Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/4tFdYLLo3zoG5RskmGGWM3dn7eM.roa
File: 4tFdYLLo3zoG5RskmGGWM3dn7eM.roa (raw, json)
Hash identifier: Kkhw65NxTmv4FdRpG85tLNk5Mmy8gEKtJB5z6nNOW88=
Subject key identifier: E2:D1:5D:60:B2:E8:DF:3A:06:E5:1B:24:98:61:96:33:77:67:ED:E3
Certificate issuer: /CN=728c2bfd6bb503a01d018602bda152d734ed56f0
Certificate serial: 018CCA99FB8622355D9150EE10892FDB7A3E
Authority key identifier: 72:8C:2B:FD:6B:B5:03:A0:1D:01:86:02:BD:A1:52:D7:34:ED:56:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/4tFdYLLo3zoG5RskmGGWM3dn7eM.roa
Signing time: Tue 02 Jan 2024 14:35:38 +0000
ROA not before: Tue 02 Jan 2024 14:35:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206521
IP address blocks: 185.183.200.0/24 maxlen: 24
185.183.203.0/24 maxlen: 24
185.183.201.0/24 maxlen: 24
185.183.202.0/24 maxlen: 24
2a0b:1b87::/32 maxlen: 32
2a0b:1b82::/32 maxlen: 32
2a0b:1b81::/32 maxlen: 32
2a0b:1b85::/32 maxlen: 32
2a0b:1b86::/32 maxlen: 32
2a0b:1b84::/32 maxlen: 32
2a0b:1b80::/32 maxlen: 32
2a0b:1b83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/cowr_Wu1A6AdAYYCvaFS1zTtVvA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/cowr_Wu1A6AdAYYCvaFS1zTtVvA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:fb:86:22:35:5d:91:50:ee:10:89:2f:db:7a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=728c2bfd6bb503a01d018602bda152d734ed56f0
Validity
Not Before: Jan 2 14:35:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2d15d60b2e8df3a06e51b24986196337767ede3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:93:e5:80:60:f4:29:7d:64:32:8e:be:c8:fb:
dd:5e:f5:61:ec:f0:49:45:1e:09:b4:f7:30:81:d5:
6d:a8:12:44:9d:f7:7e:e8:99:05:d9:b9:d1:d1:95:
d5:7e:71:db:b2:f0:87:c6:25:52:30:b2:4d:d1:b0:
2c:d6:3e:26:6d:ca:e3:6b:33:e1:74:d4:e9:2f:53:
e3:4b:48:96:03:8b:f7:7c:ca:d0:ce:eb:7d:18:8a:
1f:5e:60:9e:4d:7c:74:8e:a7:43:1e:91:01:61:c3:
34:96:4d:8d:2f:79:d1:c6:f1:21:31:97:e2:6c:b6:
5a:f6:75:2d:44:21:8c:6b:fa:d9:83:24:18:be:fd:
04:26:d0:1f:4f:96:0c:81:ad:83:1c:c3:0b:79:e6:
cf:a7:8b:45:a9:9b:c6:eb:88:02:2a:8e:d4:43:0d:
39:90:89:7c:9f:0e:50:e0:49:af:5c:37:62:67:98:
76:0d:b4:90:0f:19:82:0f:90:aa:45:86:21:6a:4b:
29:6e:71:57:7a:50:2e:2a:9c:42:73:44:cb:65:35:
34:79:95:e4:62:79:f8:98:80:f3:64:f2:39:d0:c3:
85:c6:18:3b:eb:e9:c2:6f:cd:fe:f0:18:41:7e:cc:
a4:f7:27:79:52:9b:2b:a0:22:fd:97:ff:ce:7e:a1:
a4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D1:5D:60:B2:E8:DF:3A:06:E5:1B:24:98:61:96:33:77:67:ED:E3
X509v3 Authority Key Identifier:
keyid:72:8C:2B:FD:6B:B5:03:A0:1D:01:86:02:BD:A1:52:D7:34:ED:56:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cowr_Wu1A6AdAYYCvaFS1zTtVvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/4tFdYLLo3zoG5RskmGGWM3dn7eM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/67f42e-7062-4112-ad42-9349f10a2649/1/cowr_Wu1A6AdAYYCvaFS1zTtVvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.200.0/22
