Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/Stz5RHccsjUSL5Z27vYClLIpRvo.roa
File: Stz5RHccsjUSL5Z27vYClLIpRvo.roa (raw, json)
Hash identifier: FAxWe9YOik2ybqOTJ7NpXUakrysBGt/U3YpDbK1bEYI=
Subject key identifier: 4A:DC:F9:44:77:1C:B2:35:12:2F:96:76:EE:F6:02:94:B2:29:46:FA
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 01934E9296D7D94B5294B97C5ABDB411DE5C
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/Stz5RHccsjUSL5Z27vYClLIpRvo.roa
Signing time: Thu 21 Nov 2024 11:54:09 +0000
ROA not before: Thu 21 Nov 2024 11:54:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/16 maxlen: 24
89.63.0.0/20 maxlen: 20
89.63.16.0/20 maxlen: 20
89.63.20.0/24 maxlen: 24
185.35.12.0/22 maxlen: 22
195.4.128.0/19 maxlen: 19
195.4.145.0/24 maxlen: 24
195.4.160.0/20 maxlen: 20
195.4.184.0/21 maxlen: 21
195.4.192.0/20 maxlen: 20
195.4.199.0/24 maxlen: 24
195.4.208.0/21 maxlen: 21
2a00:dca0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4e:92:96:d7:d9:4b:52:94:b9:7c:5a:bd:b4:11:de:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Nov 21 11:54:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4adcf944771cb235122f9676eef60294b22946fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:4a:94:41:0b:e3:27:10:d8:85:c3:02:64:15:
ca:e6:48:ef:65:10:89:0c:36:06:c3:e6:0e:8f:ec:
47:b7:2c:90:94:81:19:11:3c:76:96:7f:03:52:6e:
b3:fe:02:be:51:30:dd:f9:96:52:6e:c6:93:c0:50:
6f:96:e0:61:e8:4c:60:f1:e3:e3:e8:8a:55:4d:e1:
16:a1:3e:5a:ab:5d:90:d8:2f:9d:21:d4:0d:14:4e:
91:a6:d0:9e:8b:31:9d:c7:15:80:0b:97:24:ec:96:
2b:3f:61:be:4b:06:f1:f2:87:3c:c4:97:62:d1:3f:
78:9b:2d:e3:b4:58:fd:be:cf:08:d3:82:00:1f:4d:
03:4d:fb:d1:4d:a1:3b:56:19:7d:5b:83:f9:0e:34:
f1:0b:13:92:f0:7c:8e:c7:f2:92:53:aa:fa:41:00:
b3:7a:4b:00:78:98:e8:b9:66:84:6b:27:53:52:a0:
fa:f4:60:1b:66:0f:ed:04:13:ca:c0:80:51:47:ae:
a1:aa:8f:a8:fa:ab:75:fe:be:1a:dd:ec:55:7d:5d:
e3:04:1c:fd:e4:73:af:67:e7:78:15:db:d0:c5:35:
ef:c5:fc:60:9f:fa:cd:c8:f0:04:6d:45:84:c6:4d:
f6:dd:02:91:d3:f6:23:81:71:66:75:63:f0:c9:4d:
a7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DC:F9:44:77:1C:B2:35:12:2F:96:76:EE:F6:02:94:B2:29:46:FA
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/Stz5RHccsjUSL5Z27vYClLIpRvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0/16
185.35.12.0/22
195.4.128.0-195.4.175.255
195.4.184.0-195.4.215.255
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
62:c7:e7:3a:a4:72:23:47:6b:3d:64:fa:99:20:1c:37:b6:bf:
09:47:bd:b7:c7:e9:7a:ac:57:40:b4:31:d7:b0:fe:ed:bb:09:
63:a6:05:ed:8e:b7:a4:32:83:4e:16:ab:2e:5d:cd:c3:fe:d2:
8f:b2:7e:70:8e:61:10:31:38:e4:c4:8e:5f:a7:c4:b7:a4:7d:
09:4b:4d:9c:b7:10:bf:1f:ec:ab:c3:29:b3:b0:27:cd:4d:16:
cc:07:ab:54:46:87:28:e1:6b:d8:cd:fc:7d:10:34:d4:27:ec:
3a:11:64:63:24:ff:18:72:cc:5b:c3:f2:f0:e2:04:4c:6c:32:
f5:20:1f:58:8f:b5:93:af:8c:2c:3e:d0:28:de:32:cd:a2:9d:
f3:2f:f9:4a:71:14:e2:7f:2e:5c:cc:41:62:d5:27:99:59:2a:
96:c8:90:14:39:79:f0:ad:fa:23:3e:36:bd:2f:ce:dd:4b:1c:
a5:71:e8:36:a7:cf:17:07:08:cf:da:dd:c0:39:f7:d0:99:37:
ae:b4:2a:e0:37:8c:71:cc:43:19:44:24:42:a9:3e:c0:2b:9e:
cc:0d:fb:7c:8f:30:b0:1f:8a:a9:03:3e:53:0c:e5:25:81:dd:
3f:f2:8e:b0:a7:69:3f:90:c2:a9:4e:07:93:66:7f:04:c9:cd:
72:52:2f:81
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZNOkpbX2UtSlLl8Wr20Ed5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjQxMTIxMTE1NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWRjZjk0NDc3MWNiMjM1MTIyZjk2NzZlZWY2MDI5NGIyMjk0NmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8UqUQQvjJxDYhcMCZBXK5kjvZRCJ
DDYGw+YOj+xHtyyQlIEZETx2ln8DUm6z/gK+UTDd+ZZSbsaTwFBvluBh6Exg8ePj
6IpVTeEWoT5aq12Q2C+dIdQNFE6RptCeizGdxxWAC5ck7JYrP2G+Swbx8oc8xJdi
0T94my3jtFj9vs8I04IAH00DTfvRTaE7Vhl9W4P5DjTxCxOS8HyOx/KSU6r6QQCz
eksAeJjouWaEaydTUqD69GAbZg/tBBPKwIBRR66hqo+o+qt1/r4a3exVfV3jBBz9
5HOvZ+d4FdvQxTXvxfxgn/rNyPAEbUWExk323QKR0/YjgXFmdWPwyU2nqwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFErc+UR3HLI1Ei+Wdu72ApSyKUb6MB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvU3R6NVJIY2NzalVTTDVaMjd2WUNsTElwUnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAtBAIAATAnAwMAWT8DBAK5
IwwwDAMEB8MEgAMEBMMEoDAMAwQDwwS4AwQDwwTQMA0EAgACMAcDBQMqANygMA0G
CSqGSIb3DQEBCwUAA4IBAQBix+c6pHIjR2s9ZPqZIBw3tr8JR723x+l6rFdAtDHX
sP7tuwljpgXtjrekMoNOFqsuXc3D/tKPsn5wjmEQMTjkxI5fp8S3pH0JS02ctxC/
H+yrwymzsCfNTRbMB6tURoco4WvYzfx9EDTUJ+w6EWRjJP8Ycsxbw/Lw4gRMbDL1
IB9Yj7WTr4wsPtAo3jLNop3zL/lKcRTify5czEFi1SeZWSqWyJAUOXnwrfojPja9
L87dSxylceg2p88XBwjP2t3AOffQmTeutCrgN4xxzEMZRCRCqT7AK57MDft8jzCw
H4qpAz5TDOUlgd0/8o6wp2k/kMKpTgeTZn8Eyc1yUi+B
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:12:25 2024 by rpki-client on console-fra.rpki-client.org