Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/eyH4EwOjtSWRdK2njJIt2Zhh7Zs.roa
File: eyH4EwOjtSWRdK2njJIt2Zhh7Zs.roa (raw, json)
Hash identifier: WDFts+NH/jOFc31gPc1TIdTy0HWTmlGhYcdG7MRM8x0=
Subject key identifier: 7B:21:F8:13:03:A3:B5:25:91:74:AD:A7:8C:92:2D:D9:98:61:ED:9B
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 018CC2DB5CC1B84827618FDAC319A85D2309
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/eyH4EwOjtSWRdK2njJIt2Zhh7Zs.roa
Signing time: Mon 01 Jan 2024 02:30:05 +0000
ROA not before: Mon 01 Jan 2024 02:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12444
IP address blocks: 185.118.177.0/24 maxlen: 24
185.118.176.0/24 maxlen: 24
185.118.178.0/24 maxlen: 24
185.118.179.0/24 maxlen: 24
84.17.69.0/24 maxlen: 24
84.17.70.0/24 maxlen: 24
84.17.67.0/24 maxlen: 24
84.17.68.0/24 maxlen: 24
84.17.71.0/24 maxlen: 24
84.17.78.0/24 maxlen: 24
84.17.72.0/24 maxlen: 24
84.17.76.0/24 maxlen: 24
84.17.75.0/24 maxlen: 24
84.17.79.0/24 maxlen: 24
84.17.84.0/24 maxlen: 24
84.17.87.0/24 maxlen: 24
84.17.86.0/24 maxlen: 24
84.17.90.0/24 maxlen: 24
84.17.89.0/24 maxlen: 24
84.17.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:5c:c1:b8:48:27:61:8f:da:c3:19:a8:5d:23:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Jan 1 02:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b21f81303a3b5259174ada78c922dd99861ed9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:68:cb:81:14:97:de:83:b6:2b:a9:7d:81:66:
3a:a9:38:d7:08:ae:c8:7b:5d:23:a4:05:88:19:a9:
44:54:7c:05:33:be:04:b8:13:b6:e7:38:2f:7b:6b:
c6:9b:ad:07:b9:2b:fe:71:91:10:d4:94:f8:47:91:
70:a9:ba:db:a2:5d:dd:66:c0:2b:03:c6:9b:08:45:
02:fd:45:5b:21:19:66:87:df:93:84:35:02:8b:a5:
22:cc:7b:7d:c0:35:5a:17:f8:56:43:63:c1:8e:65:
09:5d:2f:79:9a:79:3f:7a:ab:be:cb:25:f9:6d:c1:
ee:55:d4:b1:a6:9d:ad:7e:45:c4:82:41:16:ec:f8:
32:eb:0f:a2:9d:03:68:31:72:54:5c:99:07:e8:3c:
30:57:7d:8e:2e:3a:c7:0c:bd:14:ac:06:0b:b7:1e:
3e:4c:3e:f3:22:62:28:17:bf:93:d9:82:aa:32:aa:
9e:81:bf:46:25:64:07:24:bb:da:17:dd:ae:c1:ba:
29:14:d3:77:c2:98:1d:ef:06:01:36:44:d1:13:22:
2c:4a:0c:81:0c:1f:8f:88:84:23:97:03:a3:58:56:
ee:e6:e5:04:82:49:54:c7:a5:78:4e:4c:4c:c4:75:
0b:48:fb:9d:9c:94:2a:f8:d7:c9:85:23:dd:d0:30:
08:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:21:F8:13:03:A3:B5:25:91:74:AD:A7:8C:92:2D:D9:98:61:ED:9B
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/eyH4EwOjtSWRdK2njJIt2Zhh7Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.67.0-84.17.72.255
