Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/8-SSKcxVuy2cPlbCL8eEPtDgcAE.roa
File: 8-SSKcxVuy2cPlbCL8eEPtDgcAE.roa (raw, json)
Hash identifier: 6oUQZixCwRDBK21OaKvUy+1xFH2n1mGFDAbknCCEHRY=
Subject key identifier: F3:E4:92:29:CC:55:BB:2D:9C:3E:56:C2:2F:C7:84:3E:D0:E0:70:01
Certificate issuer: /CN=ee0644f70621dd4a24a78b67b4602948573758c0
Certificate serial: 01931502215D5ACA109EA4ED32244E208D63
Authority key identifier: EE:06:44:F7:06:21:DD:4A:24:A7:8B:67:B4:60:29:48:57:37:58:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7gZE9wYh3Uokp4tntGApSFc3WMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/8-SSKcxVuy2cPlbCL8eEPtDgcAE.roa
Signing time: Sun 10 Nov 2024 07:38:01 +0000
ROA not before: Sun 10 Nov 2024 07:38:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50749
IP address blocks: 185.134.96.0/22 maxlen: 22
185.202.56.0/22 maxlen: 22
185.202.56.0/24 maxlen: 24
185.202.57.0/24 maxlen: 24
185.202.58.0/24 maxlen: 24
185.202.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/7gZE9wYh3Uokp4tntGApSFc3WMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/7gZE9wYh3Uokp4tntGApSFc3WMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7gZE9wYh3Uokp4tntGApSFc3WMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:15:02:21:5d:5a:ca:10:9e:a4:ed:32:24:4e:20:8d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee0644f70621dd4a24a78b67b4602948573758c0
Validity
Not Before: Nov 10 07:38:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3e49229cc55bb2d9c3e56c22fc7843ed0e07001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:78:c5:a3:29:8a:2e:52:39:52:59:b5:0b:45:
f3:ac:f7:b9:35:f9:9d:1c:e9:fa:2c:fe:b6:71:0b:
ff:f2:17:f9:f0:73:f2:fc:9e:6c:44:8a:fe:05:00:
82:34:56:6e:ce:2d:bb:64:13:48:24:3e:36:c6:3e:
d1:21:c0:19:4d:34:5a:66:c7:d2:d7:c8:53:20:7a:
b1:ed:ed:d7:42:29:76:1e:b7:03:8f:41:2c:b1:c8:
56:27:f5:19:bb:c1:8a:98:d6:11:f1:e3:c4:38:4b:
d0:10:fa:f8:9b:a0:fa:f9:4e:15:49:e5:18:f1:33:
36:3a:11:15:06:23:ed:a2:3f:fd:e9:13:de:40:02:
fa:80:3b:05:0c:bf:9f:c4:fe:e6:8e:da:f4:cb:21:
70:23:c8:f0:91:c1:05:c7:f7:01:43:d1:92:c7:e2:
88:18:c5:64:f9:ae:fe:e0:ee:f8:fc:00:86:b7:63:
25:07:82:79:97:9e:3e:ad:53:d2:6a:62:b0:30:73:
a2:0b:0b:37:e9:62:6f:1a:f1:ee:fc:b9:f9:25:c8:
05:f7:47:0a:fd:d8:74:1a:f7:9e:e1:b2:f6:9f:f9:
53:d7:e5:56:e3:22:9d:5d:96:39:95:42:a4:7a:cc:
44:b0:a5:20:48:ab:6d:65:19:c8:36:7a:d4:de:cf:
24:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E4:92:29:CC:55:BB:2D:9C:3E:56:C2:2F:C7:84:3E:D0:E0:70:01
X509v3 Authority Key Identifier:
keyid:EE:06:44:F7:06:21:DD:4A:24:A7:8B:67:B4:60:29:48:57:37:58:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gZE9wYh3Uokp4tntGApSFc3WMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/8-SSKcxVuy2cPlbCL8eEPtDgcAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/02dac3-39eb-469c-acc9-00cd5ec00d11/1/7gZE9wYh3Uokp4tntGApSFc3WMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.96.0/22
