Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/20WSnyYgzcjdoS3TF282QMymyn8.roa
File: 20WSnyYgzcjdoS3TF282QMymyn8.roa (raw, json)
Hash identifier: I/E02I43fSZDLqDSYQ1VotKnrbMGM2FRRa9rJbspR64=
Subject key identifier: DB:45:92:9F:26:20:CD:C8:DD:A1:2D:D3:17:6F:36:40:CC:A6:CA:7F
Certificate issuer: /CN=a748fbe1d7d3a6aa474de43fa885ce2d091c529b
Certificate serial: 018CC64B6A9B8F76F1904B67358277260454
Authority key identifier: A7:48:FB:E1:D7:D3:A6:AA:47:4D:E4:3F:A8:85:CE:2D:09:1C:52:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/20WSnyYgzcjdoS3TF282QMymyn8.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203206
IP address blocks: 185.204.101.0/24 maxlen: 24
2a10:8407::/32 maxlen: 32
2a10:8405::/32 maxlen: 32
2a10:8406::/32 maxlen: 32
2a10:8400::/29 maxlen: 32
2a10:8404::/32 maxlen: 32
2a10:8403::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/p0j74dfTpqpHTeQ_qIXOLQkcUps.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/p0j74dfTpqpHTeQ_qIXOLQkcUps.mft
rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6a:9b:8f:76:f1:90:4b:67:35:82:77:26:04:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a748fbe1d7d3a6aa474de43fa885ce2d091c529b
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db45929f2620cdc8dda12dd3176f3640cca6ca7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a9:22:71:be:ae:78:fe:2e:3c:d5:58:fa:66:
4f:53:5f:fc:d7:6d:37:7e:a1:4a:fb:59:d7:99:2e:
0e:3a:f9:4e:1e:5e:91:c4:58:14:d8:cf:ff:d3:4c:
eb:e3:2f:b9:e2:d3:69:ce:c1:30:f1:09:da:02:42:
18:2d:29:6c:11:c0:5d:e9:fe:48:b3:72:0a:0b:db:
e1:7c:be:40:b2:26:18:48:04:63:a1:6f:8f:19:20:
77:ac:94:e6:1a:d3:2c:7a:2b:b4:41:a9:a8:d3:64:
b7:d3:9d:92:54:79:8b:28:64:89:56:b0:39:df:69:
b3:d9:08:ea:9f:34:b6:66:07:23:f1:58:f6:ce:bf:
6b:38:2d:be:58:db:4c:d4:dd:9f:4c:ff:41:2f:b3:
0a:3a:f2:91:fb:ed:9a:0d:8c:c4:f8:8f:de:94:ee:
0e:ef:66:21:cc:92:8c:d4:5a:02:53:6e:5f:ff:c8:
50:8b:40:65:c2:a8:be:1a:ff:e1:2b:8a:2e:e7:c0:
4e:f8:11:77:1d:c7:b7:0d:55:67:bd:88:b8:b3:d4:
95:16:94:f1:20:4a:f7:32:d4:88:82:08:d3:b9:b3:
df:6d:37:f7:3d:8b:17:67:49:57:2b:34:a9:5e:00:
11:a3:6f:00:ad:3d:38:9f:2b:43:3f:f3:58:55:83:
fe:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:45:92:9F:26:20:CD:C8:DD:A1:2D:D3:17:6F:36:40:CC:A6:CA:7F
X509v3 Authority Key Identifier:
keyid:A7:48:FB:E1:D7:D3:A6:AA:47:4D:E4:3F:A8:85:CE:2D:09:1C:52:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/20WSnyYgzcjdoS3TF282QMymyn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/p0j74dfTpqpHTeQ_qIXOLQkcUps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.101.0/24
IPv6:
2a10:8400::/29
