Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/DOAkqny2Ty4_hm5cN442D08YRac.roa
File: DOAkqny2Ty4_hm5cN442D08YRac.roa (raw, json)
Hash identifier: iFl+CXbc6NncW7hSYTnKK939J7pfYtV6GT3JbL1ktPs=
Subject key identifier: 0C:E0:24:AA:7C:B6:4F:2E:3F:86:6E:5C:37:8E:36:0F:4F:18:45:A7
Certificate issuer: /CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Certificate serial: 018CC794B0201A9C29B060354AF4BEA8EFCD
Authority key identifier: 60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/DOAkqny2Ty4_hm5cN442D08YRac.roa
Signing time: Tue 02 Jan 2024 00:30:59 +0000
ROA not before: Tue 02 Jan 2024 00:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196714
IP address blocks: 109.73.16.0/20 maxlen: 20
31.3.80.0/21 maxlen: 24
171.33.184.0/21 maxlen: 22
185.38.8.0/22 maxlen: 24
91.137.0.0/18 maxlen: 18
2a02:2250::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:b0:20:1a:9c:29:b0:60:35:4a:f4:be:a8:ef:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Validity
Not Before: Jan 2 00:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ce024aa7cb64f2e3f866e5c378e360f4f1845a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:28:f1:75:bd:b6:b2:4d:18:92:14:1e:aa:c3:
79:46:61:ca:68:3f:7d:9e:93:49:09:07:55:16:f3:
71:ca:8b:9f:5d:bf:f8:dc:69:2e:2b:61:79:69:be:
5a:7d:b1:f9:e3:2f:ee:d0:17:7d:0d:33:6c:4e:b5:
c0:4d:0a:5b:3e:1a:09:77:45:71:98:2f:24:d2:64:
06:fa:3e:3d:ec:6c:f3:fc:ee:92:aa:36:b5:1c:69:
fd:42:3d:53:a1:4e:f3:68:74:38:0d:5a:69:3f:68:
5b:a5:6d:6e:60:1d:63:4d:c6:e9:62:79:7a:e1:d9:
c3:63:ef:0e:3c:1b:33:6f:e3:f5:27:ff:94:c6:e0:
b5:5a:93:7c:24:04:a9:9f:47:eb:b6:e1:76:9b:86:
9c:5e:28:95:3f:cd:7d:07:10:54:4e:2a:e9:09:b5:
ab:86:91:e6:a5:14:26:b6:78:80:25:d0:bf:52:e6:
a1:de:07:b4:72:c6:02:69:d4:35:37:fc:13:19:1e:
b1:a0:07:13:77:38:43:c7:cd:32:95:99:2b:66:76:
ec:df:ee:91:8d:5a:5b:0d:52:b0:01:d5:5a:fa:dc:
49:4b:22:b0:6c:7c:0b:26:06:ec:c4:1d:24:c9:7c:
32:84:e1:a0:62:1d:2f:fe:ce:a9:be:f6:f5:80:81:
1f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E0:24:AA:7C:B6:4F:2E:3F:86:6E:5C:37:8E:36:0F:4F:18:45:A7
X509v3 Authority Key Identifier:
keyid:60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/DOAkqny2Ty4_hm5cN442D08YRac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.80.0/21
91.137.0.0/18
109.73.16.0/20
171.33.184.0/21
185.38.8.0/22
IPv6:
2a02:2250::/32
Signature Algorithm: sha256WithRSAEncryption
16:7a:ab:56:66:bd:10:bb:f4:8c:04:69:95:f8:87:a4:23:d2:
9d:1a:a1:bf:0f:09:0a:ee:77:a9:6d:71:24:26:e3:e8:84:e5:
