Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/sO0gf2uX8b4bSGgknG6xY6CKhDQ.roa
File: sO0gf2uX8b4bSGgknG6xY6CKhDQ.roa (raw, json)
Hash identifier: BAoFtizDp0zGxUsnkFZNHOXseDbFVU45jmWCg3RYcpY=
Subject key identifier: B0:ED:20:7F:6B:97:F1:BE:1B:48:68:24:9C:6E:B1:63:A0:8A:84:34
Certificate issuer: /CN=0cd2cabeb1d724e7a48dd61e9a7e0c50a4e9bf50
Certificate serial: 019197F15AAAD328CE084A461D9B15715887
Authority key identifier: 0C:D2:CA:BE:B1:D7:24:E7:A4:8D:D6:1E:9A:7E:0C:50:A4:E9:BF:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNLKvrHXJOekjdYemn4MUKTpv1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/sO0gf2uX8b4bSGgknG6xY6CKhDQ.roa
Signing time: Wed 28 Aug 2024 07:44:22 +0000
ROA not before: Wed 28 Aug 2024 07:44:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209772
IP address blocks: 185.68.128.0/23 maxlen: 23
185.68.128.0/24 maxlen: 24
185.68.129.0/24 maxlen: 24
185.68.130.0/23 maxlen: 23
185.68.130.0/24 maxlen: 24
185.68.131.0/24 maxlen: 24
185.207.160.0/23 maxlen: 23
185.207.160.0/24 maxlen: 24
185.207.161.0/24 maxlen: 24
185.207.162.0/23 maxlen: 23
185.207.162.0/24 maxlen: 24
185.207.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/DNLKvrHXJOekjdYemn4MUKTpv1A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/DNLKvrHXJOekjdYemn4MUKTpv1A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DNLKvrHXJOekjdYemn4MUKTpv1A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 16:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:97:f1:5a:aa:d3:28:ce:08:4a:46:1d:9b:15:71:58:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd2cabeb1d724e7a48dd61e9a7e0c50a4e9bf50
Validity
Not Before: Aug 28 07:44:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0ed207f6b97f1be1b4868249c6eb163a08a8434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ca:84:86:66:c5:e7:fd:e0:0d:05:64:7d:7f:
a2:3f:de:d1:7a:18:e8:df:66:a3:7a:e8:66:3c:e0:
8b:02:57:23:3f:76:29:1d:5e:48:a7:1d:d1:b6:fd:
3f:63:12:bd:09:a1:4d:bc:1a:16:68:a9:f2:84:86:
0e:f0:a9:c7:ce:26:c4:e8:fc:d2:a5:e7:da:bb:33:
64:d2:2f:3f:93:f0:82:64:22:b9:52:19:c6:55:97:
0e:28:8f:20:bd:25:de:61:95:12:00:81:98:2b:ab:
6a:f4:cf:f9:ba:41:41:ed:4b:1c:3d:52:12:5a:15:
70:48:d8:4b:65:e9:52:15:6b:b6:21:ba:2d:28:80:
61:9a:04:65:1a:2e:de:95:ef:4d:0c:52:0f:2d:23:
42:75:c2:a4:5a:02:b9:d7:11:d2:f1:35:52:c4:48:
9c:d9:fb:99:88:21:97:db:6a:ef:89:de:85:c0:82:
a7:99:c0:c5:09:43:74:a0:bf:42:2f:46:41:3d:b8:
ab:46:d2:85:70:ff:61:08:39:aa:d0:7a:d6:cb:66:
8d:f8:98:b9:13:8d:f4:fa:48:e5:72:0e:a4:78:44:
7b:e3:4d:70:90:84:8a:cd:73:92:9c:a8:53:5b:0f:
e5:f8:22:1e:84:f7:79:43:1a:47:ba:0a:29:0d:68:
a8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:ED:20:7F:6B:97:F1:BE:1B:48:68:24:9C:6E:B1:63:A0:8A:84:34
X509v3 Authority Key Identifier:
keyid:0C:D2:CA:BE:B1:D7:24:E7:A4:8D:D6:1E:9A:7E:0C:50:A4:E9:BF:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNLKvrHXJOekjdYemn4MUKTpv1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/sO0gf2uX8b4bSGgknG6xY6CKhDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b79777-4a04-4dab-a1dc-25374494ceee/1/DNLKvrHXJOekjdYemn4MUKTpv1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.128.0/22
185.207.160.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:a6:84:8f:f4:52:73:e1:09:f3:4e:e8:cc:99:15:cc:6a:b1:
08:51:5b:64:1a:39:40:a7:ce:86:8f:f1:b2:aa:5b:99:29:68:
fa:e2:6d:2c:6b:8c:14:27:7a:de:86:7b:12:4e:74:71:2f:f0:
18:e2:69:55:79:86:51:4b:98:16:52:b6:d7:64:a5:99:d0:18:
3c:75:70:db:82:35:e0:25:81:2f:11:e8:a5:a3:65:6e:f8:4c:
14:28:4e:ba:2b:63:ac:da:32:6a:9c:c7:a3:91:bb:44:3e:8d:
78:09:6a:41:18:87:77:17:ff:4a:a7:d5:3c:47:c9:b6:d4:84:
c2:01:ce:08:3c:07:1a:a0:51:18:fc:1b:d9:f1:bb:a4:fb:f4:
41:ab:2a:cd:71:cd:fb:b4:1c:65:ee:83:d8:e4:fc:64:56:89:
8f:fa:f9:cb:cc:8a:82:6c:af:e1:14:da:26:b6:1d:6b:43:9b:
08:8e:c0:02:47:23:cd:25:4f:fe:f4:67:7e:be:cf:fd:d4:c2:
fc:75:7a:0e:ca:31:ca:c7:eb:67:30:67:55:33:6c:4b:81:70:
29:12:7c:7f:2a:91:f5:d5:5f:98:ec:84:ed:bf:7c:3f:3f:c6:
47:dc:28:a8:7e:44:b1:19:65:14:83:de:91:f6:c5:4c:f3:55:
d1:19:e7:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGX8Vqq0yjOCEpGHZsVcViHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDJjYWJlYjFkNzI0ZTdhNDhkZDYxZTlhN2UwYzUwYTRl
OWJmNTAwHhcNMjQwODI4MDc0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGVkMjA3ZjZiOTdmMWJlMWI0ODY4MjQ5YzZlYjE2M2EwOGE4NDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMqEhmbF5/3gDQVkfX+iP97Rehjo
32ajeuhmPOCLAlcjP3YpHV5Ipx3Rtv0/YxK9CaFNvBoWaKnyhIYO8KnHzibE6PzS
pefauzNk0i8/k/CCZCK5UhnGVZcOKI8gvSXeYZUSAIGYK6tq9M/5ukFB7UscPVIS
WhVwSNhLZelSFWu2IbotKIBhmgRlGi7ele9NDFIPLSNCdcKkWgK51xHS8TVSxEic
2fuZiCGX22rvid6FwIKnmcDFCUN0oL9CL0ZBPbirRtKFcP9hCDmq0HrWy2aN+Ji5
E430+kjlcg6keER7401wkISKzXOSnKhTWw/l+CIehPd5QxpHugopDWioXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLDtIH9rl/G+G0hoJJxusWOgioQ0MB8GA1UdIwQY
MBaAFAzSyr6x1yTnpI3WHpp+DFCk6b9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5MS3ZySFhKT2VramRZZW1uNE1VS1RwdjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iNzk3NzctNGEwNC00ZGFiLWExZGMt
MjUzNzQ0OTRjZWVlLzEvc08wZ2YydVg4YjRiU0dna25HNnhZNkNLaERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iNzk3NzctNGEwNC00ZGFiLWExZGMtMjUzNzQ0OTRjZWVl
LzEvRE5MS3ZySFhKT2VramRZZW1uNE1VS1RwdjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUSAAwQC
uc+gMA0GCSqGSIb3DQEBCwUAA4IBAQAdpoSP9FJz4QnzTujMmRXMarEIUVtkGjlA
p86Gj/GyqluZKWj64m0sa4wUJ3rehnsSTnRxL/AY4mlVeYZRS5gWUrbXZKWZ0Bg8
dXDbgjXgJYEvEeilo2Vu+EwUKE66K2Os2jJqnMejkbtEPo14CWpBGId3F/9Kp9U8
R8m21ITCAc4IPAcaoFEY/BvZ8buk+/RBqyrNcc37tBxl7oPY5PxkVomP+vnLzIqC
bK/hFNomth1rQ5sIjsACRyPNJU/+9Gd+vs/91ML8dXoOyjHKx+tnMGdVM2xLgXAp
Enx/KpH11V+Y7ITtv3w/P8ZH3CiofkSxGWUUg96R9sVM81XRGec5
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:02:07 2024 by rpki-client on console-fra.rpki-client.org