Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cc1ab9-febe-4422-8b32-92d94cd7b024/1/1OYBomsjCdV2FP2O5QRkkqfHx4E.roa
File: 1OYBomsjCdV2FP2O5QRkkqfHx4E.roa (raw, json)
Hash identifier: IhWRwZCTjwvyFqzHa8+IPQYMZJ2KaULxkc2eQ4xPrcQ=
Subject key identifier: D4:E6:01:A2:6B:23:09:D5:76:14:FD:8E:E5:04:64:92:A7:C7:C7:81
Certificate issuer: /CN=8cee8804ff70376e2afe21abf93e228d5afdd509
Certificate serial: 018CC870BC90A2B6787D11DE74DA1C8BCAD4
Authority key identifier: 8C:EE:88:04:FF:70:37:6E:2A:FE:21:AB:F9:3E:22:8D:5A:FD:D5:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jO6IBP9wN24q_iGr-T4ijVr91Qk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc1ab9-febe-4422-8b32-92d94cd7b024/1/1OYBomsjCdV2FP2O5QRkkqfHx4E.roa
Signing time: Tue 02 Jan 2024 04:31:20 +0000
ROA not before: Tue 02 Jan 2024 04:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22351
IP address blocks: 185.244.14.0/23 maxlen: 23
185.244.12.0/23 maxlen: 23
80.73.212.0/22 maxlen: 22
80.73.208.0/22 maxlen: 22
80.73.216.0/24 maxlen: 24
80.73.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/cc1ab9-febe-4422-8b32-92d94cd7b024/1/jO6IBP9wN24q_iGr-T4ijVr91Qk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/cc1ab9-febe-4422-8b32-92d94cd7b024/1/jO6IBP9wN24q_iGr-T4ijVr91Qk.mft
rsync://rpki.ripe.net/repository/DEFAULT/jO6IBP9wN24q_iGr-T4ijVr91Qk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:bc:90:a2:b6:78:7d:11:de:74:da:1c:8b:ca:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cee8804ff70376e2afe21abf93e228d5afdd509
Validity
Not Before: Jan 2 04:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4e601a26b2309d57614fd8ee5046492a7c7c781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:88:cc:d4:81:35:24:6a:5c:17:a3:e0:43:08:
ce:7a:f3:17:32:f1:65:8e:54:2f:57:4f:95:f7:ad:
7d:05:00:b0:39:3c:42:26:a8:e0:13:2b:c2:26:d6:
ee:8b:fc:7a:b7:4c:b9:3d:5b:bd:0f:8f:04:3b:c7:
00:8c:60:34:ab:7a:4f:34:b4:a8:3c:c8:9b:b9:ab:
54:6d:86:11:35:69:56:6e:de:fa:64:2e:2a:34:b7:
5a:64:98:62:fd:ef:97:19:d1:ad:a2:09:48:24:ad:
37:6f:0c:da:3e:60:f7:4b:8d:73:2e:66:63:19:c4:
6a:5f:3f:eb:c2:e2:e5:b0:b9:c5:86:80:64:db:28:
7e:ce:8a:a5:c8:19:42:5a:a8:5f:ec:0e:99:29:8f:
e6:a6:e8:e6:df:3b:fd:a6:d3:3d:60:32:02:c8:96:
0e:86:55:de:65:3b:35:4f:73:58:4d:8f:f8:c3:3d:
7f:33:e8:3a:b3:b1:9d:ce:3d:13:a5:c3:1a:80:24:
71:3e:0a:7e:2a:b0:00:81:a0:a8:b4:d7:36:75:a7:
5e:a8:a2:1a:bf:53:71:e7:04:2a:7d:30:ff:55:c3:
c8:b8:2a:d7:22:8a:1c:05:5f:16:fd:94:ba:09:ef:
3f:02:27:62:19:6d:e3:1e:8a:56:c6:59:85:c4:b4:
1f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E6:01:A2:6B:23:09:D5:76:14:FD:8E:E5:04:64:92:A7:C7:C7:81
X509v3 Authority Key Identifier:
