Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/274f5c-a7bc-464d-9666-7c281d07e155/1/SOKJYGFoEAA6OH3zSnIqDRi5wbU.roa
File: SOKJYGFoEAA6OH3zSnIqDRi5wbU.roa (raw, json)
Hash identifier: g1iaUyHJT5IFTgq7hydEBdvjofhs2Ldzbb44tTYrAWE=
Subject key identifier: 48:E2:89:60:61:68:10:00:3A:38:7D:F3:4A:72:2A:0D:18:B9:C1:B5
Certificate issuer: /CN=ee83bc458a3696d652fbef863e5ee40f0096f197
Certificate serial: 018CC7275EF54CB120EFC00ED623E5AABB56
Authority key identifier: EE:83:BC:45:8A:36:96:D6:52:FB:EF:86:3E:5E:E4:0F:00:96:F1:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7oO8RYo2ltZS---GPl7kDwCW8Zc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/274f5c-a7bc-464d-9666-7c281d07e155/1/SOKJYGFoEAA6OH3zSnIqDRi5wbU.roa
Signing time: Mon 01 Jan 2024 22:31:35 +0000
ROA not before: Mon 01 Jan 2024 22:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203536
IP address blocks: 185.63.8.0/22 maxlen: 22
188.116.42.0/23 maxlen: 23
2a03:920::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/274f5c-a7bc-464d-9666-7c281d07e155/1/7oO8RYo2ltZS---GPl7kDwCW8Zc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/274f5c-a7bc-464d-9666-7c281d07e155/1/7oO8RYo2ltZS---GPl7kDwCW8Zc.mft
rsync://rpki.ripe.net/repository/DEFAULT/7oO8RYo2ltZS---GPl7kDwCW8Zc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5e:f5:4c:b1:20:ef:c0:0e:d6:23:e5:aa:bb:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee83bc458a3696d652fbef863e5ee40f0096f197
Validity
Not Before: Jan 1 22:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48e28960616810003a387df34a722a0d18b9c1b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:86:51:72:25:a5:8a:31:44:3c:85:38:0d:26:
ff:1a:1e:a1:a1:b5:df:1a:cb:86:22:80:43:b7:74:
dc:5c:8a:2c:5a:82:57:d9:bd:fe:25:6c:b0:2f:b2:
c4:0b:03:92:b1:9c:46:a7:09:74:e0:48:ad:ef:be:
65:91:c2:3d:21:24:d6:39:3b:07:cb:a0:6d:d0:6a:
75:ac:10:7d:a7:09:6e:1c:15:2f:05:7a:1b:ca:d4:
30:c5:fe:ab:a1:1f:4c:0e:d0:dd:16:44:a1:6f:fd:
17:bb:14:30:10:16:21:0b:65:a6:5d:31:05:6f:2a:
ff:68:26:e7:c4:de:e8:18:24:55:b5:f6:dc:02:1c:
9e:2e:aa:cf:a1:91:d9:87:c7:04:43:47:e0:e8:ef:
2e:a1:16:7a:cf:f1:ca:62:81:39:cd:f1:77:d0:8e:
58:c7:5a:c4:cb:9b:76:ab:8d:e2:c4:61:10:63:b4:
02:e7:e0:dd:4c:f1:66:4f:cc:8e:94:8f:d2:32:f8:
ec:ba:35:2e:24:24:26:b9:d0:77:c8:80:91:16:73:
14:73:a8:0e:f7:c3:83:80:20:1a:f1:77:6f:11:8a:
ce:06:95:a7:cb:b6:e5:66:1a:6e:2d:f4:5a:0c:28:
18:e8:96:12:09:3b:43:a9:09:de:4c:85:74:2f:f2:
ac:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E2:89:60:61:68:10:00:3A:38:7D:F3:4A:72:2A:0D:18:B9:C1:B5
X509v3 Authority Key Identifier:
keyid:EE:83:BC:45:8A:36:96:D6:52:FB:EF:86:3E:5E:E4:0F:00:96:F1:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7oO8RYo2ltZS---GPl7kDwCW8Zc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/274f5c-a7bc-464d-9666-7c281d07e155/1/SOKJYGFoEAA6OH3zSnIqDRi5wbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/274f5c-a7bc-464d-9666-7c281d07e155/1/7oO8RYo2ltZS---GPl7kDwCW8Zc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.8.0/22
