Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/c27300-fb95-49d4-8657-099bf7343e2c/1/wV2UjY74zZb2PKv9bXe2PDCGD6Q.roa
File: wV2UjY74zZb2PKv9bXe2PDCGD6Q.roa (raw, json)
Hash identifier: 2f6qtr3MQx2KiQv680F2aCkhgNIy0jK50iFJBxe2vkM=
Subject key identifier: C1:5D:94:8D:8E:F8:CD:96:F6:3C:AB:FD:6D:77:B6:3C:30:86:0F:A4
Certificate issuer: /CN=2445ef0cf2e297489d197370f885d59f89e95aab
Certificate serial: 018CC64B6CECC5770C26EE2C68CD97D7B4C7
Authority key identifier: 24:45:EF:0C:F2:E2:97:48:9D:19:73:70:F8:85:D5:9F:89:E9:5A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JEXvDPLil0idGXNw-IXVn4npWqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/c27300-fb95-49d4-8657-099bf7343e2c/1/wV2UjY74zZb2PKv9bXe2PDCGD6Q.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206596
IP address blocks: 185.181.181.0/24 maxlen: 24
185.181.180.128/25 maxlen: 25
185.181.182.0/23 maxlen: 23
185.181.182.0/24 maxlen: 24
185.181.180.0/25 maxlen: 25
185.181.180.0/24 maxlen: 24
185.181.180.0/23 maxlen: 23
185.181.183.0/24 maxlen: 24
185.181.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/c27300-fb95-49d4-8657-099bf7343e2c/1/JEXvDPLil0idGXNw-IXVn4npWqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/c27300-fb95-49d4-8657-099bf7343e2c/1/JEXvDPLil0idGXNw-IXVn4npWqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/JEXvDPLil0idGXNw-IXVn4npWqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6c:ec:c5:77:0c:26:ee:2c:68:cd:97:d7:b4:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2445ef0cf2e297489d197370f885d59f89e95aab
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c15d948d8ef8cd96f63cabfd6d77b63c30860fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:77:2d:4a:de:14:44:e2:f5:16:85:a1:56:22:
d9:33:f8:76:3a:45:39:2f:da:5e:eb:a1:57:30:d5:
88:13:70:ba:28:3e:00:39:22:a3:35:b2:dc:a3:7b:
f0:6f:98:eb:a3:58:1f:88:c3:da:92:ad:e9:eb:e7:
2a:13:f9:77:98:00:47:44:4a:34:69:b4:c4:41:d0:
2e:15:83:6c:a2:ab:ea:1b:ef:32:f2:20:fb:e5:06:
c7:a1:2d:a4:b9:7d:76:3a:2b:f1:bc:fd:78:cc:9e:
4d:94:c3:f3:20:29:07:02:a5:87:d0:2b:5e:30:1c:
ea:24:b6:1c:8f:f8:e4:fa:51:30:76:4b:83:89:36:
91:01:65:94:eb:33:25:ae:87:dd:46:76:82:0f:4b:
da:23:c5:f9:62:6f:f9:c2:73:ac:2f:0e:73:aa:eb:
dd:31:42:e0:fb:77:c0:51:a1:8b:35:35:44:24:eb:
a3:2d:94:76:23:f7:69:60:ac:59:13:3b:e7:70:96:
fc:71:55:fa:93:96:f4:cf:94:cd:bf:58:4a:98:82:
28:31:37:5a:55:11:26:cd:ed:c7:d2:48:05:6c:de:
ca:ea:8f:6c:78:80:fd:3a:a1:9a:24:57:21:ec:0a:
89:ad:a0:7b:34:8a:f7:0d:dc:ff:98:af:fa:14:1b:
a9:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:5D:94:8D:8E:F8:CD:96:F6:3C:AB:FD:6D:77:B6:3C:30:86:0F:A4
X509v3 Authority Key Identifier:
