Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/0ef58a-566f-48bc-b7da-8055ec10ff0a/1/Y7dsZCunr_cu4eTWzr5E74RvFCY.roa
File: Y7dsZCunr_cu4eTWzr5E74RvFCY.roa (raw, json)
Hash identifier: BKOmMZUQrThu7ve8hitRYitUXZ0Yjrs3IyK3O6Krko4=
Subject key identifier: 63:B7:6C:64:2B:A7:AF:F7:2E:E1:E4:D6:CE:BE:44:EF:84:6F:14:26
Certificate issuer: /CN=208f8bf8d012a25cccee2106803d7064320ed0f0
Certificate serial: 0192D7FA235D23C5A2D363BD6383F9D22BC8
Authority key identifier: 20:8F:8B:F8:D0:12:A2:5C:CC:EE:21:06:80:3D:70:64:32:0E:D0:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/II-L-NASolzM7iEGgD1wZDIO0PA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/0ef58a-566f-48bc-b7da-8055ec10ff0a/1/Y7dsZCunr_cu4eTWzr5E74RvFCY.roa
Signing time: Tue 29 Oct 2024 11:12:27 +0000
ROA not before: Tue 29 Oct 2024 11:12:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 185.184.172.0/23 maxlen: 23
185.184.174.0/23 maxlen: 23
185.191.252.0/23 maxlen: 23
185.191.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/0ef58a-566f-48bc-b7da-8055ec10ff0a/1/II-L-NASolzM7iEGgD1wZDIO0PA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/0ef58a-566f-48bc-b7da-8055ec10ff0a/1/II-L-NASolzM7iEGgD1wZDIO0PA.mft
rsync://rpki.ripe.net/repository/DEFAULT/II-L-NASolzM7iEGgD1wZDIO0PA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:fa:23:5d:23:c5:a2:d3:63:bd:63:83:f9:d2:2b:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=208f8bf8d012a25cccee2106803d7064320ed0f0
Validity
Not Before: Oct 29 11:12:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63b76c642ba7aff72ee1e4d6cebe44ef846f1426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d7:36:4a:f7:41:39:f2:15:4d:0f:3f:52:d6:
26:1f:62:6f:ea:30:da:21:18:d4:63:10:0c:2a:77:
8c:1a:2d:cc:ff:8b:cf:0d:7e:bc:f7:04:d2:ca:b3:
34:1d:d1:77:26:f3:0b:d5:c1:f6:84:36:f8:6a:26:
ac:b4:91:82:45:19:f5:e0:bd:45:92:d4:b4:3c:e8:
8a:fd:9c:27:ef:68:ba:e2:a1:43:02:b9:38:37:c5:
4e:2b:19:78:36:ed:8e:6f:f0:31:fc:f0:b0:ed:d5:
30:f1:fd:97:07:20:95:11:fd:63:68:b1:33:97:a2:
b7:57:9c:c5:04:8e:2b:a8:a1:9b:4e:67:50:e7:34:
d9:c0:03:30:49:c2:50:ff:5b:46:2f:92:49:34:6f:
72:3f:10:8f:48:0e:0f:f0:e8:84:6d:74:09:09:d1:
f1:90:ef:76:f9:c5:fb:08:66:53:ae:ad:7a:ae:e6:
08:50:b1:20:45:1b:ab:93:4d:1a:9d:12:ca:6b:fd:
d2:56:ba:f5:3b:49:aa:c8:a0:8c:71:d2:db:07:63:
dd:87:a6:c2:4f:3c:69:48:83:e3:9b:3b:83:2c:c5:
81:a7:14:4d:b8:66:11:6f:27:ad:21:62:74:35:7e:
10:03:8e:61:92:92:77:7b:b2:3a:4e:5a:6b:7f:b2:
53:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B7:6C:64:2B:A7:AF:F7:2E:E1:E4:D6:CE:BE:44:EF:84:6F:14:26
X509v3 Authority Key Identifier:
keyid:20:8F:8B:F8:D0:12:A2:5C:CC:EE:21:06:80:3D:70:64:32:0E:D0:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/II-L-NASolzM7iEGgD1wZDIO0PA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/0ef58a-566f-48bc-b7da-8055ec10ff0a/1/Y7dsZCunr_cu4eTWzr5E74RvFCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/0ef58a-566f-48bc-b7da-8055ec10ff0a/1/II-L-NASolzM7iEGgD1wZDIO0PA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.172.0/22
