Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/4YHU0QW0iz7ZCn2aViR7gdX8Vx4.roa
File: 4YHU0QW0iz7ZCn2aViR7gdX8Vx4.roa (raw, json)
Hash identifier: EXFolEfMopqkYE6VfCmkhnNqStqSPdAbRtR7KmwXYkw=
Subject key identifier: E1:81:D4:D1:05:B4:8B:3E:D9:0A:7D:9A:56:24:7B:81:D5:FC:57:1E
Certificate issuer: /CN=9e32aef0067c4f0ba20ee6663440005b1b3b887b
Certificate serial: 018CC726C3DFCEDEAA4A62DB994EC65CEBC1
Authority key identifier: 9E:32:AE:F0:06:7C:4F:0B:A2:0E:E6:66:34:40:00:5B:1B:3B:88:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njKu8AZ8TwuiDuZmNEAAWxs7iHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/4YHU0QW0iz7ZCn2aViR7gdX8Vx4.roa
Signing time: Mon 01 Jan 2024 22:30:55 +0000
ROA not before: Mon 01 Jan 2024 22:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199567
IP address blocks: 185.8.209.0/24 maxlen: 24
185.8.208.0/24 maxlen: 24
185.8.211.0/24 maxlen: 24
185.8.208.0/22 maxlen: 22
185.8.210.0/24 maxlen: 24
194.40.245.0/24 maxlen: 24
2a02:d740::/29 maxlen: 29
2a02:d740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/njKu8AZ8TwuiDuZmNEAAWxs7iHs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/njKu8AZ8TwuiDuZmNEAAWxs7iHs.mft
rsync://rpki.ripe.net/repository/DEFAULT/njKu8AZ8TwuiDuZmNEAAWxs7iHs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:c3:df:ce:de:aa:4a:62:db:99:4e:c6:5c:eb:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e32aef0067c4f0ba20ee6663440005b1b3b887b
Validity
Not Before: Jan 1 22:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e181d4d105b48b3ed90a7d9a56247b81d5fc571e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a8:73:c1:2b:ae:bc:ad:59:7b:64:bd:7c:e5:
57:d9:99:22:e0:c8:c2:58:2f:65:8a:4a:8a:af:2a:
86:c8:1d:23:12:4a:50:45:48:c5:79:a2:c4:cf:46:
1a:0d:c6:3a:13:fa:bf:88:13:cc:fb:9e:11:92:82:
bc:c6:28:1b:fe:34:84:01:e6:00:e3:5c:32:0f:da:
da:82:03:d9:e9:ee:1c:93:70:90:0d:59:db:6b:44:
e5:dc:93:a2:0b:51:ff:6a:06:6f:5e:dc:5f:b5:40:
34:ec:de:61:d4:16:2a:cc:41:1f:71:26:5f:a9:10:
2f:ca:b4:3c:10:cd:3b:74:5b:ee:f9:3f:86:27:82:
dd:01:bb:99:8c:b0:f2:13:64:ae:af:2a:7e:24:1f:
f8:80:48:4c:02:f9:28:e3:dc:6f:f9:e2:72:f5:fe:
21:e8:89:b2:3c:02:e3:97:fc:71:9c:be:00:42:f2:
4f:91:3f:2d:2f:1c:d9:09:6e:d6:a6:43:77:10:60:
09:9c:9f:2c:aa:b7:96:df:76:0e:54:0a:fe:ef:82:
c8:13:4a:ad:14:fc:c3:c3:56:d9:20:4c:b9:ee:a5:
10:03:b6:8c:50:e2:26:19:67:c5:ea:d6:e1:2d:51:
6b:67:b2:aa:c1:4e:31:ce:14:7f:8d:59:c7:bd:fc:
d6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:81:D4:D1:05:B4:8B:3E:D9:0A:7D:9A:56:24:7B:81:D5:FC:57:1E
X509v3 Authority Key Identifier:
keyid:9E:32:AE:F0:06:7C:4F:0B:A2:0E:E6:66:34:40:00:5B:1B:3B:88:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njKu8AZ8TwuiDuZmNEAAWxs7iHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/4YHU0QW0iz7ZCn2aViR7gdX8Vx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/njKu8AZ8TwuiDuZmNEAAWxs7iHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.208.0/22
