Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/7f9a4f-e7e3-4973-b039-755e3b96d5ed/1/po3zPY0LdHdC7Ucv1TgtqaJj978.roa
File: po3zPY0LdHdC7Ucv1TgtqaJj978.roa (raw, json)
Hash identifier: Hy/6VimRJmbw91hs60oTXlxlzzsWRFPUOG+8sxKhgws=
Subject key identifier: A6:8D:F3:3D:8D:0B:74:77:42:ED:47:2F:D5:38:2D:A9:A2:63:F7:BF
Certificate issuer: /CN=2097a3117ca1c1d6292ae52911b4f0ca4f8e9019
Certificate serial: 018CC2DB47A6A730B3A32CE428F4483C4009
Authority key identifier: 20:97:A3:11:7C:A1:C1:D6:29:2A:E5:29:11:B4:F0:CA:4F:8E:90:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IJejEXyhwdYpKuUpEbTwyk-OkBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/7f9a4f-e7e3-4973-b039-755e3b96d5ed/1/po3zPY0LdHdC7Ucv1TgtqaJj978.roa
Signing time: Mon 01 Jan 2024 02:29:59 +0000
ROA not before: Mon 01 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205889
IP address blocks: 185.203.55.0/24 maxlen: 24
185.203.54.0/23 maxlen: 23
185.203.52.0/24 maxlen: 24
185.203.53.0/24 maxlen: 24
185.203.52.0/22 maxlen: 22
185.203.52.0/23 maxlen: 23
185.203.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/7f9a4f-e7e3-4973-b039-755e3b96d5ed/1/IJejEXyhwdYpKuUpEbTwyk-OkBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/7f9a4f-e7e3-4973-b039-755e3b96d5ed/1/IJejEXyhwdYpKuUpEbTwyk-OkBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/IJejEXyhwdYpKuUpEbTwyk-OkBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Dec 2024 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:47:a6:a7:30:b3:a3:2c:e4:28:f4:48:3c:40:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2097a3117ca1c1d6292ae52911b4f0ca4f8e9019
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a68df33d8d0b747742ed472fd5382da9a263f7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3e:1e:3a:e3:f7:61:17:62:50:60:fc:6d:dc:
3b:1f:a2:3e:32:64:29:e0:55:9a:18:d6:06:55:8f:
35:1c:b8:ee:c3:9f:ab:80:29:7f:4b:21:85:d9:1e:
0c:28:a8:6a:d5:2f:1f:c9:df:ac:eb:9a:b1:d1:2a:
7a:44:22:15:9f:e9:4d:9f:0a:57:24:b3:72:cd:08:
a0:07:8a:ad:84:e5:1a:9e:90:82:b9:d4:6e:13:ee:
99:c1:4a:04:89:7a:8e:4b:97:3b:63:ae:67:04:e8:
f3:33:3c:5f:82:31:25:5d:e2:1e:5b:ca:fc:8a:f8:
63:8b:02:c0:73:e1:49:98:73:4a:0d:27:35:e3:ab:
ed:dc:a6:b4:8d:03:f2:af:42:73:ac:4a:d1:5a:f0:
5a:c3:29:6c:94:3a:3b:0e:43:83:09:3f:5b:f2:56:
74:de:12:5e:5d:de:32:c0:a2:17:e0:8c:df:42:05:
fb:ce:bd:3e:a9:e3:1d:b3:50:dc:fd:a6:0e:7f:89:
68:65:5b:c1:93:5e:74:de:76:46:80:1c:15:f2:bb:
41:a8:35:2b:13:b8:92:92:46:f2:7f:49:5f:64:3a:
2d:d6:da:64:1c:0a:58:bb:9d:57:6d:83:c9:a1:ea:
bf:8a:86:ee:02:c0:c2:16:1c:6f:6a:f5:61:bd:71:
c9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8D:F3:3D:8D:0B:74:77:42:ED:47:2F:D5:38:2D:A9:A2:63:F7:BF
X509v3 Authority Key Identifier:
