Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/tW-bi2WOSOvx9QvNnxyVELGdPFk.roa
File: tW-bi2WOSOvx9QvNnxyVELGdPFk.roa (raw, json)
Hash identifier: ASAu1CxPFS5Aom7GjsMHDJUGRZBhba5QqUkbh5UJv8k=
Subject key identifier: B5:6F:9B:8B:65:8E:48:EB:F1:F5:0B:CD:9F:1C:95:10:B1:9D:3C:59
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 0191C11100C85219C04B1375A4BBBAF9B10D
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/tW-bi2WOSOvx9QvNnxyVELGdPFk.roa
Signing time: Thu 05 Sep 2024 07:23:22 +0000
ROA not before: Thu 05 Sep 2024 07:23:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/16 maxlen: 24
185.35.12.0/22 maxlen: 22
195.4.128.0/19 maxlen: 19
195.4.145.0/24 maxlen: 24
195.4.160.0/20 maxlen: 20
195.4.184.0/21 maxlen: 21
195.4.192.0/20 maxlen: 20
195.4.199.0/24 maxlen: 24
195.4.208.0/21 maxlen: 21
2a00:dca0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:11:00:c8:52:19:c0:4b:13:75:a4:bb:ba:f9:b1:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Sep 5 07:23:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b56f9b8b658e48ebf1f50bcd9f1c9510b19d3c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0e:81:d9:d7:f9:db:03:56:83:97:4a:ca:ae:
4a:62:9e:0d:7c:a2:b3:8e:ef:08:e9:5f:98:ac:a6:
8d:3c:e2:bf:3f:eb:4e:83:6b:db:be:8e:b3:67:d3:
4c:93:6b:43:e8:7c:fe:7f:30:c7:01:58:d7:28:33:
e0:59:80:08:73:c7:a7:ee:75:d7:0c:85:ff:4b:b3:
e2:63:a8:f0:a3:6a:2b:1f:00:16:83:63:8f:bb:c6:
85:0b:86:0f:51:56:08:59:ca:ec:6e:ea:44:b6:94:
4e:55:d8:cf:ff:06:66:c7:a4:04:3e:31:12:26:65:
9e:31:f0:68:7f:1c:a8:85:c7:b2:7d:6c:aa:53:48:
a0:20:72:e4:5e:d3:ca:e8:ff:ba:fc:5f:31:9a:4c:
08:f4:0a:24:97:05:c1:a1:57:17:dd:b4:e6:62:44:
e0:26:09:b7:7d:20:21:3e:13:4f:f3:9a:4d:3b:6f:
79:e3:5a:5f:dd:01:44:d9:74:56:b4:2d:d3:72:fc:
27:90:19:b6:6b:cd:dd:f7:8b:24:22:10:68:17:4a:
1a:b4:8d:4e:c1:6d:29:0a:4d:94:9c:5c:a7:bd:f2:
52:e8:35:a0:3a:6d:84:40:ec:c5:f9:3b:ed:50:95:
0a:4d:4c:d3:4d:82:fe:8f:5d:17:0e:1d:f2:3d:ff:
31:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6F:9B:8B:65:8E:48:EB:F1:F5:0B:CD:9F:1C:95:10:B1:9D:3C:59
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/tW-bi2WOSOvx9QvNnxyVELGdPFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0/16
185.35.12.0/22
195.4.128.0-195.4.175.255
195.4.184.0-195.4.215.255
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
71:7e:d4:23:75:02:2b:8b:9a:20:bc:73:81:bf:2c:1c:e2:81:
b3:de:ca:32:b0:9f:e6:60:3e:83:07:b0:6a:c4:df:15:64:f5:
41:3e:29:5d:3f:9b:d8:c3:6f:ca:d5:ab:ba:95:a1:39:c5:6e:
50:c8:b6:ae:11:ba:03:3d:44:2e:dd:c1:13:9f:46:ae:84:d9:
13:b2:ea:ea:80:9a:cd:a1:5a:9e:2d:62:f9:b9:02:1d:c6:5a:
fa:c1:e6:92:28:10:c4:d9:41:7d:02:b6:15:f1:83:06:6b:97:
5b:ae:68:78:e4:d4:75:1d:c6:8b:c9:e0:52:1a:9d:a4:1e:ea:
f1:ed:cd:75:e3:81:82:f4:42:a8:9f:d3:cb:31:21:10:9c:b8:
8e:7f:91:e7:68:c0:43:74:e0:9c:ca:de:f7:9a:91:de:63:63:
3a:13:57:fb:59:22:47:84:0e:0c:0d:f3:e2:24:1d:66:18:52:
cc:c6:0e:92:00:f5:0d:65:3a:db:a6:de:14:6b:31:a3:59:74:
c0:de:bd:3e:8a:29:6e:ab:1c:e9:76:87:0e:61:26:42:be:89:
fd:6c:3a:ce:42:bd:5c:a9:4b:ce:9f:f7:3d:8b:2f:0e:e4:07:
cb:d7:ea:88:17:34:5b:91:ea:0f:7f:db:44:b2:a7:3b:da:f8:
12:31:0f:78
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZHBEQDIUhnASxN1pLu6+bENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjQwOTA1MDcyMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZmOWI4YjY1OGU0OGViZjFmNTBiY2Q5ZjFjOTUxMGIxOWQzYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw6B2df52wNWg5dKyq5KYp4NfKKz
ju8I6V+YrKaNPOK/P+tOg2vbvo6zZ9NMk2tD6Hz+fzDHAVjXKDPgWYAIc8en7nXX
DIX/S7PiY6jwo2orHwAWg2OPu8aFC4YPUVYIWcrsbupEtpROVdjP/wZmx6QEPjES
JmWeMfBofxyohceyfWyqU0igIHLkXtPK6P+6/F8xmkwI9AoklwXBoVcX3bTmYkTg
Jgm3fSAhPhNP85pNO29541pf3QFE2XRWtC3TcvwnkBm2a83d94skIhBoF0oatI1O
wW0pCk2UnFynvfJS6DWgOm2EQOzF+TvtUJUKTUzTTYL+j10XDh3yPf8xUwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLVvm4tljkjr8fULzZ8clRCxnTxZMB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvdFctYmkyV09TT3Z4OVF2Tm54eVZFTEdkUEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAtBAIAATAnAwMAWT8DBAK5
IwwwDAMEB8MEgAMEBMMEoDAMAwQDwwS4AwQDwwTQMA0EAgACMAcDBQMqANygMA0G
CSqGSIb3DQEBCwUAA4IBAQBxftQjdQIri5ogvHOBvywc4oGz3soysJ/mYD6DB7Bq
xN8VZPVBPildP5vYw2/K1au6laE5xW5QyLauEboDPUQu3cETn0auhNkTsurqgJrN
oVqeLWL5uQIdxlr6weaSKBDE2UF9ArYV8YMGa5dbrmh45NR1HcaLyeBSGp2kHurx
7c1144GC9EKon9PLMSEQnLiOf5HnaMBDdOCcyt73mpHeY2M6E1f7WSJHhA4MDfPi
JB1mGFLMxg6SAPUNZTrbpt4UazGjWXTA3r0+iiluqxzpdocOYSZCvon9bDrOQr1c
qUvOn/c9iy8O5AfL1+qIFzRbkeoPf9tEsqc72vgSMQ94
-----END CERTIFICATE-----
Generated at Sat Sep 28 14:35:20 2024 by rpki-client on console-ams.rpki-client.org