Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/2DaEUasrt_1HvoAIAxj9uuZX_uQ.roa
File: 2DaEUasrt_1HvoAIAxj9uuZX_uQ.roa (raw, json)
Hash identifier: Yx/tZHybtHtThDTqX9GvuCH9rQf1ttFj9bRUzqW3xhg=
Subject key identifier: D8:36:84:51:AB:2B:B7:FD:47:BE:80:08:03:18:FD:BA:E6:57:FE:E4
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 0190972C806FED34B1456AE6B468CA3D342F
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/2DaEUasrt_1HvoAIAxj9uuZX_uQ.roa
Signing time: Tue 09 Jul 2024 11:06:34 +0000
ROA not before: Tue 09 Jul 2024 11:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214636
IP address blocks: 185.143.0.0/22 maxlen: 22
185.143.0.0/23 maxlen: 23
185.143.0.0/24 maxlen: 24
185.143.1.0/24 maxlen: 24
185.143.2.0/23 maxlen: 23
185.143.2.0/24 maxlen: 24
185.143.3.0/24 maxlen: 24
185.174.212.0/24 maxlen: 24
185.232.172.0/22 maxlen: 22
185.232.172.0/23 maxlen: 23
185.232.172.0/24 maxlen: 24
185.232.173.0/24 maxlen: 24
185.232.174.0/23 maxlen: 23
185.232.174.0/24 maxlen: 24
185.232.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:2c:80:6f:ed:34:b1:45:6a:e6:b4:68:ca:3d:34:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jul 9 11:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8368451ab2bb7fd47be80080318fdbae657fee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e8:93:08:31:64:0b:48:28:b8:25:d8:b6:67:
db:c8:94:80:66:14:ba:5b:42:b0:d2:2e:48:99:98:
5b:24:81:43:69:d4:96:1e:70:3b:37:e2:35:83:ea:
e7:40:b5:17:fa:6c:53:b5:df:23:0d:9b:d7:59:d2:
01:6d:fa:36:14:0d:aa:3b:0f:9a:63:f2:cf:2c:4f:
85:32:be:9c:6a:24:13:86:eb:5c:81:97:0d:45:be:
6b:d4:2a:33:2a:66:1a:06:e6:95:2e:63:ff:dc:da:
8e:c4:76:3b:e6:72:a4:74:21:a9:27:20:98:92:35:
be:c1:e1:86:2b:21:5c:5f:4a:ff:01:65:88:0b:76:
a8:cf:68:71:a4:ad:58:05:e0:81:9b:d4:dc:64:c7:
01:22:52:eb:b7:e4:b9:c8:42:94:64:46:d5:95:d8:
d8:b8:c7:a9:df:bc:0e:5b:a7:ce:f2:9a:29:02:8c:
a9:ce:cf:37:d8:56:cf:d2:b0:90:b0:2d:f5:01:36:
fa:02:a5:88:e0:02:1f:80:2c:9d:93:25:98:45:70:
73:68:44:02:13:a6:2d:48:77:2f:c4:f8:5d:82:aa:
e6:0a:f8:34:5d:b3:39:a4:ce:d0:e1:74:44:37:40:
23:31:f4:40:70:a9:d8:df:0b:17:73:bf:ee:16:dc:
af:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:36:84:51:AB:2B:B7:FD:47:BE:80:08:03:18:FD:BA:E6:57:FE:E4
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/2DaEUasrt_1HvoAIAxj9uuZX_uQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.0.0/22
185.174.212.0/24
185.232.172.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:c4:01:4c:6c:16:92:10:d5:51:f4:1c:4e:b4:f9:16:97:7c:
57:73:25:d3:ef:73:a1:f4:c0:4c:0e:91:5e:7d:82:f2:47:74:
5c:c9:9e:af:1f:cc:02:1f:5b:c6:32:01:99:4c:4d:bd:c6:d5:
8b:8a:d8:e0:aa:8a:49:b7:c4:46:02:b6:a0:56:20:21:fb:d3:
c1:4b:84:89:30:ec:3e:27:76:b6:77:5a:ad:42:f6:90:bc:69:
a6:d3:5f:10:59:67:d9:30:94:ed:25:44:5d:04:02:17:36:17:
5f:69:be:26:88:c4:25:5b:0e:c2:78:f0:96:f8:e9:ce:4f:56:
38:d9:f0:46:32:ad:a2:5c:7c:86:9c:81:10:3d:4a:60:f4:fc:
a7:f5:18:72:1d:4d:ad:30:2f:3f:43:26:0f:08:dc:51:35:68:
24:5d:4e:b7:bf:00:26:0d:82:fb:53:e9:05:09:7b:67:49:21:
dd:0e:00:40:26:a0:86:40:38:7e:83:b7:81:4b:37:3d:b6:31:
c2:7f:bf:61:56:2e:da:9b:a3:bc:b6:98:c5:c0:3e:86:0b:08:
a9:99:65:a6:57:d5:ca:33:e9:ae:4a:08:52:22:1d:e2:49:8a:
79:a3:2b:4c:f4:ff:31:c2:f5:77:06:72:e0:70:99:4e:ae:a3:
51:ce:cf:63
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCXLIBv7TSxRWrmtGjKPTQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjQwNzA5MTEwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODM2ODQ1MWFiMmJiN2ZkNDdiZTgwMDgwMzE4ZmRiYWU2NTdmZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+iTCDFkC0gouCXYtmfbyJSAZhS6
W0Kw0i5ImZhbJIFDadSWHnA7N+I1g+rnQLUX+mxTtd8jDZvXWdIBbfo2FA2qOw+a
Y/LPLE+FMr6caiQThutcgZcNRb5r1CozKmYaBuaVLmP/3NqOxHY75nKkdCGpJyCY
kjW+weGGKyFcX0r/AWWIC3aoz2hxpK1YBeCBm9TcZMcBIlLrt+S5yEKUZEbVldjY
uMep37wOW6fO8popAoypzs832FbP0rCQsC31ATb6AqWI4AIfgCydkyWYRXBzaEQC
E6YtSHcvxPhdgqrmCvg0XbM5pM7Q4XREN0AjMfRAcKnY3wsXc7/uFtyvKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNg2hFGrK7f9R76ACAMY/brmV/7kMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvMkRhRVVhc3J0XzFIdm9BSUF4ajl1dVpYX3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuY8AAwQA
ua7UAwQCueisMA0GCSqGSIb3DQEBCwUAA4IBAQCrxAFMbBaSENVR9BxOtPkWl3xX
cyXT73Oh9MBMDpFefYLyR3RcyZ6vH8wCH1vGMgGZTE29xtWLitjgqopJt8RGArag
ViAh+9PBS4SJMOw+J3a2d1qtQvaQvGmm018QWWfZMJTtJURdBAIXNhdfab4miMQl
Ww7CePCW+OnOT1Y42fBGMq2iXHyGnIEQPUpg9Pyn9RhyHU2tMC8/QyYPCNxRNWgk
XU63vwAmDYL7U+kFCXtnSSHdDgBAJqCGQDh+g7eBSzc9tjHCf79hVi7am6O8tpjF
wD6GCwipmWWmV9XKM+muSghSIh3iSYp5oytM9P8xwvV3BnLgcJlOrqNRzs9j
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:27:26 2024 by rpki-client on console-ams.rpki-client.org