Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/wZASo91Ntj94AA2q9K07CjUK06g.roa
File: wZASo91Ntj94AA2q9K07CjUK06g.roa (raw, json)
Hash identifier: ycGkbMaIG4S4X7fkc39Tgu6ydna5tDZEr7S7IQ75Hdc=
Subject key identifier: C1:90:12:A3:DD:4D:B6:3F:78:00:0D:AA:F4:AD:3B:0A:35:0A:D3:A8
Certificate issuer: /CN=951d493b1bc0a8c852dd11cfc937891dac3f07c2
Certificate serial: 01900083105C7EC25056C5C998B1EB091E44
Authority key identifier: 95:1D:49:3B:1B:C0:A8:C8:52:DD:11:CF:C9:37:89:1D:AC:3F:07:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lR1JOxvAqMhS3RHPyTeJHaw_B8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/wZASo91Ntj94AA2q9K07CjUK06g.roa
Signing time: Mon 10 Jun 2024 04:58:27 +0000
ROA not before: Mon 10 Jun 2024 04:58:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204180
IP address blocks: 185.111.248.0/22 maxlen: 22
185.111.248.0/24 maxlen: 24
185.111.249.0/24 maxlen: 24
185.111.250.0/24 maxlen: 24
185.111.251.0/24 maxlen: 24
2a06:6080::/29 maxlen: 29
2a06:6080::/32 maxlen: 32
2a06:6080::/40 maxlen: 40
2a06:6080::/48 maxlen: 48
2a06:6080:1::/48 maxlen: 48
2a06:6080:2::/48 maxlen: 48
2a06:6081::/32 maxlen: 32
2a06:6082::/32 maxlen: 32
2a06:6083::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/lR1JOxvAqMhS3RHPyTeJHaw_B8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/lR1JOxvAqMhS3RHPyTeJHaw_B8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/lR1JOxvAqMhS3RHPyTeJHaw_B8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:00:83:10:5c:7e:c2:50:56:c5:c9:98:b1:eb:09:1e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951d493b1bc0a8c852dd11cfc937891dac3f07c2
Validity
Not Before: Jun 10 04:58:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c19012a3dd4db63f78000daaf4ad3b0a350ad3a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:af:9d:2b:46:2d:68:0c:31:e8:32:61:ac:39:
56:27:98:f1:1e:3d:4b:b5:cf:6e:d9:72:19:b3:13:
e3:55:52:bb:6c:29:c4:d5:ba:fd:98:93:72:e7:4f:
71:8e:82:14:44:de:1a:d8:a2:bf:a0:bf:0b:37:c4:
49:41:bb:c0:33:38:43:90:c7:e8:1f:4e:46:4e:08:
73:1b:af:7d:96:84:48:c2:01:9e:1f:bd:ff:c4:34:
87:88:da:48:53:15:af:4d:35:ae:df:93:bb:32:fb:
3f:93:c1:19:a0:7d:07:ee:0a:39:cc:0e:7a:59:27:
c5:fd:db:86:d1:1d:b6:c0:57:85:fa:1c:04:bb:7d:
b9:4e:a7:6b:ba:83:2c:f2:d6:a2:7b:5b:b2:67:83:
fd:6b:87:0b:42:f0:95:77:95:0a:4c:89:6e:af:ec:
4c:32:9a:1b:25:5c:e6:c7:e0:f1:9e:aa:20:8b:61:
4a:fc:56:8d:b0:d2:c2:26:7d:0a:ff:b8:68:2b:a8:
3e:17:77:0d:1d:ad:33:b9:dc:e8:44:e3:74:88:76:
14:38:98:6e:a5:c3:39:e5:7b:9c:76:60:a0:0b:7d:
7c:81:58:61:a2:43:cc:f0:2c:c4:a4:18:d1:0a:04:
18:b2:c0:6e:78:2c:6d:5d:47:ac:cf:32:01:3d:4c:
76:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:90:12:A3:DD:4D:B6:3F:78:00:0D:AA:F4:AD:3B:0A:35:0A:D3:A8
X509v3 Authority Key Identifier:
