Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/heoykRXl7IUhde8E857nSji3u8Y.roa
File: heoykRXl7IUhde8E857nSji3u8Y.roa (raw, json)
Hash identifier: K3rCW5Dcu1FrDJY1HYWZW2W6XyZvEgLsxN88xAmRMuI=
Subject key identifier: 85:EA:32:91:15:E5:EC:85:21:75:EF:04:F3:9E:E7:4A:38:B7:BB:C6
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 018CC94CC98F8F8905B65E9E09E1E051E492
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/heoykRXl7IUhde8E857nSji3u8Y.roa
Signing time: Tue 02 Jan 2024 08:31:41 +0000
ROA not before: Tue 02 Jan 2024 08:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210848
IP address blocks: 185.193.88.0/24 maxlen: 24
185.156.74.0/24 maxlen: 24
185.156.73.0/24 maxlen: 24
92.63.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 01:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:c9:8f:8f:89:05:b6:5e:9e:09:e1:e0:51:e4:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Jan 2 08:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85ea329115e5ec852175ef04f39ee74a38b7bbc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d4:92:b2:70:a9:00:3b:29:b3:a0:70:8b:da:
51:6e:07:5f:7e:b9:cd:b4:bb:09:db:d0:8d:67:77:
0e:70:c9:d3:09:f2:9b:0b:27:17:26:f1:9b:a6:23:
14:72:b0:4b:40:bf:2b:d3:97:72:23:c6:01:ae:14:
ca:f3:75:10:f8:5d:f7:b3:74:9d:a1:bb:c6:87:b2:
f5:57:6a:d4:5b:8f:c8:c3:53:4f:4f:40:04:f8:5e:
ec:4d:51:7c:4e:6a:30:66:19:50:29:9b:6e:39:3a:
a6:d5:76:a4:a0:08:40:b0:41:5b:32:2d:a5:e7:09:
34:2f:e7:83:d8:39:36:5f:0a:c0:9c:70:ab:67:52:
ec:1c:be:31:ec:e9:cd:ad:dd:31:69:55:90:b1:3e:
7a:5e:be:98:22:aa:d4:02:e4:3f:72:b4:ae:11:6a:
e9:f3:62:32:2c:56:d8:4c:5c:ff:e7:c1:e4:ca:70:
1e:a2:c5:c1:92:25:0a:48:97:22:13:52:a4:7a:1a:
da:2e:d0:3a:43:f8:4d:36:cd:3a:e0:b7:75:0c:1f:
37:da:1f:48:d7:bd:a7:f7:80:3c:c6:72:86:32:3b:
0a:a5:27:a8:43:cb:73:f4:78:e1:42:c7:8b:e6:42:
1c:53:78:f9:60:ad:2c:57:18:e5:1f:87:c0:51:fd:
80:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:EA:32:91:15:E5:EC:85:21:75:EF:04:F3:9E:E7:4A:38:B7:BB:C6
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/heoykRXl7IUhde8E857nSji3u8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.63.197.0/24
185.156.73.0-185.156.74.255
185.193.88.0/24
Signature Algorithm: sha256WithRSAEncryption
59:76:af:c3:56:5e:e5:ab:74:bd:80:ec:a8:62:44:3e:fd:19:
10:94:b8:15:81:e6:12:fa:f6:76:95:9f:5a:34:74:d0:db:37:
78:6a:d5:71:3a:9b:e5:f7:2d:c8:51:7c:ce:d0:f2:52:59:62:
53:90:4f:30:02:e3:5e:fa:cd:dc:62:6a:14:2d:40:b3:06:85:
0f:c0:9f:8c:ab:8d:3a:fe:c4:c2:2e:80:f0:e7:1a:b7:50:5c:
49:75:47:fb:56:71:ed:c0:bd:8c:e1:4c:0a:19:ab:5b:cc:d3:
71:29:f4:b6:a2:85:52:f2:b3:55:19:04:ed:64:4b:03:de:2e:
ed:38:b2:2e:83:c2:5a:89:28:73:57:53:7d:5e:38:f5:09:2b:
55:30:72:4a:dd:02:9b:f4:b3:81:1a:45:28:55:e1:a0:83:38:
4f:ed:6d:b0:83:8b:0d:a3:da:58:03:3e:93:61:9a:e9:20:91:
cb:99:69:64:bf:ce:a3:e3:e9:80:6e:97:2f:54:ff:76:66:d9:
11:b6:f0:46:3e:ce:c1:05:ec:fa:b9:58:bc:0f:5f:d0:f2:8f:
06:b4:5e:f2:8b:60:18:2b:c1:6b:b7:a6:54:d1:ac:de:b2:0a:
7e:85:c5:85:a7:65:fb:f8:64:b2:c2:31:a9:d0:c9:7e:89:52:
d1:c8:dd:da
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzJTMmPj4kFtl6eCeHgUeSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjQwMTAyMDgzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWVhMzI5MTE1ZTVlYzg1MjE3NWVmMDRmMzllZTc0YTM4YjdiYmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNSSsnCpADsps6Bwi9pRbgdffrnN
tLsJ29CNZ3cOcMnTCfKbCycXJvGbpiMUcrBLQL8r05dyI8YBrhTK83UQ+F33s3Sd
obvGh7L1V2rUW4/Iw1NPT0AE+F7sTVF8TmowZhlQKZtuOTqm1XakoAhAsEFbMi2l
5wk0L+eD2Dk2XwrAnHCrZ1LsHL4x7OnNrd0xaVWQsT56Xr6YIqrUAuQ/crSuEWrp
82IyLFbYTFz/58HkynAeosXBkiUKSJciE1KkehraLtA6Q/hNNs064Ld1DB832h9I
172n94A8xnKGMjsKpSeoQ8tz9HjhQseL5kIcU3j5YK0sVxjlH4fAUf2AUwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIXqMpEV5eyFIXXvBPOe50o4t7vGMB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEvaGVveWtSWGw3SVVoZGU4RTg1N25TamkzdThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXD/FMAwD
BAC5nEkDBAC5nEoDBAC5wVgwDQYJKoZIhvcNAQELBQADggEBAFl2r8NWXuWrdL2A
7KhiRD79GRCUuBWB5hL69naVn1o0dNDbN3hq1XE6m+X3LchRfM7Q8lJZYlOQTzAC
4176zdxiahQtQLMGhQ/An4yrjTr+xMIugPDnGrdQXEl1R/tWce3AvYzhTAoZq1vM
03Ep9LaihVLys1UZBO1kSwPeLu04si6DwlqJKHNXU31eOPUJK1UwckrdApv0s4Ea
RShV4aCDOE/tbbCDiw2j2lgDPpNhmukgkcuZaWS/zqPj6YBuly9U/3Zm2RG28EY+
zsEF7Pq5WLwPX9Dyjwa0XvKLYBgrwWu3plTRrN6yCn6FxYWnZfv4ZLLCManQyX6J
UtHI3do=
-----END CERTIFICATE-----
Generated at Sat Jun 15 11:47:42 2024 by rpki-client on console-ams.rpki-client.org