Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/xIvbIFq2GTRibPM3JvC73t-Jv84.roa
File: xIvbIFq2GTRibPM3JvC73t-Jv84.roa (raw, json)
Hash identifier: S9PZ1tpiYt2eK0ybZNEtLZwz2erbqD7AXoSAUQWy9gs=
Subject key identifier: C4:8B:DB:20:5A:B6:19:34:62:6C:F3:37:26:F0:BB:DE:DF:89:BF:CE
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 018CC8DEB9B0E9B159A0198412FE8DDD8A00
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/xIvbIFq2GTRibPM3JvC73t-Jv84.roa
Signing time: Tue 02 Jan 2024 06:31:28 +0000
ROA not before: Tue 02 Jan 2024 06:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213354
IP address blocks: 194.62.246.0/23 maxlen: 23
194.62.244.0/23 maxlen: 23
194.15.112.0/24 maxlen: 24
194.15.113.0/24 maxlen: 24
185.248.192.0/23 maxlen: 23
185.248.194.0/23 maxlen: 23
194.26.18.0/24 maxlen: 24
91.228.68.0/22 maxlen: 22
2a11:9c00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:b9:b0:e9:b1:59:a0:19:84:12:fe:8d:dd:8a:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Jan 2 06:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c48bdb205ab61934626cf33726f0bbdedf89bfce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:27:74:5d:83:aa:46:7b:61:15:b9:63:47:76:
7d:f4:ad:43:fc:f5:2d:52:d5:fc:31:45:95:5b:3b:
03:74:78:a0:4e:19:bb:04:97:d9:a4:db:83:eb:8e:
9e:4e:14:95:bb:8f:54:45:85:5c:7e:60:05:a6:46:
0c:35:c8:67:12:0c:8f:0e:50:b0:bc:9a:f3:ed:fc:
e5:3c:90:28:7a:79:d5:e8:8a:29:43:af:52:a2:40:
97:2e:92:ae:cf:27:9f:3f:06:48:1a:3b:b1:3d:d2:
38:f2:ae:b9:51:d8:84:15:91:19:2b:6f:e3:af:27:
f2:1e:f4:41:d0:9c:81:25:86:30:b6:77:bf:ad:12:
94:e7:fa:3a:a7:15:20:7b:72:da:d8:98:d6:82:9f:
26:09:be:16:c3:ba:89:1e:95:43:e3:e7:88:e6:7f:
70:1b:44:c5:e9:dd:09:1c:4a:1c:14:c1:1b:fc:29:
17:a3:37:6d:5b:8e:96:a5:0e:94:60:c9:03:4e:5a:
5e:bf:f7:12:cc:b5:57:39:8f:a5:3d:e9:a3:c4:22:
76:03:01:c5:72:a9:ed:84:80:c1:e0:6f:b0:5e:ae:
58:1b:52:44:90:89:c5:99:3e:18:9b:d7:98:e4:8d:
3c:d7:be:fa:a1:7f:90:8f:1f:44:b2:b6:bd:a5:b6:
08:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:8B:DB:20:5A:B6:19:34:62:6C:F3:37:26:F0:BB:DE:DF:89:BF:CE
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/xIvbIFq2GTRibPM3JvC73t-Jv84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.68.0/22
185.248.192.0/22
194.15.112.0/23
194.26.18.0/24
194.62.244.0/22
IPv6:
2a11:9c00::/40
Signature Algorithm: sha256WithRSAEncryption
59:86:bf:4e:d9:b7:07:f3:06:51:5a:62:77:d9:10:ea:c4:49:
