Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Yg9z9ZSqkXoJHtWkPeDTAbdT1yw.roa
File: Yg9z9ZSqkXoJHtWkPeDTAbdT1yw.roa (raw, json)
Hash identifier: F2u463XZL4/wc/bv8W6viGDUgsR0yhVHEjU9P2pixjs=
Subject key identifier: 62:0F:73:F5:94:AA:91:7A:09:1E:D5:A4:3D:E0:D3:01:B7:53:D7:2C
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DAC0AC5DFF034498E9E6DD0125266A
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Yg9z9ZSqkXoJHtWkPeDTAbdT1yw.roa
Signing time: Mon 01 Jan 2024 02:29:25 +0000
ROA not before: Mon 01 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43160
IP address blocks: 185.44.233.0/24 maxlen: 24
185.130.24.0/23 maxlen: 24
185.130.26.0/23 maxlen: 24
185.235.103.0/24 maxlen: 24
185.202.166.0/23 maxlen: 24
185.196.202.0/23 maxlen: 24
185.196.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c0:ac:5d:ff:03:44:98:e9:e6:dd:01:25:26:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=620f73f594aa917a091ed5a43de0d301b753d72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ab:4c:5c:c2:be:a0:47:3d:0e:2b:ea:b2:33:
ad:32:93:64:bd:e3:1b:31:96:ec:80:3f:73:c4:33:
c8:0f:fb:2a:c2:ba:75:38:97:96:e3:d5:b9:25:98:
a9:77:e6:5b:b2:76:73:9f:db:ef:5f:f0:33:67:3f:
4b:32:53:2f:4b:d0:09:cb:36:6a:f9:9a:91:96:a5:
5c:6b:46:d8:c1:ac:bc:45:6c:e0:98:9a:a9:57:66:
a6:ae:1f:3c:96:5a:bb:d4:52:aa:b2:a6:4d:02:14:
e2:29:2e:f5:53:52:a7:f9:05:6f:87:93:e4:e2:22:
62:cb:34:73:4c:35:e1:fc:75:ae:5e:c4:3c:7b:35:
b4:b6:d8:6a:f3:af:f1:da:4a:94:93:55:7e:94:e4:
8a:96:b3:26:87:3b:46:3d:d6:cf:36:d4:94:6f:64:
10:8b:04:25:0d:13:5c:26:5c:24:a5:14:b4:61:57:
c6:91:0f:02:d6:bf:d5:49:ac:2e:b5:28:2c:99:02:
2d:d0:c2:a9:6d:33:cd:d9:31:ef:b9:7c:1b:da:50:
04:a1:2c:aa:9e:8c:8e:56:6a:85:ae:22:57:4b:97:
5f:fc:f1:5f:60:90:02:d5:ae:6f:4a:c2:68:2f:ef:
68:b1:2f:c5:1f:6a:32:8f:bd:87:df:c7:be:8d:b1:
c6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0F:73:F5:94:AA:91:7A:09:1E:D5:A4:3D:E0:D3:01:B7:53:D7:2C
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Yg9z9ZSqkXoJHtWkPeDTAbdT1yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.233.0/24
185.130.24.0/22
185.196.202.0/23
185.202.166.0/23
185.235.103.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:f0:37:71:37:da:a9:1d:f8:95:5e:46:15:22:c3:01:8f:1f:
10:92:a9:b5:3f:58:57:ad:bb:83:86:8f:ec:06:d1:c3:b7:d8:
b9:a2:2d:bf:7d:9a:fc:7a:b3:0b:56:8a:b5:83:ef:51:5e:ff:
91:06:b4:24:90:1d:90:6e:e0:9a:fe:b4:91:a7:52:3c:9c:a4:
53:df:76:20:a7:ac:d7:24:70:b8:4a:5d:b6:5b:99:1b:89:2f:
e0:f5:12:6d:e7:7c:ad:c5:c1:d1:62:01:0c:e7:bc:92:0a:35:
4f:8b:0d:a6:a8:dc:7e:48:58:fe:c5:10:5b:cc:7f:69:b4:38:
a2:43:11:b0:b7:39:43:a2:36:32:99:8e:c5:78:4c:44:73:47:
36:93:f3:40:a0:64:ee:92:bf:72:80:8f:70:54:52:90:b2:72:
27:9a:02:e0:ec:b4:2f:3f:78:63:e9:51:cf:c1:a5:5c:3c:ee:
62:df:6b:23:42:04:53:94:ab:ff:ac:88:a8:73:59:87:e3:e0:
d5:9b:ba:26:79:17:e2:9a:82:fa:a1:a5:10:ef:aa:80:ab:b2:
f2:12:53:0e:74:54:52:6a:ac:89:1a:57:9f:6a:41:a7:9a:e5:
73:cf:0c:41:bd:07:25:ba:30:2a:51:08:b8:10:19:b3:ac:21:
e9:f6:a3:0c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzC2sCsXf8DRJjp5t0BJSZqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBmNzNmNTk0YWE5MTdhMDkxZWQ1YTQzZGUwZDMwMWI3NTNkNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6tMXMK+oEc9DivqsjOtMpNkveMb
MZbsgD9zxDPID/sqwrp1OJeW49W5JZipd+ZbsnZzn9vvX/AzZz9LMlMvS9AJyzZq
+ZqRlqVca0bYway8RWzgmJqpV2amrh88llq71FKqsqZNAhTiKS71U1Kn+QVvh5Pk
4iJiyzRzTDXh/HWuXsQ8ezW0tthq86/x2kqUk1V+lOSKlrMmhztGPdbPNtSUb2QQ
iwQlDRNcJlwkpRS0YVfGkQ8C1r/VSawutSgsmQIt0MKpbTPN2THvuXwb2lAEoSyq
noyOVmqFriJXS5df/PFfYJAC1a5vSsJoL+9osS/FH2oyj72H38e+jbHGbQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGIPc/WUqpF6CR7VpD3g0wG3U9csMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWWc5ejlaU3FrWG9KSHRXa1BlRFRBYmRUMXl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuSzpAwQC
uYIYAwQBucTKAwQBucqmAwQAuetnMA0GCSqGSIb3DQEBCwUAA4IBAQCh8DdxN9qp
HfiVXkYVIsMBjx8Qkqm1P1hXrbuDho/sBtHDt9i5oi2/fZr8erMLVoq1g+9RXv+R
BrQkkB2QbuCa/rSRp1I8nKRT33Ygp6zXJHC4Sl22W5kbiS/g9RJt53ytxcHRYgEM
57ySCjVPiw2mqNx+SFj+xRBbzH9ptDiiQxGwtzlDojYymY7FeExEc0c2k/NAoGTu
kr9ygI9wVFKQsnInmgLg7LQvP3hj6VHPwaVcPO5i32sjQgRTlKv/rIioc1mH4+DV
m7omeRfimoL6oaUQ76qAq7LyElMOdFRSaqyJGlefakGnmuVzzwxBvQclujAqUQi4
EBmzrCHp9qMM
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:26:08 2024 by rpki-client on console-ams.rpki-client.org