Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/InUkjDoTPtDZuNA2uBiYGNo3WP4.roa
File: InUkjDoTPtDZuNA2uBiYGNo3WP4.roa (raw, json)
Hash identifier: ybhVuVDa6fONdegLODv4tBraCDjeSBdrzz2ben4UE7w=
Subject key identifier: 22:75:24:8C:3A:13:3E:D0:D9:B8:D0:36:B8:18:98:18:DA:37:58:FE
Certificate issuer: /CN=43af2e987d2b63addaa5adc178f31e90d876aaa7
Certificate serial: 018CC5DCD0FEF84229757DEBD7C2B903EB56
Authority key identifier: 43:AF:2E:98:7D:2B:63:AD:DA:A5:AD:C1:78:F3:1E:90:D8:76:AA:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/InUkjDoTPtDZuNA2uBiYGNo3WP4.roa
Signing time: Mon 01 Jan 2024 16:30:32 +0000
ROA not before: Mon 01 Jan 2024 16:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.2.244.0/22 maxlen: 22
185.2.244.0/24 maxlen: 24
185.2.245.0/24 maxlen: 24
185.2.246.0/24 maxlen: 24
185.2.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/Q68umH0rY63apa3BePMekNh2qqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/Q68umH0rY63apa3BePMekNh2qqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:d0:fe:f8:42:29:75:7d:eb:d7:c2:b9:03:eb:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43af2e987d2b63addaa5adc178f31e90d876aaa7
Validity
Not Before: Jan 1 16:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2275248c3a133ed0d9b8d036b8189818da3758fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:76:09:58:be:cc:52:0f:ec:75:93:a2:ff:be:
8b:55:e5:2b:26:04:b4:29:84:4e:fc:ea:cb:7b:01:
e0:0f:ce:93:0e:74:c9:8e:f2:de:e4:4c:18:a1:cd:
8a:20:af:19:35:a5:ec:8f:ff:33:39:de:0a:93:ea:
84:69:6c:74:84:ce:bb:99:e7:ac:08:88:5a:fb:cd:
29:7e:1a:6d:2a:85:48:fa:d3:4d:af:fd:08:78:ec:
9c:a7:78:44:52:61:ee:a2:83:97:34:9c:aa:a6:73:
31:84:3c:90:2f:0c:f1:83:8e:ce:8b:a0:1c:c3:d2:
84:de:8d:76:09:1f:f9:81:6e:59:cd:76:79:df:e7:
36:ae:ab:03:8d:ac:c3:76:0d:d4:10:20:90:7e:bd:
3c:c4:e9:58:21:d3:58:0f:b6:fc:b0:a3:6e:36:85:
d5:fd:79:33:44:f6:60:e1:f0:18:ab:19:1a:f2:73:
74:fa:38:e7:52:e3:a4:f2:eb:c5:77:e0:f6:9d:66:
4b:d4:f0:f6:2f:dd:43:e0:7c:60:a4:6d:d2:9c:ea:
cb:9f:89:e1:e5:35:54:c7:4f:f9:7d:5f:7c:2d:52:
6b:68:96:b1:7c:cf:94:1d:c9:e9:82:2f:dc:c8:a8:
26:80:26:a0:13:07:4b:69:ee:ee:e3:88:42:56:28:
38:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:75:24:8C:3A:13:3E:D0:D9:B8:D0:36:B8:18:98:18:DA:37:58:FE
X509v3 Authority Key Identifier:
keyid:43:AF:2E:98:7D:2B:63:AD:DA:A5:AD:C1:78:F3:1E:90:D8:76:AA:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q68umH0rY63apa3BePMekNh2qqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/InUkjDoTPtDZuNA2uBiYGNo3WP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/668437-97c2-48c2-b7c8-cc7746719406/1/Q68umH0rY63apa3BePMekNh2qqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.244.0/22