185.191.252.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:76:e4:48:4e:ab:15:ed:d4:2a:19:bf:c9:c6:6c:0e:1d:5d:
95:a8:f4:8f:f9:bc:58:c4:eb:19:24:17:92:c8:2d:2a:33:e6:
8e:25:ce:75:10:e0:34:aa:fe:1f:a4:3e:0a:fd:fc:ae:88:d9:
af:d1:aa:60:a0:64:c1:43:41:83:9b:6d:60:6a:6d:a7:cc:f7:
6a:ba:3e:2f:54:5c:3a:60:ff:3f:a4:db:36:6c:8d:99:9e:98:
d9:ac:23:47:89:31:60:19:50:66:47:64:e1:8e:6c:b2:b5:34:
de:9d:cb:d7:7a:0b:bd:29:eb:56:9b:75:42:a1:c0:fc:39:86:
6d:18:5c:6a:b2:81:6c:e3:dc:11:cc:50:1e:96:66:c2:65:6e:
b2:f1:2c:77:4b:dc:1e:57:53:f4:2a:ed:69:37:83:25:af:cf:
6a:a6:9a:d0:db:ab:3e:97:af:55:eb:88:ca:30:af:f1:ec:26:
e7:30:9b:1f:55:ea:82:c0:22:59:18:d0:c1:8f:8f:b4:9a:a9:
d5:05:ea:4b:61:36:ec:1a:28:eb:ac:db:c3:91:c3:67:d9:f6:
38:40:62:a1:39:f1:4f:36:79:30:55:66:f9:24:b8:d1:74:b5:
c8:d6:a4:7d:99:8b:0f:7d:24:01:e0:cc:30:cb:bf:9f:c2:36:
f4:f1:23:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLX+iNdI8Wi02O9Y4P50ivIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOGY4YmY4ZDAxMmEyNWNjY2VlMjEwNjgwM2Q3MDY0MzIw
ZWQwZjAwHhcNMjQxMDI5MTExMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2I3NmM2NDJiYTdhZmY3MmVlMWU0ZDZjZWJlNDRlZjg0NmYxNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNc2SvdBOfIVTQ8/UtYmH2Jv6jDa
IRjUYxAMKneMGi3M/4vPDX689wTSyrM0HdF3JvML1cH2hDb4aiastJGCRRn14L1F
ktS0POiK/Zwn72i64qFDArk4N8VOKxl4Nu2Ob/Ax/PCw7dUw8f2XByCVEf1jaLEz
l6K3V5zFBI4rqKGbTmdQ5zTZwAMwScJQ/1tGL5JJNG9yPxCPSA4P8OiEbXQJCdHx
kO92+cX7CGZTrq16ruYIULEgRRurk00anRLKa/3SVrr1O0mqyKCMcdLbB2Pdh6bC
TzxpSIPjmzuDLMWBpxRNuGYRbyetIWJ0NX4QA45hkpJ3e7I6Tlprf7JTGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGO3bGQrp6/3LuHk1s6+RO+EbxQmMB8GA1UdIwQY
MBaAFCCPi/jQEqJczO4hBoA9cGQyDtDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUktTC1OQVNvbHpNN2lFR2dEMXdaRElPMFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8wZWY1OGEtNTY2Zi00OGJjLWI3ZGEt
ODA1NWVjMTBmZjBhLzEvWTdkc1pDdW5yX2N1NGVUV3pyNUU3NFJ2RkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8wZWY1OGEtNTY2Zi00OGJjLWI3ZGEtODA1NWVjMTBmZjBh
LzEvSUktTC1OQVNvbHpNN2lFR2dEMXdaRElPMFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCubisAwQC
ub/8MA0GCSqGSIb3DQEBCwUAA4IBAQC3duRITqsV7dQqGb/JxmwOHV2VqPSP+bxY
xOsZJBeSyC0qM+aOJc51EOA0qv4fpD4K/fyuiNmv0apgoGTBQ0GDm21gam2nzPdq
uj4vVFw6YP8/pNs2bI2ZnpjZrCNHiTFgGVBmR2ThjmyytTTencvXegu9KetWm3VC
ocD8OYZtGFxqsoFs49wRzFAelmbCZW6y8Sx3S9weV1P0Ku1pN4Mlr89qpprQ26s+
l69V64jKMK/x7CbnMJsfVeqCwCJZGNDBj4+0mqnVBepLYTbsGijrrNvDkcNn2fY4
QGKhOfFPNnkwVWb5JLjRdLXI1qR9mYsPfSQB4Mwwy7+fwjb08SOj
-----END CERTIFICATE-----
Generated at Mon Nov 25 14:17:19 2024 by rpki-client on console-ams.rpki-client.org