Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/FrZn77q99tsLCHFnZgvBFmObtW8.roa
File: FrZn77q99tsLCHFnZgvBFmObtW8.roa (raw, json)
Hash identifier: yFTRm1Rnnozo7d0KyaRXGFH5XMQZh/6oDKYqk0j7o1A=
Subject key identifier: 16:B6:67:EF:BA:BD:F6:DB:0B:08:71:67:66:0B:C1:16:63:9B:B5:6F
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0190BB0BC44C3F4C1CEE41DE40D5B1F29E99
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/FrZn77q99tsLCHFnZgvBFmObtW8.roa
Signing time: Tue 16 Jul 2024 10:17:08 +0000
ROA not before: Tue 16 Jul 2024 10:17:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204175
IP address blocks: 185.177.42.0/24 maxlen: 24
185.220.166.0/23 maxlen: 23
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.232.132.0/24 maxlen: 24
185.232.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:0b:c4:4c:3f:4c:1c:ee:41:de:40:d5:b1:f2:9e:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Jul 16 10:17:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16b667efbabdf6db0b087167660bc116639bb56f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3d:8f:f0:d8:66:6a:37:7a:c6:a2:a6:65:b1:
22:f2:90:89:f5:1a:74:9e:53:79:b0:3b:84:6b:30:
19:05:66:ba:c1:93:9b:35:05:09:3d:25:46:bc:22:
6a:61:18:b5:a7:49:91:47:78:3c:88:5f:e1:bc:7e:
64:96:89:3b:31:d7:21:19:2e:6d:18:56:d5:9c:65:
be:eb:93:f9:ec:ee:c1:5d:4f:11:86:a8:76:82:82:
24:d7:68:54:bc:9d:c0:14:cb:c4:c9:28:90:ba:dc:
ef:fb:9d:fc:26:08:8b:cd:78:4e:0c:92:95:2c:ff:
27:ce:7a:2e:87:f1:b5:14:9b:98:49:62:54:34:eb:
96:59:a5:60:77:4b:84:54:45:8d:a4:f3:a2:9b:37:
03:92:35:91:85:a6:31:16:25:5b:15:17:88:fe:c0:
bc:4d:a2:32:4a:75:a6:f0:00:bd:7d:32:73:9b:f0:
f5:d2:11:5f:24:93:25:95:8a:5b:46:4e:1a:ec:0f:
6a:aa:c2:ba:ae:7c:2e:84:2f:0f:a5:35:8c:aa:f2:
d9:ca:89:51:c0:e1:99:a9:1b:61:35:9b:83:ed:ae:
ca:c4:cd:f1:a7:56:1b:75:6a:27:3a:00:62:b0:58:
fd:dc:0d:ef:5d:9b:63:11:fe:37:39:94:62:88:0b:
d3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B6:67:EF:BA:BD:F6:DB:0B:08:71:67:66:0B:C1:16:63:9B:B5:6F
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/FrZn77q99tsLCHFnZgvBFmObtW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.42.0/24
185.220.166.0/23
185.232.132.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:77:6f:ab:16:43:19:c0:10:c9:88:3c:82:b8:10:11:af:c7:
f5:a8:29:2c:ad:c1:0b:b7:cc:d0:64:57:98:c0:93:b3:c0:c4:
1c:d0:4f:3e:dc:21:ef:fa:55:9a:74:d9:c1:1f:dc:32:a8:04:
60:46:21:20:33:ef:0a:e4:88:1b:b6:c5:7b:8a:d2:95:0f:87:
b9:15:df:a5:e6:77:12:b9:a0:76:63:4e:80:e1:27:73:a4:85:
f7:38:c1:a1:bd:10:53:4e:22:ff:74:ca:1f:45:6b:38:56:91:
8d:98:db:e2:ee:d8:c6:04:6c:e0:68:9f:10:67:af:39:27:ed:
de:8d:68:5e:cc:f6:72:46:b1:68:a5:6f:14:4f:2b:ed:01:ae:
df:25:ae:c5:34:dd:8c:28:50:8c:ac:51:4d:7e:0a:1f:e1:df:
38:28:e3:b8:3f:2a:35:1a:f4:e9:f2:bd:64:ff:59:f0:c6:68:
51:a5:2a:57:06:58:74:37:4f:ac:71:bf:76:10:e5:bb:9a:7d:
51:d0:86:9f:16:7a:98:79:3e:19:1e:d0:b1:db:8a:ed:76:fe:
0d:0f:e0:a0:ff:88:2a:64:ab:7d:a1:cb:d7:eb:ec:cd:d0:52:
46:e8:14:ef:bc:d8:30:97:ac:77:99:91:62:00:06:a6:95:0d:
57:5f:e3:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZC7C8RMP0wc7kHeQNWx8p6ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjQwNzE2MTAxNzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmI2NjdlZmJhYmRmNmRiMGIwODcxNjc2NjBiYzExNjYzOWJiNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtz2P8Nhmajd6xqKmZbEi8pCJ9Rp0
nlN5sDuEazAZBWa6wZObNQUJPSVGvCJqYRi1p0mRR3g8iF/hvH5klok7MdchGS5t
GFbVnGW+65P57O7BXU8Rhqh2goIk12hUvJ3AFMvEySiQutzv+538JgiLzXhODJKV
LP8nznouh/G1FJuYSWJUNOuWWaVgd0uEVEWNpPOimzcDkjWRhaYxFiVbFReI/sC8
TaIySnWm8AC9fTJzm/D10hFfJJMllYpbRk4a7A9qqsK6rnwuhC8PpTWMqvLZyolR
wOGZqRthNZuD7a7KxM3xp1YbdWonOgBisFj93A3vXZtjEf43OZRiiAvTaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBa2Z++6vfbbCwhxZ2YLwRZjm7VvMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvRnJabjc3cTk5dHNMQ0hGblpndkJGbU9idFc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAubEqAwQB
udymAwQBueiEMA0GCSqGSIb3DQEBCwUAA4IBAQAqd2+rFkMZwBDJiDyCuBARr8f1
qCksrcELt8zQZFeYwJOzwMQc0E8+3CHv+lWadNnBH9wyqARgRiEgM+8K5IgbtsV7
itKVD4e5Fd+l5ncSuaB2Y06A4SdzpIX3OMGhvRBTTiL/dMofRWs4VpGNmNvi7tjG
BGzgaJ8QZ685J+3ejWhezPZyRrFopW8UTyvtAa7fJa7FNN2MKFCMrFFNfgof4d84
KOO4Pyo1GvTp8r1k/1nwxmhRpSpXBlh0N0+scb92EOW7mn1R0IafFnqYeT4ZHtCx
24rtdv4ND+Cg/4gqZKt9ocvX6+zN0FJG6BTvvNgwl6x3mZFiAAamlQ1XX+PW
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:48:43 2024 by rpki-client on console-ams.rpki-client.org