Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/aIBhLFlBrGUyIkN-JiSDsc7t310.roa
File: aIBhLFlBrGUyIkN-JiSDsc7t310.roa (raw, json)
Hash identifier: ZxIou53Glx+vOsrjXt+Jz9GdRSQ8W7nS5W1ZR/EwV54=
Subject key identifier: 68:80:61:2C:59:41:AC:65:32:22:43:7E:26:24:83:B1:CE:ED:DF:5D
Certificate issuer: /CN=198204d1c25a011236bea0741e4c60139d349b10
Certificate serial: 018CC8DE7546DEEACC895185BAE77D790137
Authority key identifier: 19:82:04:D1:C2:5A:01:12:36:BE:A0:74:1E:4C:60:13:9D:34:9B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GYIE0cJaARI2vqB0HkxgE500mxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/aIBhLFlBrGUyIkN-JiSDsc7t310.roa
Signing time: Tue 02 Jan 2024 06:31:11 +0000
ROA not before: Tue 02 Jan 2024 06:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34790
IP address blocks: 80.74.16.0/20 maxlen: 20
195.162.20.0/23 maxlen: 23
185.2.236.0/22 maxlen: 22
185.188.172.0/22 maxlen: 22
217.72.112.0/20 maxlen: 20
85.234.64.0/19 maxlen: 19
2a00:df00::/29 maxlen: 29
2a00:d000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/GYIE0cJaARI2vqB0HkxgE500mxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/GYIE0cJaARI2vqB0HkxgE500mxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/GYIE0cJaARI2vqB0HkxgE500mxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:75:46:de:ea:cc:89:51:85:ba:e7:7d:79:01:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=198204d1c25a011236bea0741e4c60139d349b10
Validity
Not Before: Jan 2 06:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6880612c5941ac653222437e262483b1ceeddf5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c4:15:d7:98:48:36:03:59:53:07:8c:0b:ff:
51:2c:7b:67:83:9a:8c:fd:01:1d:1a:2c:0d:28:db:
d9:91:3e:2c:c0:87:e1:88:e9:ea:0e:24:91:cb:af:
d5:78:69:8c:30:7d:59:12:46:f9:99:18:0c:d0:7a:
7c:9e:5e:2f:e5:44:07:90:88:ed:85:93:d0:78:43:
52:75:45:f7:41:69:60:ca:c9:5f:46:df:56:e5:cd:
fd:54:96:6f:60:b5:be:d3:76:81:2c:6e:da:aa:3f:
7c:ee:b3:59:b5:e7:21:ca:2a:a0:90:fa:59:81:e5:
be:81:98:88:70:b4:12:22:5a:2c:de:c4:d3:fc:04:
02:97:ce:17:9b:e8:dd:36:04:0e:ab:5b:95:82:37:
5a:84:78:b4:4f:c2:6b:96:3c:98:e1:91:5d:9c:6d:
fa:75:36:f8:53:67:b6:02:fc:26:a1:23:04:81:fb:
ad:03:44:3d:d2:d2:5c:4a:fa:16:ef:8e:4c:fe:46:
f0:06:26:9d:29:9d:d8:f4:d0:97:b4:c9:05:ea:a7:
07:3a:e3:b8:90:e8:5e:1c:10:c8:85:28:3b:d1:9e:
8b:52:30:a6:71:0c:39:6c:ea:c5:c8:e4:80:b5:2f:
95:be:71:59:54:7c:ef:ad:2f:87:30:1f:85:88:e7:
46:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:80:61:2C:59:41:AC:65:32:22:43:7E:26:24:83:B1:CE:ED:DF:5D
X509v3 Authority Key Identifier:
keyid:19:82:04:D1:C2:5A:01:12:36:BE:A0:74:1E:4C:60:13:9D:34:9B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GYIE0cJaARI2vqB0HkxgE500mxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/aIBhLFlBrGUyIkN-JiSDsc7t310.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c6f0a8-98f2-49fb-8506-42ad3b4c8d0c/1/GYIE0cJaARI2vqB0HkxgE500mxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.74.16.0/20
