Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iidll4WeuLt_C3DiGVpd2OzMyUU.roa
File: iidll4WeuLt_C3DiGVpd2OzMyUU.roa (raw, json)
Hash identifier: UFlocudx2IpsFKTKBrAKa+OvRa9YtWcMQrdqaPsw3ZA=
Subject key identifier: 8A:27:65:97:85:9E:B8:BB:7F:0B:70:E2:19:5A:5D:D8:EC:CC:C9:45
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC8029F4E9AFBFAD0F5C4D19C457A5DF4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iidll4WeuLt_C3DiGVpd2OzMyUU.roa
Signing time: Tue 02 Jan 2024 02:31:04 +0000
ROA not before: Tue 02 Jan 2024 02:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397630
IP address blocks: 185.206.250.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 03:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:9f:4e:9a:fb:fa:d0:f5:c4:d1:9c:45:7a:5d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a276597859eb8bb7f0b70e2195a5dd8ecccc945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:95:e0:6f:d3:28:a1:79:ce:e1:cd:df:26:16:
9b:05:08:27:c5:e4:f4:2e:30:63:3a:aa:6b:81:91:
39:38:f4:6a:e3:d5:bd:e5:93:3f:03:cf:a7:59:ba:
cb:57:b2:32:32:08:be:4e:e9:b1:84:f8:ce:01:aa:
0f:0e:9b:c0:25:21:13:9d:9d:2b:45:a0:f3:26:18:
87:61:c0:55:40:d3:0a:c0:d4:a2:3c:3c:b1:b4:12:
a6:92:83:50:3b:9c:c9:d2:be:3f:de:8d:68:20:10:
9b:79:4a:33:a4:c0:a6:ac:a0:3b:9b:be:f5:15:14:
07:29:8f:95:ce:4d:89:eb:f5:54:2e:28:56:40:ff:
60:d0:1f:e8:bf:e9:69:e6:76:75:08:a0:d0:88:89:
9f:d1:f2:e7:f4:02:9e:06:92:23:11:d5:e6:a8:b2:
56:6c:15:26:72:3c:91:5a:af:a4:89:cf:da:70:34:
8d:80:7c:aa:f3:38:69:40:d1:2e:96:2b:b9:f4:5b:
2d:25:00:9b:fc:16:52:49:f0:b5:92:3e:0a:69:f5:
da:e2:5c:63:5d:ed:37:43:61:ee:52:23:f1:53:9e:
e5:ce:61:81:7d:c9:b8:b7:fa:ce:72:95:99:94:f4:
7e:f7:cd:24:a1:29:08:00:b3:80:d1:b7:cb:25:41:
97:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:27:65:97:85:9E:B8:BB:7F:0B:70:E2:19:5A:5D:D8:EC:CC:C9:45
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iidll4WeuLt_C3DiGVpd2OzMyUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.250.0/24
185.223.78.0/24
Signature Algorithm: sha256WithRSAEncryption
86:40:01:d9:f1:1a:9a:c6:c2:a2:3b:2b:f7:af:40:83:fb:03:
ac:0e:2f:86:b7:5e:e1:c6:c4:1c:0e:cb:da:b1:5b:7f:4a:f8:
dc:33:90:1e:da:98:0d:d3:9c:90:2b:2d:5f:32:32:b1:5f:35:
ca:8e:f2:6a:4c:e4:ab:b7:29:48:8b:7d:1e:90:54:65:ce:61:
c2:c5:c3:0f:e8:ca:a9:ee:4a:b2:1a:7d:3e:91:1c:14:c7:6b:
fd:06:c6:71:d3:23:9e:a3:d4:17:6d:f6:aa:1b:d0:31:83:6f:
3d:62:9f:a5:01:a9:8a:fd:b3:5e:05:d4:7f:45:38:16:d4:6b:
8b:71:f4:c7:f5:8c:94:7e:16:07:57:29:91:f7:8f:22:1f:01:
13:ae:97:5e:ef:54:8f:d3:26:a9:42:af:7e:33:32:e1:f6:40:
f5:c2:0d:d1:7d:7a:b8:3c:a5:38:ee:37:d4:a6:c9:98:e1:f5:
22:f1:4d:2f:67:86:78:b8:97:79:8b:0e:e7:aa:ee:b3:f6:08:
f4:22:de:89:84:55:b5:84:3e:b6:47:6f:7e:c9:bf:ce:be:e5:
79:40:8c:10:2d:29:56:a3:3d:31:cc:0c:6a:88:a5:5e:ba:b6:
50:91:64:05:3a:8a:cc:2b:39:ad:78:32:2f:ba:d2:ee:c3:06:
54:77:d5:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAp9Omvv60PXE0ZxFel30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTI3NjU5Nzg1OWViOGJiN2YwYjcwZTIxOTVhNWRkOGVjY2NjOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJXgb9MooXnO4c3fJhabBQgnxeT0
LjBjOqprgZE5OPRq49W95ZM/A8+nWbrLV7IyMgi+TumxhPjOAaoPDpvAJSETnZ0r
RaDzJhiHYcBVQNMKwNSiPDyxtBKmkoNQO5zJ0r4/3o1oIBCbeUozpMCmrKA7m771
FRQHKY+Vzk2J6/VULihWQP9g0B/ov+lp5nZ1CKDQiImf0fLn9AKeBpIjEdXmqLJW
bBUmcjyRWq+kic/acDSNgHyq8zhpQNEuliu59FstJQCb/BZSSfC1kj4KafXa4lxj
Xe03Q2HuUiPxU57lzmGBfcm4t/rOcpWZlPR+980koSkIALOA0bfLJUGXLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIonZZeFnri7fwtw4hlaXdjszMlFMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaWlkbGw0V2V1THRfQzNEaUdWcGQyT3pNeVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuc76AwQA
ud9OMA0GCSqGSIb3DQEBCwUAA4IBAQCGQAHZ8RqaxsKiOyv3r0CD+wOsDi+Gt17h
xsQcDsvasVt/SvjcM5Ae2pgN05yQKy1fMjKxXzXKjvJqTOSrtylIi30ekFRlzmHC
xcMP6Mqp7kqyGn0+kRwUx2v9BsZx0yOeo9QXbfaqG9Axg289Yp+lAamK/bNeBdR/
RTgW1GuLcfTH9YyUfhYHVymR948iHwETrpde71SP0yapQq9+MzLh9kD1wg3RfXq4
PKU47jfUpsmY4fUi8U0vZ4Z4uJd5iw7nqu6z9gj0It6JhFW1hD62R29+yb/OvuV5
QIwQLSlWoz0xzAxqiKVeurZQkWQFOorMKzmteDIvutLuwwZUd9Wf
-----END CERTIFICATE-----
Generated at Sat May 4 09:52:49 2024 by rpki-client on console-ams.rpki-client.org