Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/m_yG7-i2APDwzJeaLQ_5thQMGIQ.roa
File: m_yG7-i2APDwzJeaLQ_5thQMGIQ.roa (raw, json)
Hash identifier: oVeY1wyhWInb369mDxIPqM60CeNk8C5lKuPeT62qxwg=
Subject key identifier: 9B:FC:86:EF:E8:B6:00:F0:F0:CC:97:9A:2D:0F:F9:B6:14:0C:18:84
Certificate issuer: /CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Certificate serial: 018FF3380C2ACEA8D8D53C90680CB79EB258
Authority key identifier: DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/m_yG7-i2APDwzJeaLQ_5thQMGIQ.roa
Signing time: Fri 07 Jun 2024 15:01:27 +0000
ROA not before: Fri 07 Jun 2024 15:01:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62290
IP address blocks: 185.24.116.0/22 maxlen: 23
185.24.116.0/23 maxlen: 23
185.173.212.0/22 maxlen: 22
212.102.109.0/24 maxlen: 24
2a00:72a0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/38Cx3w570ABF6-EDAsMg_726BxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/38Cx3w570ABF6-EDAsMg_726BxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 03:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f3:38:0c:2a:ce:a8:d8:d5:3c:90:68:0c:b7:9e:b2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfc0b1df0e7bd00045ebe10302c320ffbdba0716
Validity
Not Before: Jun 7 15:01:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bfc86efe8b600f0f0cc979a2d0ff9b6140c1884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fe:07:fd:8c:32:03:d3:3c:92:7c:a6:97:3e:
a4:9a:3e:56:e1:28:37:19:15:e5:cf:00:59:85:c8:
32:52:5b:7f:b8:32:60:8f:e1:99:ad:3e:6a:b4:bf:
af:6d:63:4a:a1:67:e3:51:3a:28:2f:a8:6f:e9:8c:
d4:48:17:f0:07:42:43:97:bb:4f:77:f0:4b:d2:56:
9c:95:5a:21:36:e7:59:8a:3f:f0:f7:c2:c6:ce:62:
c9:00:8e:40:71:be:4a:6a:c6:49:17:19:49:40:e5:
90:5e:5f:0d:5d:4e:27:ec:13:7a:86:11:34:91:f5:
db:d8:7e:8b:a2:3c:7a:ce:e2:5f:8f:11:8a:b8:f6:
90:28:90:e4:15:a1:a1:d7:d7:db:f4:69:33:9c:83:
70:89:7d:b9:57:a8:60:3b:4e:66:bc:29:74:e6:5d:
7e:38:14:2e:93:21:ba:82:ca:24:02:36:e7:62:d0:
22:80:b4:6b:c7:f1:63:86:80:85:ac:0b:56:69:d8:
09:1f:48:10:65:be:50:2a:88:c6:43:08:b2:8c:f8:
a6:48:67:60:b8:e5:b6:f4:eb:80:df:29:7d:33:5f:
25:f0:0d:87:f5:4b:a5:c8:97:70:bd:4b:42:13:8b:
28:75:f2:c0:ae:bc:b4:7f:b6:08:e7:53:b4:a4:c2:
5a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FC:86:EF:E8:B6:00:F0:F0:CC:97:9A:2D:0F:F9:B6:14:0C:18:84
X509v3 Authority Key Identifier:
keyid:DF:C0:B1:DF:0E:7B:D0:00:45:EB:E1:03:02:C3:20:FF:BD:BA:07:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/38Cx3w570ABF6-EDAsMg_726BxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/m_yG7-i2APDwzJeaLQ_5thQMGIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a3c775-39c5-4bbb-b33e-d929e2b76d68/1/38Cx3w570ABF6-EDAsMg_726BxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.116.0/22
