Jan 2 00:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0e55d2b03a1639ed70f290140d68ff1846a9d3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:77:05:7d:da:71:d5:1a:12:b3:b4:21:54:da:
59:5d:85:5a:da:4e:ca:a6:84:f0:1d:fa:3c:81:20:
cc:00:cc:b6:34:45:57:85:4a:84:22:8a:2b:a7:f8:
94:e7:c3:01:3f:38:d9:62:93:e7:f9:2a:e5:c8:75:
0d:be:f4:a9:46:ae:85:47:7f:e7:ee:f4:9b:6d:38:
4e:52:b0:61:44:8b:25:2c:29:df:21:7b:e1:d3:19:
3b:e3:1d:45:6e:5e:f4:85:53:d4:57:6c:38:20:b4:
8a:e5:57:11:f6:13:6d:32:91:81:42:bf:7c:e9:b7:
26:2f:52:c3:9a:c4:f9:00:c3:fa:57:cf:6c:94:5a:
75:b8:8a:5f:37:45:77:86:41:f8:e6:c3:c3:da:ad:
7d:16:6b:5e:55:f3:3a:2d:8b:2f:36:1b:2e:38:87:
87:41:42:fe:2a:18:9c:f6:aa:5b:bd:5e:db:06:6e:
ff:c3:30:0d:17:13:7e:d4:5a:dd:bb:68:fa:be:fb:
12:84:7e:59:83:e1:02:96:0c:72:fd:61:06:ec:2b:
08:94:3e:09:39:e0:35:ac:b4:2f:1b:de:42:31:e6:
f3:d9:0f:73:cb:b9:fd:11:76:0d:c3:c5:d2:52:34:
6c:8e:0f:a5:5c:83:7d:81:36:90:06:63:45:84:33:
85:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E5:5D:2B:03:A1:63:9E:D7:0F:29:01:40:D6:8F:F1:84:6A:9D:3A
X509v3 Authority Key Identifier:
keyid:81:46:DE:8C:EC:01:D0:52:53:6C:0F:08:DF:E7:A8:B5:3F:9A:AE:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gUbejOwB0FJTbA8I3-eotT-arsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/8OVdKwOhY57XDykBQNaP8YRqnTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/df8d9a-8ddb-44b3-9ac0-cd572fd044ee/1/gUbejOwB0FJTbA8I3-eotT-arsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.156.0/22
IPv6:
2a0c:be00::/32
Signature Algorithm: sha256WithRSAEncryption
5c:46:cc:c8:86:c9:7e:40:cf:90:f2:37:7b:2d:c5:5d:76:4e:
d3:3a:43:fa:59:a8:d9:0f:96:d6:28:b2:a3:26:37:74:1c:b2:
eb:50:13:61:77:c2:d7:ff:fd:dd:51:22:e8:ea:5e:58:3a:d2:
3a:a0:ac:32:c5:65:1a:18:d8:2d:79:e8:43:47:3d:1a:3f:49:
c0:75:7b:fc:1f:d3:6e:ed:9b:cb:db:c8:a1:6a:49:3b:c4:4e:
a2:2f:e1:07:ed:56:1d:76:35:82:2e:0e:96:21:36:64:dc:a3:
2b:55:5c:91:d1:a0:c4:26:80:04:82:56:c0:79:67:99:28:fd:
9c:25:bd:e3:76:7c:3e:c1:df:59:a4:48:9e:07:88:5d:70:63:
8d:ab:38:6f:95:73:12:0e:e2:74:d0:71:51:28:fe:24:0e:4d:
ca:30:76:b4:76:3c:0f:78:f4:06:61:9e:c9:19:de:66:68:19:
9f:9a:24:97:fa:b6:f9:ac:f9:c2:33:05:cf:cf:ea:43:32:ca:
7c:e4:df:de:65:3a:31:d7:bb:a6:a7:60:38:a1:73:70:23:2a:
a8:f6:cd:ae:1c:58:67:db:45:d0:c5:28:6c:26:4d:d9:e1:d8:
eb:84:62:be:79:4f:75:3c:ab:43:71:c4:a4:57:9c:1d:5b:2a:
bf:7a:70:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHk0cWKM1q55dxiZZmqhmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNDZkZThjZWMwMWQwNTI1MzZjMGYwOGRmZTdhOGI1M2Y5
YWFlYzIwHhcNMjQwMTAyMDAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGU1NWQyYjAzYTE2MzllZDcwZjI5MDE0MGQ2OGZmMTg0NmE5ZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXcFfdpx1RoSs7QhVNpZXYVa2k7K
poTwHfo8gSDMAMy2NEVXhUqEIoorp/iU58MBPzjZYpPn+SrlyHUNvvSpRq6FR3/n
7vSbbThOUrBhRIslLCnfIXvh0xk74x1Fbl70hVPUV2w4ILSK5VcR9hNtMpGBQr98
6bcmL1LDmsT5AMP6V89slFp1uIpfN0V3hkH45sPD2q19FmteVfM6LYsvNhsuOIeH
QUL+Khic9qpbvV7bBm7/wzANFxN+1Frdu2j6vvsShH5Zg+EClgxy/WEG7CsIlD4J
OeA1rLQvG95CMebz2Q9zy7n9EXYNw8XSUjRsjg+lXIN9gTaQBmNFhDOFbwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPDlXSsDoWOe1w8pAUDWj/GEap06MB8GA1UdIwQY
MBaAFIFG3ozsAdBSU2wPCN/nqLU/mq7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ViZWpPd0IwRkpUYkE4STMtZW90VC1hcnNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kZjhkOWEtOGRkYi00NGIzLTlhYzAt
Y2Q1NzJmZDA0NGVlLzEvOE9WZEt3T2hZNTdYRHlrQlFOYVA4WVJxblRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kZjhkOWEtOGRkYi00NGIzLTlhYzAtY2Q1NzJmZDA0NGVl
LzEvZ1ViZWpPd0IwRkpUYkE4STMtZW90VC1hcnNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueOcMA0E
AgACMAcDBQAqDL4AMA0GCSqGSIb3DQEBCwUAA4IBAQBcRszIhsl+QM+Q8jd7LcVd
dk7TOkP6WajZD5bWKLKjJjd0HLLrUBNhd8LX//3dUSLo6l5YOtI6oKwyxWUaGNgt
eehDRz0aP0nAdXv8H9Nu7ZvL28ihakk7xE6iL+EH7VYddjWCLg6WITZk3KMrVVyR
0aDEJoAEglbAeWeZKP2cJb3jdnw+wd9ZpEieB4hdcGONqzhvlXMSDuJ00HFRKP4k
Dk3KMHa0djwPePQGYZ7JGd5maBmfmiSX+rb5rPnCMwXPz+pDMsp85N/eZTox17um
p2A4oXNwIyqo9s2uHFhn20XQxShsJk3Z4djrhGK+eU91PKtDccSkV5wdWyq/enAU
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:14:10 2024 by rpki-client on console-ams.rpki-client.org