IPv6:
2a0b:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
d8:37:c1:71:df:f6:69:52:80:97:fb:74:d7:89:c8:34:73:12:
4a:7e:47:ea:7b:c0:56:2e:10:6e:2e:fb:42:4b:df:bd:a8:e5:
5d:b8:ee:7c:54:4a:95:91:e2:46:9b:10:ae:63:c4:50:84:81:
98:20:42:45:39:3e:01:1d:92:74:49:ea:1f:64:5b:fc:08:96:
da:34:96:b6:16:8e:62:ee:62:61:78:c3:95:6b:49:72:c4:77:
c0:02:57:b4:19:1b:9d:4f:de:36:9f:2f:a2:9e:92:64:11:93:
6c:4a:46:7f:5c:91:bc:51:d9:ea:ec:d0:a1:ed:d2:c1:d7:cd:
4b:e9:9b:24:90:7b:a1:4f:65:ae:d9:4e:98:a0:56:ff:64:da:
4f:ae:a7:0a:d3:10:8e:f0:97:0b:ee:0c:4d:45:1a:dc:74:0d:
ee:6a:d0:a8:cf:16:0b:b3:b6:e2:3c:88:4f:ad:0a:4a:ef:0d:
e7:79:2b:6c:2f:76:c9:db:98:a1:44:a5:8b:6f:76:80:5f:98:
c6:1a:eb:1f:f9:71:b5:b2:f9:53:6d:d5:27:db:b3:5e:78:17:
0a:7a:cd:3a:c5:c2:2f:94:15:4e:fe:71:24:a8:1c:3a:b1:76:
49:a9:5b:d6:1e:29:f4:2f:fb:aa:fd:a2:e8:92:8d:a5:06:42:
8d:9c:03:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKmfuGIjVdkVDuEIkv23o+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOGMyYmZkNmJiNTAzYTAxZDAxODYwMmJkYTE1MmQ3MzRl
ZDU2ZjAwHhcNMjQwMTAyMTQzNTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQxNWQ2MGIyZThkZjNhMDZlNTFiMjQ5ODYxOTYzMzc3NjdlZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpPlgGD0KX1kMo6+yPvdXvVh7PBJ
RR4JtPcwgdVtqBJEnfd+6JkF2bnR0ZXVfnHbsvCHxiVSMLJN0bAs1j4mbcrjazPh
dNTpL1PjS0iWA4v3fMrQzut9GIofXmCeTXx0jqdDHpEBYcM0lk2NL3nRxvEhMZfi
bLZa9nUtRCGMa/rZgyQYvv0EJtAfT5YMga2DHMMLeebPp4tFqZvG64gCKo7UQw05
kIl8nw5Q4EmvXDdiZ5h2DbSQDxmCD5CqRYYhakspbnFXelAuKpxCc0TLZTU0eZXk
Ynn4mIDzZPI50MOFxhg76+nCb83+8BhBfsyk9yd5UpsroCL9l//OfqGk9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOLRXWCy6N86BuUbJJhhljN3Z+3jMB8GA1UdIwQY
MBaAFHKMK/1rtQOgHQGGAr2hUtc07VbwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY293cl9XdTFBNkFkQVlZQ3ZhRlMxelR0VnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS82N2Y0MmUtNzA2Mi00MTEyLWFkNDIt
OTM0OWYxMGEyNjQ5LzEvNHRGZFlMTG8zem9HNVJza21HR1dNM2RuN2VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS82N2Y0MmUtNzA2Mi00MTEyLWFkNDItOTM0OWYxMGEyNjQ5
LzEvY293cl9XdTFBNkFkQVlZQ3ZhRlMxelR0VnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubfIMA0E
AgACMAcDBQMqCxuAMA0GCSqGSIb3DQEBCwUAA4IBAQDYN8Fx3/ZpUoCX+3TXicg0
cxJKfkfqe8BWLhBuLvtCS9+9qOVduO58VEqVkeJGmxCuY8RQhIGYIEJFOT4BHZJ0
SeofZFv8CJbaNJa2Fo5i7mJheMOVa0lyxHfAAle0GRudT942ny+inpJkEZNsSkZ/
XJG8Udnq7NCh7dLB181L6ZskkHuhT2Wu2U6YoFb/ZNpPrqcK0xCO8JcL7gxNRRrc
dA3uatCozxYLs7biPIhPrQpK7w3neStsL3bJ25ihRKWLb3aAX5jGGusf+XG1svlT
bdUn27NeeBcKes06xcIvlBVO/nEkqBw6sXZJqVvWHin0L/uq/aLoko2lBkKNnAMZ
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:13:20 2024 by rpki-client on console-ams.rpki-client.org