Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/n-hw2weD8_MjFy2w8rWcisk3XQ4.roa
File: n-hw2weD8_MjFy2w8rWcisk3XQ4.roa (raw, json)
Hash identifier: /Yo+6nIGI6a3nbWVKF/ZE25AAl/roO/LkDfMn98Een4=
Subject key identifier: 9F:E8:70:DB:07:83:F3:F3:23:17:2D:B0:F2:B5:9C:8A:C9:37:5D:0E
Certificate issuer: /CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Certificate serial: 018CC5DCA0363F2FEDA9F45F90EABA356D99
Authority key identifier: 08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/n-hw2weD8_MjFy2w8rWcisk3XQ4.roa
Signing time: Mon 01 Jan 2024 16:30:19 +0000
ROA not before: Mon 01 Jan 2024 16:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205929
IP address blocks: 185.221.61.0/24 maxlen: 24
2a06:89c4:c000::/36 maxlen: 48
2a06:89c4:a000::/48 maxlen: 48
2a06:89c3:5010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:a0:36:3f:2f:ed:a9:f4:5f:90:ea:ba:35:6d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Validity
Not Before: Jan 1 16:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fe870db0783f3f323172db0f2b59c8ac9375d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:66:8d:6a:12:a8:a2:34:14:b7:56:4f:fd:62:
9e:07:79:04:14:2a:85:05:21:5e:6a:ea:d9:2a:f2:
04:48:39:89:8f:f2:d3:19:50:cf:35:d7:8d:03:4b:
5c:37:70:22:71:3e:58:f8:11:d5:9d:b6:ea:e0:4c:
de:ff:21:28:3a:48:a5:26:96:36:c0:ee:74:74:81:
16:16:b4:c5:d7:b8:80:da:d6:02:38:26:8d:74:59:
5d:5a:6d:7b:95:1d:61:b2:95:b8:98:99:07:3e:d7:
ef:96:58:a8:f2:63:25:a6:d1:88:4f:20:d7:ea:d0:
c5:b4:37:de:57:17:66:f1:1e:97:66:44:40:7b:2f:
cc:d3:45:ea:6e:9e:f4:4e:39:d9:83:c3:bb:63:c1:
66:b1:79:58:bf:84:fe:f0:07:b9:05:f2:9f:49:58:
68:b4:16:61:cf:07:12:44:8f:0c:f1:b6:05:e3:98:
6f:0c:ad:ba:49:fd:eb:9f:f3:8e:94:be:6b:c1:8d:
5c:6a:01:17:8e:24:5d:1c:16:2b:31:4c:97:eb:98:
65:66:e6:a3:fd:9d:6d:1c:77:67:01:7a:c1:49:92:
e7:ce:06:0e:9f:0c:8c:b1:21:94:72:74:dc:c7:6d:
52:63:d5:fa:09:ae:34:84:9f:ea:ea:9f:1a:0d:9d:
5a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E8:70:DB:07:83:F3:F3:23:17:2D:B0:F2:B5:9C:8A:C9:37:5D:0E
X509v3 Authority Key Identifier:
keyid:08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/n-hw2weD8_MjFy2w8rWcisk3XQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.61.0/24
IPv6:
2a06:89c3:5010::/48
2a06:89c4:a000::/48
2a06:89c4:c000::/36
Signature Algorithm: sha256WithRSAEncryption
a2:d5:9e:a9:77:5b:d4:59:c0:e2:e1:0e:07:01:38:90:d0:7c:
