Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/ae3042-ca98-4dda-95a6-3b8fbfff5342/1/cpHTdMt9KOwdZz_bu7ARhVERW8U.roa
File: cpHTdMt9KOwdZz_bu7ARhVERW8U.roa (raw, json)
Hash identifier: lE+YjIi841nCv5MIpTFtdTzu1SCBWiZxx4LI70Otxaw=
Subject key identifier: 72:91:D3:74:CB:7D:28:EC:1D:67:3F:DB:BB:B0:11:85:51:11:5B:C5
Certificate issuer: /CN=83023b39705b345a86eff3f14ef6b1e4db45939e
Certificate serial: 018CC794F7FDF575FCE6EDC99FB40AD711A6
Authority key identifier: 83:02:3B:39:70:5B:34:5A:86:EF:F3:F1:4E:F6:B1:E4:DB:45:93:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gwI7OXBbNFqG7_PxTvax5NtFk54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/ae3042-ca98-4dda-95a6-3b8fbfff5342/1/cpHTdMt9KOwdZz_bu7ARhVERW8U.roa
Signing time: Tue 02 Jan 2024 00:31:17 +0000
ROA not before: Tue 02 Jan 2024 00:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60503
IP address blocks: 185.30.165.0/24 maxlen: 24
185.30.164.0/22 maxlen: 22
185.30.164.0/24 maxlen: 24
185.30.166.0/24 maxlen: 24
185.30.167.0/24 maxlen: 24
93.158.236.0/22 maxlen: 22
93.158.236.0/24 maxlen: 24
93.158.238.0/24 maxlen: 24
93.158.237.0/24 maxlen: 24
93.158.239.0/24 maxlen: 24
2a00:aee3::/32 maxlen: 32
2a00:aee7::/32 maxlen: 32
2a00:aee0::/32 maxlen: 32
2a00:aee6::/32 maxlen: 32
2a00:aee5::/32 maxlen: 32
2a00:aee1::/32 maxlen: 32
2a00:aee4::/32 maxlen: 32
2a00:aee2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/ae3042-ca98-4dda-95a6-3b8fbfff5342/1/gwI7OXBbNFqG7_PxTvax5NtFk54.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/ae3042-ca98-4dda-95a6-3b8fbfff5342/1/gwI7OXBbNFqG7_PxTvax5NtFk54.mft
rsync://rpki.ripe.net/repository/DEFAULT/gwI7OXBbNFqG7_PxTvax5NtFk54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:f7:fd:f5:75:fc:e6:ed:c9:9f:b4:0a:d7:11:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83023b39705b345a86eff3f14ef6b1e4db45939e
Validity
Not Before: Jan 2 00:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7291d374cb7d28ec1d673fdbbbb0118551115bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3a:b7:51:3a:bb:78:f0:a0:ba:54:28:26:2c:
9a:ce:6b:a2:ca:10:de:36:22:a8:49:d7:c8:f6:80:
ee:23:f0:c4:27:90:b9:b0:f4:53:e6:6c:16:6d:8a:
f9:1a:4c:1a:f5:b4:cc:45:29:e7:77:11:a2:5a:df:
76:d7:32:08:f4:5e:3f:a0:d0:37:8c:af:8f:b3:ed:
e6:0e:a9:26:a5:23:78:cb:96:16:73:46:63:9a:df:
a9:c7:04:4c:90:df:85:86:3a:e0:e0:8a:0d:87:3f:
92:27:84:0f:23:37:f7:bf:1a:e0:d7:2c:ef:c4:42:
ce:e0:4e:13:ad:74:0e:9b:1d:be:42:19:3e:09:f0:
54:0a:a8:62:4f:54:18:69:9c:09:30:68:8b:0a:fc:
b4:1c:ce:5e:83:f0:9c:43:77:ac:a8:01:3b:f4:e6:
c3:e5:34:01:87:06:90:18:31:0f:b7:d0:98:a0:d4:
5e:9c:a7:8e:d4:84:27:6a:05:88:e6:87:3e:f3:9f:
35:69:7e:14:3c:52:bc:02:49:1f:b5:20:cb:9b:9c:
df:15:2b:96:59:ec:88:0d:bf:db:18:e8:33:27:28:
c1:5a:55:de:94:ee:9c:b1:4a:b8:04:48:46:19:a1:
98:29:ef:90:69:60:15:df:b8:fc:d5:99:94:3a:5f:
6f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:91:D3:74:CB:7D:28:EC:1D:67:3F:DB:BB:B0:11:85:51:11:5B:C5
X509v3 Authority Key Identifier:
