Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/kCg9WFKo3GKon-AvXzKjrVj2YVU.roa
File: kCg9WFKo3GKon-AvXzKjrVj2YVU.roa (raw, json)
Hash identifier: 9rdBOn9rDBOONIOIiYQ9srUByIIvYKf8KYO2fcsNd/I=
Subject key identifier: 90:28:3D:58:52:A8:DC:62:A8:9F:E0:2F:5F:32:A3:AD:58:F6:61:55
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 018CC5DC4C8836BB43A19F10BED13DF87C6F
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/kCg9WFKo3GKon-AvXzKjrVj2YVU.roa
Signing time: Mon 01 Jan 2024 16:29:58 +0000
ROA not before: Mon 01 Jan 2024 16:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43494
IP address blocks: 185.89.244.0/23 maxlen: 23
185.89.246.0/23 maxlen: 23
212.158.176.0/24 maxlen: 24
78.40.2.0/23 maxlen: 23
78.40.4.0/22 maxlen: 22
185.86.236.0/24 maxlen: 24
185.86.236.0/22 maxlen: 24
2a00:a9c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 13:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4c:88:36:bb:43:a1:9f:10:be:d1:3d:f8:7c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Jan 1 16:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90283d5852a8dc62a89fe02f5f32a3ad58f66155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a6:fe:12:6d:55:34:8f:55:f0:84:dd:c5:7c:
0f:b3:7c:d9:2e:8c:db:c4:03:a4:41:b4:6a:69:a4:
58:d9:59:b3:b9:12:c1:54:ae:01:1c:41:ce:5d:b9:
06:70:2c:8b:08:ba:fd:be:63:8b:f5:1a:61:81:d4:
48:98:e0:d2:50:79:a5:c9:39:6b:45:18:f9:de:57:
60:d8:65:54:c2:f9:a7:6c:41:93:8d:1d:87:da:f1:
39:a2:78:c7:f5:e2:3e:0b:d5:53:54:81:40:22:8b:
f4:af:a4:bc:fe:9e:2c:d0:50:c9:e2:51:97:2e:53:
1f:0d:7e:5c:62:c3:a5:1a:16:2d:0a:b2:21:6d:4b:
4b:6a:af:bd:c3:3d:e8:cd:87:9c:b3:3d:d9:81:ab:
be:a5:43:b2:83:76:71:cf:50:36:ef:c1:78:06:43:
10:f5:4c:a9:17:4e:0f:f2:62:5c:0d:5a:01:c9:87:
77:5c:e3:6d:37:a3:b9:f9:9f:7e:e7:ff:ff:22:3e:
eb:92:68:74:42:f4:8a:28:16:2b:96:7b:9d:4b:45:
6b:f5:7e:17:89:70:dc:39:b9:e6:62:7a:da:a2:dd:
a6:a5:dc:af:74:49:b3:99:1d:7f:6e:dc:cf:78:81:
87:f9:5b:43:1b:ef:6b:b2:a7:c1:55:73:94:0f:6c:
41:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:28:3D:58:52:A8:DC:62:A8:9F:E0:2F:5F:32:A3:AD:58:F6:61:55
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/kCg9WFKo3GKon-AvXzKjrVj2YVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.2.0-78.40.7.255
185.86.236.0/22
185.89.244.0/22
212.158.176.0/24
IPv6:
2a00:a9c0::/32
Signature Algorithm: sha256WithRSAEncryption
ad:d9:51:93:5b:97:e9:2d:e6:a7:25:cd:db:20:20:b9:28:f8:
f1:b2:fb:e4:0b:90:bc:e3:a1:5a:a7:18:c4:8c:50:a1:41:47:
6d:2b:5d:e0:df:97:6a:4c:9a:60:04:1c:6a:7a:7a:6d:7c:5a:
d0:ae:2d:6d:59:d5:ec:64:38:33:ad:d6:5c:c7:bf:44:54:20:
96:77:e4:33:2e:8e:1f:ab:2e:10:74:b8:79:4e:9f:d1:78:ec:
22:55:1e:d8:4d:bd:2f:69:c4:e6:c6:d1:80:b6:60:ef:7d:31:
19:27:30:07:e5:7b:1b:59:5b:53:42:49:e4:8e:52:d0:44:d0:
2f:5b:ea:02:75:52:ec:a0:bd:f1:f2:1a:75:e2:55:4e:04:89:
c0:93:c5:ac:f7:d0:d8:3c:4d:16:45:9e:fa:34:f9:f8:8a:49:
d0:f1:70:f4:11:2d:af:13:c8:09:e7:ff:df:e8:2f:bd:5d:44:
13:af:18:7e:f6:d8:a4:a0:3d:70:4b:53:28:2a:49:43:5f:fc:
e4:8d:4c:18:03:f5:3f:11:f5:55:cc:da:d7:19:10:c0:b3:2b:
7c:67:0d:df:60:ba:fe:46:92:30:7e:07:1b:82:49:c3:59:2d:
89:c2:2d:23:d3:57:b7:04:0a:2d:c0:6d:77:16:3a:43:25:4b:
bf:26:e0:cb
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzF3EyINrtDoZ8QvtE9+HxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDI4M2Q1ODUyYThkYzYyYTg5ZmUwMmY1ZjMyYTNhZDU4ZjY2MTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKb+Em1VNI9V8ITdxXwPs3zZLozb
xAOkQbRqaaRY2VmzuRLBVK4BHEHOXbkGcCyLCLr9vmOL9RphgdRImODSUHmlyTlr
RRj53ldg2GVUwvmnbEGTjR2H2vE5onjH9eI+C9VTVIFAIov0r6S8/p4s0FDJ4lGX
LlMfDX5cYsOlGhYtCrIhbUtLaq+9wz3ozYecsz3Zgau+pUOyg3Zxz1A278F4BkMQ
9UypF04P8mJcDVoByYd3XONtN6O5+Z9+5///Ij7rkmh0QvSKKBYrlnudS0Vr9X4X
iXDcObnmYnraot2mpdyvdEmzmR1/btzPeIGH+VtDG+9rsqfBVXOUD2xB8QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJAoPVhSqNxiqJ/gL18yo61Y9mFVMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEva0NnOVdGS28zR0tvbi1Bdlh6S2pyVmoyWVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAFOKAID
BANOKAADBAK5VuwDBAK5WfQDBADUnrAwDQQCAAIwBwMFACoAqcAwDQYJKoZIhvcN
AQELBQADggEBAK3ZUZNbl+kt5qclzdsgILko+PGy++QLkLzjoVqnGMSMUKFBR20r
XeDfl2pMmmAEHGp6em18WtCuLW1Z1exkODOt1lzHv0RUIJZ35DMujh+rLhB0uHlO
n9F47CJVHthNvS9pxObG0YC2YO99MRknMAflextZW1NCSeSOUtBE0C9b6gJ1Uuyg
vfHyGnXiVU4EicCTxaz30Ng8TRZFnvo0+fiKSdDxcPQRLa8TyAnn/9/oL71dRBOv
GH722KSgPXBLUygqSUNf/OSNTBgD9T8R9VXM2tcZEMCzK3xnDd9guv5GkjB+BxuC
ScNZLYnCLSPTV7cECi3AbXcWOkMlS78m4Ms=
-----END CERTIFICATE-----
Generated at Mon Jul 1 16:03:39 2024 by rpki-client on console-fra.rpki-client.org