keyid:95:1D:49:3B:1B:C0:A8:C8:52:DD:11:CF:C9:37:89:1D:AC:3F:07:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lR1JOxvAqMhS3RHPyTeJHaw_B8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/wZASo91Ntj94AA2q9K07CjUK06g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/lR1JOxvAqMhS3RHPyTeJHaw_B8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.248.0/22
IPv6:
2a06:6080::/29
Signature Algorithm: sha256WithRSAEncryption
bc:b0:fd:e3:19:69:43:3d:47:01:1e:62:3f:e3:5a:7d:e9:4a:
b1:b8:51:7e:58:85:77:eb:b1:a7:ee:02:66:10:b5:f2:30:a4:
96:e6:81:f7:cc:ab:c4:5b:53:e2:f2:d1:b2:e3:57:4a:a0:0e:
f4:63:59:a5:8d:a9:f9:0f:b1:09:a8:01:6c:2a:e3:62:1d:e7:
f0:1b:c0:81:a6:74:c3:18:87:de:b1:d6:3a:4e:53:a1:87:7e:
6b:94:34:cc:08:21:81:29:52:1c:51:2c:73:68:99:90:ae:ec:
9e:0e:a9:46:b7:ea:87:aa:76:30:ac:50:5b:a0:19:f9:73:f1:
09:c8:f8:83:5f:8c:8d:94:27:7a:c9:e0:ca:36:69:e9:04:58:
6d:0a:9e:f1:72:37:7a:06:6d:14:1d:48:e4:31:6c:94:7c:1d:
13:12:75:3c:b3:98:9b:c9:4f:52:96:27:e7:84:cc:89:bf:e9:
ff:2c:a9:25:89:4b:8c:f9:22:74:b2:bf:ef:b5:e8:9f:17:2f:
f7:68:b8:24:5e:66:21:a5:d8:c8:fd:a0:ab:56:59:b7:bf:e0:
53:66:d4:4b:61:06:96:5d:57:4e:d9:42:d2:34:8f:7a:a3:c3:
b0:f5:cb:63:32:8a:e3:33:54:70:a6:8d:65:a0:b4:ba:38:6c:
02:1b:ed:f0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZAAgxBcfsJQVsXJmLHrCR5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MWQ0OTNiMWJjMGE4Yzg1MmRkMTFjZmM5Mzc4OTFkYWMz
ZjA3YzIwHhcNMjQwNjEwMDQ1ODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTkwMTJhM2RkNGRiNjNmNzgwMDBkYWFmNGFkM2IwYTM1MGFkM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6q+dK0YtaAwx6DJhrDlWJ5jxHj1L
tc9u2XIZsxPjVVK7bCnE1br9mJNy509xjoIURN4a2KK/oL8LN8RJQbvAMzhDkMfo
H05GTghzG699loRIwgGeH73/xDSHiNpIUxWvTTWu35O7Mvs/k8EZoH0H7go5zA56
WSfF/duG0R22wFeF+hwEu325TqdruoMs8taie1uyZ4P9a4cLQvCVd5UKTIlur+xM
MpobJVzmx+Dxnqogi2FK/FaNsNLCJn0K/7hoK6g+F3cNHa0zudzoRON0iHYUOJhu
pcM55XucdmCgC318gVhhokPM8CzEpBjRCgQYssBueCxtXUeszzIBPUx2OwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMGQEqPdTbY/eAANqvStOwo1CtOoMB8GA1UdIwQY
MBaAFJUdSTsbwKjIUt0Rz8k3iR2sPwfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFIxSk94dkFxTWhTM1JIUHlUZUpIYXdfQjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84OWJmM2EtYmY5MC00NjdhLWE5MGIt
MjJlMjQ4ZWQyMDE0LzEvd1pBU285MU50ajk0QUEycTlLMDdDalVLMDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84OWJmM2EtYmY5MC00NjdhLWE5MGItMjJlMjQ4ZWQyMDE0
LzEvbFIxSk94dkFxTWhTM1JIUHlUZUpIYXdfQjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW/4MA0E
AgACMAcDBQMqBmCAMA0GCSqGSIb3DQEBCwUAA4IBAQC8sP3jGWlDPUcBHmI/41p9
6UqxuFF+WIV367Gn7gJmELXyMKSW5oH3zKvEW1Pi8tGy41dKoA70Y1mljan5D7EJ
qAFsKuNiHefwG8CBpnTDGIfesdY6TlOhh35rlDTMCCGBKVIcUSxzaJmQruyeDqlG
t+qHqnYwrFBboBn5c/EJyPiDX4yNlCd6yeDKNmnpBFhtCp7xcjd6Bm0UHUjkMWyU
fB0TEnU8s5ibyU9SlifnhMyJv+n/LKkliUuM+SJ0sr/vteifFy/3aLgkXmYhpdjI
/aCrVlm3v+BTZtRLYQaWXVdO2ULSNI96o8Ow9ctjMorjM1Rwpo1loLS6OGwCG+3w
-----END CERTIFICATE-----
Generated at Sun Jun 23 00:42:52 2024 by rpki-client on console-fra.rpki-client.org