Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/0RH8dYyppBBjHPwtEOgno2XGlOY.roa
File: 0RH8dYyppBBjHPwtEOgno2XGlOY.roa (raw, json)
Hash identifier: LVgroifXryomFW2BoW/5NVDI2APw1116UIMWTypg+t0=
Subject key identifier: D1:11:FC:75:8C:A9:A4:10:63:1C:FC:2D:10:E8:27:A3:65:C6:94:E6
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018E3284C271AD95C63E4B38A993F324C391
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/0RH8dYyppBBjHPwtEOgno2XGlOY.roa
Signing time: Tue 12 Mar 2024 11:55:45 +0000
ROA not before: Tue 12 Mar 2024 11:55:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51765
IP address blocks: 82.115.220.0/24 maxlen: 24
185.103.110.0/24 maxlen: 24
185.112.82.0/24 maxlen: 24
185.117.118.0/24 maxlen: 24
185.204.1.0/24 maxlen: 24
185.212.149.0/24 maxlen: 24
185.217.196.0/23 maxlen: 23
185.217.196.0/24 maxlen: 24
185.221.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:84:c2:71:ad:95:c6:3e:4b:38:a9:93:f3:24:c3:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 12 11:55:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d111fc758ca9a410631cfc2d10e827a365c694e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3d:a2:52:c4:66:1b:a7:70:17:0c:a7:6f:e6:
9e:62:d6:12:16:46:15:12:5d:08:16:ce:a0:61:97:
05:0e:9b:d5:f7:d3:f8:44:bb:60:8d:ce:d6:bc:39:
37:8d:e2:cb:ca:78:f8:a6:b9:e2:c2:8d:d5:e4:29:
e9:95:64:ca:bc:d7:7a:9f:b0:fa:5c:72:91:82:09:
db:b8:8d:aa:08:3a:ed:ca:8a:7e:71:ae:88:e6:f5:
65:5e:2c:e1:3f:2c:73:64:fe:33:32:23:23:c7:90:
5b:d1:11:3d:b5:ba:38:34:53:29:2c:67:3e:e7:5f:
8b:8d:9b:d0:1a:fb:4e:16:61:1a:ab:d0:67:b0:46:
ab:25:03:ac:4f:91:10:16:a2:58:7c:8b:33:52:37:
a5:aa:35:9a:fb:0b:9f:96:ea:88:84:f9:23:09:bb:
58:cf:c8:4c:c0:22:70:7e:bd:9e:22:90:d1:19:34:
85:94:c6:0b:29:6d:46:33:05:d4:2b:a3:c9:c0:9c:
71:9f:c7:1e:0a:3e:a8:64:38:5a:b7:29:26:07:df:
89:26:bd:76:4e:6f:dd:fa:c3:78:72:17:32:2e:0a:
3e:1f:d9:ee:46:f6:97:81:74:09:1f:02:62:7a:d0:
a4:cc:e5:9d:ee:2e:ff:04:f2:45:43:62:4c:77:b9:
8f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:11:FC:75:8C:A9:A4:10:63:1C:FC:2D:10:E8:27:A3:65:C6:94:E6
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/0RH8dYyppBBjHPwtEOgno2XGlOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.220.0/24
185.103.110.0/24
185.112.82.0/24
185.117.118.0/24
185.204.1.0/24
185.212.149.0/24
185.217.196.0/23
185.221.163.0/24
Signature Algorithm: sha256WithRSAEncryption
87:e5:e0:e0:4f:f9:44:f5:8f:13:a0:6d:80:44:bf:fc:d7:14:
5b:eb:6f:db:e8:06:e2:43:51:b7:3c:23:a6:63:b1:1a:c8:c5:
6d:96:af:a3:27:6d:dc:49:00:06:43:f1:01:f4:70:ab:20:69:
8a:11:de:1f:fb:75:a3:75:f4:2e:0f:e2:99:45:ed:1d:62:7c:
50:af:30:0f:f7:c2:d4:8e:94:82:cf:98:eb:f6:59:f9:19:d5:
c7:dd:98:47:0a:19:95:eb:fe:f7:45:d2:57:e1:a6:67:90:ab:
10:fe:b8:bc:bf:9c:a6:cf:d0:75:a6:d4:df:2c:3c:94:55:cd:
87:04:1e:ba:7c:c0:bd:2b:f7:fb:f0:1e:87:92:46:b0:0d:62:
e0:80:bf:f6:d0:e2:54:54:9f:4c:9d:d7:af:6a:a3:c7:a9:ee:
8c:ab:b8:7e:0f:ce:ee:63:b9:73:9f:14:5e:a8:4c:66:52:a2:
9f:ff:a0:7b:ad:38:1d:52:df:09:1c:75:d6:40:98:d3:5c:8f:
ef:0e:33:50:64:09:bd:e5:c8:17:f6:d6:af:c3:0b:ca:bc:4b:
56:f9:17:3e:ad:08:87:a6:85:d6:9a:93:b7:95:46:49:de:d5:
70:7b:04:b3:f3:bd:66:37:dc:65:2e:bd:ce:32:c3:f6:18:aa:
35:59:db:6c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY4yhMJxrZXGPks4qZPzJMORMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMzEyMTE1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTExZmM3NThjYTlhNDEwNjMxY2ZjMmQxMGU4MjdhMzY1YzY5NGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzj2iUsRmG6dwFwynb+aeYtYSFkYV
El0IFs6gYZcFDpvV99P4RLtgjc7WvDk3jeLLynj4prniwo3V5CnplWTKvNd6n7D6
XHKRggnbuI2qCDrtyop+ca6I5vVlXizhPyxzZP4zMiMjx5Bb0RE9tbo4NFMpLGc+
51+LjZvQGvtOFmEaq9BnsEarJQOsT5EQFqJYfIszUjelqjWa+wufluqIhPkjCbtY
z8hMwCJwfr2eIpDRGTSFlMYLKW1GMwXUK6PJwJxxn8ceCj6oZDhatykmB9+JJr12
Tm/d+sN4chcyLgo+H9nuRvaXgXQJHwJietCkzOWd7i7/BPJFQ2JMd7mPJQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNER/HWMqaQQYxz8LRDoJ6NlxpTmMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMFJIOGRZeXBwQkJqSFB3dEVPZ25vMlhHbE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAUnPcAwQA
uWduAwQAuXBSAwQAuXV2AwQAucwBAwQAudSVAwQBudnEAwQAud2jMA0GCSqGSIb3
DQEBCwUAA4IBAQCH5eDgT/lE9Y8ToG2ARL/81xRb62/b6AbiQ1G3PCOmY7EayMVt
lq+jJ23cSQAGQ/EB9HCrIGmKEd4f+3WjdfQuD+KZRe0dYnxQrzAP98LUjpSCz5jr
9ln5GdXH3ZhHChmV6/73RdJX4aZnkKsQ/ri8v5ymz9B1ptTfLDyUVc2HBB66fMC9
K/f78B6HkkawDWLggL/20OJUVJ9MndevaqPHqe6Mq7h+D87uY7lznxReqExmUqKf
/6B7rTgdUt8JHHXWQJjTXI/vDjNQZAm95cgX9tavwwvKvEtW+Rc+rQiHpoXWmpO3
lUZJ3tVwewSz871mN9xlLr3OMsP2GKo1Wdts
-----END CERTIFICATE-----
Generated at Sat May 18 02:41:25 2024 by rpki-client on console-fra.rpki-client.org