Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hIb381PdIC5PkqXSTk990wswwiI.roa
File: hIb381PdIC5PkqXSTk990wswwiI.roa (raw, json)
Hash identifier: 5ymuUPfLN77Zqd+1py3t3kqy8iSaom3w+Fr0ho3bEjE=
Subject key identifier: 84:86:F7:F3:53:DD:20:2E:4F:92:A5:D2:4E:4F:7D:D3:0B:30:C2:22
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC80299325C07B4B159A581E261BC10C8
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hIb381PdIC5PkqXSTk990wswwiI.roa
Signing time: Tue 02 Jan 2024 02:31:02 +0000
ROA not before: Tue 02 Jan 2024 02:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212861
IP address blocks: 185.105.12.0/22 maxlen: 24
185.197.216.0/22 maxlen: 24
185.222.188.0/22 maxlen: 24
185.163.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:99:32:5c:07:b4:b1:59:a5:81:e2:61:bc:10:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8486f7f353dd202e4f92a5d24e4f7dd30b30c222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:08:4b:ae:7d:16:10:f8:2d:f4:67:be:3d:47:
b5:3a:a5:58:6c:4a:49:d5:66:d9:9a:64:38:45:e3:
28:ef:9b:4a:c0:53:b9:86:c9:8e:b4:51:cb:90:c3:
b4:46:24:2e:ed:0b:2a:9b:2a:7c:5c:ff:1d:7b:fe:
33:12:c7:50:3f:2e:3a:a7:0b:fa:9a:bb:1e:d9:16:
3b:c3:6e:16:14:dc:31:36:13:b6:62:1d:19:74:48:
c5:93:39:59:af:cc:ac:c9:85:42:d4:a3:4a:c1:62:
bb:de:bd:c4:01:69:35:3f:66:dc:ae:2e:8e:6d:74:
76:c1:80:2b:7f:9b:c0:5d:00:b0:be:26:c9:83:e6:
ae:47:d8:32:43:5a:74:70:2e:00:21:30:88:39:2c:
de:c9:ca:5c:be:49:b5:cb:a9:69:13:f7:1b:b1:98:
99:90:25:c9:da:ac:0f:8d:e4:ce:d4:e3:8a:3d:8f:
df:24:2b:f0:57:f2:79:b3:af:3d:8f:70:9e:0e:de:
f3:77:dd:5e:24:9f:34:d2:da:21:98:ab:67:f9:82:
59:54:4f:9d:85:94:02:65:61:83:df:ac:e0:5c:f7:
7e:8a:0c:39:e3:09:e4:ac:2c:81:e2:62:64:6b:0f:
1b:4a:b6:ae:2e:ed:75:57:f3:f8:86:4f:4d:f9:88:
19:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:86:F7:F3:53:DD:20:2E:4F:92:A5:D2:4E:4F:7D:D3:0B:30:C2:22
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/hIb381PdIC5PkqXSTk990wswwiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.12.0/22
185.163.232.0/22
185.197.216.0/22
185.222.188.0/22
Signature Algorithm: sha256WithRSAEncryption
06:6a:e8:e4:e6:f4:e2:07:1b:95:80:1f:cc:a8:8f:e4:63:9e:
1d:29:0c:c2:69:9c:cb:4e:98:e3:1b:b9:66:19:dc:74:e1:04:
ce:bf:14:1a:f1:62:13:17:17:29:f7:97:fd:cc:69:ee:4f:7d:
ab:e7:f2:c4:6f:76:9a:64:4c:5d:80:99:5d:b6:9d:a1:26:00:
94:c0:9f:9d:44:d0:e4:62:8c:87:80:36:21:bf:0b:c3:a3:62:
5d:03:9d:28:11:ab:67:45:f3:c1:ed:04:4f:ea:f2:a4:75:66:
30:0f:e2:db:fd:b3:b4:18:ad:4b:85:ab:8d:89:92:90:0d:01:
59:1f:bc:1a:0b:1c:10:1c:d8:dc:17:65:91:31:05:26:28:f1:
e5:aa:74:34:80:7b:4d:d1:42:dd:55:80:4d:be:08:f7:e0:ab:
58:6c:18:19:64:3e:00:6d:7a:2e:cc:c7:45:72:70:fd:0c:9e:
39:eb:cb:97:f1:f7:e6:f0:3b:c1:65:57:cc:58:d4:df:56:65:
16:2d:29:25:d7:65:67:56:a9:52:8c:cf:2a:1b:04:39:e1:27:
22:63:16:db:16:ca:4f:b5:1d:31:9a:ed:a0:6f:b0:cd:45:5f:
7b:9e:09:b3:3e:81:3a:c5:14:df:fa:f4:53:ac:2e:bc:70:f8:
f7:16:b3:1e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIApkyXAe0sVmlgeJhvBDIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDg2ZjdmMzUzZGQyMDJlNGY5MmE1ZDI0ZTRmN2RkMzBiMzBjMjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQhLrn0WEPgt9Ge+PUe1OqVYbEpJ
1WbZmmQ4ReMo75tKwFO5hsmOtFHLkMO0RiQu7Qsqmyp8XP8de/4zEsdQPy46pwv6
mrse2RY7w24WFNwxNhO2Yh0ZdEjFkzlZr8ysyYVC1KNKwWK73r3EAWk1P2bcri6O
bXR2wYArf5vAXQCwvibJg+auR9gyQ1p0cC4AITCIOSzeycpcvkm1y6lpE/cbsZiZ
kCXJ2qwPjeTO1OOKPY/fJCvwV/J5s689j3CeDt7zd91eJJ800tohmKtn+YJZVE+d
hZQCZWGD36zgXPd+igw54wnkrCyB4mJkaw8bSrauLu11V/P4hk9N+YgZFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFISG9/NT3SAuT5Kl0k5PfdMLMMIiMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaEliMzgxUGRJQzVQa3FYU1RrOTkwd3N3d2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuWkMAwQC
uaPoAwQCucXYAwQCud68MA0GCSqGSIb3DQEBCwUAA4IBAQAGaujk5vTiBxuVgB/M
qI/kY54dKQzCaZzLTpjjG7lmGdx04QTOvxQa8WITFxcp95f9zGnuT32r5/LEb3aa
ZExdgJldtp2hJgCUwJ+dRNDkYoyHgDYhvwvDo2JdA50oEatnRfPB7QRP6vKkdWYw
D+Lb/bO0GK1LhauNiZKQDQFZH7waCxwQHNjcF2WRMQUmKPHlqnQ0gHtN0ULdVYBN
vgj34KtYbBgZZD4AbXouzMdFcnD9DJ4568uX8ffm8DvBZVfMWNTfVmUWLSkl12Vn
VqlSjM8qGwQ54SciYxbbFspPtR0xmu2gb7DNRV97ngmzPoE6xRTf+vRTrC68cPj3
FrMe
-----END CERTIFICATE-----
Generated at Sat May 4 03:49:23 2024 by rpki-client on console-ams.rpki-client.org