Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/f83073-9e80-42f2-b0a8-5f28137a7658/1/9M75nPNP2utYS_dlJWR2yGIP7Jk.roa
File: 9M75nPNP2utYS_dlJWR2yGIP7Jk.roa (raw, json)
Hash identifier: oSlGqk2lYc/SHvXF35AlUFEFY8DfHOjUW0AO1ApFGRc=
Subject key identifier: F4:CE:F9:9C:F3:4F:DA:EB:58:4B:F7:65:25:64:76:C8:62:0F:EC:99
Certificate issuer: /CN=e31aba3c2f56283ce5c74bce405844c1591babfc
Certificate serial: 018CC80113A36BFC19EA60D3928BE92C18C2
Authority key identifier: E3:1A:BA:3C:2F:56:28:3C:E5:C7:4B:CE:40:58:44:C1:59:1B:AB:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xq6PC9WKDzlx0vOQFhEwVkbq_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/f83073-9e80-42f2-b0a8-5f28137a7658/1/9M75nPNP2utYS_dlJWR2yGIP7Jk.roa
Signing time: Tue 02 Jan 2024 02:29:22 +0000
ROA not before: Tue 02 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199469
IP address blocks: 185.15.112.0/22 maxlen: 22
185.15.112.0/24 maxlen: 24
185.15.115.0/24 maxlen: 24
185.15.114.0/24 maxlen: 24
185.15.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/f83073-9e80-42f2-b0a8-5f28137a7658/1/4xq6PC9WKDzlx0vOQFhEwVkbq_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/f83073-9e80-42f2-b0a8-5f28137a7658/1/4xq6PC9WKDzlx0vOQFhEwVkbq_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/4xq6PC9WKDzlx0vOQFhEwVkbq_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:13:a3:6b:fc:19:ea:60:d3:92:8b:e9:2c:18:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e31aba3c2f56283ce5c74bce405844c1591babfc
Validity
Not Before: Jan 2 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4cef99cf34fdaeb584bf765256476c8620fec99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:91:a9:26:c9:9f:e7:65:12:06:96:b9:98:
c8:20:8b:e6:f5:90:46:80:db:ef:61:12:e3:50:a7:
bb:8e:08:57:35:b7:42:c2:58:8a:83:44:71:de:aa:
bd:9d:f4:3c:9c:5d:b7:22:8d:1e:af:d8:6c:4e:87:
6b:9c:24:50:68:4d:c0:a4:d4:18:82:71:66:a1:bc:
a1:8e:e7:78:87:fc:76:d4:59:5e:3a:a1:d3:4c:f1:
a4:81:2c:f4:5f:c3:b7:cb:e0:69:d8:78:da:17:d1:
65:2a:bd:76:3f:1e:35:74:1e:bb:82:2a:31:9b:11:
2f:1c:44:51:dd:e6:6f:9a:e9:8c:13:f9:98:87:e4:
cf:b8:50:cb:1e:5c:4a:b2:29:99:b1:b0:a8:3c:bc:
c4:d6:33:14:b6:e5:f7:de:f7:fb:70:4f:f7:18:db:
92:50:f2:ad:1f:db:ae:59:3f:8e:23:4c:8d:d0:97:
df:42:96:f4:d3:ff:3c:2a:a0:0d:bd:97:33:af:04:
cc:a9:32:fa:b4:3e:50:eb:43:dc:81:19:68:8d:db:
bc:b9:b0:c7:cd:38:ad:c7:fe:4a:2a:f5:31:c5:e3:
99:48:4e:73:e9:3a:ff:2d:45:b8:2c:23:84:76:42:
19:97:9c:01:34:64:4f:aa:01:e2:ab:79:9a:72:0a:
e0:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:CE:F9:9C:F3:4F:DA:EB:58:4B:F7:65:25:64:76:C8:62:0F:EC:99
X509v3 Authority Key Identifier:
