Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/79BOLEXRc1axf16yU7SUacPUMlI.roa
File: 79BOLEXRc1axf16yU7SUacPUMlI.roa (raw, json)
Hash identifier: E01MGziwxipTYRKFcRoRWSzpqxMRvTjblvC93Cxp7+k=
Subject key identifier: EF:D0:4E:2C:45:D1:73:56:B1:7F:5E:B2:53:B4:94:69:C3:D4:32:52
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 018F37CD5E2E4FEA27A32C4F67A1DC5200C2
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/79BOLEXRc1axf16yU7SUacPUMlI.roa
Signing time: Thu 02 May 2024 05:35:56 +0000
ROA not before: Thu 02 May 2024 05:35:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199152
IP address blocks: 185.120.56.0/24 maxlen: 24
185.120.57.0/24 maxlen: 24
185.120.58.0/24 maxlen: 24
185.120.59.0/24 maxlen: 24
212.22.64.0/24 maxlen: 24
212.22.75.0/24 maxlen: 24
212.22.77.0/24 maxlen: 24
2a06:c3c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 14:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:37:cd:5e:2e:4f:ea:27:a3:2c:4f:67:a1:dc:52:00:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: May 2 05:35:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efd04e2c45d17356b17f5eb253b49469c3d43252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:70:cf:91:82:f0:35:66:b8:d4:e0:18:dd:96:
3b:bc:4f:32:ec:6e:3b:d0:26:c5:dc:77:8d:cc:c9:
fd:ab:f6:6e:e7:12:e7:71:37:26:d5:64:69:d4:77:
03:ef:8d:ce:71:94:0a:ca:cd:b4:1b:d8:19:8b:fe:
e6:58:c8:03:f8:8e:a1:a6:63:49:38:23:fb:6c:f8:
76:e2:75:72:e7:99:0f:ee:4d:2e:9c:b3:7b:e8:3b:
8f:f2:6b:de:3a:8e:a1:85:fb:0d:3b:b4:c4:e9:dc:
0e:54:9b:86:77:dc:fe:1c:1c:c1:e7:9e:04:c3:06:
03:60:c1:bf:1b:b1:0b:56:88:f9:f6:23:36:8c:2e:
68:f8:85:c1:cb:da:0d:9d:d7:a2:75:db:49:1a:f1:
81:0e:1b:06:fd:82:8c:4e:55:ef:75:fe:00:16:2b:
9e:fe:44:24:e0:be:38:01:71:cd:db:d3:bd:e0:d5:
f8:5b:be:fb:b2:02:b0:cf:74:7a:08:c6:32:42:bd:
32:a2:65:59:8a:7b:26:71:be:1a:9e:a3:ba:dd:b3:
41:4a:36:cd:9b:b7:84:78:f6:31:d3:5f:1d:a3:c1:
68:60:2e:58:2c:31:35:99:52:5d:4d:b5:cd:b6:81:
ef:7b:3d:ee:53:4d:f6:a1:95:6c:e7:5e:06:6f:e6:
61:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:D0:4E:2C:45:D1:73:56:B1:7F:5E:B2:53:B4:94:69:C3:D4:32:52
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/79BOLEXRc1axf16yU7SUacPUMlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.56.0/22
212.22.64.0/24
212.22.75.0/24
212.22.77.0/24
IPv6:
2a06:c3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
1c:00:a0:7e:cc:a6:da:08:50:e9:3d:d1:8e:f4:84:fa:90:43:
de:3d:44:da:f8:b7:9b:17:95:d4:de:3d:ca:f3:ce:17:03:58:
cd:c8:7b:4c:fc:61:ad:28:2d:f6:78:a8:15:7c:8e:1e:ce:81:
48:35:a2:65:3f:19:61:e0:ae:0b:74:a8:0a:5b:ae:0d:cd:8a:
4c:16:95:4b:df:19:87:a2:9c:67:48:f0:7a:64:4b:b9:c0:40:
f5:0f:37:95:96:83:81:57:99:92:d7:19:70:c4:2e:1b:e4:23:
81:94:ff:1f:75:bf:2f:91:13:1c:21:43:3f:e9:9e:0e:72:95:
36:7c:19:ed:b8:e5:99:c5:98:92:fc:34:b1:ba:19:6b:ae:3b:
ba:b4:68:fa:4e:65:49:62:ff:94:e7:0d:94:5f:66:45:d8:ff:
f0:bc:ac:16:da:22:de:b5:1a:4f:8a:b2:42:81:96:57:0f:d1:
3e:bc:04:85:fa:8c:d7:a9:a1:b8:ef:a4:96:e6:cb:c9:45:e1:
c6:42:76:0a:84:3e:a7:f4:c5:e9:7f:b0:c7:e7:be:33:b1:f3:
c5:9a:36:9b:4c:f3:87:b7:0f:1d:f3:6e:d3:22:c7:42:07:eb:
1d:df:5b:ef:50:2c:cf:93:d4:34:2d:8d:51:8e:60:ab:62:1b:
d3:01:16:eb
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAY83zV4uT+onoyxPZ6HcUgDCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwNTAyMDUzNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmQwNGUyYzQ1ZDE3MzU2YjE3ZjVlYjI1M2I0OTQ2OWMzZDQzMjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXDPkYLwNWa41OAY3ZY7vE8y7G47
0CbF3HeNzMn9q/Zu5xLncTcm1WRp1HcD743OcZQKys20G9gZi/7mWMgD+I6hpmNJ
OCP7bPh24nVy55kP7k0unLN76DuP8mveOo6hhfsNO7TE6dwOVJuGd9z+HBzB554E
wwYDYMG/G7ELVoj59iM2jC5o+IXBy9oNndeiddtJGvGBDhsG/YKMTlXvdf4AFiue
/kQk4L44AXHN29O94NX4W777sgKwz3R6CMYyQr0yomVZinsmcb4anqO63bNBSjbN
m7eEePYx018do8FoYC5YLDE1mVJdTbXNtoHvez3uU032oZVs514Gb+ZhZQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFO/QTixF0XNWsX9eslO0lGnD1DJSMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvNzlCT0xFWFJjMWF4ZjE2eVU3U1VhY1BVTWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCuXg4AwQA
1BZAAwQA1BZLAwQA1BZNMA8EAgACMAkDBwAqBsPAAAEwDQYJKoZIhvcNAQELBQAD
ggEBABwAoH7MptoIUOk90Y70hPqQQ949RNr4t5sXldTePcrzzhcDWM3Ie0z8Ya0o
LfZ4qBV8jh7OgUg1omU/GWHgrgt0qApbrg3NikwWlUvfGYeinGdI8HpkS7nAQPUP
N5WWg4FXmZLXGXDELhvkI4GU/x91vy+RExwhQz/png5ylTZ8Ge245ZnFmJL8NLG6
GWuuO7q0aPpOZUli/5TnDZRfZkXY//C8rBbaIt61Gk+KskKBllcP0T68BIX6jNep
objvpJbmy8lF4cZCdgqEPqf0xel/sMfnvjOx88WaNptM84e3Dx3zbtMix0IH6x3f
W+9QLM+T1DQtjVGOYKtiG9MBFus=
-----END CERTIFICATE-----
Generated at Fri May 17 18:35:44 2024 by rpki-client on console-fra.rpki-client.org