Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2HtJCJw-5giNcAQDrI-4yEYONwk.roa
File: 2HtJCJw-5giNcAQDrI-4yEYONwk.roa (raw, json)
Hash identifier: +uhQK8coAB1VylqHU5VtG+ZS2vSky1k3eGCScq6cols=
Subject key identifier: D8:7B:49:08:9C:3E:E6:08:8D:70:04:03:AC:8F:B8:C8:46:0E:37:09
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D8E5F70927A7DC1972A81BD6D75D4E653
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2HtJCJw-5giNcAQDrI-4yEYONwk.roa
Signing time: Fri 09 Feb 2024 14:57:15 +0000
ROA not before: Fri 09 Feb 2024 14:57:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211440
IP address blocks: 185.223.83.0/24 maxlen: 24
185.240.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:5f:70:92:7a:7d:c1:97:2a:81:bd:6d:75:d4:e6:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 9 14:57:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d87b49089c3ee6088d700403ac8fb8c8460e3709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e3:42:54:0d:9e:be:6a:54:14:2e:39:f4:f4:
b7:92:49:c4:f4:d8:ac:c9:e5:d7:ac:bf:60:c5:35:
9b:d0:a5:b3:be:0b:74:0f:8c:c6:7d:35:2f:df:97:
3c:66:e1:39:e1:80:3a:8c:3e:cc:a1:78:94:b2:aa:
30:7c:77:6f:3a:81:9b:61:fa:2a:2d:51:f8:bd:d2:
dc:b6:c1:53:8e:e7:3c:f5:c1:b4:3a:4c:7d:65:e4:
4a:08:29:7f:c5:ea:fc:45:eb:d4:97:71:33:92:ce:
2c:46:df:31:08:50:3d:35:a3:c4:00:4c:e3:cc:36:
85:8f:a7:f8:bb:31:88:f9:7d:e1:b9:b5:84:17:a9:
4e:c8:4e:e8:c1:52:12:a1:8f:83:2a:1a:45:4d:6e:
32:60:89:ba:8a:0c:8e:db:29:3d:a4:a0:18:c2:56:
3e:a4:b4:91:67:8c:df:32:ea:54:a1:42:c0:3b:9d:
4f:b4:bd:87:ba:68:5a:7b:70:0c:30:2e:c1:fb:7b:
9f:fe:52:c3:6f:a4:f9:c0:47:09:62:41:53:c9:e9:
ff:21:c3:ce:aa:84:36:e5:47:37:45:c9:c5:ab:1f:
6c:a8:eb:34:23:d9:9e:8a:49:b2:97:c1:30:7e:b4:
fe:33:08:68:e2:b0:17:7f:1d:3f:2c:16:85:db:00:
0c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7B:49:08:9C:3E:E6:08:8D:70:04:03:AC:8F:B8:C8:46:0E:37:09
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/2HtJCJw-5giNcAQDrI-4yEYONwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.83.0/24
185.240.123.0/24
Signature Algorithm: sha256WithRSAEncryption
16:1b:44:09:8a:30:56:94:b9:d9:14:e4:7b:1f:14:dd:be:17:
c4:69:96:c6:69:24:3d:45:1d:0b:36:b9:19:24:c2:b4:dc:8e:
76:e6:71:52:63:e3:7e:4c:17:19:18:d8:78:a4:f2:c3:6f:59:
a0:5a:fd:6d:54:52:56:55:25:f3:d1:b1:59:2d:d4:12:ff:eb:
88:0d:41:41:49:9c:2d:d8:bf:87:6e:8a:e4:c2:3c:84:18:7d:
ef:91:2a:51:77:61:03:a3:c1:00:72:8f:ff:2b:6d:f2:54:6c:
3d:f6:79:4f:d3:08:00:6c:ac:a5:1e:28:c4:61:79:60:c5:30:
21:be:fc:94:d2:f0:e9:97:3a:bf:44:9a:a4:a9:bb:ea:60:27:
b0:76:89:e1:bb:75:e2:ac:0e:10:1a:34:a5:8a:b0:7a:d5:bd:
97:35:32:bf:8d:a7:51:46:7c:95:79:d8:5b:e6:2a:e0:08:26:
88:cf:84:3e:26:f3:2d:14:7d:1f:17:d5:f6:8f:b4:26:57:7e:
96:74:46:2c:a7:af:c5:9b:3b:f1:bc:e9:c3:11:c1:d8:c5:5c:
c1:24:8e:8b:9b:7e:7a:0b:1f:e1:fe:4c:51:c6:38:17:b9:86:
9d:4c:c4:f1:6e:33:8c:98:56:8c:19:d7:dd:6f:66:c1:bb:fc:
35:84:ab:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2OX3CSen3BlyqBvW111OZTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjA5MTQ1NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODdiNDkwODljM2VlNjA4OGQ3MDA0MDNhYzhmYjhjODQ2MGUzNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgONCVA2evmpUFC459PS3kknE9Nis
yeXXrL9gxTWb0KWzvgt0D4zGfTUv35c8ZuE54YA6jD7MoXiUsqowfHdvOoGbYfoq
LVH4vdLctsFTjuc89cG0Okx9ZeRKCCl/xer8RevUl3Ezks4sRt8xCFA9NaPEAEzj
zDaFj6f4uzGI+X3hubWEF6lOyE7owVISoY+DKhpFTW4yYIm6igyO2yk9pKAYwlY+
pLSRZ4zfMupUoULAO51PtL2Humhae3AMMC7B+3uf/lLDb6T5wEcJYkFTyen/IcPO
qoQ25Uc3RcnFqx9sqOs0I9meikmyl8EwfrT+Mwho4rAXfx0/LBaF2wAMwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNh7SQicPuYIjXAEA6yPuMhGDjcJMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMkh0SkNKdy01Z2lOY0FRRHJJLTR5RVlPTndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAud9TAwQA
ufB7MA0GCSqGSIb3DQEBCwUAA4IBAQAWG0QJijBWlLnZFOR7HxTdvhfEaZbGaSQ9
RR0LNrkZJMK03I525nFSY+N+TBcZGNh4pPLDb1mgWv1tVFJWVSXz0bFZLdQS/+uI
DUFBSZwt2L+HborkwjyEGH3vkSpRd2EDo8EAco//K23yVGw99nlP0wgAbKylHijE
YXlgxTAhvvyU0vDplzq/RJqkqbvqYCewdonhu3XirA4QGjSlirB61b2XNTK/jadR
RnyVedhb5irgCCaIz4Q+JvMtFH0fF9X2j7QmV36WdEYsp6/FmzvxvOnDEcHYxVzB
JI6Lm356Cx/h/kxRxjgXuYadTMTxbjOMmFaMGdfdb2bBu/w1hKtG
-----END CERTIFICATE-----
Generated at Sat May 4 12:55:31 2024 by rpki-client on console-fra.rpki-client.org