Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/S75VsU6Q9yto2dtv_2KF_aE0fA8.roa
File: S75VsU6Q9yto2dtv_2KF_aE0fA8.roa (raw, json)
Hash identifier: r8hewhzAHa72c9CHUWIyqLSgPnbE/0Lwnen64XaXFGU=
Subject key identifier: 4B:BE:55:B1:4E:90:F7:2B:68:D9:DB:6F:FF:62:85:FD:A1:34:7C:0F
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 018F1932888BDD8B7F70824EBBE1C94F6D53
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/S75VsU6Q9yto2dtv_2KF_aE0fA8.roa
Signing time: Fri 26 Apr 2024 06:58:13 +0000
ROA not before: Fri 26 Apr 2024 06:58:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/16 maxlen: 24
185.35.12.0/22 maxlen: 22
195.4.128.0/19 maxlen: 19
195.4.145.0/24 maxlen: 24
195.4.160.0/20 maxlen: 20
195.4.184.0/21 maxlen: 21
195.4.192.0/20 maxlen: 20
195.4.199.0/24 maxlen: 24
195.4.208.0/21 maxlen: 21
2a00:dca0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:32:88:8b:dd:8b:7f:70:82:4e:bb:e1:c9:4f:6d:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Apr 26 06:58:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bbe55b14e90f72b68d9db6fff6285fda1347c0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4d:5c:7a:27:57:d8:23:29:fc:97:2c:04:3f:
cd:a0:0f:ba:35:60:91:c7:4d:c2:f4:0e:7e:0e:a5:
7c:3c:f6:3e:b2:80:3a:46:b6:59:12:05:89:06:cd:
2d:e2:d1:c3:5b:70:54:3f:40:28:06:40:0f:3a:86:
a6:9b:ed:bf:f0:52:93:45:ca:23:c8:37:b4:56:10:
c7:a6:a0:af:27:45:a5:a2:d6:7c:e2:d3:11:68:38:
27:46:e3:8c:13:d3:36:ee:cf:92:7c:86:70:5c:c6:
52:b6:85:6e:22:89:fb:b7:0f:0e:42:75:f1:a8:e8:
7b:08:b5:52:b3:fd:91:48:b7:8b:09:20:c4:70:70:
bd:26:e5:7a:dd:f3:a9:6a:c0:4f:d3:b0:2c:15:f2:
83:bb:7c:24:35:c5:d5:0a:cc:8f:91:c1:ab:95:20:
39:5e:88:8c:75:e0:16:1d:07:ea:da:e9:6f:c4:48:
fc:c6:b4:23:82:f7:d1:48:10:19:06:af:11:8a:21:
81:28:6f:eb:29:85:d7:79:a2:cb:70:d6:ff:a2:c1:
f1:57:b6:54:68:11:3d:13:43:d7:d9:37:25:30:a9:
9c:cd:9d:a7:56:23:72:78:60:35:d4:d9:52:39:27:
19:7e:f5:92:32:f9:53:62:dd:75:47:a4:c0:fd:0e:
d4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:BE:55:B1:4E:90:F7:2B:68:D9:DB:6F:FF:62:85:FD:A1:34:7C:0F
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/S75VsU6Q9yto2dtv_2KF_aE0fA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0/16
185.35.12.0/22
195.4.128.0-195.4.175.255
195.4.184.0-195.4.215.255
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
c0:8d:57:1a:3a:b8:3c:98:7a:e9:fe:e1:c8:65:e3:61:ff:15:
90:17:c6:57:57:29:b7:51:2e:50:64:8a:3c:9b:f2:a2:df:9b:
bb:1c:8a:a4:ce:5a:80:cb:55:5f:37:86:1c:40:12:63:4c:88:
88:f8:67:ce:55:90:17:ee:93:e1:2e:22:41:67:3d:6d:64:98:
78:90:3e:89:b1:21:ac:26:9a:84:16:e0:11:61:19:c7:ee:a6:
3a:d7:90:7b:24:54:c3:59:67:11:8b:eb:67:40:fd:02:ad:0a:
94:3e:00:db:03:3b:fc:0d:4f:0a:00:84:12:2a:11:80:4a:7d:
c0:c3:c6:7d:a2:a9:ea:87:4b:7e:a3:3f:c7:f0:2b:59:63:98:
1f:2c:08:32:84:f3:19:4a:f2:b7:34:ab:04:06:a4:ca:6e:12:
b0:f7:f7:9b:60:65:3e:69:53:61:e0:16:c2:ce:83:00:63:3b:
36:6a:78:66:ba:59:6d:52:3e:03:05:d3:cc:0d:a2:6f:dd:1a:
c5:42:a7:38:b2:4f:9c:be:a7:87:c0:96:1b:63:f6:d2:47:9f:
98:38:f0:ba:ab:7a:43:0d:6f:eb:c3:59:b3:a3:77:6b:e5:07:
18:77:7d:13:ef:b9:8b:0c:a2:7e:be:d5:ba:db:cb:ab:0e:c0:
b9:1b:0c:01
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY8ZMoiL3Yt/cIJOu+HJT21TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjQwNDI2MDY1ODEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmJlNTViMTRlOTBmNzJiNjhkOWRiNmZmZjYyODVmZGExMzQ3YzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE1ceidX2CMp/JcsBD/NoA+6NWCR
x03C9A5+DqV8PPY+soA6RrZZEgWJBs0t4tHDW3BUP0AoBkAPOoamm+2/8FKTRcoj
yDe0VhDHpqCvJ0WlotZ84tMRaDgnRuOME9M27s+SfIZwXMZStoVuIon7tw8OQnXx
qOh7CLVSs/2RSLeLCSDEcHC9JuV63fOpasBP07AsFfKDu3wkNcXVCsyPkcGrlSA5
XoiMdeAWHQfq2ulvxEj8xrQjgvfRSBAZBq8RiiGBKG/rKYXXeaLLcNb/osHxV7ZU
aBE9E0PX2TclMKmczZ2nViNyeGA11NlSOScZfvWSMvlTYt11R6TA/Q7UnwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEu+VbFOkPcraNnbb/9ihf2hNHwPMB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvUzc1VnNVNlE5eXRvMmR0dl8yS0ZfYUUwZkE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAtBAIAATAnAwMAWT8DBAK5
IwwwDAMEB8MEgAMEBMMEoDAMAwQDwwS4AwQDwwTQMA0EAgACMAcDBQMqANygMA0G
CSqGSIb3DQEBCwUAA4IBAQDAjVcaOrg8mHrp/uHIZeNh/xWQF8ZXVym3US5QZIo8
m/Ki35u7HIqkzlqAy1VfN4YcQBJjTIiI+GfOVZAX7pPhLiJBZz1tZJh4kD6JsSGs
JpqEFuARYRnH7qY615B7JFTDWWcRi+tnQP0CrQqUPgDbAzv8DU8KAIQSKhGASn3A
w8Z9oqnqh0t+oz/H8CtZY5gfLAgyhPMZSvK3NKsEBqTKbhKw9/ebYGU+aVNh4BbC
zoMAYzs2anhmulltUj4DBdPMDaJv3RrFQqc4sk+cvqeHwJYbY/bSR5+YOPC6q3pD
DW/rw1mzo3dr5QcYd30T77mLDKJ+vtW628urDsC5GwwB
-----END CERTIFICATE-----
Generated at Sun Jun 23 00:42:06 2024 by rpki-client on console-fra.rpki-client.org