keyid:20:97:A3:11:7C:A1:C1:D6:29:2A:E5:29:11:B4:F0:CA:4F:8E:90:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IJejEXyhwdYpKuUpEbTwyk-OkBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7f9a4f-e7e3-4973-b039-755e3b96d5ed/1/po3zPY0LdHdC7Ucv1TgtqaJj978.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7f9a4f-e7e3-4973-b039-755e3b96d5ed/1/IJejEXyhwdYpKuUpEbTwyk-OkBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.52.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:92:5c:bb:47:21:0c:de:3d:44:e6:d1:16:30:af:45:e9:ee:
52:ff:08:b3:70:ab:c4:18:88:4e:ae:13:8f:22:c8:5f:62:f2:
cf:57:2a:65:f5:7b:da:50:8a:1e:d3:b5:5b:f8:46:e8:51:a5:
7a:ac:74:14:75:d8:78:0b:b1:9f:21:99:98:18:15:63:76:6b:
ae:00:b2:70:a3:90:0a:6f:d0:72:1b:a7:a6:43:ed:fe:1b:2a:
29:0d:73:15:fa:b4:a6:80:e8:bd:29:8a:e5:e4:8a:7e:7e:40:
ab:59:3e:bc:f8:87:ed:d6:e9:68:64:55:8f:f0:0a:55:ba:71:
4b:7f:a8:22:4d:b8:f3:0a:65:38:a6:ba:bc:36:09:ca:6d:be:
08:34:8a:57:5f:af:ba:9b:10:28:c2:8e:95:8e:14:41:a5:6b:
91:c3:2a:cc:06:ee:25:0c:84:32:19:9d:38:b7:b3:a8:3a:8e:
1d:2a:52:f4:54:98:a7:b2:3f:f7:69:25:00:ba:7b:50:cf:fd:
22:8c:3d:2c:f9:14:ad:b2:26:99:52:f4:78:fe:e6:ea:84:ab:
ee:e3:a8:62:e4:95:51:44:f0:d6:8a:b6:ee:ac:46:a0:8e:46:
17:c5:cd:46:2c:f1:6d:44:83:12:8a:2f:5f:21:ab:a5:fe:10:
78:f6:03:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC20empzCzoyzkKPRIPEAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOTdhMzExN2NhMWMxZDYyOTJhZTUyOTExYjRmMGNhNGY4
ZTkwMTkwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjhkZjMzZDhkMGI3NDc3NDJlZDQ3MmZkNTM4MmRhOWEyNjNmN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj4eOuP3YRdiUGD8bdw7H6I+MmQp
4FWaGNYGVY81HLjuw5+rgCl/SyGF2R4MKKhq1S8fyd+s65qx0Sp6RCIVn+lNnwpX
JLNyzQigB4qthOUanpCCudRuE+6ZwUoEiXqOS5c7Y65nBOjzMzxfgjElXeIeW8r8
ivhjiwLAc+FJmHNKDSc146vt3Ka0jQPyr0JzrErRWvBawylslDo7DkODCT9b8lZ0
3hJeXd4ywKIX4IzfQgX7zr0+qeMds1Dc/aYOf4loZVvBk1503nZGgBwV8rtBqDUr
E7iSkkbyf0lfZDot1tpkHApYu51XbYPJoeq/iobuAsDCFhxvavVhvXHJMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKaN8z2NC3R3Qu1HL9U4LamiY/e/MB8GA1UdIwQY
MBaAFCCXoxF8ocHWKSrlKRG08MpPjpAZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUplakVYeWh3ZFlwS3VVcEViVHd5ay1Pa0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC83ZjlhNGYtZTdlMy00OTczLWIwMzkt
NzU1ZTNiOTZkNWVkLzEvcG8zelBZMExkSGRDN1VjdjFUZ3RxYUpqOTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC83ZjlhNGYtZTdlMy00OTczLWIwMzktNzU1ZTNiOTZkNWVk
LzEvSUplakVYeWh3ZFlwS3VVcEViVHd5ay1Pa0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucs0MA0G
CSqGSIb3DQEBCwUAA4IBAQA9kly7RyEM3j1E5tEWMK9F6e5S/wizcKvEGIhOrhOP
IshfYvLPVypl9XvaUIoe07Vb+EboUaV6rHQUddh4C7GfIZmYGBVjdmuuALJwo5AK
b9ByG6emQ+3+GyopDXMV+rSmgOi9KYrl5Ip+fkCrWT68+Ift1uloZFWP8ApVunFL
f6giTbjzCmU4prq8NgnKbb4INIpXX6+6mxAowo6VjhRBpWuRwyrMBu4lDIQyGZ04
t7OoOo4dKlL0VJinsj/3aSUAuntQz/0ijD0s+RStsiaZUvR4/ubqhKvu46hi5JVR
RPDWirburEagjkYXxc1GLPFtRIMSii9fIaul/hB49gPb
-----END CERTIFICATE-----
Generated at Sun Dec 29 13:16:28 2024 by rpki-client on console-ams.rpki-client.org