84.17.75.0-84.17.76.255
84.17.78.0/23
84.17.84.0/24
84.17.86.0/23
84.17.89.0-84.17.90.255
84.17.93.0/24
185.118.176.0/22
Signature Algorithm: sha256WithRSAEncryption
41:1e:39:d5:6d:98:7d:5c:61:32:e0:f9:31:ea:2b:2b:f7:25:
4d:c8:0b:97:70:f0:83:da:3d:b5:4c:53:15:71:a4:3a:c4:13:
24:05:db:bf:5f:46:03:74:c2:9b:1d:16:cf:de:db:49:49:1d:
00:72:06:be:c3:9d:e4:bc:c4:53:6d:ed:94:08:a5:46:a7:db:
8e:5a:0f:70:72:4e:e1:67:1c:4a:e3:57:5f:51:68:6c:5e:ec:
e7:5a:4f:12:49:81:3a:11:40:9b:86:29:01:5f:56:5b:0e:7e:
93:98:29:a5:3f:49:08:54:29:f0:44:d4:e0:63:17:d6:5d:82:
56:6b:fd:21:8f:6a:16:8b:96:d2:c2:9c:c5:dc:59:4a:05:bd:
69:f1:36:d7:a4:5c:3f:79:f6:ab:0a:43:0e:7e:31:68:34:bb:
37:4f:83:a7:91:25:5d:d2:39:ac:e8:19:67:51:e6:a8:45:9d:
05:91:b2:43:a9:14:ae:b8:e9:28:94:4d:d8:fa:14:01:15:35:
e2:9c:aa:4a:85:05:99:e3:54:55:26:d2:b9:76:0c:00:0d:73:
39:80:c9:8f:b5:6e:1d:cd:24:28:d3:cd:64:16:fb:50:74:4b:
0d:5f:44:4e:d5:8f:c6:26:13:98:22:0a:f2:02:7f:1c:68:e5:
44:c6:eb:6e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzC21zBuEgnYY/awxmoXSMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjQwMTAxMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjIxZjgxMzAzYTNiNTI1OTE3NGFkYTc4YzkyMmRkOTk4NjFlZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2jLgRSX3oO2K6l9gWY6qTjXCK7I
e10jpAWIGalEVHwFM74EuBO25zgve2vGm60HuSv+cZEQ1JT4R5Fwqbrbol3dZsAr
A8abCEUC/UVbIRlmh9+ThDUCi6UizHt9wDVaF/hWQ2PBjmUJXS95mnk/equ+yyX5
bcHuVdSxpp2tfkXEgkEW7Pgy6w+inQNoMXJUXJkH6DwwV32OLjrHDL0UrAYLtx4+
TD7zImIoF7+T2YKqMqqegb9GJWQHJLvaF92uwbopFNN3wpgd7wYBNkTREyIsSgyB
DB+PiIQjlwOjWFbu5uUEgklUx6V4TkxMxHULSPudnJQq+NfJhSPd0DAIRwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHsh+BMDo7UlkXStp4ySLdmYYe2bMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvZXlINEV3T2p0U1dSZEsybmpKSXQyWmhoN1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBABUEUMD
BABUEUgwDAMEAFQRSwMEAFQRTAMEAVQRTgMEAFQRVAMEAVQRVjAMAwQAVBFZAwQA
VBFaAwQAVBFdAwQCuXawMA0GCSqGSIb3DQEBCwUAA4IBAQBBHjnVbZh9XGEy4Pkx
6isr9yVNyAuXcPCD2j21TFMVcaQ6xBMkBdu/X0YDdMKbHRbP3ttJSR0Acga+w53k
vMRTbe2UCKVGp9uOWg9wck7hZxxK41dfUWhsXuznWk8SSYE6EUCbhikBX1ZbDn6T
mCmlP0kIVCnwRNTgYxfWXYJWa/0hj2oWi5bSwpzF3FlKBb1p8TbXpFw/efarCkMO
fjFoNLs3T4OnkSVd0jms6BlnUeaoRZ0FkbJDqRSuuOkolE3Y+hQBFTXinKpKhQWZ
41RVJtK5dgwADXM5gMmPtW4dzSQo081kFvtQdEsNX0RO1Y/GJhOYIgryAn8caOVE
xutu
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:44:02 2024 by rpki-client on console-fra.rpki-client.org