keyid:83:02:3B:39:70:5B:34:5A:86:EF:F3:F1:4E:F6:B1:E4:DB:45:93:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gwI7OXBbNFqG7_PxTvax5NtFk54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ae3042-ca98-4dda-95a6-3b8fbfff5342/1/cpHTdMt9KOwdZz_bu7ARhVERW8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/ae3042-ca98-4dda-95a6-3b8fbfff5342/1/gwI7OXBbNFqG7_PxTvax5NtFk54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.158.236.0/22
185.30.164.0/22
IPv6:
2a00:aee0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:b2:4e:dd:35:da:3d:03:ce:19:4a:e7:1c:56:bd:c5:6f:c2:
26:76:4c:c0:a7:d8:35:9a:29:7f:b7:5e:27:02:4e:18:85:df:
fd:df:a2:52:9f:80:22:7b:a8:90:93:37:5b:d3:c5:74:93:9e:
7d:1e:49:6a:01:a3:ca:4d:3c:5b:60:30:d0:e6:ed:90:fc:de:
1e:62:96:71:5d:c3:52:ee:f0:6c:12:44:87:b9:83:3a:d4:57:
83:b9:87:65:59:38:71:0a:71:43:41:0e:46:43:12:12:85:82:
16:35:18:79:df:9f:d0:87:85:46:b3:b7:01:1b:e9:cc:9f:48:
98:79:cf:6a:85:5c:07:5b:5c:79:fd:09:04:da:23:e6:31:6d:
97:9f:39:b7:ec:cc:83:54:de:3b:e9:68:21:4b:8a:49:af:4d:
e8:16:db:81:7d:f2:fd:7a:a6:3c:fc:74:99:3b:43:2c:03:9b:
67:32:3f:e1:4b:f1:15:84:09:0d:2f:43:59:30:ff:c7:0e:2b:
06:39:41:94:e7:22:58:53:2f:92:67:86:3b:af:3a:ba:43:02:
8a:10:32:50:64:54:8c:48:0f:94:9d:48:0c:63:ea:07:32:98:
fd:d3:67:e5:2d:57:6f:41:27:f9:fc:1d:67:9b:12:52:d3:89:
d3:25:eb:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHlPf99XX85u3Jn7QK1xGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMDIzYjM5NzA1YjM0NWE4NmVmZjNmMTRlZjZiMWU0ZGI0
NTkzOWUwHhcNMjQwMTAyMDAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjkxZDM3NGNiN2QyOGVjMWQ2NzNmZGJiYmIwMTE4NTUxMTE1YmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTq3UTq7ePCgulQoJiyazmuiyhDe
NiKoSdfI9oDuI/DEJ5C5sPRT5mwWbYr5Gkwa9bTMRSnndxGiWt921zII9F4/oNA3
jK+Ps+3mDqkmpSN4y5YWc0Zjmt+pxwRMkN+Fhjrg4IoNhz+SJ4QPIzf3vxrg1yzv
xELO4E4TrXQOmx2+Qhk+CfBUCqhiT1QYaZwJMGiLCvy0HM5eg/CcQ3esqAE79ObD
5TQBhwaQGDEPt9CYoNRenKeO1IQnagWI5oc+8581aX4UPFK8AkkftSDLm5zfFSuW
WeyIDb/bGOgzJyjBWlXelO6csUq4BEhGGaGYKe+QaWAV37j81ZmUOl9vXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHKR03TLfSjsHWc/27uwEYVREVvFMB8GA1UdIwQY
MBaAFIMCOzlwWzRahu/z8U72seTbRZOeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3dJN09YQmJORnFHN19QeFR2YXg1TnRGazU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hZTMwNDItY2E5OC00ZGRhLTk1YTYt
M2I4ZmJmZmY1MzQyLzEvY3BIVGRNdDlLT3dkWnpfYnU3QVJoVkVSVzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hZTMwNDItY2E5OC00ZGRhLTk1YTYtM2I4ZmJmZmY1MzQy
LzEvZ3dJN09YQmJORnFHN19QeFR2YXg1TnRGazU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCXZ7sAwQC
uR6kMA0EAgACMAcDBQMqAK7gMA0GCSqGSIb3DQEBCwUAA4IBAQA7sk7dNdo9A84Z
SuccVr3Fb8ImdkzAp9g1mil/t14nAk4Yhd/936JSn4Aie6iQkzdb08V0k559Hklq
AaPKTTxbYDDQ5u2Q/N4eYpZxXcNS7vBsEkSHuYM61FeDuYdlWThxCnFDQQ5GQxIS
hYIWNRh535/Qh4VGs7cBG+nMn0iYec9qhVwHW1x5/QkE2iPmMW2Xnzm37MyDVN47
6WghS4pJr03oFtuBffL9eqY8/HSZO0MsA5tnMj/hS/EVhAkNL0NZMP/HDisGOUGU
5yJYUy+SZ4Y7rzq6QwKKEDJQZFSMSA+UnUgMY+oHMpj902flLVdvQSf5/B1nmxJS
04nTJet5
-----END CERTIFICATE-----
Generated at Tue May 21 20:16:48 2024 by rpki-client on console-ams.rpki-client.org