Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1bb1a2-6763-4b24-ad88-06413ceefce0/1/02u4PN8vTV2Ha0mP9vjfkcZUX00.roa
File: 02u4PN8vTV2Ha0mP9vjfkcZUX00.roa (raw, json)
Hash identifier: PUjoWymbVBiy90QHISqzivHb8J8X7UyTKc8QpGLCNGk=
Subject key identifier: D3:6B:B8:3C:DF:2F:4D:5D:87:6B:49:8F:F6:F8:DF:91:C6:54:5F:4D
Certificate issuer: /CN=f08fba5263519b7c3a2155c69878217776defba0
Certificate serial: 018CC500482485096DEAB939A3AC6C843B15
Authority key identifier: F0:8F:BA:52:63:51:9B:7C:3A:21:55:C6:98:78:21:77:76:DE:FB:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8I-6UmNRm3w6IVXGmHghd3be-6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1bb1a2-6763-4b24-ad88-06413ceefce0/1/02u4PN8vTV2Ha0mP9vjfkcZUX00.roa
Signing time: Mon 01 Jan 2024 12:29:39 +0000
ROA not before: Mon 01 Jan 2024 12:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48847
IP address blocks: 185.12.223.0/24 maxlen: 24
185.12.222.0/24 maxlen: 24
185.12.221.0/24 maxlen: 24
185.12.220.0/22 maxlen: 22
185.12.221.152/29 maxlen: 29
109.233.21.92/30 maxlen: 30
109.233.17.0/24 maxlen: 24
109.233.16.0/24 maxlen: 24
109.233.16.0/21 maxlen: 21
109.233.20.0/24 maxlen: 24
109.233.19.128/25 maxlen: 25
109.233.19.0/24 maxlen: 24
109.233.18.0/24 maxlen: 24
109.233.23.0/24 maxlen: 24
109.233.22.0/24 maxlen: 24
109.233.21.0/24 maxlen: 24
109.233.23.0/30 maxlen: 30
109.233.19.128/30 maxlen: 30
109.233.23.152/29 maxlen: 29
109.233.20.196/30 maxlen: 30
109.233.21.100/30 maxlen: 30
2a03:6900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/1bb1a2-6763-4b24-ad88-06413ceefce0/1/8I-6UmNRm3w6IVXGmHghd3be-6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/1bb1a2-6763-4b24-ad88-06413ceefce0/1/8I-6UmNRm3w6IVXGmHghd3be-6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/8I-6UmNRm3w6IVXGmHghd3be-6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:48:24:85:09:6d:ea:b9:39:a3:ac:6c:84:3b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f08fba5263519b7c3a2155c69878217776defba0
Validity
Not Before: Jan 1 12:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d36bb83cdf2f4d5d876b498ff6f8df91c6545f4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:83:29:90:70:8e:d4:40:fa:b0:ad:b9:b5:ca:
ca:42:41:a1:a2:c8:47:83:01:1b:ac:6d:fb:e0:02:
d8:04:e3:6b:4f:52:33:4c:9d:0b:8d:09:e7:ef:f6:
fa:4d:d6:64:94:26:91:dc:e9:bf:81:4c:d7:db:09:
0f:c9:f3:cf:18:e0:29:6f:d9:83:fc:48:03:75:b8:
35:73:65:c8:24:f5:9c:9f:5d:99:21:13:f5:e7:5b:
1b:b2:6f:95:ff:d3:a3:04:9a:7f:f2:87:01:ba:a3:
23:ad:0f:b9:b9:52:b7:9e:be:c3:24:2e:9c:34:46:
48:6a:0c:d5:82:dc:60:5e:8e:23:d2:38:4f:e9:6d:
d3:27:e2:55:ca:7b:57:19:2d:83:c2:3b:60:d6:73:
23:2b:9f:18:b8:22:e5:06:92:c1:d3:1e:00:f5:3c:
60:b6:1f:a9:9c:c2:aa:e2:f0:1f:20:7b:93:04:6e:
4c:5c:a8:38:45:86:ec:cc:a8:9f:87:59:8f:bb:4d:
36:4e:87:84:33:a8:61:bb:3f:ad:55:7d:3c:87:cf:
b0:64:9c:45:1d:a9:fc:3a:b9:b8:b2:5e:c5:fb:b0:
e7:88:8a:2a:96:d1:fc:b4:c5:60:1b:a4:37:35:93:
ad:e4:99:8c:d8:99:21:af:e0:d1:54:f5:a2:dd:eb:
9a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:6B:B8:3C:DF:2F:4D:5D:87:6B:49:8F:F6:F8:DF:91:C6:54:5F:4D
X509v3 Authority Key Identifier:
