Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/0qL3wnxCmIBAe4qLvWUAFX4inY0.roa
File: 0qL3wnxCmIBAe4qLvWUAFX4inY0.roa (raw, json)
Hash identifier: D6Y4+sysmnb0vHPG6mfcdFMb4rUc6enJqhTlO1/xrjM=
Subject key identifier: D2:A2:F7:C2:7C:42:98:80:40:7B:8A:8B:BD:65:00:15:7E:22:9D:8D
Certificate issuer: /CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Certificate serial: 018CC8DF20BE27710D7AF6A484E881AA2441
Authority key identifier: B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/0qL3wnxCmIBAe4qLvWUAFX4inY0.roa
Signing time: Tue 02 Jan 2024 06:31:55 +0000
ROA not before: Tue 02 Jan 2024 06:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209604
IP address blocks: 185.255.92.0/24 maxlen: 24
185.255.93.0/24 maxlen: 24
185.93.70.0/24 maxlen: 24
185.93.68.0/24 maxlen: 24
185.93.69.0/24 maxlen: 24
185.255.94.0/24 maxlen: 24
185.255.95.0/24 maxlen: 24
185.132.126.0/24 maxlen: 24
93.115.10.0/24 maxlen: 24
93.177.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 03:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:20:be:27:71:0d:7a:f6:a4:84:e8:81:aa:24:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Validity
Not Before: Jan 2 06:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2a2f7c27c429880407b8a8bbd6500157e229d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2b:46:65:7d:0d:c3:d8:75:79:14:ca:29:fa:
80:07:07:95:f0:7b:36:de:ab:06:3e:4a:fa:c9:6f:
0b:fb:69:ed:49:00:42:6c:3b:26:9a:20:b6:95:f0:
f4:a9:c2:14:f2:cd:91:2c:2f:8d:9b:91:81:01:8e:
a0:b3:8f:29:61:99:41:fc:c5:60:d7:25:15:4a:1d:
89:13:97:55:cf:5b:72:ae:90:31:35:ef:15:62:d7:
42:e2:03:68:27:47:3f:01:e2:30:a3:11:bd:9e:ed:
80:04:b4:44:bb:a3:c2:ef:79:9a:f8:f4:6b:f1:77:
fd:63:6b:73:b0:3c:44:13:03:c7:df:bc:0b:87:f9:
7b:73:31:8a:e5:e8:b4:a0:08:5b:ae:b3:39:b1:cc:
0e:27:37:21:e6:25:98:5f:f2:9e:bf:66:a9:c6:e6:
d7:67:8e:98:ce:df:b2:9c:04:ea:9c:7e:94:48:e9:
7e:3c:fa:4c:63:de:5d:85:3f:62:56:a0:33:11:83:
92:e9:58:05:67:73:73:0f:30:e3:a4:4b:10:c9:ee:
52:15:0d:0e:b2:0b:eb:79:b7:85:49:c3:b8:bf:8d:
be:65:4d:91:02:08:46:8a:66:04:b0:0e:04:66:58:
11:e1:a1:0d:47:1b:18:0a:1a:83:f1:6d:f0:87:64:
90:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A2:F7:C2:7C:42:98:80:40:7B:8A:8B:BD:65:00:15:7E:22:9D:8D
X509v3 Authority Key Identifier:
keyid:B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/0qL3wnxCmIBAe4qLvWUAFX4inY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.10.0/24
93.177.101.0/24
185.93.68.0-185.93.70.255
185.132.126.0/24
