Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/2G-mcwympmeV9R0HtLZKjSo-98Y.roa
File: 2G-mcwympmeV9R0HtLZKjSo-98Y.roa (raw, json)
Hash identifier: 2H2CCbnQn8E29HNCBc4H8oHMnfluZP5SBXZklruMcdk=
Subject key identifier: D8:6F:A6:73:0C:A6:A6:67:95:F5:1D:07:B4:B6:4A:8D:2A:3E:F7:C6
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018EB2AAFD42B9536954E08CEA0308CA36DF
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/2G-mcwympmeV9R0HtLZKjSo-98Y.roa
Signing time: Sat 06 Apr 2024 09:08:54 +0000
ROA not before: Sat 06 Apr 2024 09:08:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52423
IP address blocks: 185.184.141.0/24 maxlen: 32
185.185.248.0/24 maxlen: 24
185.185.249.0/24 maxlen: 24
185.190.80.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b2:aa:fd:42:b9:53:69:54:e0:8c:ea:03:08:ca:36:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 6 09:08:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d86fa6730ca6a66795f51d07b4b64a8d2a3ef7c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c8:bc:da:a8:00:e4:22:42:a4:df:69:58:1c:
36:b9:2b:1e:07:e2:b3:ea:8a:cb:aa:55:18:bb:2e:
99:ad:3e:a1:c6:6b:fa:97:b1:13:b8:97:d2:6d:41:
70:a8:55:54:93:88:42:b6:e6:ce:1a:69:4e:b5:dc:
95:d9:1d:b8:00:25:b9:a9:dc:ff:b8:5c:c7:5d:c4:
c9:f0:76:3d:d0:34:74:a3:ca:98:8a:0d:94:04:c6:
b1:1d:34:a7:6c:99:79:38:13:1f:7f:cb:0b:e1:aa:
c5:f1:93:1e:b0:f9:0c:0d:e7:32:86:87:3c:09:ac:
0c:bf:ec:7d:62:3c:7f:53:6e:49:61:b9:22:4d:32:
3b:86:98:ca:96:33:32:07:5e:a9:29:9b:3d:6c:e6:
dd:33:43:0e:08:95:97:d4:21:98:75:ca:b5:c9:de:
0c:f9:ec:fa:59:81:ff:ce:72:04:26:b5:15:6b:fa:
a9:13:f9:a5:fb:64:a1:11:9f:b4:db:33:01:c1:b7:
f9:7c:2f:66:5a:04:22:c7:41:81:0c:29:d6:ac:ea:
a5:bd:3d:1c:6d:0d:19:3f:cd:2c:82:80:01:50:69:
de:45:1b:b7:8a:74:56:e1:fe:1d:d6:39:d7:e5:d1:
f6:b4:5c:2a:fa:bf:54:5b:ed:af:c1:fa:b8:81:25:
d9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6F:A6:73:0C:A6:A6:67:95:F5:1D:07:B4:B6:4A:8D:2A:3E:F7:C6
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/2G-mcwympmeV9R0HtLZKjSo-98Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.184.141.0/24
185.185.248.0/23
185.190.80.0/24
Signature Algorithm: sha256WithRSAEncryption
36:3b:12:e4:b0:f9:50:7e:57:55:19:16:b4:93:60:0c:60:02:
cb:19:2e:55:24:43:09:23:3d:3a:08:a2:42:11:21:0d:92:6e:
47:87:87:41:9d:46:76:6b:43:7d:ad:5f:85:66:e0:38:d8:9f:
9e:89:c8:1f:a2:9a:42:1f:99:74:3e:f0:30:c1:72:7d:c5:37:
93:39:31:ee:10:08:54:86:7c:f0:b1:64:23:b6:44:59:b0:e5:
84:bb:86:68:62:e4:4c:a4:89:19:ca:d0:80:6e:fc:8f:cd:0b:
a0:a8:2a:47:51:8c:2a:34:d0:02:63:44:7d:18:f0:16:cf:38:
f4:8d:7f:84:8c:65:e6:4c:44:8c:6a:7e:44:1f:ec:c0:b2:88:
0d:d7:f0:18:1e:44:64:8d:17:ea:24:4b:df:6a:8b:ae:5f:9a:
06:97:7e:66:d3:8a:f3:ae:08:d7:ac:04:ea:31:2c:8f:4c:9a:
b8:64:23:9b:91:4e:d2:47:f2:bf:df:be:2d:d7:c2:04:ec:a2:
84:76:34:2e:ae:c8:fb:73:d3:c6:59:54:b5:8a:40:e4:57:6b:
96:55:c6:96:d3:73:45:59:86:81:31:5e:db:73:d1:ea:8b:60:
4a:a1:ff:d2:d2:0d:49:f4:b2:0a:35:44:52:d7:fb:17:1c:b6:
ec:92:45:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6yqv1CuVNpVOCM6gMIyjbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwNDA2MDkwODU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZmYTY3MzBjYTZhNjY3OTVmNTFkMDdiNGI2NGE4ZDJhM2VmN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsi82qgA5CJCpN9pWBw2uSseB+Kz
6orLqlUYuy6ZrT6hxmv6l7ETuJfSbUFwqFVUk4hCtubOGmlOtdyV2R24ACW5qdz/
uFzHXcTJ8HY90DR0o8qYig2UBMaxHTSnbJl5OBMff8sL4arF8ZMesPkMDecyhoc8
CawMv+x9Yjx/U25JYbkiTTI7hpjKljMyB16pKZs9bObdM0MOCJWX1CGYdcq1yd4M
+ez6WYH/znIEJrUVa/qpE/ml+2ShEZ+02zMBwbf5fC9mWgQix0GBDCnWrOqlvT0c
bQ0ZP80sgoABUGneRRu3inRW4f4d1jnX5dH2tFwq+r9UW+2vwfq4gSXZ/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNhvpnMMpqZnlfUdB7S2So0qPvfGMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvMkctbWN3eW1wbWVWOVIwSHRMWktqU28tOThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAubiNAwQB
ubn4AwQAub5QMA0GCSqGSIb3DQEBCwUAA4IBAQA2OxLksPlQfldVGRa0k2AMYALL
GS5VJEMJIz06CKJCESENkm5Hh4dBnUZ2a0N9rV+FZuA42J+eicgfoppCH5l0PvAw
wXJ9xTeTOTHuEAhUhnzwsWQjtkRZsOWEu4ZoYuRMpIkZytCAbvyPzQugqCpHUYwq
NNACY0R9GPAWzzj0jX+EjGXmTESMan5EH+zAsogN1/AYHkRkjRfqJEvfaouuX5oG
l35m04rzrgjXrATqMSyPTJq4ZCObkU7SR/K/374t18IE7KKEdjQursj7c9PGWVS1
ikDkV2uWVcaW03NFWYaBMV7bc9Hqi2BKof/S0g1J9LIKNURS1/sXHLbskkUj
-----END CERTIFICATE-----
Generated at Thu May 2 13:20:19 2024 by rpki-client on console-fra.rpki-client.org