Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/8szsEPLQMR10YxrYoAC19toW0i0.roa
File: 8szsEPLQMR10YxrYoAC19toW0i0.roa (raw, json)
Hash identifier: x23LaeEppGzkFqbwRMKuAhGfv6RdMl9OPyrcBbCXueI=
Subject key identifier: F2:CC:EC:10:F2:D0:31:1D:74:63:1A:D8:A0:00:B5:F6:DA:16:D2:2D
Certificate issuer: /CN=578d854bd2bee242a82fb83922d149bccf19ed02
Certificate serial: 018CC94E63921D7C403E92A87FE3C3D16C35
Authority key identifier: 57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/8szsEPLQMR10YxrYoAC19toW0i0.roa
Signing time: Tue 02 Jan 2024 08:33:26 +0000
ROA not before: Tue 02 Jan 2024 08:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212865
IP address blocks: 185.164.153.0/24 maxlen: 24
185.164.154.0/24 maxlen: 24
185.164.155.0/24 maxlen: 24
5.57.201.0/24 maxlen: 24
5.57.202.0/23 maxlen: 23
5.57.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/V42FS9K-4kKoL7g5ItFJvM8Z7QI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/V42FS9K-4kKoL7g5ItFJvM8Z7QI.mft
rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:63:92:1d:7c:40:3e:92:a8:7f:e3:c3:d1:6c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=578d854bd2bee242a82fb83922d149bccf19ed02
Validity
Not Before: Jan 2 08:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2ccec10f2d0311d74631ad8a000b5f6da16d22d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a9:8f:e3:6b:c3:d9:2c:ce:cc:c8:75:64:26:
22:94:21:35:0f:e9:8a:55:a1:24:94:a9:c0:d9:55:
44:01:d6:66:0e:52:f9:7e:35:88:e7:4d:74:76:ed:
41:b0:75:12:72:f7:db:4a:aa:24:19:13:c3:e3:6e:
56:25:25:02:83:63:b3:2a:aa:ca:95:ae:5f:c3:56:
77:97:96:74:ac:dd:cd:f3:11:1e:e0:99:65:6a:77:
f2:9f:29:83:bf:2d:02:31:df:9f:92:64:b0:86:32:
5a:2f:9b:24:c6:0b:61:55:81:98:b1:b7:3a:83:e6:
46:0d:7c:76:57:4e:4d:f0:95:af:1a:9c:0b:ff:0d:
73:21:8c:0e:6c:2e:8f:0c:72:da:20:06:02:ad:09:
ec:9e:4e:5c:81:a6:82:9b:6a:b3:e7:4c:61:7a:2f:
b5:61:e0:4f:14:0a:07:94:b2:6b:e3:55:8d:71:be:
09:ba:8d:da:73:49:0e:a2:45:7e:0f:31:f5:77:6b:
19:fc:21:13:4f:52:5a:57:e7:3a:ac:17:3b:0c:6d:
b5:c9:b7:53:d4:79:1b:43:9c:fc:90:03:2d:7c:7f:
17:9d:7c:dd:6c:7b:36:07:5c:6a:e8:e3:0c:61:43:
78:da:e7:59:af:3d:9e:93:ae:8f:50:82:01:8b:bc:
95:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CC:EC:10:F2:D0:31:1D:74:63:1A:D8:A0:00:B5:F6:DA:16:D2:2D
X509v3 Authority Key Identifier:
keyid:57:8D:85:4B:D2:BE:E2:42:A8:2F:B8:39:22:D1:49:BC:CF:19:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V42FS9K-4kKoL7g5ItFJvM8Z7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/8szsEPLQMR10YxrYoAC19toW0i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/128bc6-f6ff-4c90-8b5a-1ab5f5399d3a/1/V42FS9K-4kKoL7g5ItFJvM8Z7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.201.0-5.57.207.255
