Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/B32DVQQ22oyuQhRCNlG3c8c15KY.roa
File: B32DVQQ22oyuQhRCNlG3c8c15KY.roa (raw, json)
Hash identifier: pJNtYc9wlgWSjb36pDcMyU4o1KUTgf9bYMSRjfop6iw=
Subject key identifier: 07:7D:83:55:04:36:DA:8C:AE:42:14:42:36:51:B7:73:C7:35:E4:A6
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01901135C420BB5A54AB5D9ACF1977683AC5
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/B32DVQQ22oyuQhRCNlG3c8c15KY.roa
Signing time: Thu 13 Jun 2024 10:47:34 +0000
ROA not before: Thu 13 Jun 2024 10:47:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14670
IP address blocks: 65.181.111.0/24 maxlen: 24
190.92.168.0/22 maxlen: 24
190.92.172.0/24 maxlen: 24
190.92.173.0/24 maxlen: 24
192.243.110.0/24 maxlen: 24
192.250.225.0/24 maxlen: 24
192.250.231.0/24 maxlen: 24
193.30.117.0/24 maxlen: 24
195.250.24.0/24 maxlen: 24
199.103.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 02:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:11:35:c4:20:bb:5a:54:ab:5d:9a:cf:19:77:68:3a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jun 13 10:47:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=077d83550436da8cae4214423651b773c735e4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1e:35:f3:ea:7d:31:5a:c2:93:44:e0:95:93:
ea:36:85:43:6e:09:2d:b7:e8:0e:07:b6:63:cb:17:
29:c3:1f:05:57:89:dc:86:2e:d7:eb:ab:87:30:e9:
32:3f:91:05:d6:46:fc:35:47:d6:4b:25:b9:b3:2f:
9b:1b:13:93:c9:0f:8d:1f:1c:9e:d9:05:cf:9e:38:
00:11:84:51:23:0e:bb:28:24:49:05:31:f2:82:32:
40:d0:ec:31:b9:0f:5e:e4:7d:00:1e:cb:e2:86:18:
7f:8e:e2:9b:8c:e0:56:d3:99:5e:dc:75:70:ff:6d:
8b:21:4a:ff:ea:03:9e:10:41:e2:cb:00:d7:c1:25:
73:5c:e0:76:24:2c:d3:0b:c7:d8:c3:ec:da:16:e5:
a7:be:fa:24:ef:2b:0d:49:80:df:98:a9:03:cb:cc:
c8:24:10:0b:fe:28:86:73:40:a8:b7:7c:cb:80:d5:
32:36:e3:29:05:f8:af:f7:eb:ff:ad:14:ea:80:a6:
0c:43:07:06:de:1f:85:0c:96:d4:01:15:cf:1e:a6:
5a:23:7f:87:0e:5a:c6:21:50:92:2e:68:3f:c1:bb:
69:d1:28:d1:d9:a9:63:99:6f:d2:68:dc:ca:d1:f5:
76:b6:6c:3c:cf:69:d4:a3:df:f5:45:82:f0:75:2d:
7d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:7D:83:55:04:36:DA:8C:AE:42:14:42:36:51:B7:73:C7:35:E4:A6
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/B32DVQQ22oyuQhRCNlG3c8c15KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.181.111.0/24
190.92.168.0-190.92.173.255
192.243.110.0/24
192.250.225.0/24
192.250.231.0/24
193.30.117.0/24
195.250.24.0/24
199.103.58.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:7f:b0:c0:01:b8:ff:d4:f5:a9:4e:b6:fe:f5:b8:90:e1:b6:
3a:07:e3:21:c7:9f:c4:40:15:b3:8a:03:f9:0b:6e:b4:56:cf:
ed:7d:b7:72:30:b5:0e:f8:f4:31:61:af:d2:ed:e2:60:5b:30:
5f:64:cb:57:b7:c0:de:92:9d:2c:32:20:8a:09:ea:a9:86:f9:
df:cc:43:72:69:12:17:0e:4d:25:89:a8:b1:96:27:d2:00:30:
ca:2b:03:b6:26:76:0d:34:09:cd:7a:65:dc:43:e8:dd:24:3a:
7a:c4:a5:01:53:76:f7:56:af:64:44:96:69:02:af:19:ec:bd:
8a:95:aa:97:df:35:9d:41:55:50:03:04:10:2d:59:8c:14:93:
60:9c:f9:62:56:f7:68:7c:59:72:9a:b7:bc:b1:a7:2c:53:99:
79:8c:80:7a:7a:66:b8:9a:6b:df:c3:6a:af:71:9a:14:68:3b:
7b:2d:84:68:f4:ee:9a:2f:03:ec:34:d8:40:0a:6b:9f:08:95:
68:7e:51:b2:e1:79:80:3a:1d:d9:3d:66:0e:ed:0d:f2:a3:c5:
a3:8f:1d:38:fc:18:89:09:31:7e:d0:07:83:66:8f:ed:30:58:
a8:47:6d:4e:b1:4e:64:89:d4:d8:ea:e2:a5:f5:16:15:f1:ed:
a9:db:05:fd
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZARNcQgu1pUq12azxl3aDrFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwNjEzMTA0NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzdkODM1NTA0MzZkYThjYWU0MjE0NDIzNjUxYjc3M2M3MzVlNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2h418+p9MVrCk0TglZPqNoVDbgkt
t+gOB7Zjyxcpwx8FV4nchi7X66uHMOkyP5EF1kb8NUfWSyW5sy+bGxOTyQ+NHxye
2QXPnjgAEYRRIw67KCRJBTHygjJA0OwxuQ9e5H0AHsvihhh/juKbjOBW05le3HVw
/22LIUr/6gOeEEHiywDXwSVzXOB2JCzTC8fYw+zaFuWnvvok7ysNSYDfmKkDy8zI
JBAL/iiGc0Cot3zLgNUyNuMpBfiv9+v/rRTqgKYMQwcG3h+FDJbUARXPHqZaI3+H
DlrGIVCSLmg/wbtp0SjR2aljmW/SaNzK0fV2tmw8z2nUo9/1RYLwdS19YwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAd9g1UENtqMrkIUQjZRt3PHNeSmMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvQjMyRFZRUTIyb3l1UWhSQ05sRzNjOGMxNUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAQbVvMAwD
BAO+XKgDBAG+XKwDBADA824DBADA+uEDBADA+ucDBADBHnUDBADD+hgDBADHZzow
DQYJKoZIhvcNAQELBQADggEBAIt/sMABuP/U9alOtv71uJDhtjoH4yHHn8RAFbOK
A/kLbrRWz+19t3IwtQ749DFhr9Lt4mBbMF9ky1e3wN6SnSwyIIoJ6qmG+d/MQ3Jp
EhcOTSWJqLGWJ9IAMMorA7Ymdg00Cc16ZdxD6N0kOnrEpQFTdvdWr2RElmkCrxns
vYqVqpffNZ1BVVADBBAtWYwUk2Cc+WJW92h8WXKat7yxpyxTmXmMgHp6Zriaa9/D
aq9xmhRoO3sthGj07povA+w02EAKa58IlWh+UbLheYA6Hdk9Zg7tDfKjxaOPHTj8
GIkJMX7QB4Nmj+0wWKhHbU6xTmSJ1Njq4qX1FhXx7anbBf0=
-----END CERTIFICATE-----
Generated at Thu Jun 20 11:36:28 2024 by rpki-client on console-ams.rpki-client.org