Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/1-bT_1QOevnzmkb0t-7gOh_5nCfo.roa
File: 1-bT_1QOevnzmkb0t-7gOh_5nCfo.roa (raw, json)
Hash identifier: l3LOYsVCYvO8G9WEsUmJrsokAzFlZ7dNkFGL0YaOoiU=
Subject key identifier: F9:B4:FF:D5:03:9E:BE:7C:E6:91:BD:2D:FB:B8:0E:87:FE:67:09:FA
Certificate issuer: /CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Certificate serial: 018CC4938DD82A759A9CEFA6B42E0BEC73D9
Authority key identifier: EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/1-bT_1QOevnzmkb0t-7gOh_5nCfo.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56665
IP address blocks: 185.3.44.0/22 maxlen: 24
94.252.0.0/17 maxlen: 24
185.40.60.0/22 maxlen: 24
212.66.64.0/19 maxlen: 24
31.204.88.0/21 maxlen: 24
2a04:81c0::/29 maxlen: 48
2a00:4180::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.mft
rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:03:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8d:d8:2a:75:9a:9c:ef:a6:b4:2e:0b:ec:73:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea22f4fb955d79f093d7e87b182c3440ac4be06c
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9b4ffd5039ebe7ce691bd2dfbb80e87fe6709fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d6:92:b8:64:22:70:e4:bf:72:a1:21:47:60:
0f:ff:53:25:21:75:35:77:c9:2a:0a:46:6e:0d:d6:
e0:a2:e6:00:5c:23:23:88:c9:65:7c:71:c5:b9:ca:
a6:1c:b6:cd:29:91:2c:4e:1a:54:89:d0:f0:5f:b8:
c1:c7:0c:c8:03:5a:64:82:b3:af:2e:24:97:dc:4c:
b6:70:f2:f5:d4:2f:b7:24:e3:c8:b8:ee:1b:61:12:
29:9f:b1:58:eb:4b:9e:5a:54:f5:d6:c0:fe:70:40:
1a:37:b4:a4:d9:d9:c2:ad:d4:bc:6f:bb:36:5b:78:
ac:4d:22:99:d1:3b:c9:8e:78:2d:d1:6b:ef:38:d3:
eb:e0:28:e4:f5:c8:b1:52:ad:64:91:fa:d9:0b:94:
ec:a9:62:cf:7a:f3:aa:41:9d:ee:3b:07:3d:1c:ae:
b1:33:86:64:a1:8c:1f:52:29:9f:85:ce:50:94:9b:
bb:53:b1:fc:a9:3d:aa:ae:52:e1:b4:55:a4:3f:17:
ad:9c:49:50:27:36:00:41:1a:ee:eb:57:bb:95:3e:
6f:00:48:27:30:18:a7:4b:57:5b:84:9a:c1:8c:66:
93:00:10:50:8e:31:10:d0:e9:73:d7:b1:84:ea:dc:
83:a0:d2:c7:2b:c0:cf:a2:43:0d:cb:0d:a5:b6:d4:
c8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B4:FF:D5:03:9E:BE:7C:E6:91:BD:2D:FB:B8:0E:87:FE:67:09:FA
X509v3 Authority Key Identifier:
keyid:EA:22:F4:FB:95:5D:79:F0:93:D7:E8:7B:18:2C:34:40:AC:4B:E0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6iL0-5VdefCT1-h7GCw0QKxL4Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/1-bT_1QOevnzmkb0t-7gOh_5nCfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/fc8037-2b7c-41fc-9dbf-93d1fb72d383/1/6iL0-5VdefCT1-h7GCw0QKxL4Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.88.0/21
94.252.0.0/17
185.3.44.0/22
185.40.60.0/22
212.66.64.0/19
IPv6:
2a00:4180::/32
2a04:81c0::/29
