Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/kQ5yRwTUMffUn-57_rCna6ff3sI.roa
File: kQ5yRwTUMffUn-57_rCna6ff3sI.roa (raw, json)
Hash identifier: VoojJa6myjzN5C3xIahHNlsSjYskbbel1ejzSWEWH9U=
Subject key identifier: 91:0E:72:47:04:D4:31:F7:D4:9F:EE:7B:FE:B0:A7:6B:A7:DF:DE:C2
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 018CC725C304700EB325EAB6ECE01324BF9A
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/kQ5yRwTUMffUn-57_rCna6ff3sI.roa
Signing time: Mon 01 Jan 2024 22:29:49 +0000
ROA not before: Mon 01 Jan 2024 22:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206119
IP address blocks: 194.0.207.0/24 maxlen: 24
185.213.169.0/24 maxlen: 24
185.213.171.0/24 maxlen: 24
185.213.170.0/24 maxlen: 24
2a0b:8b41::/32 maxlen: 32
2a0b:8b46::/32 maxlen: 32
2a0b:8b43::/32 maxlen: 32
2a0b:8b44::/32 maxlen: 32
2a0b:8b47::/32 maxlen: 32
2a0b:8b40::/32 maxlen: 32
2a0b:8b45::/32 maxlen: 32
2a0b:8b42::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.mft
rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 22:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:c3:04:70:0e:b3:25:ea:b6:ec:e0:13:24:bf:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Jan 1 22:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=910e724704d431f7d49fee7bfeb0a76ba7dfdec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5f:50:bc:82:de:45:f8:48:d5:68:99:1d:36:
92:12:29:01:22:6e:f2:e7:4e:ac:f5:a1:ae:0a:ed:
4e:2b:ea:84:e9:0e:c4:a0:59:4d:60:49:c1:ac:dd:
98:55:b5:6a:84:49:0e:c1:88:c4:89:6a:ee:8f:94:
4b:d4:7e:08:73:09:2d:a1:67:30:e8:f5:86:7c:6e:
98:b5:eb:fe:bb:a4:78:3e:76:6f:67:3d:f8:c6:e8:
31:75:a0:72:ef:07:0a:8f:5a:41:fa:44:81:94:a7:
27:25:1c:cb:ed:93:ec:93:2d:96:37:f6:de:26:b9:
98:88:aa:4d:64:77:dc:7a:f8:a3:2e:b2:17:99:8e:
d8:f3:5b:a3:18:01:b0:12:e8:f1:13:0e:c4:0c:04:
a2:fd:43:9f:a7:78:c3:74:38:69:95:9e:0b:1b:ce:
26:ea:05:7d:9b:16:63:10:23:6f:b5:8d:06:7d:1f:
89:b6:fa:62:91:2e:b4:dc:52:50:99:02:dd:be:19:
e9:36:8b:0b:07:41:02:18:d0:59:51:80:68:f6:b1:
1a:d3:c8:5d:33:7a:f9:e3:9c:be:69:96:ee:4a:e3:
c9:b3:7b:bc:bc:72:ff:d0:41:da:d0:a7:2e:0a:54:
71:c1:a5:3b:d5:25:ff:fb:50:77:00:1f:03:3e:a2:
b6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:0E:72:47:04:D4:31:F7:D4:9F:EE:7B:FE:B0:A7:6B:A7:DF:DE:C2
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/kQ5yRwTUMffUn-57_rCna6ff3sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.169.0-185.213.171.255
194.0.207.0/24
IPv6:
2a0b:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
72:37:31:8f:22:6a:2f:c8:5a:be:ca:30:9b:6a:b4:24:37:cf:
33:47:0d:12:b6:84:aa:3f:de:20:c2:8d:ca:22:5d:24:72:2f:
4d:84:b6:17:8f:1f:f1:33:c7:7c:6c:bf:81:a8:81:f3:74:0e:
3a:8c:80:cd:42:f8:95:24:f3:30:56:c9:9e:bf:fa:e4:a2:1d:
f1:ac:7d:59:27:20:da:cd:99:fc:e7:a8:50:7c:57:e2:87:ad:
c5:a1:3a:04:dd:ce:ca:00:9d:7b:94:90:94:18:6e:a1:88:75:
06:ae:d3:5c:89:90:0f:a5:1a:91:9b:39:8b:c5:73:c8:63:1b:
2c:98:2c:cd:15:6a:b8:bf:5b:fb:a7:c4:b5:9b:9a:38:94:47:
8c:af:a4:05:6a:d4:be:b7:cc:2a:88:b5:e1:6a:e6:ab:8c:de:
6b:84:10:e6:63:1d:f9:9c:88:b0:52:07:b5:68:7f:f9:a2:dd:
05:e3:32:3d:2a:1e:33:1b:dd:ac:10:b8:a5:7f:3d:13:7e:68:
7a:82:c7:75:cd:da:77:99:69:5d:14:b0:76:b7:41:d2:75:90:
a6:a6:ab:16:4f:ad:2e:b9:1e:b3:d1:8a:22:68:b0:48:49:f0:
ec:99:d8:e8:08:94:b1:f7:21:6c:9e:a4:48:e6:51:f6:e1:12:
18:9b:40:54
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzHJcMEcA6zJeq27OATJL+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjQwMTAxMjIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTBlNzI0NzA0ZDQzMWY3ZDQ5ZmVlN2JmZWIwYTc2YmE3ZGZkZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgF9QvILeRfhI1WiZHTaSEikBIm7y
506s9aGuCu1OK+qE6Q7EoFlNYEnBrN2YVbVqhEkOwYjEiWruj5RL1H4IcwktoWcw
6PWGfG6Ytev+u6R4PnZvZz34xugxdaBy7wcKj1pB+kSBlKcnJRzL7ZPsky2WN/be
JrmYiKpNZHfcevijLrIXmY7Y81ujGAGwEujxEw7EDASi/UOfp3jDdDhplZ4LG84m
6gV9mxZjECNvtY0GfR+JtvpikS603FJQmQLdvhnpNosLB0ECGNBZUYBo9rEa08hd
M3r545y+aZbuSuPJs3u8vHL/0EHa0KcuClRxwaU71SX/+1B3AB8DPqK2OQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJEOckcE1DH31J/ue/6wp2un397CMB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEva1E1eVJ3VFVNZmZVbi01N19yQ25hNmZmM3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAC51akD
BAK51agDBADCAM8wDQQCAAIwBwMFAyoLi0AwDQYJKoZIhvcNAQELBQADggEBAHI3
MY8iai/IWr7KMJtqtCQ3zzNHDRK2hKo/3iDCjcoiXSRyL02EthePH/Ezx3xsv4Go
gfN0DjqMgM1C+JUk8zBWyZ6/+uSiHfGsfVknINrNmfznqFB8V+KHrcWhOgTdzsoA
nXuUkJQYbqGIdQau01yJkA+lGpGbOYvFc8hjGyyYLM0Vari/W/unxLWbmjiUR4yv
pAVq1L63zCqIteFq5quM3muEEOZjHfmciLBSB7Vof/mi3QXjMj0qHjMb3awQuKV/
PRN+aHqCx3XN2neZaV0UsHa3QdJ1kKamqxZPrS65HrPRiiJosEhJ8OyZ2OgIlLH3
IWyepEjmUfbhEhibQFQ=
-----END CERTIFICATE-----
Generated at Sat Sep 28 04:26:45 2024 by rpki-client on console-fra.rpki-client.org