Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d97d28-a2e2-401d-8ff0-59fc73d60322/1/sb8oNDdOrSPp5l-KXN9BY9PuzQc.roa
File: sb8oNDdOrSPp5l-KXN9BY9PuzQc.roa (raw, json)
Hash identifier: HkT9936IxjFDo2iyHWxmAi6SPCWf96cfPZJU8j5J7hE=
Subject key identifier: B1:BF:28:34:37:4E:AD:23:E9:E6:5F:8A:5C:DF:41:63:D3:EE:CD:07
Certificate issuer: /CN=eb51359c9989b963e9594c1929c820367de322dd
Certificate serial: 018CC801400CE66A4E33B1648F8E09AC4313
Authority key identifier: EB:51:35:9C:99:89:B9:63:E9:59:4C:19:29:C8:20:36:7D:E3:22:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61E1nJmJuWPpWUwZKcggNn3jIt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d97d28-a2e2-401d-8ff0-59fc73d60322/1/sb8oNDdOrSPp5l-KXN9BY9PuzQc.roa
Signing time: Tue 02 Jan 2024 02:29:34 +0000
ROA not before: Tue 02 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 185.153.239.0/24 maxlen: 24
185.153.236.0/24 maxlen: 24
188.31.248.0/23 maxlen: 23
188.31.251.0/24 maxlen: 24
92.40.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/d97d28-a2e2-401d-8ff0-59fc73d60322/1/61E1nJmJuWPpWUwZKcggNn3jIt0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/d97d28-a2e2-401d-8ff0-59fc73d60322/1/61E1nJmJuWPpWUwZKcggNn3jIt0.mft
rsync://rpki.ripe.net/repository/DEFAULT/61E1nJmJuWPpWUwZKcggNn3jIt0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:40:0c:e6:6a:4e:33:b1:64:8f:8e:09:ac:43:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb51359c9989b963e9594c1929c820367de322dd
Validity
Not Before: Jan 2 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1bf2834374ead23e9e65f8a5cdf4163d3eecd07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:90:50:41:a8:6d:2e:23:e6:8f:d7:dd:a4:06:
9d:1e:77:4a:7e:f1:37:a5:41:17:06:76:d7:a9:5e:
1f:62:79:d7:21:4a:08:61:e5:76:d2:a9:9b:fd:9e:
18:af:34:62:f3:dd:af:0e:44:1c:09:0b:61:c8:3b:
da:61:16:65:31:e6:86:ab:09:7e:1b:14:e0:70:aa:
8e:ac:20:ee:15:73:07:ee:47:94:7c:a1:f5:13:79:
a9:28:a4:5b:3c:e5:fc:75:3f:be:1e:ec:d8:63:d2:
45:97:0c:71:e7:91:d0:51:8f:5a:57:62:d9:ab:73:
31:86:90:c0:61:06:4f:f2:87:f5:01:5a:7f:8c:4d:
ed:c0:e5:c9:9e:c8:d7:ef:fe:96:1c:d7:46:c4:bb:
f6:3c:66:a9:5a:f4:bf:7f:79:f8:31:7f:8b:5d:62:
b7:b4:7b:dd:a2:b7:81:20:64:58:2e:b8:bc:ac:c1:
b7:f4:3e:e1:c6:d8:41:77:e7:3a:98:34:23:aa:bb:
9a:d4:ff:55:33:d9:a3:6e:8c:3b:17:b6:5d:4f:c1:
5b:1c:03:0b:46:bf:1b:27:a9:0a:b5:0d:f3:83:5c:
51:82:3f:8c:18:2f:49:5a:97:d8:1e:15:38:8d:a7:
db:ed:b3:e0:72:cc:37:a9:ee:b9:83:68:b0:91:ef:
1f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:BF:28:34:37:4E:AD:23:E9:E6:5F:8A:5C:DF:41:63:D3:EE:CD:07
X509v3 Authority Key Identifier:
keyid:EB:51:35:9C:99:89:B9:63:E9:59:4C:19:29:C8:20:36:7D:E3:22:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61E1nJmJuWPpWUwZKcggNn3jIt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d97d28-a2e2-401d-8ff0-59fc73d60322/1/sb8oNDdOrSPp5l-KXN9BY9PuzQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d97d28-a2e2-401d-8ff0-59fc73d60322/1/61E1nJmJuWPpWUwZKcggNn3jIt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.40.245.0/24