Signature Algorithm: sha256WithRSAEncryption
06:ef:d8:92:8e:3e:a1:0e:25:8d:ea:06:a1:54:97:dd:42:df:
86:4d:92:4a:a3:19:33:25:1c:60:da:83:7d:e6:b5:9d:85:17:
d9:8f:df:e3:ef:9d:ba:43:b1:e2:5a:01:f2:43:66:85:ea:62:
ef:c5:59:fc:84:10:fc:77:4b:2a:0b:ff:bb:20:79:55:10:31:
11:81:5c:99:7a:fb:7d:a4:50:2d:3d:e0:0d:15:70:40:dc:10:
cb:d8:2d:3e:3f:82:d9:2f:10:f2:b1:7d:c9:c2:7b:88:9c:81:
6a:32:45:12:bd:9e:bc:cd:3b:2b:4c:09:0a:b6:ff:06:35:b2:
76:12:b4:c6:53:23:71:7b:ac:a9:52:1d:13:42:4f:10:69:3f:
a9:a9:58:86:73:59:c7:19:9d:88:b5:6a:85:35:4f:d1:de:e2:
c9:5c:b9:85:30:f8:0c:20:d3:71:4c:d9:2e:35:73:69:a6:dc:
db:64:64:6f:87:13:e5:da:33:66:6a:2b:47:b1:fc:5d:55:21:
5a:e3:cc:a7:9b:db:c9:4f:de:5a:22:0a:ac:a9:50:a6:c6:ea:
a4:0c:73:ee:be:82:23:e5:ba:24:6f:64:b5:19:ad:6f:d5:7a:
cc:87:04:a3:69:6c:53:a3:15:ef:b0:28:97:e2:c6:1c:30:65:
02:72:90:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS2qbj3bxkEtnNYJ3JgRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NDhmYmUxZDdkM2E2YWE0NzRkZTQzZmE4ODVjZTJkMDkx
YzUyOWIwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjQ1OTI5ZjI2MjBjZGM4ZGRhMTJkZDMxNzZmMzY0MGNjYTZjYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKkicb6ueP4uPNVY+mZPU1/81203
fqFK+1nXmS4OOvlOHl6RxFgU2M//00zr4y+54tNpzsEw8QnaAkIYLSlsEcBd6f5I
s3IKC9vhfL5AsiYYSARjoW+PGSB3rJTmGtMseiu0Qamo02S3052SVHmLKGSJVrA5
32mz2QjqnzS2Zgcj8Vj2zr9rOC2+WNtM1N2fTP9BL7MKOvKR++2aDYzE+I/elO4O
72YhzJKM1FoCU25f/8hQi0Blwqi+Gv/hK4ou58BO+BF3Hce3DVVnvYi4s9SVFpTx
IEr3MtSIggjTubPfbTf3PYsXZ0lXKzSpXgARo28ArT04nytDP/NYVYP++wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNtFkp8mIM3I3aEt0xdvNkDMpsp/MB8GA1UdIwQY
MBaAFKdI++HX06aqR03kP6iFzi0JHFKbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDBqNzRkZlRwcXBIVGVRX3FJWE9MUWtjVXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNzIzZDgtZDhjYy00ZTYwLTg1YWIt
NmM5YjVjOWJmYTc1LzEvMjBXU255WWd6Y2pkb1MzVEYyODJRTXlteW44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNzIzZDgtZDhjYy00ZTYwLTg1YWItNmM5YjVjOWJmYTc1
LzEvcDBqNzRkZlRwcXBIVGVRX3FJWE9MUWtjVXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucxlMA0E
AgACMAcDBQMqEIQAMA0GCSqGSIb3DQEBCwUAA4IBAQAG79iSjj6hDiWN6gahVJfd
Qt+GTZJKoxkzJRxg2oN95rWdhRfZj9/j7526Q7HiWgHyQ2aF6mLvxVn8hBD8d0sq
C/+7IHlVEDERgVyZevt9pFAtPeANFXBA3BDL2C0+P4LZLxDysX3JwnuInIFqMkUS
vZ68zTsrTAkKtv8GNbJ2ErTGUyNxe6ypUh0TQk8QaT+pqViGc1nHGZ2ItWqFNU/R
3uLJXLmFMPgMINNxTNkuNXNpptzbZGRvhxPl2jNmaitHsfxdVSFa48ynm9vJT95a
IgqsqVCmxuqkDHPuvoIj5bokb2S1Ga1v1XrMhwSjaWxToxXvsCiX4sYcMGUCcpBL
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:34:45 2024 by rpki-client on console-fra.rpki-client.org