df:f5:d9:74:cb:af:3f:a4:32:3f:21:e8:2f:b2:d0:fd:24:a1:
8d:c4:8d:5d:ea:0f:f2:94:d9:52:76:b0:04:fc:1a:a6:c5:eb:
a3:da:ce:38:29:47:fe:d0:32:b4:4b:f8:e3:64:9b:49:95:82:
53:cb:c1:fb:2b:3f:b2:9c:0d:69:47:e0:ba:c7:df:d4:4f:1b:
18:2b:2d:8f:f8:38:72:f0:6c:0b:61:22:1a:55:6e:b8:20:e4:
e5:60:78:64:2b:d5:92:b7:f4:2f:a2:d0:d4:e5:28:e1:da:c2:
d7:c8:5c:de:e8:1d:d6:73:3d:47:a8:18:cb:f6:2e:03:2e:02:
62:06:ae:b3:e6:56:ea:69:97:3d:42:1b:0e:14:5c:d8:75:00:
fe:b3:7c:3f:e9:74:d6:9d:e0:78:e3:a4:7e:ec:fa:3b:c2:14:
43:8b:6c:95:b5:3f:da:cd:63:d0:62:e8:fa:b6:df:49:ea:2f:
74:23:45:5e:15:26:d5:70:24:a6:50:15:53:9f:88:52:80:9f:
57:ae:d8:f9:93:85:cd:13:e3:6e:6b:f6:8b:49:b1:f1:78:fb:
a5:0d:63:36
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHlLAgGpwpsGA1SvS+qO/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWE4Mzg1YTE0ZmQ5OTY3OTc4YWU3ZjA2ZWM0ZGQ1MjIy
OWE0NGEwHhcNMjQwMTAyMDAzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2UwMjRhYTdjYjY0ZjJlM2Y4NjZlNWMzNzhlMzYwZjRmMTg0NWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Cjxdb22sk0YkhQeqsN5RmHKaD99
npNJCQdVFvNxyoufXb/43GkuK2F5ab5afbH54y/u0Bd9DTNsTrXATQpbPhoJd0Vx
mC8k0mQG+j497Gzz/O6Sqja1HGn9Qj1ToU7zaHQ4DVppP2hbpW1uYB1jTcbpYnl6
4dnDY+8OPBszb+P1J/+UxuC1WpN8JASpn0frtuF2m4acXiiVP819BxBUTirpCbWr
hpHmpRQmtniAJdC/Uuah3ge0csYCadQ1N/wTGR6xoAcTdzhDx80ylZkrZnbs3+6R
jVpbDVKwAdVa+txJSyKwbHwLJgbsxB0kyXwyhOGgYh0v/s6pvvb1gIEf2QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAzgJKp8tk8uP4ZuXDeONg9PGEWnMB8GA1UdIwQY
MBaAFGDqg4WhT9mWeXiufwbsTdUiKaRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU9xRGhhRlAyWlo1ZUs1X0J1eE4xU0lwcEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8wMzMwZmItOTVkMS00MzAyLWJlYTEt
ZjU0NTc3ZjdjYzBmLzEvRE9Ba3FueTJUeTRfaG01Y040NDJEMDhZUmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8wMzMwZmItOTVkMS00MzAyLWJlYTEtZjU0NTc3ZjdjYzBm
LzEvWU9xRGhhRlAyWlo1ZUs1X0J1eE4xU0lwcEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHwNQAwQG
W4kAAwQEbUkQAwQDqyG4AwQCuSYIMA0EAgACMAcDBQAqAiJQMA0GCSqGSIb3DQEB
CwUAA4IBAQAWeqtWZr0Qu/SMBGmV+IekI9KdGqG/DwkK7nepbXEkJuPohOXf9dl0
y68/pDI/IegvstD9JKGNxI1d6g/ylNlSdrAE/Bqmxeuj2s44KUf+0DK0S/jjZJtJ
lYJTy8H7Kz+ynA1pR+C6x9/UTxsYKy2P+Dhy8GwLYSIaVW64IOTlYHhkK9WSt/Qv
otDU5Sjh2sLXyFze6B3Wcz1HqBjL9i4DLgJiBq6z5lbqaZc9QhsOFFzYdQD+s3w/
6XTWneB446R+7Po7whRDi2yVtT/azWPQYuj6tt9J6i90I0VeFSbVcCSmUBVTn4hS
gJ9Xrtj5k4XNE+Nua/aLSbHxePulDWM2
-----END CERTIFICATE-----
Generated at Sat Sep 28 18:40:43 2024 by rpki-client on console-fra.rpki-client.org