Signature Algorithm: sha256WithRSAEncryption
97:d7:63:ce:56:f2:2f:87:85:6d:b4:d1:06:9c:a4:da:7c:c5:
a8:56:f8:69:77:20:69:70:17:7e:87:c0:20:3c:3b:c5:a6:1e:
e9:1b:b5:a4:9b:82:ad:e8:59:28:38:85:dd:d4:f1:4b:30:b4:
40:a3:0d:60:bd:e7:8f:45:33:f4:f6:0a:2e:d2:2f:5a:8b:86:
03:08:08:25:56:7b:d7:23:e2:8c:e8:8c:a3:5d:16:d2:5b:73:
69:8e:7e:04:b3:98:1f:32:76:02:98:27:6f:9c:d2:79:f2:bc:
46:d9:47:67:03:01:dc:e4:02:75:e9:ac:62:24:f6:05:bf:b3:
42:7f:28:40:fa:6a:28:6d:6a:78:a0:cd:d1:f9:13:ab:95:44:
2e:2c:05:29:59:2e:4c:bc:73:cc:d8:92:61:ef:77:ca:17:1f:
27:79:b1:63:3a:9b:a1:a4:09:8e:ed:ba:e4:4e:a4:ca:8f:28:
e6:e7:ff:07:a0:1d:91:ae:46:54:4a:b6:9a:71:21:4e:74:2a:
09:c2:f4:e5:6f:46:5f:fe:a8:a9:6c:c3:56:4e:68:cf:be:ec:
96:56:a9:18:36:dc:7d:01:4a:35:27:4b:bb:50:e7:68:80:b4:
01:ab:5f:44:cb:b5:aa:50:ba:1e:25:7d:49:6a:57:34:78:2c:
fc:60:d1:63
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzEk43YKnWanO+mtC4L7HPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMjJmNGZiOTU1ZDc5ZjA5M2Q3ZTg3YjE4MmMzNDQwYWM0
YmUwNmMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI0ZmZkNTAzOWViZTdjZTY5MWJkMmRmYmI4MGU4N2ZlNjcwOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNaSuGQicOS/cqEhR2AP/1MlIXU1
d8kqCkZuDdbgouYAXCMjiMllfHHFucqmHLbNKZEsThpUidDwX7jBxwzIA1pkgrOv
LiSX3Ey2cPL11C+3JOPIuO4bYRIpn7FY60ueWlT11sD+cEAaN7Sk2dnCrdS8b7s2
W3isTSKZ0TvJjngt0WvvONPr4Cjk9cixUq1kkfrZC5TsqWLPevOqQZ3uOwc9HK6x
M4ZkoYwfUimfhc5QlJu7U7H8qT2qrlLhtFWkPxetnElQJzYAQRru61e7lT5vAEgn
MBinS1dbhJrBjGaTABBQjjEQ0Olz17GE6tyDoNLHK8DPokMNyw2lttTIdQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPm0/9UDnr585pG9Lfu4Dof+Zwn6MB8GA1UdIwQY
MBaAFOoi9PuVXXnwk9foexgsNECsS+BsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmlMMC01VmRlZkNUMS1oN0dDdzBRS3hMNEd3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9mYzgwMzctMmI3Yy00MWZjLTlkYmYt
OTNkMWZiNzJkMzgzLzEvMS1iVF8xUU9ldm56bWtiMHQtN2dPaF81bkNmby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDcvZmM4MDM3LTJiN2MtNDFmYy05ZGJmLTkzZDFmYjcyZDM4
My8xLzZpTDAtNVZkZWZDVDEtaDdHQ3cwUUt4TDRHdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBNBggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEAx/MWAME
B178AAMEArkDLAMEArkoPAMEBdRCQDAUBAIAAjAOAwUAKgBBgAMFAyoEgcAwDQYJ
KoZIhvcNAQELBQADggEBAJfXY85W8i+HhW200QacpNp8xahW+Gl3IGlwF36HwCA8
O8WmHukbtaSbgq3oWSg4hd3U8UswtECjDWC9549FM/T2Ci7SL1qLhgMICCVWe9cj
4ozojKNdFtJbc2mOfgSzmB8ydgKYJ2+c0nnyvEbZR2cDAdzkAnXprGIk9gW/s0J/
KED6aihtanigzdH5E6uVRC4sBSlZLky8c8zYkmHvd8oXHyd5sWM6m6GkCY7tuuRO
pMqPKObn/wegHZGuRlRKtppxIU50KgnC9OVvRl/+qKlsw1ZOaM++7JZWqRg23H0B
SjUnS7tQ52iAtAGrX0TLtapQuh4lfUlqVzR4LPxg0WM=
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:38:04 2024 by rpki-client on console-fra.rpki-client.org