194.40.245.0/24
IPv6:
2a02:d740::/29
Signature Algorithm: sha256WithRSAEncryption
68:63:6c:af:6f:5a:a4:c3:ea:51:ba:f4:5a:90:ef:1c:af:d4:
5c:51:7c:68:54:d2:d5:c9:62:fe:a0:77:be:a2:db:81:4c:8a:
16:6b:e0:ea:36:11:de:2e:fe:43:01:99:ef:26:d8:cb:de:92:
0b:60:59:62:0e:4f:75:a5:9a:80:81:e9:71:fc:66:6e:a8:f9:
d5:fb:37:b6:74:0b:de:6a:df:9b:bf:93:ec:5b:d2:4e:1d:a0:
64:b3:07:a5:ef:22:3a:af:36:9b:94:69:c0:15:8d:ba:d6:a6:
f2:fb:36:41:e0:5e:eb:f0:0d:d2:2a:8e:d0:75:d6:af:94:e5:
9a:fa:a9:13:24:af:30:9a:21:ac:69:73:cc:2a:af:79:8e:57:
f8:59:e2:6f:e4:f5:33:f4:6f:9a:c2:2d:fd:35:2d:77:4d:a9:
1f:dc:d8:34:b7:7e:0b:d4:c4:95:f4:10:aa:8b:af:db:20:85:
97:38:34:39:38:a0:78:31:70:1c:73:4c:17:c7:ad:5a:aa:b8:
1b:a8:73:51:6c:3d:ea:22:d8:7c:2d:4f:a2:a3:c1:13:d2:19:
ba:22:31:53:88:78:ac:9c:38:da:ca:de:bf:e1:e8:15:3b:ea:
a9:d3:c7:e2:43:c9:57:82:3f:82:a9:ee:c2:5f:7b:dc:17:d9:
e5:24:ff:0a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJsPfzt6qSmLbmU7GXOvBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzJhZWYwMDY3YzRmMGJhMjBlZTY2NjM0NDAwMDViMWIz
Yjg4N2IwHhcNMjQwMTAxMjIzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTgxZDRkMTA1YjQ4YjNlZDkwYTdkOWE1NjI0N2I4MWQ1ZmM1NzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsahzwSuuvK1Ze2S9fOVX2Zki4MjC
WC9likqKryqGyB0jEkpQRUjFeaLEz0YaDcY6E/q/iBPM+54RkoK8xigb/jSEAeYA
41wyD9raggPZ6e4ck3CQDVnba0Tl3JOiC1H/agZvXtxftUA07N5h1BYqzEEfcSZf
qRAvyrQ8EM07dFvu+T+GJ4LdAbuZjLDyE2Suryp+JB/4gEhMAvko49xv+eJy9f4h
6ImyPALjl/xxnL4AQvJPkT8tLxzZCW7WpkN3EGAJnJ8sqreW33YOVAr+74LIE0qt
FPzDw1bZIEy57qUQA7aMUOImGWfF6tbhLVFrZ7KqwU4xzhR/jVnHvfzWPQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOGB1NEFtIs+2Qp9mlYke4HV/FceMB8GA1UdIwQY
MBaAFJ4yrvAGfE8Log7mZjRAAFsbO4h7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpLdThBWjhUd3VpRHVabU5FQUFXeHM3aUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy84YzI4NzQtZWJiYS00Yzc3LTk2YzYt
YzMxYzZkODY5MWQwLzEvNFlIVTBRVzBpejdaQ24yYVZpUjdnZFg4Vng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy84YzI4NzQtZWJiYS00Yzc3LTk2YzYtYzMxYzZkODY5MWQw
LzEvbmpLdThBWjhUd3VpRHVabU5FQUFXeHM3aUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQjQAwQA
wij1MA0EAgACMAcDBQMqAtdAMA0GCSqGSIb3DQEBCwUAA4IBAQBoY2yvb1qkw+pR
uvRakO8cr9RcUXxoVNLVyWL+oHe+otuBTIoWa+DqNhHeLv5DAZnvJtjL3pILYFli
Dk91pZqAgelx/GZuqPnV+ze2dAveat+bv5PsW9JOHaBkswel7yI6rzablGnAFY26
1qby+zZB4F7r8A3SKo7QddavlOWa+qkTJK8wmiGsaXPMKq95jlf4WeJv5PUz9G+a
wi39NS13Takf3Ng0t34L1MSV9BCqi6/bIIWXODQ5OKB4MXAcc0wXx61aqrgbqHNR
bD3qIth8LU+io8ET0hm6IjFTiHisnDjayt6/4egVO+qp08fiQ8lXgj+Cqe7CX3vc
F9nlJP8K
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:18:21 2024 by rpki-client on console-fra.rpki-client.org