keyid:F0:8F:BA:52:63:51:9B:7C:3A:21:55:C6:98:78:21:77:76:DE:FB:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8I-6UmNRm3w6IVXGmHghd3be-6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1bb1a2-6763-4b24-ad88-06413ceefce0/1/02u4PN8vTV2Ha0mP9vjfkcZUX00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1bb1a2-6763-4b24-ad88-06413ceefce0/1/8I-6UmNRm3w6IVXGmHghd3be-6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.16.0/21
185.12.220.0/22
IPv6:
2a03:6900::/32
Signature Algorithm: sha256WithRSAEncryption
22:01:8e:fa:22:8d:ce:4a:0c:e5:65:88:1f:9a:88:b6:51:4e:
bd:0e:13:68:c6:95:c6:c1:5e:6c:0c:38:91:c2:5b:8a:b2:1e:
73:19:91:a5:1d:f3:85:91:28:e2:e3:ad:0b:8d:53:0f:a6:ab:
64:0f:5d:67:65:af:10:4a:7a:3a:08:7d:36:27:3e:20:15:6d:
08:61:fd:f0:41:67:ca:8a:5f:06:95:c1:b2:c7:9c:02:33:67:
60:bf:5c:37:31:8e:f1:fc:23:72:a6:87:cc:9a:92:a7:15:dc:
bf:f4:02:2d:d9:31:46:56:6b:9b:9d:c9:9b:f6:11:30:bb:87:
a0:07:b7:fe:85:72:54:48:ab:d5:15:21:cf:c1:09:06:ba:3c:
71:f4:33:c5:6d:cd:55:c3:91:cc:ad:88:ac:97:01:1a:3a:a1:
1a:e3:33:f5:09:1f:6f:26:15:4b:82:d3:7c:93:1d:b3:36:bd:
6e:a0:d0:ea:33:1d:61:c3:66:a1:47:bd:5e:4e:36:29:57:54:
62:06:1f:5b:d2:16:eb:39:1b:13:b5:9a:ff:2a:14:ad:37:9a:
59:59:b4:16:cf:c6:80:52:e5:a6:47:58:b3:3a:3c:5d:5d:71:
5a:c3:b6:8a:2d:20:b9:3e:8c:cd:d6:3b:a1:a2:3d:ed:0d:e2:
60:06:4b:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAEgkhQlt6rk5o6xshDsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwOGZiYTUyNjM1MTliN2MzYTIxNTVjNjk4NzgyMTc3NzZk
ZWZiYTAwHhcNMjQwMTAxMTIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzZiYjgzY2RmMmY0ZDVkODc2YjQ5OGZmNmY4ZGY5MWM2NTQ1ZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIMpkHCO1ED6sK25tcrKQkGhoshH
gwEbrG374ALYBONrT1IzTJ0LjQnn7/b6TdZklCaR3Om/gUzX2wkPyfPPGOApb9mD
/EgDdbg1c2XIJPWcn12ZIRP151sbsm+V/9OjBJp/8ocBuqMjrQ+5uVK3nr7DJC6c
NEZIagzVgtxgXo4j0jhP6W3TJ+JVyntXGS2Dwjtg1nMjK58YuCLlBpLB0x4A9Txg
th+pnMKq4vAfIHuTBG5MXKg4RYbszKifh1mPu002ToeEM6hhuz+tVX08h8+wZJxF
Han8Orm4sl7F+7DniIoqltH8tMVgG6Q3NZOt5JmM2Jkhr+DRVPWi3eua5wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNNruDzfL01dh2tJj/b435HGVF9NMB8GA1UdIwQY
MBaAFPCPulJjUZt8OiFVxph4IXd23vugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEktNlVtTlJtM3c2SVZYR21IZ2hkM2JlLTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xYmIxYTItNjc2My00YjI0LWFkODgt
MDY0MTNjZWVmY2UwLzEvMDJ1NFBOOHZUVjJIYTBtUDl2amZrY1pVWDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xYmIxYTItNjc2My00YjI0LWFkODgtMDY0MTNjZWVmY2Uw
LzEvOEktNlVtTlJtM3c2SVZYR21IZ2hkM2JlLTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbekQAwQC
uQzcMA0EAgACMAcDBQAqA2kAMA0GCSqGSIb3DQEBCwUAA4IBAQAiAY76Io3OSgzl
ZYgfmoi2UU69DhNoxpXGwV5sDDiRwluKsh5zGZGlHfOFkSji460LjVMPpqtkD11n
Za8QSno6CH02Jz4gFW0IYf3wQWfKil8GlcGyx5wCM2dgv1w3MY7x/CNypofMmpKn
Fdy/9AIt2TFGVmubncmb9hEwu4egB7f+hXJUSKvVFSHPwQkGujxx9DPFbc1Vw5HM
rYislwEaOqEa4zP1CR9vJhVLgtN8kx2zNr1uoNDqMx1hw2ahR71eTjYpV1RiBh9b
0hbrORsTtZr/KhStN5pZWbQWz8aAUuWmR1izOjxdXXFaw7aKLSC5PozN1juhoj3t
DeJgBks0
-----END CERTIFICATE-----
Generated at Fri May 17 20:13:47 2024 by rpki-client on console-ams.rpki-client.org