Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/uNmbRhJ8j8J7hRbBIB8bc5_GKsE.roa
File: uNmbRhJ8j8J7hRbBIB8bc5_GKsE.roa (raw, json)
Hash identifier: MHZ1vf3XAbY9XFZBYuYhfPDmpYBYgErFXl8fmTn4Zm0=
Subject key identifier: B8:D9:9B:46:12:7C:8F:C2:7B:85:16:C1:20:1F:1B:73:9F:C6:2A:C1
Certificate issuer: /CN=2bb330942298f75823cbb980c8eb2acf0b7c0c1b
Certificate serial: 0190A5BAB1F8806714E355288669D909823B
Authority key identifier: 2B:B3:30:94:22:98:F7:58:23:CB:B9:80:C8:EB:2A:CF:0B:7C:0C:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7MwlCKY91gjy7mAyOsqzwt8DBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/uNmbRhJ8j8J7hRbBIB8bc5_GKsE.roa
Signing time: Fri 12 Jul 2024 06:56:34 +0000
ROA not before: Fri 12 Jul 2024 06:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200154
IP address blocks: 185.32.44.0/22 maxlen: 22
185.32.44.0/24 maxlen: 24
185.32.45.0/24 maxlen: 24
185.32.46.0/24 maxlen: 24
185.32.47.0/24 maxlen: 24
185.40.32.0/24 maxlen: 24
185.40.33.0/24 maxlen: 24
2a00:c0a0::/32 maxlen: 32
2a00:c0a0::/34 maxlen: 34
2a00:c0a0:4000::/34 maxlen: 34
2a00:c0a0:8000::/34 maxlen: 34
2a00:c0a0:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/K7MwlCKY91gjy7mAyOsqzwt8DBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/K7MwlCKY91gjy7mAyOsqzwt8DBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/K7MwlCKY91gjy7mAyOsqzwt8DBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a5:ba:b1:f8:80:67:14:e3:55:28:86:69:d9:09:82:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2bb330942298f75823cbb980c8eb2acf0b7c0c1b
Validity
Not Before: Jul 12 06:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8d99b46127c8fc27b8516c1201f1b739fc62ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:15:3d:11:4a:78:59:c0:19:d5:d3:fa:0b:4d:
47:8e:4d:76:7a:66:40:41:ff:6f:4a:89:5f:83:d3:
1d:89:e2:63:ae:61:51:ab:ff:07:94:32:14:dc:bb:
6e:3a:f7:18:bc:a5:23:e6:a7:67:ec:3e:a7:35:5b:
e5:4c:25:97:9c:13:cd:e5:e3:8e:f2:de:d0:87:be:
3c:6c:e5:fb:38:ee:fc:1e:a8:47:9d:5f:97:89:9d:
82:1a:ac:21:b8:63:18:49:87:fc:4d:52:0b:1a:f9:
e6:4b:8d:55:49:e5:1b:2e:ac:6f:5b:2b:e3:a1:7e:
4c:37:81:e6:73:30:93:f5:6e:92:36:a5:ac:cc:f9:
e5:6e:1a:d3:c6:4c:4a:62:0a:61:4e:53:90:9d:fc:
0e:88:ef:b7:c5:fe:82:ea:36:b2:6d:d7:fb:30:43:
b5:16:c6:2b:55:cb:86:3c:c9:1b:23:65:6e:68:87:
49:86:4b:0d:d3:3c:00:0e:d5:5a:a5:f6:5f:8b:cf:
f4:b1:21:ad:87:9c:de:26:47:50:3c:93:8f:aa:d1:
50:e3:4c:0e:c9:4b:02:c2:10:2d:9f:47:7c:41:b7:
b2:5f:52:f1:1a:fd:02:d7:fa:5b:2c:e6:ef:3b:66:
ed:ea:36:12:35:42:d6:39:54:b4:e7:54:bd:ab:8e:
f2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D9:9B:46:12:7C:8F:C2:7B:85:16:C1:20:1F:1B:73:9F:C6:2A:C1
X509v3 Authority Key Identifier:
keyid:2B:B3:30:94:22:98:F7:58:23:CB:B9:80:C8:EB:2A:CF:0B:7C:0C:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7MwlCKY91gjy7mAyOsqzwt8DBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/uNmbRhJ8j8J7hRbBIB8bc5_GKsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/990747-3454-4412-8f06-6b3a47667ca8/1/K7MwlCKY91gjy7mAyOsqzwt8DBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.44.0/22
185.40.32.0/23
IPv6:
2a00:c0a0::/32
Signature Algorithm: sha256WithRSAEncryption
a6:a3:41:9a:30:1a:19:77:fe:23:c2:d7:4a:64:22:48:d6:9a:
fc:e5:f6:34:6f:e1:ae:53:7d:b6:49:62:a0:89:d7:45:84:7b:
57:7e:a0:f5:80:1d:c5:3b:4b:3e:82:82:89:2d:d6:d0:b8:4c:
f1:69:00:59:2d:91:1e:d7:00:c5:e2:bc:73:d1:5f:5c:7b:62:
58:4c:d9:c0:72:e6:09:00:20:b8:6b:22:f0:31:11:13:52:ad:
d2:1c:d4:e7:e4:72:91:ca:26:52:d3:ae:72:6a:13:4c:ae:66:
1f:c3:11:d0:a1:c8:94:af:b1:fd:ff:6f:bb:c6:c4:a6:dd:5c:
05:94:0e:d6:d5:e1:38:85:39:5e:35:8c:3f:d7:77:09:57:03:
46:f8:4a:55:8d:a2:1d:e8:c7:d6:b9:25:ff:1e:9d:93:95:79:
9c:95:b2:eb:41:69:8d:e7:e4:87:77:db:53:35:bf:26:a7:9e:
0d:9c:10:b7:20:dc:8e:e1:1d:e6:a1:d1:fb:be:ef:40:0a:1b:
20:a3:e2:0a:65:ad:8c:c5:2b:c6:f3:5b:df:91:55:53:d2:89:
7e:ea:c1:35:7f:c5:69:f1:bb:22:d4:75:70:82:9a:5b:93:a3:
a1:14:48:a8:06:53:c9:73:fe:07:f2:f9:82:c0:38:e3:aa:b0:
c6:cf:80:c4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZClurH4gGcU41UohmnZCYI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYjMzMDk0MjI5OGY3NTgyM2NiYjk4MGM4ZWIyYWNmMGI3
YzBjMWIwHhcNMjQwNzEyMDY1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQ5OWI0NjEyN2M4ZmMyN2I4NTE2YzEyMDFmMWI3MzlmYzYyYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBU9EUp4WcAZ1dP6C01Hjk12emZA
Qf9vSolfg9MdieJjrmFRq/8HlDIU3LtuOvcYvKUj5qdn7D6nNVvlTCWXnBPN5eOO
8t7Qh748bOX7OO78HqhHnV+XiZ2CGqwhuGMYSYf8TVILGvnmS41VSeUbLqxvWyvj
oX5MN4HmczCT9W6SNqWszPnlbhrTxkxKYgphTlOQnfwOiO+3xf6C6jaybdf7MEO1
FsYrVcuGPMkbI2VuaIdJhksN0zwADtVapfZfi8/0sSGth5zeJkdQPJOPqtFQ40wO
yUsCwhAtn0d8QbeyX1LxGv0C1/pbLObvO2bt6jYSNULWOVS051S9q47yBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLjZm0YSfI/Ce4UWwSAfG3OfxirBMB8GA1UdIwQY
MBaAFCuzMJQimPdYI8u5gMjrKs8LfAwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzdNd2xDS1k5MWdqeTdtQXlPc3F6d3Q4REJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85OTA3NDctMzQ1NC00NDEyLThmMDYt
NmIzYTQ3NjY3Y2E4LzEvdU5tYlJoSjhqOEo3aFJiQklCOGJjNV9HS3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85OTA3NDctMzQ1NC00NDEyLThmMDYtNmIzYTQ3NjY3Y2E4
LzEvSzdNd2xDS1k5MWdqeTdtQXlPc3F6d3Q4REJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSAsAwQB
uSggMA0EAgACMAcDBQAqAMCgMA0GCSqGSIb3DQEBCwUAA4IBAQCmo0GaMBoZd/4j
wtdKZCJI1pr85fY0b+GuU322SWKgiddFhHtXfqD1gB3FO0s+goKJLdbQuEzxaQBZ
LZEe1wDF4rxz0V9ce2JYTNnAcuYJACC4ayLwMRETUq3SHNTn5HKRyiZS065yahNM
rmYfwxHQociUr7H9/2+7xsSm3VwFlA7W1eE4hTleNYw/13cJVwNG+EpVjaId6MfW
uSX/Hp2TlXmclbLrQWmN5+SHd9tTNb8mp54NnBC3INyO4R3modH7vu9AChsgo+IK
Za2MxSvG81vfkVVT0ol+6sE1f8Vp8bsi1HVwgppbk6OhFEioBlPJc/4H8vmCwDjj
qrDGz4DE
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:37 2024 by rpki-client on console-fra.rpki-client.org