Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/gY7QijF71QkzlQtHTqNoQJFQvjg.roa
File: gY7QijF71QkzlQtHTqNoQJFQvjg.roa (raw, json)
Hash identifier: i4A8VjP3AJ38m/sfLcQYDx6as2Xym4xpMtB8eGMdOMo=
Subject key identifier: 81:8E:D0:8A:31:7B:D5:09:33:95:0B:47:4E:A3:68:40:91:50:BE:38
Certificate issuer: /CN=44a3b43f647e1e7714cd130764cbbc4814e7a148
Certificate serial: 018CC801A0DE7329643110B1D87A2B580A0D
Authority key identifier: 44:A3:B4:3F:64:7E:1E:77:14:CD:13:07:64:CB:BC:48:14:E7:A1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/gY7QijF71QkzlQtHTqNoQJFQvjg.roa
Signing time: Tue 02 Jan 2024 02:29:59 +0000
ROA not before: Tue 02 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14127
IP address blocks: 185.45.2.0/23 maxlen: 24
185.45.0.0/23 maxlen: 24
193.246.192.0/24 maxlen: 24
193.246.196.0/24 maxlen: 24
193.246.195.0/24 maxlen: 24
193.246.194.0/24 maxlen: 24
193.246.193.0/24 maxlen: 24
193.246.199.0/24 maxlen: 24
193.246.198.0/24 maxlen: 24
193.246.197.0/24 maxlen: 24
89.106.176.0/22 maxlen: 24
89.106.180.0/23 maxlen: 23
89.106.182.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.mft
rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a0:de:73:29:64:31:10:b1:d8:7a:2b:58:0a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a3b43f647e1e7714cd130764cbbc4814e7a148
Validity
Not Before: Jan 2 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=818ed08a317bd50933950b474ea368409150be38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a0:c4:91:08:79:0c:54:fe:03:2d:fe:ef:3a:
6f:dc:f3:c0:18:af:e9:f6:34:d2:ae:5a:90:a5:36:
4b:45:28:c3:39:cc:07:9b:50:07:2a:42:4a:91:c8:
04:1f:a3:e7:85:a4:28:5e:42:30:54:97:cc:1e:2d:
01:1f:4a:a0:d1:92:3e:b3:c1:d1:06:2b:20:9c:fb:
14:ed:e5:af:b1:b5:04:38:3e:ac:04:fa:c1:8c:d2:
1d:5d:5c:f4:a0:9b:93:6e:14:10:1d:5a:79:46:49:
41:4b:e0:df:34:12:55:80:9b:c8:3f:d6:d9:61:41:
68:b0:d1:ba:e4:21:65:fa:9c:40:65:46:c8:88:06:
ce:94:34:26:ea:f8:03:25:27:d3:cc:53:69:30:97:
17:3e:f9:f1:83:59:6a:36:cf:ad:a7:c5:ac:29:a1:
9e:6a:ac:98:8e:35:52:24:e4:96:cc:61:30:26:a8:
35:f9:ad:8c:bb:5f:cc:9c:b8:9b:e1:02:83:86:95:
59:39:79:d7:69:c7:22:2b:e0:c1:ea:a1:a8:bf:cf:
86:d6:64:23:fd:d0:ab:30:c6:88:25:8d:5a:d4:42:
44:0f:d3:75:d9:f9:17:ed:bf:83:e1:4b:36:38:11:
2a:a2:be:dc:f8:29:a9:5c:36:56:3d:68:76:90:8b:
29:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8E:D0:8A:31:7B:D5:09:33:95:0B:47:4E:A3:68:40:91:50:BE:38
X509v3 Authority Key Identifier:
keyid:44:A3:B4:3F:64:7E:1E:77:14:CD:13:07:64:CB:BC:48:14:E7:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/gY7QijF71QkzlQtHTqNoQJFQvjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.176.0/21
