Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/B9IuPI61Or6ZX4PDzoaLbbcFqkE.roa
File: B9IuPI61Or6ZX4PDzoaLbbcFqkE.roa (raw, json)
Hash identifier: 6E1z6EDJCN0aMwXDxMRyOYkaKeysDHDVTarGuviGEb0=
Subject key identifier: 07:D2:2E:3C:8E:B5:3A:BE:99:5F:83:C3:CE:86:8B:6D:B7:05:AA:41
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 018D292BC820F4841379733B6A1F673C3BD9
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/B9IuPI61Or6ZX4PDzoaLbbcFqkE.roa
Signing time: Sat 20 Jan 2024 23:19:11 +0000
ROA not before: Sat 20 Jan 2024 23:19:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216279
IP address blocks: 45.83.200.0/22 maxlen: 22
185.114.156.0/22 maxlen: 22
185.229.32.0/22 maxlen: 22
2a03:3a60::/32 maxlen: 32
2a03:3a60:a22::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 11:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:29:2b:c8:20:f4:84:13:79:73:3b:6a:1f:67:3c:3b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jan 20 23:19:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07d22e3c8eb53abe995f83c3ce868b6db705aa41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:bd:f5:27:1c:87:e6:0a:95:a9:22:f8:67:ac:
51:c3:96:ba:8d:f4:f0:1c:70:e2:06:7a:4a:5a:1b:
85:0e:9b:5a:f0:55:34:6e:86:f2:ff:2a:0a:b0:96:
1e:db:ee:7a:7e:53:c5:d9:57:61:4a:44:1b:b0:6e:
7e:5b:ef:88:53:ac:05:22:c4:b8:82:ab:70:e8:f3:
48:0b:e5:3a:b0:8d:de:a6:27:4b:50:ec:05:30:37:
30:3b:87:82:7a:29:3a:a9:9c:ea:67:85:d0:b6:39:
f9:4a:a5:bb:d1:81:28:59:d3:43:05:12:d0:59:a7:
5b:55:9d:9a:66:fe:9b:c0:ff:e2:aa:c9:69:5d:ab:
33:20:18:3e:e3:1e:cb:de:ac:24:5a:0e:ad:e8:29:
25:13:67:a1:4a:af:b1:cd:5e:5e:8c:0d:f2:8f:33:
01:8f:9d:64:fc:f5:96:fe:66:ea:eb:12:60:a1:d2:
5c:16:e1:c5:ce:3c:0d:62:f0:27:58:b6:43:18:d0:
0b:4c:19:64:56:5f:a6:b2:7a:41:e2:4c:d6:62:bd:
c0:c5:3b:53:98:95:5d:3b:79:08:d4:40:7c:88:87:
e9:6a:dd:5d:46:70:75:b6:cc:80:65:eb:73:f7:c3:
21:b4:5a:4d:d8:17:71:53:a3:07:18:74:d8:fe:7f:
98:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D2:2E:3C:8E:B5:3A:BE:99:5F:83:C3:CE:86:8B:6D:B7:05:AA:41
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/B9IuPI61Or6ZX4PDzoaLbbcFqkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.200.0/22
185.114.156.0/22
185.229.32.0/22
IPv6:
2a03:3a60::/32
Signature Algorithm: sha256WithRSAEncryption
41:54:36:0e:b9:b9:8c:57:be:94:ab:41:31:61:c4:4f:ac:fd:
b7:df:31:b2:92:9f:b5:b1:a4:7a:ae:33:2c:8c:26:e2:65:33:
ab:bf:e3:08:1b:f6:07:e8:20:74:8a:cc:15:1c:fa:ba:52:cc:
0e:b9:d4:ca:60:63:5c:46:2b:51:7f:1d:a5:c9:80:26:f3:cf:
a0:96:03:c8:8d:c2:89:94:92:24:36:9a:71:df:0f:4e:a9:f9:
f4:38:93:1f:14:bb:8b:ae:20:9e:5a:23:ae:a3:87:73:73:8a:
a8:0f:df:0b:8a:60:84:32:7d:7f:93:ad:54:77:a0:07:22:56:
18:44:8d:ed:dc:09:4f:ea:9b:98:c5:39:0d:0a:e8:79:c1:12:
d5:24:39:2a:ea:4b:d4:74:3a:6f:a4:1e:bc:2f:5c:cd:4d:70:
f7:db:0e:cf:5b:31:28:2e:71:43:72:26:ad:d6:99:11:d7:67:
ce:20:75:18:ce:ab:a1:28:65:0a:51:14:ca:db:11:21:ce:bf:
72:f6:36:cc:16:6e:bc:88:98:34:e9:58:bb:7e:d1:bc:43:db:
1b:87:da:d0:a8:36:60:20:d6:aa:24:e3:9a:08:7d:9e:62:56:
11:98:2d:a0:9e:76:2b:a5:08:8c:e5:03:9a:cf:b8:93:b0:10:
0d:27:c2:0d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY0pK8gg9IQTeXM7ah9nPDvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjQwMTIwMjMxOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2QyMmUzYzhlYjUzYWJlOTk1ZjgzYzNjZTg2OGI2ZGI3MDVhYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkb31JxyH5gqVqSL4Z6xRw5a6jfTw
HHDiBnpKWhuFDpta8FU0boby/yoKsJYe2+56flPF2VdhSkQbsG5+W++IU6wFIsS4
gqtw6PNIC+U6sI3epidLUOwFMDcwO4eCeik6qZzqZ4XQtjn5SqW70YEoWdNDBRLQ
WadbVZ2aZv6bwP/iqslpXaszIBg+4x7L3qwkWg6t6CklE2ehSq+xzV5ejA3yjzMB
j51k/PWW/mbq6xJgodJcFuHFzjwNYvAnWLZDGNALTBlkVl+msnpB4kzWYr3AxTtT
mJVdO3kI1EB8iIfpat1dRnB1tsyAZetz98MhtFpN2BdxU6MHGHTY/n+YmwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAfSLjyOtTq+mV+Dw86Gi223BapBMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvQjlJdVBJNjFPcjZaWDRQRHpvYUxiYmNGcWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVPIAwQC
uXKcAwQCueUgMA0EAgACMAcDBQAqAzpgMA0GCSqGSIb3DQEBCwUAA4IBAQBBVDYO
ubmMV76Uq0ExYcRPrP233zGykp+1saR6rjMsjCbiZTOrv+MIG/YH6CB0iswVHPq6
UswOudTKYGNcRitRfx2lyYAm88+glgPIjcKJlJIkNppx3w9Oqfn0OJMfFLuLriCe
WiOuo4dzc4qoD98LimCEMn1/k61Ud6AHIlYYRI3t3AlP6puYxTkNCuh5wRLVJDkq
6kvUdDpvpB68L1zNTXD32w7PWzEoLnFDciat1pkR12fOIHUYzquhKGUKURTK2xEh
zr9y9jbMFm68iJg06Vi7ftG8Q9sbh9rQqDZgINaqJOOaCH2eYlYRmC2gnnYrpQiM
5QOaz7iTsBANJ8IN
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:33:23 2024 by rpki-client on console-ams.rpki-client.org