Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/PHoKlqyAj7NqIFCAy3hI4nTkk7w.roa
File: PHoKlqyAj7NqIFCAy3hI4nTkk7w.roa (raw, json)
Hash identifier: EFQa9zju/5QD6Ggz7budzw8/e5XLteyWVlyy40gvqbA=
Subject key identifier: 3C:7A:0A:96:AC:80:8F:B3:6A:20:50:80:CB:78:48:E2:74:E4:93:BC
Certificate issuer: /CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Certificate serial: 0191356B3840B691F17F1FE5541A3AB54897
Authority key identifier: 0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/PHoKlqyAj7NqIFCAy3hI4nTkk7w.roa
Signing time: Fri 09 Aug 2024 04:35:04 +0000
ROA not before: Fri 09 Aug 2024 04:35:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209284
IP address blocks: 185.16.104.0/22 maxlen: 22
185.16.104.0/24 maxlen: 24
185.16.105.0/24 maxlen: 24
185.16.106.0/24 maxlen: 24
185.16.107.0/24 maxlen: 24
185.58.188.0/22 maxlen: 22
185.58.189.0/24 maxlen: 24
185.58.190.0/24 maxlen: 24
185.58.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:35:6b:38:40:b6:91:f1:7f:1f:e5:54:1a:3a:b5:48:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Validity
Not Before: Aug 9 04:35:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c7a0a96ac808fb36a205080cb7848e274e493bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:87:a3:1f:c1:61:c0:72:fe:f7:f9:e8:fc:20:
c1:f3:be:aa:b5:5a:e2:f1:cb:10:72:c6:0c:d0:31:
05:35:d8:ef:51:54:f0:da:c6:99:e3:b2:6f:31:9b:
49:40:c5:f5:06:cc:9c:27:7b:cf:ca:6a:d6:ae:83:
50:05:84:2a:76:58:cc:8a:e6:ab:c1:5a:33:d7:54:
ec:38:48:14:1a:6a:7d:9d:51:a9:26:6c:e4:18:71:
b1:f2:72:85:fb:5f:da:ce:a9:4c:5a:8f:73:14:84:
91:b6:11:8d:c9:1b:e6:a3:62:81:4b:f2:52:03:93:
16:d2:21:fa:87:8f:ed:04:8c:0f:34:f0:e8:18:36:
a1:d5:cf:6a:f6:fe:4e:6c:63:62:bf:69:c3:ac:70:
a8:3b:2a:56:54:54:15:70:0e:a9:bd:30:e3:b9:02:
7d:88:af:e2:21:22:82:b0:86:cb:ab:bb:c1:a6:73:
8e:e0:3f:2c:50:f9:6b:c7:3c:0d:63:c8:54:b7:7f:
a2:ba:2e:f2:b1:38:ea:e2:24:6b:3d:f9:c3:4d:9c:
e3:5a:d9:a2:f4:9d:a6:d5:af:75:53:f8:3d:74:5b:
a1:02:a9:7c:7a:df:07:61:df:fc:7a:4c:78:f2:a2:
6d:a3:32:52:ef:4c:21:9a:f8:0b:3d:9e:93:d0:c4:
be:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:7A:0A:96:AC:80:8F:B3:6A:20:50:80:CB:78:48:E2:74:E4:93:BC
X509v3 Authority Key Identifier:
keyid:0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/PHoKlqyAj7NqIFCAy3hI4nTkk7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.104.0/22
185.58.188.0/22
Signature Algorithm: sha256WithRSAEncryption