7a:e1:2c:c5:36:cf:d3:33:a7:9a:be:5c:49:eb:2d:8d:17:e8:
43:af:d0:83:78:78:7c:d5:d5:9e:02:d6:49:25:28:de:04:41:
17:f0:1c:f6:b4:f1:fc:33:98:ed:c2:0a:8c:b4:6a:5e:c4:87:
93:67:3d:7b:fb:b7:86:64:be:dd:b9:68:29:46:9a:ac:cf:cc:
72:e9:0a:d8:ab:a6:a3:a7:07:9f:2d:32:df:34:aa:a1:05:0a:
13:aa:2e:c3:b3:32:ac:8e:01:83:b4:ea:94:10:50:70:83:31:
e4:09:18:d7:6f:11:36:55:ee:6e:99:48:c7:1d:19:e7:bd:c0:
d0:f6:e8:be:14:b5:86:71:dd:c8:fa:f3:50:75:bb:31:ca:16:
9e:7f:35:27:0b:29:99:f5:eb:a9:9c:4a:7e:13:2d:a4:79:48:
06:ef:c1:d6:23:7c:20:8f:a1:a6:72:39:6c:ea:79:05:45:44:
da:8d:1e:a0:63:ba:62:62:7c:c6:ac:78:eb:a9:52:ad:a7:45:
ad:90:f0:7b:57:9a:25:6c:88:cc:c9:30:c6:b6:42:77:aa:5f:
34:c1:8c:7e:13:9e:86:da:9f:64:2c:a6:7b:4c:51:d8:f6:95:
07:b7:3e:d1
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzI3rmw6bFZoBmEEv6N3YoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZGM5YzU1ZTE1OTdlODg1NjRkYWY1NjdlNWE0NjY1OTc4
YzdiODUwHhcNMjQwMTAyMDYzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDhiZGIyMDVhYjYxOTM0NjI2Y2YzMzcyNmYwYmJkZWRmODliZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCd0XYOqRnthFbljR3Z99K1D/PUt
UtX8MUWVWzsDdHigThm7BJfZpNuD646eThSVu49URYVcfmAFpkYMNchnEgyPDlCw
vJrz7fzlPJAoennV6IopQ69SokCXLpKuzyefPwZIGjuxPdI48q65UdiEFZEZK2/j
ryfyHvRB0JyBJYYwtne/rRKU5/o6pxUge3La2JjWgp8mCb4Ww7qJHpVD4+eI5n9w
G0TF6d0JHEocFMEb/CkXozdtW46WpQ6UYMkDTlpev/cSzLVXOY+lPemjxCJ2AwHF
cqnthIDB4G+wXq5YG1JEkInFmT4Ym9eY5I081776oX+Qjx9Esra9pbYICwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMSL2yBathk0YmzzNybwu97fib/OMB8GA1UdIwQY
MBaAFIXcnFXhWX6IVk2vVn5aRmWXjHuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0Mjkt
ODZlYTE5ZDI5MTYzLzEveEl2YklGcTJHVFJpYlBNM0p2QzczdC1Kdjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mMDdmYmMtNGMzMi00ZDg3LWE0MjktODZlYTE5ZDI5MTYz
LzEvaGR5Y1ZlRlpmb2hXVGE5V2ZscEdaWmVNZTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQCW+REAwQC
ufjAAwQBwg9wAwQAwhoSAwQCwj70MA4EAgACMAgDBgAqEZwAADANBgkqhkiG9w0B
AQsFAAOCAQEAWYa/Ttm3B/MGUVpid9kQ6sRJeuEsxTbP0zOnmr5cSestjRfoQ6/Q
g3h4fNXVngLWSSUo3gRBF/Ac9rTx/DOY7cIKjLRqXsSHk2c9e/u3hmS+3bloKUaa
rM/McukK2Kumo6cHny0y3zSqoQUKE6ouw7MyrI4Bg7TqlBBQcIMx5AkY128RNlXu
bplIxx0Z573A0PbovhS1hnHdyPrzUHW7McoWnn81JwspmfXrqZxKfhMtpHlIBu/B
1iN8II+hpnI5bOp5BUVE2o0eoGO6YmJ8xqx466lSradFrZDwe1eaJWyIzMkwxrZC
d6pfNMGMfhOehtqfZCyme0xR2PaVB7c+0Q==
-----END CERTIFICATE-----
Generated at Wed Jun 26 07:59:27 2024 by rpki-client on console-fra.rpki-client.org