Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/x9xlVLihUtZJ5uEsiOObBlE92a0.roa
File: x9xlVLihUtZJ5uEsiOObBlE92a0.roa (raw, json)
Hash identifier: qJECn+4lWYMZg+EuMiydsgMFxEmMY5eIChNTWBnQK4U=
Subject key identifier: C7:DC:65:54:B8:A1:52:D6:49:E6:E1:2C:88:E3:9B:06:51:3D:D9:AD
Certificate issuer: /CN=a8153b3d5612234fe260fe60bc7ce028062227a3
Certificate serial: 0190E43481A36CB17A991626CF1F638662E3
Authority key identifier: A8:15:3B:3D:56:12:23:4F:E2:60:FE:60:BC:7C:E0:28:06:22:27:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/x9xlVLihUtZJ5uEsiOObBlE92a0.roa
Signing time: Wed 24 Jul 2024 10:06:04 +0000
ROA not before: Wed 24 Jul 2024 10:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205386
IP address blocks: 185.220.8.0/24 maxlen: 24
185.220.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.mft
rsync://rpki.ripe.net/repository/DEFAULT/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e4:34:81:a3:6c:b1:7a:99:16:26:cf:1f:63:86:62:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8153b3d5612234fe260fe60bc7ce028062227a3
Validity
Not Before: Jul 24 10:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7dc6554b8a152d649e6e12c88e39b06513dd9ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:90:fe:a9:95:ca:63:1a:76:e4:a4:04:86:2f:
0e:67:fc:fe:ba:45:ee:63:0f:be:0b:36:5d:53:4f:
33:2c:ad:01:7c:eb:b5:0c:1f:8a:01:6a:3f:b2:4f:
62:73:ff:06:09:a2:42:63:d9:12:d8:aa:cd:67:b6:
31:46:c0:cc:12:01:1f:2d:2e:28:be:ff:3b:fa:13:
b9:2d:1e:8f:f4:39:12:fe:37:cc:3e:b7:a9:31:55:
4e:14:dc:cf:7d:44:63:60:7e:76:e4:dd:2e:26:95:
fd:8e:e6:46:ae:0a:3b:74:c5:46:58:c7:97:88:db:
35:a5:44:82:c3:ed:2a:5d:45:d5:6e:81:e3:25:bb:
40:4e:16:95:8b:fd:45:3b:96:e6:57:48:65:dd:90:
50:8d:16:75:08:46:a2:cb:2c:f8:57:76:29:10:0d:
f3:ed:92:6f:ba:6f:0d:87:8e:66:a9:47:a8:85:47:
3a:ed:82:f6:d1:56:a9:89:22:15:df:3d:60:d2:51:
10:5c:d5:ff:81:a7:98:4d:74:b2:cb:17:15:9b:d7:
0f:a7:31:19:77:ae:f3:8b:52:2f:c2:b7:87:49:b7:
af:c1:98:75:1d:0c:a2:66:9b:35:7d:b4:c9:3c:fa:
31:c9:3b:28:bb:84:fe:b8:f4:47:f4:fa:ac:a8:18:
fa:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:DC:65:54:B8:A1:52:D6:49:E6:E1:2C:88:E3:9B:06:51:3D:D9:AD
X509v3 Authority Key Identifier:
keyid:A8:15:3B:3D:56:12:23:4F:E2:60:FE:60:BC:7C:E0:28:06:22:27:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/x9xlVLihUtZJ5uEsiOObBlE92a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/d4d8dd-50d8-43c7-9b55-9aa7cd6505e5/1/qBU7PVYSI0_iYP5gvHzgKAYiJ6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.8.0/24