71:ea:74:59:28:f6:44:0e:d1:3b:51:8f:72:e4:69:70:a1:3c:
0b:54:36:fc:4c:76:3b:b4:e2:7c:a2:de:67:ff:26:a1:ad:9b:
ba:a6:0b:c9:90:b6:e3:57:1b:13:7c:2c:1a:55:c9:8b:c1:18:
0c:21:32:67:d9:a3:ab:6a:b6:d2:ca:22:70:4f:ae:76:d9:e6:
04:76:12:af:c8:a4:06:1c:05:18:09:a6:09:4f:16:02:f8:7f:
30:81:ec:2e:22:0e:b9:44:4c:29:64:d6:11:5e:1b:2d:4f:70:
9b:05:32:27:3b:11:35:4d:c0:65:4b:65:8e:90:88:82:55:ac:
e6:d5:58:24:77:80:7c:8d:b7:9e:34:15:52:96:e1:18:51:1a:
7c:d1:1e:c4:e8:4a:7c:23:66:d0:e4:46:e1:6f:4f:80:af:b1:
40:4b:07:45:9c:56:0d:be:a3:ee:88:84:d1:48:11:ab:cf:bf:
49:c9:b8:53:95:0c:97:de:76:c3:3d:8e:40:6e:ba:ac:d0:45:
93:02:b5:82:95:5d:3a:d0:56:75:75:9d:c3:5c:60:17:4b:3f:
69:69:5d:f9:fa:e7:f5:19:2e:6a:e3:14:1d:eb:ae:c3:66:59:
69:b7:89:79:78:7e:c3:67:8b:90:a2:00:f5:b3:e5:b5:02:d8:
1b:31:75:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZE1azhAtpHxfx/lVBo6tUiXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjgxZDllODllMmM0NzEzMjFkOTY3ZjcwOTIwOTRkYWRm
ZTJhYTgwHhcNMjQwODA5MDQzNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzdhMGE5NmFjODA4ZmIzNmEyMDUwODBjYjc4NDhlMjc0ZTQ5M2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoejH8FhwHL+9/no/CDB876qtVri
8csQcsYM0DEFNdjvUVTw2saZ47JvMZtJQMX1BsycJ3vPymrWroNQBYQqdljMiuar
wVoz11TsOEgUGmp9nVGpJmzkGHGx8nKF+1/azqlMWo9zFISRthGNyRvmo2KBS/JS
A5MW0iH6h4/tBIwPNPDoGDah1c9q9v5ObGNiv2nDrHCoOypWVFQVcA6pvTDjuQJ9
iK/iISKCsIbLq7vBpnOO4D8sUPlrxzwNY8hUt3+iui7ysTjq4iRrPfnDTZzjWtmi
9J2m1a91U/g9dFuhAql8et8HYd/8ekx48qJtozJS70whmvgLPZ6T0MS+5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDx6CpasgI+zaiBQgMt4SOJ05JO8MB8GA1UdIwQY
MBaAFA74HZ6J4sRxMh2Wf3CSCU2t/iqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUt
MDc1ZjI0ZTRiZTcxLzEvUEhvS2xxeUFqN05xSUZDQXkzaEk0blRrazd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUtMDc1ZjI0ZTRiZTcx
LzEvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRBoAwQC
uTq8MA0GCSqGSIb3DQEBCwUAA4IBAQBx6nRZKPZEDtE7UY9y5GlwoTwLVDb8THY7
tOJ8ot5n/yahrZu6pgvJkLbjVxsTfCwaVcmLwRgMITJn2aOrarbSyiJwT6522eYE
dhKvyKQGHAUYCaYJTxYC+H8wgewuIg65REwpZNYRXhstT3CbBTInOxE1TcBlS2WO
kIiCVazm1Vgkd4B8jbeeNBVSluEYURp80R7E6Ep8I2bQ5Ebhb0+Ar7FASwdFnFYN
vqPuiITRSBGrz79JybhTlQyX3nbDPY5Abrqs0EWTArWClV060FZ1dZ3DXGAXSz9p
aV35+uf1GS5q4xQd667DZllpt4l5eH7DZ4uQogD1s+W1AtgbMXXO
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:52:41 2024 by rpki-client on console-ams.rpki-client.org