185.255.92.0/22
Signature Algorithm: sha256WithRSAEncryption
21:86:86:2c:7b:e2:c9:05:b7:76:b6:fe:40:15:c8:28:0d:25:
56:ad:df:a9:ba:5e:3a:85:fd:5f:d7:33:da:8b:94:2d:ba:b6:
1b:5e:9a:ff:da:31:47:80:43:0b:34:c8:79:96:5d:7c:2d:f6:
4d:11:95:5c:bb:b2:b2:d8:d9:a4:dd:60:c7:01:7a:e9:a4:70:
e5:ba:26:dd:36:1f:02:23:9e:0c:3c:d0:a5:ad:4a:fa:c5:14:
81:bf:09:9b:9b:a8:39:5f:7a:a3:04:55:33:2f:d5:9b:eb:11:
11:39:63:5e:87:a9:8d:a3:98:76:10:45:9f:93:e8:4f:32:84:
af:58:54:17:d6:1c:2a:57:6e:9c:8a:58:79:7f:b3:c3:e1:0d:
99:de:42:c2:2e:76:d5:99:ca:f0:a7:a3:cf:99:8d:07:2c:f6:
2d:d8:28:77:82:15:fe:0a:a3:7b:1a:d8:fd:6a:e1:ba:99:70:
a8:6d:19:59:99:4d:39:f9:93:11:1c:7c:cf:b9:8b:56:11:2d:
c7:fa:90:d5:65:00:9b:b7:51:cc:fc:8b:61:35:d9:16:f8:03:
6a:a3:37:74:9e:c7:17:be:bb:ef:02:d0:69:b7:2f:f8:f6:33:
00:69:eb:d6:71:67:21:32:d6:39:d1:8c:34:90:65:a0:76:59:
85:d2:1d:1b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzI3yC+J3ENevakhOiBqiRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjVhODBhNzEwNmUwYTRiODU0NWM4MTUwYmI3MmM2OTlm
Y2M5YTAwHhcNMjQwMTAyMDYzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmEyZjdjMjdjNDI5ODgwNDA3YjhhOGJiZDY1MDAxNTdlMjI5ZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtStGZX0Nw9h1eRTKKfqABweV8Hs2
3qsGPkr6yW8L+2ntSQBCbDsmmiC2lfD0qcIU8s2RLC+Nm5GBAY6gs48pYZlB/MVg
1yUVSh2JE5dVz1tyrpAxNe8VYtdC4gNoJ0c/AeIwoxG9nu2ABLREu6PC73ma+PRr
8Xf9Y2tzsDxEEwPH37wLh/l7czGK5ei0oAhbrrM5scwOJzch5iWYX/Kev2apxubX
Z46Yzt+ynATqnH6USOl+PPpMY95dhT9iVqAzEYOS6VgFZ3NzDzDjpEsQye5SFQ0O
sgvrebeFScO4v42+ZU2RAghGimYEsA4EZlgR4aENRxsYChqD8W3wh2SQ0wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNKi98J8QpiAQHuKi71lABV+Ip2NMB8GA1UdIwQY
MBaAFLC1qApxBuCkuFRcgVC7csaZ/MmgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDIt
NzQ1ZTA4ZmU1OGM2LzEvMHFMM3dueENtSUJBZTRxTHZXVUFGWDRpblkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDItNzQ1ZTA4ZmU1OGM2
LzEvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAXXMKAwQA
XbFlMAwDBAK5XUQDBAC5XUYDBAC5hH4DBAK5/1wwDQYJKoZIhvcNAQELBQADggEB
ACGGhix74skFt3a2/kAVyCgNJVat36m6XjqF/V/XM9qLlC26thtemv/aMUeAQws0
yHmWXXwt9k0RlVy7srLY2aTdYMcBeumkcOW6Jt02HwIjngw80KWtSvrFFIG/CZub
qDlfeqMEVTMv1ZvrERE5Y16HqY2jmHYQRZ+T6E8yhK9YVBfWHCpXbpyKWHl/s8Ph
DZneQsIudtWZyvCno8+ZjQcs9i3YKHeCFf4Ko3sa2P1q4bqZcKhtGVmZTTn5kxEc
fM+5i1YRLcf6kNVlAJu3Ucz8i2E12Rb4A2qjN3Sexxe+u+8C0Gm3L/j2MwBp69Zx
ZyEy1jnRjDSQZaB2WYXSHRs=
-----END CERTIFICATE-----
Generated at Sun Jun 2 06:46:46 2024 by rpki-client on console-ams.rpki-client.org