Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/9lUTGieZH2wyOEEnbtMVDbLVTzs.roa
File: 9lUTGieZH2wyOEEnbtMVDbLVTzs.roa (raw, json)
Hash identifier: F1DO8Wnm1SVnAA4bkDbqYcLvaSQssFJU0WrnI52Q8Fs=
Subject key identifier: F6:55:13:1A:27:99:1F:6C:32:38:41:27:6E:D3:15:0D:B2:D5:4F:3B
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DAC6326D31DFCC512E27511EB21ACD
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/9lUTGieZH2wyOEEnbtMVDbLVTzs.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60675
IP address blocks: 185.114.84.0/22 maxlen: 24
185.252.8.0/24 maxlen: 24
185.252.10.0/24 maxlen: 24
185.252.9.0/24 maxlen: 24
185.252.11.0/24 maxlen: 24
185.252.8.0/22 maxlen: 24
185.142.192.0/22 maxlen: 24
185.27.136.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c6:32:6d:31:df:cc:51:2e:27:51:1e:b2:1a:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f655131a27991f6c323841276ed3150db2d54f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:77:fb:da:86:6a:60:b2:01:dc:5a:50:f5:af:
92:46:c7:29:6d:9b:97:09:0f:0f:39:69:f3:54:bf:
8a:f6:2f:b1:ad:ae:a1:7a:33:ed:a3:39:f8:05:b3:
64:26:8b:00:62:42:40:81:48:1d:2e:8e:3c:85:95:
b2:01:d7:00:d8:f6:ca:6a:d9:30:09:17:25:7e:1e:
29:76:fb:7f:ee:bd:9c:c5:1d:74:f5:63:2c:da:a1:
14:3e:76:50:2b:12:b1:d0:a4:e2:61:13:75:fe:51:
bf:17:70:63:e8:64:03:f0:9e:03:10:2d:87:75:20:
1f:9e:d6:00:47:6c:29:4e:1d:43:8b:e2:55:f3:69:
71:6e:4e:61:28:93:ab:d2:48:e2:15:97:66:be:3a:
9b:22:c6:8d:b5:20:88:09:fb:50:2c:1c:37:21:59:
3e:a8:e6:20:06:e3:10:b6:7d:c9:2e:89:e4:93:c1:
d7:a7:31:3e:8e:fe:48:df:82:ab:73:70:71:8d:de:
40:ac:56:bb:b6:b5:45:3f:2a:ca:f1:f3:41:24:66:
59:9d:9b:a8:3a:ea:73:80:19:15:f1:56:8e:c3:cf:
79:0f:bc:bc:06:dc:8a:be:7d:77:ea:f1:3f:f8:34:
67:c9:34:35:6e:7d:2f:c0:ea:a5:8b:91:a1:a7:f9:
aa:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:55:13:1A:27:99:1F:6C:32:38:41:27:6E:D3:15:0D:B2:D5:4F:3B
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/9lUTGieZH2wyOEEnbtMVDbLVTzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.136.0/22
185.114.84.0/22
185.142.192.0/22
185.252.8.0/22
Signature Algorithm: sha256WithRSAEncryption
86:f5:cb:4c:e1:4b:66:1c:7f:c8:eb:c1:75:cd:44:da:40:f5:
4f:49:46:a8:80:6d:ec:fc:a2:13:c4:c1:c8:4a:9a:8f:da:c0:
88:02:e5:b0:ca:95:b7:82:5d:11:73:0c:cb:f2:56:94:9b:35:
a1:ed:cf:c4:dc:cb:74:8d:c1:b7:a9:b5:00:3c:c7:ee:b7:c1:
9e:ac:4d:fb:30:ce:97:5b:2f:ca:fc:68:b7:5b:2f:e7:a0:02:
f4:62:ea:99:30:49:ae:69:19:d8:b4:d8:09:69:05:ee:9c:ff:
05:57:82:6a:59:75:a9:b2:9c:c1:aa:98:30:fd:22:e0:7b:88:
b2:f4:27:30:d3:9f:a3:46:27:12:be:19:59:71:18:a0:9c:c8:
b6:31:91:15:f8:03:8b:d9:05:57:e9:51:b2:f5:c3:3a:a5:86:
a6:bd:4d:83:28:b0:67:06:d0:7e:f0:7f:26:86:fa:82:83:ce:
9b:f0:dc:cb:ee:3d:ad:21:97:9e:72:02:f5:b5:cf:33:10:99:
25:9d:a3:63:b3:ce:02:c3:d8:65:66:b6:21:41:6a:92:f5:2b:
bd:ce:24:1c:0c:84:cb:3e:d0:45:be:f5:8d:6d:e0:2b:3d:ad:
6b:50:c8:b2:a1:0d:e1:25:ff:3e:1a:b6:2e:df:c9:17:97:11:
c9:0e:6e:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2sYybTHfzFEuJ1EeshrNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjU1MTMxYTI3OTkxZjZjMzIzODQxMjc2ZWQzMTUwZGIyZDU0ZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3f72oZqYLIB3FpQ9a+SRscpbZuX
CQ8POWnzVL+K9i+xra6hejPtozn4BbNkJosAYkJAgUgdLo48hZWyAdcA2PbKatkw
CRclfh4pdvt/7r2cxR109WMs2qEUPnZQKxKx0KTiYRN1/lG/F3Bj6GQD8J4DEC2H
dSAfntYAR2wpTh1Di+JV82lxbk5hKJOr0kjiFZdmvjqbIsaNtSCICftQLBw3IVk+
qOYgBuMQtn3JLonkk8HXpzE+jv5I34Krc3Bxjd5ArFa7trVFPyrK8fNBJGZZnZuo
OupzgBkV8VaOw895D7y8BtyKvn136vE/+DRnyTQ1bn0vwOqli5Ghp/mq2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPZVExonmR9sMjhBJ27TFQ2y1U87MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvOWxVVEdpZVpIMnd5T0VFbmJ0TVZEYkxWVHpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuRuIAwQC
uXJUAwQCuY7AAwQCufwIMA0GCSqGSIb3DQEBCwUAA4IBAQCG9ctM4UtmHH/I68F1
zUTaQPVPSUaogG3s/KITxMHISpqP2sCIAuWwypW3gl0RcwzL8laUmzWh7c/E3Mt0
jcG3qbUAPMfut8GerE37MM6XWy/K/Gi3Wy/noAL0YuqZMEmuaRnYtNgJaQXunP8F
V4JqWXWpspzBqpgw/SLge4iy9Ccw05+jRicSvhlZcRignMi2MZEV+AOL2QVX6VGy
9cM6pYamvU2DKLBnBtB+8H8mhvqCg86b8NzL7j2tIZeecgL1tc8zEJklnaNjs84C
w9hlZrYhQWqS9Su9ziQcDITLPtBFvvWNbeArPa1rUMiyoQ3hJf8+GrYu38kXlxHJ
Dm4d
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:34 2024 by rpki-client on console-fra.rpki-client.org