185.153.236.0/24
185.153.239.0/24
188.31.248.0/23
188.31.251.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:af:02:a9:e0:bf:f4:a4:97:17:12:a8:ce:98:57:e7:3c:1c:
ed:5e:14:7e:4e:4b:3e:bf:80:d4:d3:49:e8:08:98:15:6d:d4:
50:17:38:3b:99:06:2f:b4:13:7e:15:57:6e:06:bb:8b:e9:5f:
bb:0d:54:c1:a8:e1:f4:59:24:3d:c1:e4:de:74:b0:69:61:5d:
5e:8c:b1:88:d4:b7:43:db:e7:8a:51:5e:28:ae:c8:11:0d:b0:
ea:bb:53:9f:23:8e:c5:32:6f:e8:dc:65:da:75:9a:11:54:99:
09:3d:30:f4:fe:69:3a:93:c7:e9:fa:55:e0:20:c7:19:b2:4a:
2b:a3:7b:a3:5e:75:ec:eb:89:30:bc:ac:ec:94:e0:2b:47:57:
f6:21:1f:87:45:2d:14:21:74:56:61:20:6b:4f:4a:63:98:5b:
cb:f5:f1:17:bd:db:32:38:5e:13:8e:fb:44:4b:77:b5:50:6b:
b0:89:73:65:6d:89:99:2d:d8:b2:d5:1f:83:30:ff:53:56:a0:
da:b1:39:66:b1:bb:e8:b6:27:79:28:55:28:be:41:74:65:f8:
45:c4:90:d5:e0:b8:d1:4a:47:e3:1a:8f:90:02:b4:b2:1e:f2:
30:85:03:37:f0:f2:89:fc:df:3f:2a:bf:01:b5:bc:25:4e:c6:
9d:fa:d0:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAUAM5mpOM7Fkj44JrEMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTEzNTljOTk4OWI5NjNlOTU5NGMxOTI5YzgyMDM2N2Rl
MzIyZGQwHhcNMjQwMTAyMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWJmMjgzNDM3NGVhZDIzZTllNjVmOGE1Y2RmNDE2M2QzZWVjZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5BQQahtLiPmj9fdpAadHndKfvE3
pUEXBnbXqV4fYnnXIUoIYeV20qmb/Z4YrzRi892vDkQcCQthyDvaYRZlMeaGqwl+
GxTgcKqOrCDuFXMH7keUfKH1E3mpKKRbPOX8dT++HuzYY9JFlwxx55HQUY9aV2LZ
q3MxhpDAYQZP8of1AVp/jE3twOXJnsjX7/6WHNdGxLv2PGapWvS/f3n4MX+LXWK3
tHvdoreBIGRYLri8rMG39D7hxthBd+c6mDQjqrua1P9VM9mjbow7F7ZdT8FbHAML
Rr8bJ6kKtQ3zg1xRgj+MGC9JWpfYHhU4jafb7bPgcsw3qe65g2iwke8f8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLG/KDQ3Tq0j6eZfilzfQWPT7s0HMB8GA1UdIwQY
MBaAFOtRNZyZiblj6VlMGSnIIDZ94yLdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFFMW5KbUp1V1BwV1V3WktjZ2dObjNqSXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC9kOTdkMjgtYTJlMi00MDFkLThmZjAt
NTlmYzczZDYwMzIyLzEvc2I4b05EZE9yU1BwNWwtS1hOOUJZOVB1elFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC9kOTdkMjgtYTJlMi00MDFkLThmZjAtNTlmYzczZDYwMzIy
LzEvNjFFMW5KbUp1V1BwV1V3WktjZ2dObjNqSXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAXCj1AwQA
uZnsAwQAuZnvAwQBvB/4AwQAvB/7MA0GCSqGSIb3DQEBCwUAA4IBAQBbrwKp4L/0
pJcXEqjOmFfnPBztXhR+Tks+v4DU00noCJgVbdRQFzg7mQYvtBN+FVduBruL6V+7
DVTBqOH0WSQ9weTedLBpYV1ejLGI1LdD2+eKUV4orsgRDbDqu1OfI47FMm/o3GXa
dZoRVJkJPTD0/mk6k8fp+lXgIMcZskoro3ujXnXs64kwvKzslOArR1f2IR+HRS0U
IXRWYSBrT0pjmFvL9fEXvdsyOF4TjvtES3e1UGuwiXNlbYmZLdiy1R+DMP9TVqDa
sTlmsbvotid5KFUovkF0ZfhFxJDV4LjRSkfjGo+QArSyHvIwhQM38PKJ/N8/Kr8B
tbwlTsad+tCU
-----END CERTIFICATE-----
Generated at Sat Apr 27 19:04:03 2024 by rpki-client on console-ams.rpki-client.org