Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/7c61b2-8fbc-4b2d-834a-249f0a313bbc/1/n20HjTPK0kimfJ6cB3l0DDKhPyg.roa
File: n20HjTPK0kimfJ6cB3l0DDKhPyg.roa (raw, json)
Hash identifier: d1vxh4aKLboYSBlVSUjHNMBemMHAIXDVySUVCVyG7oo=
Subject key identifier: 9F:6D:07:8D:33:CA:D2:48:A6:7C:9E:9C:07:79:74:0C:32:A1:3F:28
Certificate issuer: /CN=ee720dfe6719724e230102e3425c6c2df247d879
Certificate serial: 018CC5DC1BED30EF41F153EEB785A025CC42
Authority key identifier: EE:72:0D:FE:67:19:72:4E:23:01:02:E3:42:5C:6C:2D:F2:47:D8:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7nIN_mcZck4jAQLjQlxsLfJH2Hk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/7c61b2-8fbc-4b2d-834a-249f0a313bbc/1/n20HjTPK0kimfJ6cB3l0DDKhPyg.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201214
IP address blocks: 185.82.4.0/22 maxlen: 24
185.82.4.0/24 maxlen: 24
185.82.5.0/24 maxlen: 24
2a03:66a0::/32 maxlen: 48
2a03:66a0:1000::/48 maxlen: 48
2a03:66a0:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/7c61b2-8fbc-4b2d-834a-249f0a313bbc/1/7nIN_mcZck4jAQLjQlxsLfJH2Hk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/7c61b2-8fbc-4b2d-834a-249f0a313bbc/1/7nIN_mcZck4jAQLjQlxsLfJH2Hk.mft
rsync://rpki.ripe.net/repository/DEFAULT/7nIN_mcZck4jAQLjQlxsLfJH2Hk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1b:ed:30:ef:41:f1:53:ee:b7:85:a0:25:cc:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee720dfe6719724e230102e3425c6c2df247d879
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f6d078d33cad248a67c9e9c0779740c32a13f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:54:fb:97:bf:91:ff:73:47:a7:0c:74:5d:4e:
3c:21:8b:d8:92:81:b0:63:96:90:14:08:2b:87:a5:
a2:5d:6c:6a:60:9b:4b:a7:c0:9d:41:03:b3:03:3d:
ab:50:88:63:48:ab:7a:ac:ee:0f:b7:ea:70:5d:c7:
bf:49:0d:a1:e9:6f:bb:c6:16:ae:46:86:cd:eb:19:
c1:a3:e6:e6:fa:29:ff:1e:30:33:62:f4:c6:27:fc:
01:63:b1:c0:25:7f:a5:b5:74:f0:f1:0e:ef:bb:1e:
88:7e:69:8f:07:7a:fe:fd:13:80:6b:3b:52:6b:8e:
fd:9c:2c:1a:d6:bc:b1:ae:33:f1:3b:36:5a:28:e5:
f0:22:6a:c9:ea:51:ff:b7:65:da:46:81:e1:05:c9:
ba:e7:1c:37:78:71:4d:93:7b:6a:b1:27:cf:67:c0:
75:9e:5b:66:cb:56:af:2f:48:02:e9:66:db:86:d0:
d1:38:f1:eb:98:16:ea:da:70:e1:ec:2f:23:e8:ed:
a0:45:5b:0f:45:75:cd:de:f3:a8:88:19:15:81:31:
34:6b:05:3f:a4:91:85:01:15:9e:66:57:5a:4a:48:
49:d5:68:eb:fe:54:0f:39:0a:a1:fa:17:cb:df:d7:
f1:88:c2:4e:e9:0b:22:4f:61:a2:19:00:47:ec:ab:
73:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6D:07:8D:33:CA:D2:48:A6:7C:9E:9C:07:79:74:0C:32:A1:3F:28
X509v3 Authority Key Identifier:
keyid:EE:72:0D:FE:67:19:72:4E:23:01:02:E3:42:5C:6C:2D:F2:47:D8:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7nIN_mcZck4jAQLjQlxsLfJH2Hk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/7c61b2-8fbc-4b2d-834a-249f0a313bbc/1/n20HjTPK0kimfJ6cB3l0DDKhPyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/7c61b2-8fbc-4b2d-834a-249f0a313bbc/1/7nIN_mcZck4jAQLjQlxsLfJH2Hk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.82.4.0/22