keyid:8C:EE:88:04:FF:70:37:6E:2A:FE:21:AB:F9:3E:22:8D:5A:FD:D5:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jO6IBP9wN24q_iGr-T4ijVr91Qk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc1ab9-febe-4422-8b32-92d94cd7b024/1/1OYBomsjCdV2FP2O5QRkkqfHx4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cc1ab9-febe-4422-8b32-92d94cd7b024/1/jO6IBP9wN24q_iGr-T4ijVr91Qk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.208.0-80.73.217.255
185.244.12.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:67:81:21:e8:c3:4a:c0:c0:0a:84:0d:37:2d:fe:d1:f0:ae:
71:ac:80:a8:5b:58:d1:53:03:a1:f4:dd:01:0e:44:2c:5b:60:
3c:af:dc:e8:ac:96:76:a2:33:cc:e1:e3:d2:1d:21:5c:bb:de:
22:50:b6:df:4c:af:98:3e:72:70:f5:e0:ee:48:08:29:43:5f:
26:9b:17:7e:52:53:ac:d4:9b:fd:b8:78:44:46:ae:76:a5:b9:
eb:3f:2c:9d:c9:db:ad:83:84:54:bc:ce:6d:48:1e:c0:7c:43:
53:9c:18:e4:27:d7:86:d9:a4:76:84:a6:53:c0:f7:35:51:59:
c5:8e:a5:ea:12:a4:20:31:e9:e4:a3:af:48:63:9e:7c:c6:a9:
f6:bf:7a:73:7f:61:67:b6:34:8d:e1:d0:e3:96:fc:48:76:5f:
7c:bf:65:08:25:54:69:02:40:c0:9a:ce:00:8b:30:5e:28:45:
53:80:2d:0d:f1:3e:a5:91:77:1f:9d:e2:76:2e:6d:f9:f1:8d:
d0:0d:35:1b:42:73:a8:bc:96:54:f4:13:fe:6b:c4:4c:a9:09:
d7:47:b6:10:43:90:e6:f2:c1:c3:b8:22:ec:b8:bd:7a:8f:ad:
dd:a8:9a:58:9f:49:57:01:0b:0d:14:02:72:2a:1c:e8:a0:6a:
5a:08:9c:1c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzIcLyQorZ4fRHedNoci8rUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZWU4ODA0ZmY3MDM3NmUyYWZlMjFhYmY5M2UyMjhkNWFm
ZGQ1MDkwHhcNMjQwMTAyMDQzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU2MDFhMjZiMjMwOWQ1NzYxNGZkOGVlNTA0NjQ5MmE3YzdjNzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxojM1IE1JGpcF6PgQwjOevMXMvFl
jlQvV0+V9619BQCwOTxCJqjgEyvCJtbui/x6t0y5PVu9D48EO8cAjGA0q3pPNLSo
PMibuatUbYYRNWlWbt76ZC4qNLdaZJhi/e+XGdGtoglIJK03bwzaPmD3S41zLmZj
GcRqXz/rwuLlsLnFhoBk2yh+zoqlyBlCWqhf7A6ZKY/mpujm3zv9ptM9YDICyJYO
hlXeZTs1T3NYTY/4wz1/M+g6s7Gdzj0TpcMagCRxPgp+KrAAgaCotNc2dadeqKIa
v1Nx5wQqfTD/VcPIuCrXIoocBV8W/ZS6Ce8/AidiGW3jHopWxlmFxLQfEQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNTmAaJrIwnVdhT9juUEZJKnx8eBMB8GA1UdIwQY
MBaAFIzuiAT/cDduKv4hq/k+Io1a/dUJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak82SUJQOXdOMjRxX2lHci1UNGlqVnI5MVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jYzFhYjktZmViZS00NDIyLThiMzIt
OTJkOTRjZDdiMDI0LzEvMU9ZQm9tc2pDZFYyRlAyTzVRUmtrcWZIeDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jYzFhYjktZmViZS00NDIyLThiMzItOTJkOTRjZDdiMDI0
LzEvak82SUJQOXdOMjRxX2lHci1UNGlqVnI5MVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARQSdAD
BAFQSdgDBAK59AwwDQYJKoZIhvcNAQELBQADggEBAL9ngSHow0rAwAqEDTct/tHw
rnGsgKhbWNFTA6H03QEORCxbYDyv3OislnaiM8zh49IdIVy73iJQtt9Mr5g+cnD1
4O5ICClDXyabF35SU6zUm/24eERGrnalues/LJ3J262DhFS8zm1IHsB8Q1OcGOQn
14bZpHaEplPA9zVRWcWOpeoSpCAx6eSjr0hjnnzGqfa/enN/YWe2NI3h0OOW/Eh2
X3y/ZQglVGkCQMCazgCLMF4oRVOALQ3xPqWRdx+d4nYubfnxjdANNRtCc6i8llT0
E/5rxEypCddHthBDkObywcO4Iuy4vXqPrd2omlifSVcBCw0UAnIqHOigaloInBw=
-----END CERTIFICATE-----
Generated at Wed Jun 19 17:51:49 2024 by rpki-client on console-fra.rpki-client.org