Signature Algorithm: sha256WithRSAEncryption
27:86:9a:8b:c2:27:02:59:b5:61:3d:da:e7:ab:c5:15:eb:d0:
b3:7b:e5:a1:64:78:a9:fd:05:69:81:81:2b:03:13:7d:f2:6d:
3a:bf:01:bd:82:9c:d4:f5:0f:d4:7f:dd:1b:e6:c1:8d:9e:8c:
21:00:42:67:4c:ab:03:a6:27:6d:45:a1:0a:9f:ff:31:29:12:
a7:1b:71:1a:f1:c2:07:26:2f:29:95:87:e4:ca:0d:fa:c2:95:
de:0a:75:89:f3:64:f2:8d:fc:12:3b:52:cf:a8:2a:de:85:a0:
3b:9c:94:03:04:27:fc:68:d4:54:a3:ec:31:da:e9:70:ba:82:
2b:95:2e:a5:9e:5e:fc:f8:b6:b8:52:73:e0:6d:4e:13:0e:e9:
d8:d9:80:33:94:94:43:85:f8:6d:55:99:91:c4:1f:da:21:a6:
0d:9c:82:c8:4c:2f:85:78:36:f1:eb:db:86:2f:5b:7e:c8:96:
ba:f0:88:eb:62:ef:e0:23:3c:f6:24:5e:89:f3:17:d0:38:12:
bb:65:29:2e:c3:6d:40:a1:dd:30:bd:56:c5:56:65:1d:b7:31:
2e:74:04:2b:1d:0e:66:db:d1:62:d3:74:04:c7:ee:00:04:90:
1f:ca:6f:54:75:96:49:0b:6e:ca:9a:4f:43:5c:03:69:f3:cf:
7a:92:8c:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3ND++EIpdX3r18K5A+tWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYWYyZTk4N2QyYjYzYWRkYWE1YWRjMTc4ZjMxZTkwZDg3
NmFhYTcwHhcNMjQwMTAxMTYzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjc1MjQ4YzNhMTMzZWQwZDliOGQwMzZiODE4OTgxOGRhMzc1OGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXYJWL7MUg/sdZOi/76LVeUrJgS0
KYRO/OrLewHgD86TDnTJjvLe5EwYoc2KIK8ZNaXsj/8zOd4Kk+qEaWx0hM67mees
CIha+80pfhptKoVI+tNNr/0IeOycp3hEUmHuooOXNJyqpnMxhDyQLwzxg47Oi6Ac
w9KE3o12CR/5gW5ZzXZ53+c2rqsDjazDdg3UECCQfr08xOlYIdNYD7b8sKNuNoXV
/XkzRPZg4fAYqxka8nN0+jjnUuOk8uvFd+D2nWZL1PD2L91D4HxgpG3SnOrLn4nh
5TVUx0/5fV98LVJraJaxfM+UHcnpgi/cyKgmgCagEwdLae7u44hCVig4LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJ1JIw6Ez7Q2bjQNrgYmBjaN1j+MB8GA1UdIwQY
MBaAFEOvLph9K2Ot2qWtwXjzHpDYdqqnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTY4dW1IMHJZNjNhcGEzQmVQTWVrTmgycXFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82Njg0MzctOTdjMi00OGMyLWI3Yzgt
Y2M3NzQ2NzE5NDA2LzEvSW5Va2pEb1RQdERadU5BMnVCaVlHTm8zV1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82Njg0MzctOTdjMi00OGMyLWI3YzgtY2M3NzQ2NzE5NDA2
LzEvUTY4dW1IMHJZNjNhcGEzQmVQTWVrTmgycXFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQL0MA0G
CSqGSIb3DQEBCwUAA4IBAQAnhpqLwicCWbVhPdrnq8UV69Cze+WhZHip/QVpgYEr
AxN98m06vwG9gpzU9Q/Uf90b5sGNnowhAEJnTKsDpidtRaEKn/8xKRKnG3Ea8cIH
Ji8plYfkyg36wpXeCnWJ82TyjfwSO1LPqCrehaA7nJQDBCf8aNRUo+wx2ulwuoIr
lS6lnl78+La4UnPgbU4TDunY2YAzlJRDhfhtVZmRxB/aIaYNnILITC+FeDbx69uG
L1t+yJa68IjrYu/gIzz2JF6J8xfQOBK7ZSkuw21Aod0wvVbFVmUdtzEudAQrHQ5m
29Fi03QEx+4ABJAfym9UdZZJC27Kmk9DXANp8896koxI
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:50:02 2024 by rpki-client on console-fra.rpki-client.org