IPv6:
2a03:66a0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:5e:ff:df:18:23:c8:36:12:ca:21:1a:49:e9:0d:aa:5c:d3:
88:70:b5:6a:e4:5d:e0:8a:29:5f:ec:ca:81:e5:f4:16:a9:c1:
71:8f:4d:ef:51:a8:f3:24:5e:2a:c0:6b:ac:c2:2e:5c:7a:ca:
5f:3b:6d:b4:27:f0:b5:64:2d:78:6f:e5:cd:38:3f:d2:4e:f2:
56:30:65:30:d7:47:a7:51:80:37:55:69:05:88:f7:13:3a:89:
c4:7e:c9:62:93:b1:7b:a2:20:29:f6:e6:aa:43:f8:96:cd:cc:
6f:ec:67:63:cf:b2:18:9e:21:ee:e0:54:78:44:85:c1:62:63:
8d:67:5c:71:16:79:5d:91:16:1e:50:22:dd:74:3d:ae:37:23:
03:43:c2:07:18:06:5d:c2:ef:47:06:b2:28:21:8c:43:4c:83:
08:61:d9:1b:d2:97:0d:3f:d3:03:37:0b:40:bb:78:58:d8:ad:
cd:52:71:8f:73:5a:20:9b:21:6e:39:2e:7a:1e:ea:d6:e6:a9:
fb:4d:a2:ee:bc:7d:63:b6:c1:01:3d:1d:b3:1a:1f:1d:e5:ea:
f1:e8:b7:e4:51:0b:1a:1e:99:81:40:e1:50:15:6f:4d:ff:d2:
35:24:94:b4:a4:36:ed:0c:d6:21:4d:d9:f5:97:ab:bc:b3:18:
9d:64:48:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3BvtMO9B8VPut4WgJcxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNzIwZGZlNjcxOTcyNGUyMzAxMDJlMzQyNWM2YzJkZjI0
N2Q4NzkwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjZkMDc4ZDMzY2FkMjQ4YTY3YzllOWMwNzc5NzQwYzMyYTEzZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1T7l7+R/3NHpwx0XU48IYvYkoGw
Y5aQFAgrh6WiXWxqYJtLp8CdQQOzAz2rUIhjSKt6rO4Pt+pwXce/SQ2h6W+7xhau
RobN6xnBo+bm+in/HjAzYvTGJ/wBY7HAJX+ltXTw8Q7vux6IfmmPB3r+/ROAaztS
a479nCwa1ryxrjPxOzZaKOXwImrJ6lH/t2XaRoHhBcm65xw3eHFNk3tqsSfPZ8B1
nltmy1avL0gC6WbbhtDROPHrmBbq2nDh7C8j6O2gRVsPRXXN3vOoiBkVgTE0awU/
pJGFARWeZldaSkhJ1Wjr/lQPOQqh+hfL39fxiMJO6QsiT2GiGQBH7Ktz/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ9tB40zytJIpnyenAd5dAwyoT8oMB8GA1UdIwQY
MBaAFO5yDf5nGXJOIwEC40JcbC3yR9h5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN25JTl9tY1pjazRqQVFMalFseHNMZkpIMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS83YzYxYjItOGZiYy00YjJkLTgzNGEt
MjQ5ZjBhMzEzYmJjLzEvbjIwSGpUUEswa2ltZko2Y0IzbDBEREtoUHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS83YzYxYjItOGZiYy00YjJkLTgzNGEtMjQ5ZjBhMzEzYmJj
LzEvN25JTl9tY1pjazRqQVFMalFseHNMZkpIMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVIEMA0E
AgACMAcDBQAqA2agMA0GCSqGSIb3DQEBCwUAA4IBAQANXv/fGCPINhLKIRpJ6Q2q
XNOIcLVq5F3giilf7MqB5fQWqcFxj03vUajzJF4qwGuswi5cespfO220J/C1ZC14
b+XNOD/STvJWMGUw10enUYA3VWkFiPcTOonEfslik7F7oiAp9uaqQ/iWzcxv7Gdj
z7IYniHu4FR4RIXBYmONZ1xxFnldkRYeUCLddD2uNyMDQ8IHGAZdwu9HBrIoIYxD
TIMIYdkb0pcNP9MDNwtAu3hY2K3NUnGPc1ogmyFuOS56HurW5qn7TaLuvH1jtsEB
PR2zGh8d5erx6LfkUQsaHpmBQOFQFW9N/9I1JJS0pDbtDNYhTdn1l6u8sxidZEin
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:16 2024 by rpki-client on console-ams.rpki-client.org