Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/ByEmA8Qazs8EOt6OWMDIIccfBf4.roa
File: ByEmA8Qazs8EOt6OWMDIIccfBf4.roa (raw, json)
Hash identifier: bAqFzYq+Y63vLoPeiqRw2MxymlTZ2vDuSbSGVO61ZE4=
Subject key identifier: 07:21:26:03:C4:1A:CE:CF:04:3A:DE:8E:58:C0:C8:21:C7:1F:05:FE
Certificate issuer: /CN=0cce8832d02949801f1198e9d13bb18ed5832d0c
Certificate serial: 018CC8DF2068C7472CEE5FF6EC7775026EDE
Authority key identifier: 0C:CE:88:32:D0:29:49:80:1F:11:98:E9:D1:3B:B1:8E:D5:83:2D:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DM6IMtApSYAfEZjp0TuxjtWDLQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/ByEmA8Qazs8EOt6OWMDIIccfBf4.roa
Signing time: Tue 02 Jan 2024 06:31:55 +0000
ROA not before: Tue 02 Jan 2024 06:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198641
IP address blocks: 185.58.230.0/24 maxlen: 24
185.58.231.0/24 maxlen: 24
185.58.228.0/24 maxlen: 24
185.58.229.0/24 maxlen: 24
37.205.40.0/24 maxlen: 24
37.205.44.0/24 maxlen: 24
37.205.40.0/22 maxlen: 22
37.205.40.0/21 maxlen: 21
37.205.42.0/24 maxlen: 24
37.205.46.0/24 maxlen: 24
37.205.45.0/24 maxlen: 24
2a02:4220::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/DM6IMtApSYAfEZjp0TuxjtWDLQw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/DM6IMtApSYAfEZjp0TuxjtWDLQw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DM6IMtApSYAfEZjp0TuxjtWDLQw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:20:68:c7:47:2c:ee:5f:f6:ec:77:75:02:6e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cce8832d02949801f1198e9d13bb18ed5832d0c
Validity
Not Before: Jan 2 06:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07212603c41acecf043ade8e58c0c821c71f05fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:dc:de:66:34:5b:20:4c:5c:28:83:c9:a8:6e:
02:56:fe:d9:ea:98:5a:20:5b:75:d8:17:47:6b:55:
af:5d:8f:dc:bb:88:25:27:71:f0:c1:56:67:ce:92:
e7:6f:d5:86:bb:40:82:82:73:1c:9c:c8:00:ba:95:
6b:9a:20:24:f2:3a:50:a9:6e:48:18:77:a8:9f:2f:
fd:aa:69:5a:9c:c6:99:54:9d:69:c2:8c:fb:b3:2a:
7b:3f:16:b8:ba:70:07:be:92:f5:55:8a:36:20:ea:
f5:20:ae:72:b9:5f:43:ae:5f:89:3f:55:75:77:d7:
af:b0:98:b8:b2:de:dc:85:c1:e7:e9:a3:90:0c:e3:
ee:ab:45:4f:d3:9f:1c:ea:1b:b6:12:1b:d0:36:c3:
cb:ef:d3:ce:cc:8b:b2:93:80:ad:58:6b:92:e9:96:
a0:5a:c5:c1:21:4a:8a:9f:58:d4:2e:af:e4:15:c8:
0f:c4:a7:c7:e0:08:e3:72:a7:14:0f:5d:78:45:66:
b9:5a:78:8f:a7:ff:08:ee:c2:50:e9:b0:93:3f:13:
f0:a2:fd:40:73:55:96:ea:6b:37:ba:e5:10:9d:07:
04:c3:05:da:30:a0:df:dd:89:f7:74:18:aa:0d:14:
50:c0:89:34:2d:92:94:31:98:2c:84:43:82:c5:67:
65:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:21:26:03:C4:1A:CE:CF:04:3A:DE:8E:58:C0:C8:21:C7:1F:05:FE
X509v3 Authority Key Identifier:
keyid:0C:CE:88:32:D0:29:49:80:1F:11:98:E9:D1:3B:B1:8E:D5:83:2D:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DM6IMtApSYAfEZjp0TuxjtWDLQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/ByEmA8Qazs8EOt6OWMDIIccfBf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/777c0a-ca44-43ec-ab79-5e0afec136b1/1/DM6IMtApSYAfEZjp0TuxjtWDLQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.205.40.0/21
185.58.228.0/22
IPv6:
2a02:4220::/32
Signature Algorithm: sha256WithRSAEncryption
79:1d:78:04:89:de:0f:65:16:f8:71:43:97:0c:46:2a:89:ef:
12:d8:15:46:f5:60:77:0f:7e:c9:07:11:61:8f:d2:fa:63:63:
6f:0c:8a:0f:a7:9d:1f:bf:89:3f:49:39:bb:1f:0a:4d:5c:a2:
7c:91:78:c2:a9:ef:e2:88:ba:96:f4:27:ac:dd:de:25:38:11:
5c:67:af:e8:ff:9d:18:96:05:a2:d4:79:ea:6e:a7:87:02:8b:
8a:00:cd:61:4b:e0:43:05:1c:b7:5e:73:ee:d9:0c:f9:ab:7f:
8e:fc:c1:dd:67:4a:74:15:f7:73:f4:7b:f1:1a:a6:a1:6c:47:
8f:bb:ba:5b:09:88:d9:df:10:83:5e:f2:37:3b:d1:23:85:4a:
af:4f:62:b8:f9:08:6d:7f:ad:5f:37:b9:52:2d:8a:c5:e8:e7:
91:06:f8:c5:e6:12:3c:a8:7c:61:9b:bc:92:b1:1b:82:84:14:
08:a4:83:8e:15:84:37:0b:65:1a:bb:24:01:a8:22:e3:87:77:
96:e2:b9:cc:94:46:eb:44:0a:9e:05:fb:03:ec:ae:51:a2:86:
49:05:e1:37:7c:70:4c:40:17:60:c5:fb:84:0f:17:b6:96:2d:
1e:ab:b4:8e:ba:db:6e:d5:6e:15:4a:b1:e9:d2:fb:3a:65:c6:
0d:5b:f8:e9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzI3yBox0cs7l/27Hd1Am7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjY2U4ODMyZDAyOTQ5ODAxZjExOThlOWQxM2JiMThlZDU4
MzJkMGMwHhcNMjQwMTAyMDYzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzIxMjYwM2M0MWFjZWNmMDQzYWRlOGU1OGMwYzgyMWM3MWYwNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NzeZjRbIExcKIPJqG4CVv7Z6pha
IFt12BdHa1WvXY/cu4glJ3HwwVZnzpLnb9WGu0CCgnMcnMgAupVrmiAk8jpQqW5I
GHeony/9qmlanMaZVJ1pwoz7syp7Pxa4unAHvpL1VYo2IOr1IK5yuV9Drl+JP1V1
d9evsJi4st7chcHn6aOQDOPuq0VP058c6hu2EhvQNsPL79POzIuyk4CtWGuS6Zag
WsXBIUqKn1jULq/kFcgPxKfH4AjjcqcUD114RWa5WniPp/8I7sJQ6bCTPxPwov1A
c1WW6ms3uuUQnQcEwwXaMKDf3Yn3dBiqDRRQwIk0LZKUMZgshEOCxWdlyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAchJgPEGs7PBDrejljAyCHHHwX+MB8GA1UdIwQY
MBaAFAzOiDLQKUmAHxGY6dE7sY7Vgy0MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE02SU10QXBTWUFmRVpqcDBUdXhqdFdETFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC83NzdjMGEtY2E0NC00M2VjLWFiNzkt
NWUwYWZlYzEzNmIxLzEvQnlFbUE4UWF6czhFT3Q2T1dNRElJY2NmQmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC83NzdjMGEtY2E0NC00M2VjLWFiNzktNWUwYWZlYzEzNmIx
LzEvRE02SU10QXBTWUFmRVpqcDBUdXhqdFdETFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJc0oAwQC
uTrkMA0EAgACMAcDBQAqAkIgMA0GCSqGSIb3DQEBCwUAA4IBAQB5HXgEid4PZRb4
cUOXDEYqie8S2BVG9WB3D37JBxFhj9L6Y2NvDIoPp50fv4k/STm7HwpNXKJ8kXjC
qe/iiLqW9Ces3d4lOBFcZ6/o/50YlgWi1HnqbqeHAouKAM1hS+BDBRy3XnPu2Qz5
q3+O/MHdZ0p0Ffdz9HvxGqahbEePu7pbCYjZ3xCDXvI3O9EjhUqvT2K4+Qhtf61f
N7lSLYrF6OeRBvjF5hI8qHxhm7ySsRuChBQIpIOOFYQ3C2UauyQBqCLjh3eW4rnM
lEbrRAqeBfsD7K5RooZJBeE3fHBMQBdgxfuEDxe2li0eq7SOuttu1W4VSrHp0vs6
ZcYNW/jp
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:27:41 2024 by rpki-client on console-fra.rpki-client.org