188.116.42.0/23
IPv6:
2a03:920::/32
Signature Algorithm: sha256WithRSAEncryption
1d:d8:8c:bb:7c:9a:f0:d8:c2:50:78:96:87:2f:69:3c:70:73:
e2:47:8d:06:14:c5:41:08:5e:fa:da:f7:1d:e9:0a:09:34:89:
75:f9:48:88:eb:26:05:58:1f:d9:4b:ea:20:50:da:3c:c4:aa:
03:2c:4a:69:ea:45:35:be:a4:86:16:12:73:b3:9f:02:2a:b9:
ea:7c:03:17:64:9a:5b:f8:cf:b5:48:41:e8:4b:4a:99:03:e5:
56:ea:bb:d2:b7:4d:57:a8:05:74:d1:49:7c:55:f9:45:92:68:
5f:02:47:a8:bf:7b:1d:27:01:52:f3:cd:ee:86:dd:4d:f7:e0:
69:69:52:8d:ac:23:ff:55:7a:a3:8e:d3:71:47:cc:1f:8c:db:
7e:58:df:12:b8:a8:89:0d:08:ad:29:a3:9f:9e:2d:c8:90:db:
dd:c2:a8:50:04:6e:cd:98:67:66:57:eb:1a:86:6c:31:5b:48:
7a:10:3e:42:d6:04:78:d7:48:b4:64:30:2b:c1:27:9c:82:db:
98:2f:36:fe:20:94:76:3a:cb:91:da:11:0d:da:46:4e:ff:09:
74:06:30:e2:e7:a5:18:0c:35:cb:4b:8d:b3:9b:ba:f1:f5:5b:
49:bb:02:18:2a:82:9c:af:06:1a:fe:4c:a3:8a:ea:d4:68:c8:
3d:78:2e:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJ171TLEg78AO1iPlqrtWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlODNiYzQ1OGEzNjk2ZDY1MmZiZWY4NjNlNWVlNDBmMDA5
NmYxOTcwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGUyODk2MDYxNjgxMDAwM2EzODdkZjM0YTcyMmEwZDE4YjljMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIZRciWlijFEPIU4DSb/Gh6hobXf
GsuGIoBDt3TcXIosWoJX2b3+JWywL7LECwOSsZxGpwl04Eit775lkcI9ISTWOTsH
y6Bt0Gp1rBB9pwluHBUvBXobytQwxf6roR9MDtDdFkShb/0XuxQwEBYhC2WmXTEF
byr/aCbnxN7oGCRVtfbcAhyeLqrPoZHZh8cEQ0fg6O8uoRZ6z/HKYoE5zfF30I5Y
x1rEy5t2q43ixGEQY7QC5+DdTPFmT8yOlI/SMvjsujUuJCQmudB3yICRFnMUc6gO
98ODgCAa8XdvEYrOBpWny7blZhpuLfRaDCgY6JYSCTtDqQneTIV0L/KsPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEjiiWBhaBAAOjh980pyKg0YucG1MB8GA1UdIwQY
MBaAFO6DvEWKNpbWUvvvhj5e5A8AlvGXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN29POFJZbzJsdFpTLS0tR1BsN2tEd0NXOFpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yNzRmNWMtYTdiYy00NjRkLTk2NjYt
N2MyODFkMDdlMTU1LzEvU09LSllHRm9FQUE2T0gzelNuSXFEUmk1d2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yNzRmNWMtYTdiYy00NjRkLTk2NjYtN2MyODFkMDdlMTU1
LzEvN29POFJZbzJsdFpTLS0tR1BsN2tEd0NXOFpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuT8IAwQB
vHQqMA0EAgACMAcDBQAqAwkgMA0GCSqGSIb3DQEBCwUAA4IBAQAd2Iy7fJrw2MJQ
eJaHL2k8cHPiR40GFMVBCF762vcd6QoJNIl1+UiI6yYFWB/ZS+ogUNo8xKoDLEpp
6kU1vqSGFhJzs58CKrnqfAMXZJpb+M+1SEHoS0qZA+VW6rvSt01XqAV00Ul8VflF
kmhfAkeov3sdJwFS883uht1N9+BpaVKNrCP/VXqjjtNxR8wfjNt+WN8SuKiJDQit
KaOfni3IkNvdwqhQBG7NmGdmV+sahmwxW0h6ED5C1gR410i0ZDArwSecgtuYLzb+
IJR2OsuR2hEN2kZO/wl0BjDi56UYDDXLS42zm7rx9VtJuwIYKoKcrwYa/kyjiurU
aMg9eC5F
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:33:22 2024 by rpki-client on console-ams.rpki-client.org