185.173.212.0/22
212.102.109.0/24
IPv6:
2a00:72a0::/32
Signature Algorithm: sha256WithRSAEncryption
b2:ad:ce:88:b6:8b:a8:c2:a9:f2:71:f7:92:bf:99:20:93:11:
cf:1a:78:e3:2a:4d:ab:70:83:55:54:e3:17:99:44:e7:14:95:
d6:34:90:54:ea:0e:e7:ab:04:2a:24:ae:20:27:82:78:a1:26:
ca:c6:e5:76:61:28:94:ad:22:2b:0a:7f:3e:d2:76:71:31:86:
46:24:b5:6d:1a:74:4d:7d:af:f9:5a:84:e9:cf:b6:69:fb:c4:
49:dd:3d:2b:dd:5d:7b:c5:e6:6c:85:89:ab:0f:c8:9b:a4:5b:
0b:99:5d:3d:63:95:fa:4e:6c:00:c0:ed:be:d4:b8:c2:d7:eb:
0d:fb:08:85:ac:96:ca:de:63:90:19:1f:d5:49:63:1e:e3:d7:
28:84:ef:38:9f:13:eb:98:ac:4f:89:3d:57:f1:94:0c:5b:4d:
c8:6f:df:5b:92:8d:0b:d2:4d:12:6e:d2:4b:42:0b:57:46:c4:
e7:8a:f4:cc:a5:a5:37:62:f3:3c:a4:52:17:72:6e:c3:09:8f:
86:6f:89:19:9a:6b:c9:7f:b4:d8:08:e9:54:f6:cd:21:f5:75:
4c:47:a5:f1:1c:38:df:7f:b3:f3:75:65:de:fb:7a:b1:65:87:
4e:f5:85:44:72:76:dc:73:5f:24:21:4c:12:25:82:36:95:26:
3f:54:dd:d4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY/zOAwqzqjY1TyQaAy3nrJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYzBiMWRmMGU3YmQwMDA0NWViZTEwMzAyYzMyMGZmYmRi
YTA3MTYwHhcNMjQwNjA3MTUwMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmZjODZlZmU4YjYwMGYwZjBjYzk3OWEyZDBmZjliNjE0MGMxODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv4H/YwyA9M8knymlz6kmj5W4Sg3
GRXlzwBZhcgyUlt/uDJgj+GZrT5qtL+vbWNKoWfjUTooL6hv6YzUSBfwB0JDl7tP
d/BL0laclVohNudZij/w98LGzmLJAI5Acb5KasZJFxlJQOWQXl8NXU4n7BN6hhE0
kfXb2H6Lojx6zuJfjxGKuPaQKJDkFaGh19fb9GkznINwiX25V6hgO05mvCl05l1+
OBQukyG6gsokAjbnYtAigLRrx/FjhoCFrAtWadgJH0gQZb5QKojGQwiyjPimSGdg
uOW29OuA3yl9M18l8A2H9UulyJdwvUtCE4sodfLArry0f7YI51O0pMJa7QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJv8hu/otgDw8MyXmi0P+bYUDBiEMB8GA1UdIwQY
MBaAFN/Asd8Oe9AARevhAwLDIP+9ugcWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzhDeDN3NTcwQUJGNi1FREFzTWdfNzI2QnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hM2M3NzUtMzljNS00YmJiLWIzM2Ut
ZDkyOWUyYjc2ZDY4LzEvbV95RzctaTJBUER3ekplYUxRXzV0aFFNR0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hM2M3NzUtMzljNS00YmJiLWIzM2UtZDkyOWUyYjc2ZDY4
LzEvMzhDeDN3NTcwQUJGNi1FREFzTWdfNzI2QnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuRh0AwQC
ua3UAwQA1GZtMA0EAgACMAcDBQAqAHKgMA0GCSqGSIb3DQEBCwUAA4IBAQCyrc6I
touowqnycfeSv5kgkxHPGnjjKk2rcINVVOMXmUTnFJXWNJBU6g7nqwQqJK4gJ4J4
oSbKxuV2YSiUrSIrCn8+0nZxMYZGJLVtGnRNfa/5WoTpz7Zp+8RJ3T0r3V17xeZs
hYmrD8ibpFsLmV09Y5X6TmwAwO2+1LjC1+sN+wiFrJbK3mOQGR/VSWMe49cohO84
nxPrmKxPiT1X8ZQMW03Ib99bko0L0k0SbtJLQgtXRsTnivTMpaU3YvM8pFIXcm7D
CY+Gb4kZmmvJf7TYCOlU9s0h9XVMR6XxHDjff7PzdWXe+3qxZYdO9YVEcnbcc18k
IUwSJYI2lSY/VN3U
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:03:56 2024 by rpki-client on console-fra.rpki-client.org