185.45.0.0/22
193.246.192.0/21
Signature Algorithm: sha256WithRSAEncryption
54:b0:7f:7e:fa:02:3c:6a:0b:a5:a0:a9:fb:08:a5:2c:f3:44:
3d:99:78:a4:ea:d9:37:57:26:37:3f:e3:3b:36:35:90:c0:99:
40:66:26:a9:35:8a:39:e5:9e:16:82:5c:2c:a5:95:1e:66:ee:
7f:2e:d9:92:1e:9e:2b:66:17:e6:c2:a7:66:1e:98:64:ff:45:
8f:9a:b1:5b:ba:06:7d:4a:59:d8:11:ba:b4:89:20:bf:d4:3b:
f2:38:aa:93:b3:bb:b8:63:8f:76:ab:ef:9c:ec:d9:c8:e1:92:
ee:3d:27:c6:9d:b2:1d:a1:25:76:65:44:22:e8:c4:11:89:da:
d6:bb:f0:ab:7f:31:ee:ee:cb:71:8b:bd:f1:56:78:eb:2d:f0:
4a:c6:49:94:13:77:b2:a1:6a:b5:bc:24:71:1e:e2:1e:3c:31:
69:28:30:8c:21:77:1f:b4:5c:5d:d8:de:63:11:3c:2e:65:12:
06:4c:54:d5:e6:5b:af:b2:e6:cd:ab:18:12:ca:a6:4b:ba:02:
c9:eb:97:61:02:d9:7a:d0:88:4c:47:a0:09:b8:4e:7f:13:4d:
e2:27:1a:f7:4e:a7:33:17:f5:f2:31:da:f7:b7:c8:46:6b:b2:
17:00:f9:33:4c:fc:7f:4a:fa:47:98:b7:03:2e:da:d0:0f:c8:
78:0b:b6:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAaDecylkMRCx2HorWAoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTNiNDNmNjQ3ZTFlNzcxNGNkMTMwNzY0Y2JiYzQ4MTRl
N2ExNDgwHhcNMjQwMTAyMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MThlZDA4YTMxN2JkNTA5MzM5NTBiNDc0ZWEzNjg0MDkxNTBiZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaDEkQh5DFT+Ay3+7zpv3PPAGK/p
9jTSrlqQpTZLRSjDOcwHm1AHKkJKkcgEH6PnhaQoXkIwVJfMHi0BH0qg0ZI+s8HR
BisgnPsU7eWvsbUEOD6sBPrBjNIdXVz0oJuTbhQQHVp5RklBS+DfNBJVgJvIP9bZ
YUFosNG65CFl+pxAZUbIiAbOlDQm6vgDJSfTzFNpMJcXPvnxg1lqNs+tp8WsKaGe
aqyYjjVSJOSWzGEwJqg1+a2Mu1/MnLib4QKDhpVZOXnXacciK+DB6qGov8+G1mQj
/dCrMMaIJY1a1EJED9N12fkX7b+D4Us2OBEqor7c+CmpXDZWPWh2kIspIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIGO0Ioxe9UJM5ULR06jaECRUL44MB8GA1UdIwQY
MBaAFESjtD9kfh53FM0TB2TLvEgU56FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lMWNlZTYtZGNmZi00MzczLWJkODgt
YTNjNTM5ZjBiNmQyLzEvZ1k3UWlqRjcxUWt6bFF0SFRxTm9RSkZRdmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lMWNlZTYtZGNmZi00MzczLWJkODgtYTNjNTM5ZjBiNmQy
LzEvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWWqwAwQC
uS0AAwQDwfbAMA0GCSqGSIb3DQEBCwUAA4IBAQBUsH9++gI8aguloKn7CKUs80Q9
mXik6tk3VyY3P+M7NjWQwJlAZiapNYo55Z4WglwspZUeZu5/LtmSHp4rZhfmwqdm
Hphk/0WPmrFbugZ9SlnYEbq0iSC/1DvyOKqTs7u4Y492q++c7NnI4ZLuPSfGnbId
oSV2ZUQi6MQRidrWu/CrfzHu7stxi73xVnjrLfBKxkmUE3eyoWq1vCRxHuIePDFp
KDCMIXcftFxd2N5jETwuZRIGTFTV5luvsubNqxgSyqZLugLJ65dhAtl60IhMR6AJ
uE5/E03iJxr3TqczF/XyMdr3t8hGa7IXAPkzTPx/SvpHmLcDLtrQD8h4C7Z1
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:46:30 2024 by rpki-client on console-ams.rpki-client.org