185.220.10.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:36:9e:06:7f:35:e9:b9:fe:2c:c0:89:ea:52:05:ae:14:38:
01:58:8f:0c:96:cb:ea:31:6d:c7:5c:e7:59:dd:4b:de:9e:5b:
46:d3:b5:5d:4e:52:71:06:a7:41:29:3d:5a:5a:5a:29:2e:16:
35:0f:10:4c:2a:1d:f4:d5:d2:5b:b9:6a:81:b0:a8:bd:6c:f5:
44:03:5e:7e:1d:42:75:42:b0:2d:29:d5:dc:a6:55:3c:85:11:
ca:b5:2c:54:88:39:7d:87:86:ea:6c:fb:c1:cc:93:a8:16:fa:
f4:45:18:11:34:0d:0b:88:99:bf:d8:02:cc:8e:6e:c2:5a:8c:
e9:1c:47:8f:d9:f8:94:b0:d0:76:bf:5e:90:b0:d2:c0:dc:05:
ca:21:c3:70:8c:9e:c3:a3:f6:98:60:87:e2:00:70:16:50:c8:
f7:5a:f2:11:48:bf:41:91:e3:55:5f:f7:f0:d6:5f:36:d5:28:
1a:9a:7d:1a:b9:f7:35:dd:ac:fd:b9:f9:64:76:6b:b3:a1:79:
f3:f9:45:d7:75:aa:3e:01:bf:a9:85:88:05:46:56:d3:b1:70:
55:97:fa:ca:fd:cf:4e:84:8a:95:33:19:27:82:f4:db:8a:07:
26:3a:79:b6:ca:ed:36:61:6c:c3:81:19:ff:8a:3f:6d:4a:47:
e3:7b:df:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDkNIGjbLF6mRYmzx9jhmLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MTUzYjNkNTYxMjIzNGZlMjYwZmU2MGJjN2NlMDI4MDYy
MjI3YTMwHhcNMjQwNzI0MTAwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2RjNjU1NGI4YTE1MmQ2NDllNmUxMmM4OGUzOWIwNjUxM2RkOWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5D+qZXKYxp25KQEhi8OZ/z+ukXu
Yw++CzZdU08zLK0BfOu1DB+KAWo/sk9ic/8GCaJCY9kS2KrNZ7YxRsDMEgEfLS4o
vv87+hO5LR6P9DkS/jfMPrepMVVOFNzPfURjYH525N0uJpX9juZGrgo7dMVGWMeX
iNs1pUSCw+0qXUXVboHjJbtAThaVi/1FO5bmV0hl3ZBQjRZ1CEaiyyz4V3YpEA3z
7ZJvum8Nh45mqUeohUc67YL20VapiSIV3z1g0lEQXNX/gaeYTXSyyxcVm9cPpzEZ
d67zi1IvwreHSbevwZh1HQyiZps1fbTJPPoxyTsou4T+uPRH9PqsqBj6MwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMfcZVS4oVLWSebhLIjjmwZRPdmtMB8GA1UdIwQY
MBaAFKgVOz1WEiNP4mD+YLx84CgGIiejMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUJVN1BWWVNJMF9pWVA1Z3ZIemdLQVlpSjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kNGQ4ZGQtNTBkOC00M2M3LTliNTUt
OWFhN2NkNjUwNWU1LzEveDl4bFZMaWhVdFpKNXVFc2lPT2JCbEU5MmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kNGQ4ZGQtNTBkOC00M2M3LTliNTUtOWFhN2NkNjUwNWU1
LzEvcUJVN1BWWVNJMF9pWVA1Z3ZIemdLQVlpSjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudwIAwQA
udwKMA0GCSqGSIb3DQEBCwUAA4IBAQCaNp4GfzXpuf4swInqUgWuFDgBWI8Mlsvq
MW3HXOdZ3UvenltG07VdTlJxBqdBKT1aWlopLhY1DxBMKh301dJbuWqBsKi9bPVE
A15+HUJ1QrAtKdXcplU8hRHKtSxUiDl9h4bqbPvBzJOoFvr0RRgRNA0LiJm/2ALM
jm7CWozpHEeP2fiUsNB2v16QsNLA3AXKIcNwjJ7Do/aYYIfiAHAWUMj3WvIRSL9B
keNVX/fw1l821Sgamn0aufc13az9uflkdmuzoXnz+UXXdao+Ab+phYgFRlbTsXBV
l/rK/c9OhIqVMxkngvTbigcmOnm2yu02YWzDgRn/ij9tSkfje9+X
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:12:39 2024 by rpki-client on console-ams.rpki-client.org