185.164.153.0-185.164.155.255
Signature Algorithm: sha256WithRSAEncryption
82:c1:88:90:9e:42:c3:05:9b:fb:c7:cb:11:45:34:ad:49:c4:
64:32:cf:3f:92:e7:84:ab:0f:fd:54:f3:a9:6f:41:d8:ef:69:
2c:25:62:fe:de:44:f3:75:7d:08:2a:7b:df:69:00:5c:64:0a:
d7:e7:09:95:15:12:16:27:b5:3e:9d:04:ce:bf:27:f4:82:a1:
0f:43:5f:b9:17:d8:58:de:83:69:5b:fa:9d:a8:d5:4c:5b:ca:
28:5f:50:d8:f4:ed:bd:f5:de:af:0c:6a:dc:a4:7f:3c:9d:fe:
b6:4b:96:93:61:67:15:b0:48:96:bc:03:4b:90:6d:e4:04:97:
a3:e6:5d:c5:66:00:69:32:4a:ed:6b:06:d5:56:ff:90:48:f6:
de:11:da:9d:b0:c6:6e:af:b0:c1:1d:3a:38:ae:f8:92:1c:5c:
7d:3a:8d:3e:58:73:35:5f:24:71:2e:2b:3a:0c:76:39:d8:fa:
08:f2:36:68:22:56:59:39:5d:f4:81:b1:6e:de:20:a5:fb:5a:
39:6e:d3:2a:bc:9e:3a:d5:19:f5:0a:80:f6:3d:7a:73:c2:e3:
82:6b:77:f8:b0:91:f5:21:4a:5e:8a:b5:d5:5a:1c:72:59:27:
91:52:c4:4f:67:6b:0c:77:f7:6a:28:30:bb:b6:cd:70:14:3b:
2a:8f:91:f4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzJTmOSHXxAPpKof+PD0Ww1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OGQ4NTRiZDJiZWUyNDJhODJmYjgzOTIyZDE0OWJjY2Yx
OWVkMDIwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmNjZWMxMGYyZDAzMTFkNzQ2MzFhZDhhMDAwYjVmNmRhMTZkMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKmP42vD2SzOzMh1ZCYilCE1D+mK
VaEklKnA2VVEAdZmDlL5fjWI5010du1BsHUScvfbSqokGRPD425WJSUCg2OzKqrK
la5fw1Z3l5Z0rN3N8xEe4JllanfynymDvy0CMd+fkmSwhjJaL5skxgthVYGYsbc6
g+ZGDXx2V05N8JWvGpwL/w1zIYwObC6PDHLaIAYCrQnsnk5cgaaCm2qz50xhei+1
YeBPFAoHlLJr41WNcb4Juo3ac0kOokV+DzH1d2sZ/CETT1JaV+c6rBc7DG21ybdT
1HkbQ5z8kAMtfH8XnXzdbHs2B1xq6OMMYUN42udZrz2ek66PUIIBi7yViQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPLM7BDy0DEddGMa2KAAtfbaFtItMB8GA1UdIwQY
MBaAFFeNhUvSvuJCqC+4OSLRSbzPGe0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjQyRlM5Sy00a0tvTDdnNUl0Rkp2TThaN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xMjhiYzYtZjZmZi00YzkwLThiNWEt
MWFiNWY1Mzk5ZDNhLzEvOHN6c0VQTFFNUjEwWXhyWW9BQzE5dG9XMGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xMjhiYzYtZjZmZi00YzkwLThiNWEtMWFiNWY1Mzk5ZDNh
LzEvVjQyRlM5Sy00a0tvTDdnNUl0Rkp2TThaN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAFOckD
BAQFOcAwDAMEALmkmQMEArmkmDANBgkqhkiG9w0BAQsFAAOCAQEAgsGIkJ5CwwWb
+8fLEUU0rUnEZDLPP5LnhKsP/VTzqW9B2O9pLCVi/t5E83V9CCp732kAXGQK1+cJ
lRUSFie1Pp0Ezr8n9IKhD0NfuRfYWN6DaVv6najVTFvKKF9Q2PTtvfXerwxq3KR/
PJ3+tkuWk2FnFbBIlrwDS5Bt5ASXo+ZdxWYAaTJK7WsG1Vb/kEj23hHanbDGbq+w
wR06OK74khxcfTqNPlhzNV8kcS4rOgx2Odj6CPI2aCJWWTld9IGxbt4gpftaOW7T
KryeOtUZ9QqA9j16c8Ljgmt3+LCR9SFKXoq11VocclknkVLET2drDHf3aigwu7bN
cBQ7Ko+R9A==
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:11:35 2024 by rpki-client on console-ams.rpki-client.org