keyid:E3:1A:BA:3C:2F:56:28:3C:E5:C7:4B:CE:40:58:44:C1:59:1B:AB:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xq6PC9WKDzlx0vOQFhEwVkbq_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/f83073-9e80-42f2-b0a8-5f28137a7658/1/9M75nPNP2utYS_dlJWR2yGIP7Jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/f83073-9e80-42f2-b0a8-5f28137a7658/1/4xq6PC9WKDzlx0vOQFhEwVkbq_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.112.0/22
Signature Algorithm: sha256WithRSAEncryption
29:11:c0:a9:81:36:6f:54:0a:25:aa:13:8b:35:f3:9d:99:90:
17:a8:e5:82:96:b0:d3:84:88:2c:58:0a:28:59:11:55:86:c3:
9e:70:a5:0a:5a:51:3b:24:4f:c6:e2:15:9c:ea:06:30:3f:48:
3d:cd:73:17:e9:19:f4:fe:67:d6:71:c9:71:f9:89:50:cd:c9:
98:ca:7d:39:da:47:ae:3f:e5:2f:6d:29:d4:1f:7d:ec:28:45:
64:91:e8:e1:56:89:77:2e:5a:62:ee:22:66:01:ee:0a:9f:f5:
70:3b:93:1d:b4:63:67:b8:2a:2f:a3:5e:94:82:54:f0:8e:c4:
1a:53:0f:35:e1:52:01:a2:65:01:98:82:d3:38:3e:a8:98:29:
46:ba:89:5d:f3:3b:46:81:27:2a:2b:e1:e4:ea:78:83:16:60:
bd:e3:4d:7a:7a:79:b4:fe:d7:21:f7:14:4f:0e:7c:a3:bd:02:
3b:83:17:bd:fc:e6:f7:d1:26:aa:a0:c4:1c:2a:f6:c7:46:01:
55:a5:27:76:f8:2e:b6:fa:f6:4b:0a:2a:cc:76:5a:c3:76:df:
8f:59:71:b6:98:70:e9:53:fe:ef:d8:b0:48:2d:d3:6c:5e:3e:
2f:31:b0:fa:ec:63:e1:60:de:f1:1b:a6:55:7a:52:c9:d8:87:
fe:e5:76:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAROja/wZ6mDTkovpLBjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWFiYTNjMmY1NjI4M2NlNWM3NGJjZTQwNTg0NGMxNTkx
YmFiZmMwHhcNMjQwMTAyMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGNlZjk5Y2YzNGZkYWViNTg0YmY3NjUyNTY0NzZjODYyMGZlYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1ORqSbJn+dlEgaWuZjIIIvm9ZBG
gNvvYRLjUKe7jghXNbdCwliKg0Rx3qq9nfQ8nF23Io0er9hsTodrnCRQaE3ApNQY
gnFmobyhjud4h/x21FleOqHTTPGkgSz0X8O3y+Bp2HjaF9FlKr12Px41dB67giox
mxEvHERR3eZvmumME/mYh+TPuFDLHlxKsimZsbCoPLzE1jMUtuX33vf7cE/3GNuS
UPKtH9uuWT+OI0yN0JffQpb00/88KqANvZczrwTMqTL6tD5Q60PcgRlojdu8ubDH
zTitx/5KKvUxxeOZSE5z6Tr/LUW4LCOEdkIZl5wBNGRPqgHiq3macgrgWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPTO+ZzzT9rrWEv3ZSVkdshiD+yZMB8GA1UdIwQY
MBaAFOMaujwvVig85cdLzkBYRMFZG6v8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhxNlBDOVdLRHpseDB2T1FGaEV3VmticV93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mODMwNzMtOWU4MC00MmYyLWIwYTgt
NWYyODEzN2E3NjU4LzEvOU03NW5QTlAydXRZU19kbEpXUjJ5R0lQN0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mODMwNzMtOWU4MC00MmYyLWIwYTgtNWYyODEzN2E3NjU4
LzEvNHhxNlBDOVdLRHpseDB2T1FGaEV3VmticV93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQ9wMA0G
CSqGSIb3DQEBCwUAA4IBAQApEcCpgTZvVAolqhOLNfOdmZAXqOWClrDThIgsWAoo
WRFVhsOecKUKWlE7JE/G4hWc6gYwP0g9zXMX6Rn0/mfWcclx+YlQzcmYyn052keu
P+UvbSnUH33sKEVkkejhVol3Llpi7iJmAe4Kn/VwO5MdtGNnuCovo16UglTwjsQa
Uw814VIBomUBmILTOD6omClGuold8ztGgScqK+Hk6niDFmC94016enm0/tch9xRP
DnyjvQI7gxe9/Ob30SaqoMQcKvbHRgFVpSd2+C62+vZLCirMdlrDdt+PWXG2mHDp
U/7v2LBILdNsXj4vMbD67GPhYN7xG6ZVelLJ2If+5XZ2
-----END CERTIFICATE-----
Generated at Sun May 19 05:09:00 2024 by rpki-client on console-fra.rpki-client.org