185.202.56.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:12:fa:d7:11:5f:d6:0f:6d:b5:b3:3b:00:23:ff:88:c1:c6:
ec:4b:e4:33:c7:56:21:58:bd:12:e8:28:84:21:14:1e:d2:a6:
7f:40:f8:dc:87:d1:c8:3d:fe:88:9b:52:a8:18:36:42:73:5c:
fb:83:24:01:0e:51:b4:35:34:bd:90:02:7a:e2:b1:b3:51:56:
fc:2d:0c:f6:15:90:32:39:ad:95:a4:89:3f:79:61:0e:0a:5f:
87:4d:47:7a:bb:c0:c3:f1:f6:cf:6d:a5:3e:89:24:b3:4e:76:
99:1d:f9:de:74:dc:a1:b0:ca:ac:ac:31:9b:2f:55:f5:e7:ba:
e7:29:be:67:13:97:ba:34:8f:70:85:c6:e6:d8:42:a3:1b:9a:
75:58:94:9f:b4:8e:07:f3:52:3c:f7:b3:b6:49:38:8f:37:84:
65:ae:6a:11:f1:5e:fc:61:f9:a3:8b:85:ff:ca:35:c8:52:e7:
6a:66:9b:73:66:93:08:39:22:e0:15:34:41:a7:00:17:a1:48:
6a:75:86:1b:fe:d9:36:73:35:b9:f5:20:bc:ca:99:01:77:6c:
e1:a4:b5:98:1e:f5:95:ee:48:4d:ae:74:1c:68:32:63:9a:58:
97:be:23:82:3b:ab:dd:f0:87:90:00:31:5d:03:16:4b:ae:e9:
e9:2b:9d:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMVAiFdWsoQnqTtMiROII1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDY0NGY3MDYyMWRkNGEyNGE3OGI2N2I0NjAyOTQ4NTcz
NzU4YzAwHhcNMjQxMTEwMDczODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2U0OTIyOWNjNTViYjJkOWMzZTU2YzIyZmM3ODQzZWQwZTA3MDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HjFoymKLlI5Ulm1C0XzrPe5Nfmd
HOn6LP62cQv/8hf58HPy/J5sRIr+BQCCNFZuzi27ZBNIJD42xj7RIcAZTTRaZsfS
18hTIHqx7e3XQil2HrcDj0EsschWJ/UZu8GKmNYR8ePEOEvQEPr4m6D6+U4VSeUY
8TM2OhEVBiPtoj/96RPeQAL6gDsFDL+fxP7mjtr0yyFwI8jwkcEFx/cBQ9GSx+KI
GMVk+a7+4O74/ACGt2MlB4J5l54+rVPSamKwMHOiCws36WJvGvHu/Ln5JcgF90cK
/dh0Gvee4bL2n/lT1+VW4yKdXZY5lUKkesxEsKUgSKttZRnINnrU3s8kjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPPkkinMVbstnD5Wwi/HhD7Q4HABMB8GA1UdIwQY
MBaAFO4GRPcGId1KJKeLZ7RgKUhXN1jAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2daRTl3WWgzVW9rcDR0bnRHQXBTRmMzV01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8wMmRhYzMtMzllYi00NjljLWFjYzkt
MDBjZDVlYzAwZDExLzEvOC1TU0tjeFZ1eTJjUGxiQ0w4ZUVQdERnY0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8wMmRhYzMtMzllYi00NjljLWFjYzktMDBjZDVlYzAwZDEx
LzEvN2daRTl3WWgzVW9rcDR0bnRHQXBTRmMzV01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYZgAwQC
uco4MA0GCSqGSIb3DQEBCwUAA4IBAQAPEvrXEV/WD221szsAI/+IwcbsS+Qzx1Yh
WL0S6CiEIRQe0qZ/QPjch9HIPf6Im1KoGDZCc1z7gyQBDlG0NTS9kAJ64rGzUVb8
LQz2FZAyOa2VpIk/eWEOCl+HTUd6u8DD8fbPbaU+iSSzTnaZHfnedNyhsMqsrDGb
L1X157rnKb5nE5e6NI9whcbm2EKjG5p1WJSftI4H81I897O2STiPN4RlrmoR8V78
Yfmji4X/yjXIUudqZptzZpMIOSLgFTRBpwAXoUhqdYYb/tk2czW59SC8ypkBd2zh
pLWYHvWV7khNrnQcaDJjmliXviOCO6vd8IeQADFdAxZLrunpK53U
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:13:17 2024 by rpki-client on console-ams.rpki-client.org