85.234.64.0/19
185.2.236.0/22
185.188.172.0/22
195.162.20.0/23
217.72.112.0/20
IPv6:
2a00:d000::/29
2a00:df00::/29
Signature Algorithm: sha256WithRSAEncryption
ae:4b:62:4e:45:b7:e4:e5:63:05:f1:d2:44:72:6a:e4:63:9a:
cc:34:ea:87:43:8d:8b:8e:a2:37:af:cf:54:7c:c4:eb:8b:88:
9c:04:b6:89:ee:0e:cf:32:c9:2b:0a:38:43:d9:a8:e4:bb:77:
3e:0e:af:df:bf:b6:0d:fa:03:ad:cf:6e:ef:b6:de:fa:a4:cd:
fe:ae:ab:30:ae:d6:71:d3:ec:86:b9:ad:86:66:eb:67:fc:4b:
3c:50:14:a1:ea:bc:78:55:b2:18:67:89:9f:07:5a:80:b1:75:
58:b6:7a:e1:4a:ed:0e:99:cd:42:54:2b:92:93:b7:a0:13:37:
17:1f:1a:86:54:08:a7:1e:8b:b8:24:27:98:5f:ab:26:73:a8:
92:f5:fc:34:cb:24:eb:3f:a1:98:5d:e5:eb:7a:2d:bf:8e:82:
45:ce:cb:e0:8f:9b:f9:d4:e5:8d:5e:79:49:79:47:2a:74:f7:
43:46:49:b4:8c:77:82:5b:fe:b5:f7:77:c4:28:6c:46:2d:81:
8c:59:bd:5c:1a:11:ad:33:31:e3:58:ba:0c:8d:b7:6e:a9:2e:
22:db:f2:39:56:54:ea:81:28:39:42:f1:46:92:49:1b:c6:27:
18:ef:6c:85:2c:86:aa:cc:7f:85:36:1b:f3:f6:e6:0c:b6:5c:
8c:7a:22:51
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzI3nVG3urMiVGFuud9eQE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ODIwNGQxYzI1YTAxMTIzNmJlYTA3NDFlNGM2MDEzOWQz
NDliMTAwHhcNMjQwMTAyMDYzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODgwNjEyYzU5NDFhYzY1MzIyMjQzN2UyNjI0ODNiMWNlZWRkZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sQV15hINgNZUweMC/9RLHtng5qM
/QEdGiwNKNvZkT4swIfhiOnqDiSRy6/VeGmMMH1ZEkb5mRgM0Hp8nl4v5UQHkIjt
hZPQeENSdUX3QWlgyslfRt9W5c39VJZvYLW+03aBLG7aqj987rNZtechyiqgkPpZ
geW+gZiIcLQSIlos3sTT/AQCl84Xm+jdNgQOq1uVgjdahHi0T8JrljyY4ZFdnG36
dTb4U2e2AvwmoSMEgfutA0Q90tJcSvoW745M/kbwBiadKZ3Y9NCXtMkF6qcHOuO4
kOheHBDIhSg70Z6LUjCmcQw5bOrFyOSAtS+VvnFZVHzvrS+HMB+FiOdGcQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGiAYSxZQaxlMiJDfiYkg7HO7d9dMB8GA1UdIwQY
MBaAFBmCBNHCWgESNr6gdB5MYBOdNJsQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1lJRTBjSmFBUkkydnFCMEhreGdFNTAwbXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNmYwYTgtOThmMi00OWZiLTg1MDYt
NDJhZDNiNGM4ZDBjLzEvYUlCaExGbEJyR1V5SWtOLUppU0RzYzd0MzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNmYwYTgtOThmMi00OWZiLTg1MDYtNDJhZDNiNGM4ZDBj
LzEvR1lJRTBjSmFBUkkydnFCMEhreGdFNTAwbXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQEUEoQAwQF
VepAAwQCuQLsAwQCubysAwQBw6IUAwQE2UhwMBQEAgACMA4DBQMqANAAAwUDKgDf
ADANBgkqhkiG9w0BAQsFAAOCAQEArktiTkW35OVjBfHSRHJq5GOazDTqh0ONi46i
N6/PVHzE64uInAS2ie4OzzLJKwo4Q9mo5Lt3Pg6v37+2DfoDrc9u77be+qTN/q6r
MK7WcdPshrmthmbrZ/xLPFAUoeq8eFWyGGeJnwdagLF1WLZ64UrtDpnNQlQrkpO3
oBM3Fx8ahlQIpx6LuCQnmF+rJnOokvX8NMsk6z+hmF3l63otv46CRc7L4I+b+dTl
jV55SXlHKnT3Q0ZJtIx3glv+tfd3xChsRi2BjFm9XBoRrTMx41i6DI23bqkuItvy
OVZU6oEoOULxRpJJG8YnGO9shSyGqsx/hTYb8/bmDLZcjHoiUQ==
-----END CERTIFICATE-----
Generated at Sun Jun 23 02:39:01 2024 by rpki-client on console-ams.rpki-client.org