keyid:24:45:EF:0C:F2:E2:97:48:9D:19:73:70:F8:85:D5:9F:89:E9:5A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JEXvDPLil0idGXNw-IXVn4npWqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c27300-fb95-49d4-8657-099bf7343e2c/1/wV2UjY74zZb2PKv9bXe2PDCGD6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/c27300-fb95-49d4-8657-099bf7343e2c/1/JEXvDPLil0idGXNw-IXVn4npWqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.180.0/22
Signature Algorithm: sha256WithRSAEncryption
19:3a:ba:54:0b:e7:38:57:89:67:3c:7b:be:42:8b:a7:87:7f:
35:c7:6e:76:b8:ef:10:88:a4:02:7d:26:9b:81:95:03:e7:dc:
e6:5e:93:5a:9a:ea:4d:27:6a:f4:2f:7e:0f:e8:ba:45:14:c8:
5a:31:19:6b:fc:4d:5b:06:92:0e:9f:f0:a6:27:e2:71:1e:68:
86:1e:dc:c0:27:fc:09:57:a5:bd:b4:24:8a:55:49:eb:ca:f0:
46:f8:9d:81:0e:92:39:0d:37:6e:af:e6:e7:15:35:18:e0:bb:
8d:c1:e0:a5:eb:a9:a0:29:73:d7:14:ee:19:cc:bb:41:a1:9b:
2f:ff:6a:51:9f:a0:a8:87:3a:d6:50:9b:19:1c:6c:7c:f4:c5:
32:42:3c:9e:10:bd:5c:12:c1:ea:5f:3e:90:7b:0f:01:9a:48:
81:c7:b2:2c:70:b1:a2:f5:8c:4a:f8:9e:9a:40:f5:82:e6:1f:
e7:cb:67:58:24:c6:1d:5f:ff:81:d9:68:69:7a:52:55:2d:6f:
81:48:52:0d:8a:e9:d5:ed:49:01:61:74:a7:c5:a3:16:b9:ed:
bb:32:fb:d8:f4:f9:20:a0:c6:6e:68:b5:e5:ac:f5:a3:5c:da:
df:89:72:83:9c:f9:de:cb:43:17:98:86:de:35:4e:9b:f3:3b:
d0:1e:24:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS2zsxXcMJu4saM2X17THMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NDVlZjBjZjJlMjk3NDg5ZDE5NzM3MGY4ODVkNTlmODll
OTVhYWIwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTVkOTQ4ZDhlZjhjZDk2ZjYzY2FiZmQ2ZDc3YjYzYzMwODYwZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHctSt4UROL1FoWhViLZM/h2OkU5
L9pe66FXMNWIE3C6KD4AOSKjNbLco3vwb5jro1gfiMPakq3p6+cqE/l3mABHREo0
abTEQdAuFYNsoqvqG+8y8iD75QbHoS2kuX12OivxvP14zJ5NlMPzICkHAqWH0Cte
MBzqJLYcj/jk+lEwdkuDiTaRAWWU6zMlrofdRnaCD0vaI8X5Ym/5wnOsLw5zquvd
MULg+3fAUaGLNTVEJOujLZR2I/dpYKxZEzvncJb8cVX6k5b0z5TNv1hKmIIoMTda
VREmze3H0kgFbN7K6o9seID9OqGaJFch7AqJraB7NIr3Ddz/mK/6FBup3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFdlI2O+M2W9jyr/W13tjwwhg+kMB8GA1UdIwQY
MBaAFCRF7wzy4pdInRlzcPiF1Z+J6VqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkVYdkRQTGlsMGlkR1hOdy1JWFZuNG5wV3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jMjczMDAtZmI5NS00OWQ0LTg2NTct
MDk5YmY3MzQzZTJjLzEvd1YyVWpZNzR6WmIyUEt2OWJYZTJQRENHRDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jMjczMDAtZmI5NS00OWQ0LTg2NTctMDk5YmY3MzQzZTJj
LzEvSkVYdkRQTGlsMGlkR1hOdy1JWFZuNG5wV3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubW0MA0G
CSqGSIb3DQEBCwUAA4IBAQAZOrpUC+c4V4lnPHu+Qounh381x252uO8QiKQCfSab
gZUD59zmXpNamupNJ2r0L34P6LpFFMhaMRlr/E1bBpIOn/CmJ+JxHmiGHtzAJ/wJ
V6W9tCSKVUnryvBG+J2BDpI5DTdur+bnFTUY4LuNweCl66mgKXPXFO4ZzLtBoZsv
/2pRn6CohzrWUJsZHGx89MUyQjyeEL1cEsHqXz6Qew8BmkiBx7IscLGi9YxK+J6a
QPWC5h/ny2dYJMYdX/+B2WhpelJVLW+BSFINiunV7UkBYXSnxaMWue27MvvY9Pkg
oMZuaLXlrPWjXNrfiXKDnPney0MXmIbeNU6b8zvQHiS6
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:44 2024 by rpki-client on console-fra.rpki-client.org