7f:f1:1a:47:80:9d:f8:57:0d:f2:ce:1f:a7:f1:1b:1c:18:e1:
8b:40:9d:67:54:3c:72:b7:3f:a0:b9:b4:69:19:aa:dd:96:2b:
c9:2d:01:2f:b4:d3:8b:22:87:06:36:4e:bf:72:19:bb:cc:3f:
d8:df:f0:ee:f4:7a:a4:5d:b2:1c:70:95:4a:95:70:c2:18:6f:
04:e7:91:67:2b:45:c3:97:78:09:0b:4c:ec:c2:b8:8d:98:19:
21:72:d5:9d:37:ef:8e:43:2b:2d:16:a4:44:38:95:36:68:32:
7b:17:fb:b1:ef:38:de:60:40:cc:e6:1e:a5:f3:fe:30:81:44:
9b:8c:4b:f8:39:64:66:91:40:d2:20:54:f3:b7:93:ab:ab:95:
0e:79:0c:13:86:c8:5e:71:bd:f0:6d:a0:fc:91:7f:1f:e0:d2:
d3:f6:42:44:2a:ff:87:96:5c:83:3c:96:da:74:37:38:ea:e3:
94:e9:bf:db:f1:2b:16:dc:29:83:9f:cb:5d:62:63:87:9d:9f:
37:8b:18:c9:e5:ce:99:3e:62:dd:b7:f5:3e:76:ea:ae:18:b7:
d7:7a:a0:ce:2c:53:53:c1:d4:cc:2d:69:f9:b5:42:c4:13:e4:
74:96:8c:2f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzF3KA2Py/tqfRfkOq6NW2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmNhYWY4ZDE3ZGQxYTY1Nzk1ZjcxNGIyNjdmMWJjZTIx
OTM4YjkwHhcNMjQwMTAxMTYzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmU4NzBkYjA3ODNmM2YzMjMxNzJkYjBmMmI1OWM4YWM5Mzc1ZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmaNahKoojQUt1ZP/WKeB3kEFCqF
BSFeaurZKvIESDmJj/LTGVDPNdeNA0tcN3AicT5Y+BHVnbbq4Eze/yEoOkilJpY2
wO50dIEWFrTF17iA2tYCOCaNdFldWm17lR1hspW4mJkHPtfvllio8mMlptGITyDX
6tDFtDfeVxdm8R6XZkRAey/M00Xqbp70TjnZg8O7Y8FmsXlYv4T+8Ae5BfKfSVho
tBZhzwcSRI8M8bYF45hvDK26Sf3rn/OOlL5rwY1cagEXjiRdHBYrMUyX65hlZuaj
/Z1tHHdnAXrBSZLnzgYOnwyMsSGUcnTcx21SY9X6Ca40hJ/q6p8aDZ1aUQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJ/ocNsHg/PzIxctsPK1nIrJN10OMB8GA1UdIwQY
MBaAFAj8qvjRfdGmV5X3FLJn8bziGTi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgt
NzdlZWVhZjcxZDA4LzEvbi1odzJ3ZUQ4X01qRnkydzhyV2Npc2szWFE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4
LzEvQ1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAMBAIAATAGAwQAud09MCAE
AgACMBoDBwAqBonDUBADBwAqBonEoAADBgQqBonEwDANBgkqhkiG9w0BAQsFAAOC
AQEAotWeqXdb1FnA4uEOBwE4kNB8f/EaR4Cd+FcN8s4fp/EbHBjhi0CdZ1Q8crc/
oLm0aRmq3ZYryS0BL7TTiyKHBjZOv3IZu8w/2N/w7vR6pF2yHHCVSpVwwhhvBOeR
ZytFw5d4CQtM7MK4jZgZIXLVnTfvjkMrLRakRDiVNmgyexf7se843mBAzOYepfP+
MIFEm4xL+DlkZpFA0iBU87eTq6uVDnkME4bIXnG98G2g/JF/H+DS0/ZCRCr/h5Zc
gzyW2nQ3OOrjlOm/2/ErFtwpg5/LXWJjh52fN4sYyeXOmT5i3bf1Pnbqrhi313qg
zixTU8HUzC1p+bVCxBPkdJaMLw==
-----END CERTIFICATE-----
Generated at Mon May 27 20:27:21 2024 by rpki-client on console-fra.rpki-client.org