Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/C2A8U2yRFN-JtgiSjUZeHvM3Hf8.roa
File: C2A8U2yRFN-JtgiSjUZeHvM3Hf8.roa (raw, json)
Hash identifier: 0oGOvpZolEybNW0yN7k5bBsIn4NQoFGyjMQsJvxqg4I=
Subject key identifier: 0B:60:3C:53:6C:91:14:DF:89:B6:08:92:8D:46:5E:1E:F3:37:1D:FF
Certificate issuer: /CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Certificate serial: 018CC56E015E6E05F5012057F2A4826D8E10
Authority key identifier: A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/C2A8U2yRFN-JtgiSjUZeHvM3Hf8.roa
Signing time: Mon 01 Jan 2024 14:29:30 +0000
ROA not before: Mon 01 Jan 2024 14:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199541
IP address blocks: 193.221.181.0/24 maxlen: 24
193.58.31.0/24 maxlen: 24
193.221.170.0/24 maxlen: 24
192.70.89.0/24 maxlen: 24
192.70.90.0/24 maxlen: 24
193.221.2.0/24 maxlen: 24
153.98.83.0/24 maxlen: 24
147.196.0.0/16 maxlen: 16
153.98.105.0/24 maxlen: 24
153.98.100.0/24 maxlen: 24
153.98.106.0/24 maxlen: 24
153.98.108.0/24 maxlen: 24
153.98.107.0/24 maxlen: 24
153.98.110.0/24 maxlen: 24
153.98.109.0/24 maxlen: 24
153.98.111.0/24 maxlen: 24
153.98.113.0/24 maxlen: 24
193.58.19.0/24 maxlen: 24
193.58.21.0/24 maxlen: 24
193.221.14.0/24 maxlen: 24
192.93.20.0/22 maxlen: 22
153.98.37.0/24 maxlen: 24
153.98.36.0/24 maxlen: 24
153.98.68.0/24 maxlen: 24
153.98.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:01:5e:6e:05:f5:01:20:57:f2:a4:82:6d:8e:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Validity
Not Before: Jan 1 14:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b603c536c9114df89b608928d465e1ef3371dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:fe:ff:60:20:43:f1:f3:0d:cf:20:41:ab:e0:
3d:13:ae:18:62:c0:f3:86:e3:43:5e:cf:7c:bb:bc:
f2:a7:8d:8f:89:88:1a:b3:43:ab:d9:4b:7b:76:6c:
16:b3:e3:92:ca:8d:8c:d3:13:d6:02:e1:13:07:91:
89:2d:f3:51:d7:1c:0a:e2:74:92:75:cd:6c:d9:5b:
34:cb:ea:be:97:30:0a:cd:f9:ab:09:53:71:e8:38:
b8:d8:12:2c:a2:a5:01:36:c4:77:2b:1f:c6:db:0a:
96:67:7d:c9:a4:21:9d:f5:ac:49:11:79:cf:e2:bc:
12:24:63:20:83:08:55:63:30:85:3b:bd:f7:d5:b0:
29:ee:3c:3a:dd:d4:79:12:bb:e3:c9:78:1a:b1:4f:
f2:3d:ea:f3:99:1b:58:f8:02:5d:70:f4:c3:75:00:
7d:4f:b1:24:d7:bc:88:b9:8f:6d:d5:57:43:f2:0c:
63:d4:fb:15:80:5b:c2:c9:6a:6c:40:a5:e5:ee:96:
fd:1d:0c:a0:f0:31:e0:5d:88:ed:e2:21:95:a5:b5:
b1:47:27:9d:27:d8:83:9c:d3:0e:59:7d:28:4c:cc:
0e:26:79:e1:e9:2b:66:2a:28:0c:2a:01:40:4c:1c:
b7:dd:ba:bd:f4:82:1c:cf:98:4c:b2:fd:54:24:1d:
24:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:60:3C:53:6C:91:14:DF:89:B6:08:92:8D:46:5E:1E:F3:37:1D:FF
X509v3 Authority Key Identifier:
keyid:A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/C2A8U2yRFN-JtgiSjUZeHvM3Hf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.196.0.0/16
153.98.36.0/23
153.98.68.0/24
153.98.71.0/24
153.98.83.0/24
153.98.100.0/24
153.98.105.0-153.98.111.255
153.98.113.0/24
192.70.89.0-192.70.90.255
192.93.20.0/22
193.58.19.0/24
193.58.21.0/24
193.58.31.0/24
193.221.2.0/24
193.221.14.0/24
193.221.170.0/24
193.221.181.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:53:41:2b:aa:33:9d:c4:83:93:9c:1a:ed:05:9a:0d:e4:4c:
61:8e:1f:23:70:81:db:b2:63:d2:b7:bd:59:61:af:be:f5:32:
09:c8:43:fc:27:bf:0d:1b:74:05:e9:0a:11:52:48:9d:72:c8:
50:a3:1a:04:e2:68:4b:eb:9e:f8:bb:51:1f:28:5f:4a:84:f8:
37:9f:d8:7f:00:71:ec:81:6d:71:51:dc:8c:a6:2c:eb:c1:35:
63:fe:d9:b0:07:ee:a6:1a:ab:d4:a9:26:32:88:b3:8d:5e:9d:
88:d2:7c:db:13:15:60:c0:01:e4:e4:21:a7:22:00:c5:8b:f1:
80:68:a5:b9:11:23:72:4d:22:df:1b:12:46:74:f2:7e:78:87:
c5:58:eb:7b:23:73:1e:3b:10:a2:e6:10:92:c5:4c:2e:26:bc:
97:7f:38:49:a7:de:5f:cb:8f:e8:53:a7:ed:b6:93:46:e6:d4:
ef:73:48:0e:95:21:62:05:e2:41:ad:52:d0:1a:7c:c6:f5:da:
2f:89:d3:71:0c:3a:30:e5:45:c4:ee:9e:03:b3:05:fe:df:9e:
be:20:ef:0c:f1:33:7f:8b:5b:d4:58:4d:49:14:7e:6b:23:5b:
5d:26:82:c0:7f:ae:4e:b8:92:0a:0f:c1:28:21:b5:59:3c:6c:
2f:a4:e3:d1
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYzFbgFebgX1ASBX8qSCbY4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmZjZmFkOTY2YWU3ZTgxNzFjZmNlMjZkYjNmNjU3NzZk
MjZmZTgwHhcNMjQwMTAxMTQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjYwM2M1MzZjOTExNGRmODliNjA4OTI4ZDQ2NWUxZWYzMzcxZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgP7/YCBD8fMNzyBBq+A9E64YYsDz
huNDXs98u7zyp42PiYgas0Or2Ut7dmwWs+OSyo2M0xPWAuETB5GJLfNR1xwK4nSS
dc1s2Vs0y+q+lzAKzfmrCVNx6Di42BIsoqUBNsR3Kx/G2wqWZ33JpCGd9axJEXnP
4rwSJGMggwhVYzCFO7331bAp7jw63dR5ErvjyXgasU/yPerzmRtY+AJdcPTDdQB9
T7Ek17yIuY9t1VdD8gxj1PsVgFvCyWpsQKXl7pb9HQyg8DHgXYjt4iGVpbWxRyed
J9iDnNMOWX0oTMwOJnnh6StmKigMKgFATBy33bq99IIcz5hMsv1UJB0khwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFAtgPFNskRTfibYIko1GXh7zNx3/MB8GA1UdIwQY
MBaAFKdvz62WaufoFxz84m2z9ld20m/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEt
YzU0MDFmNmQ5MWQxLzEvQzJBOFUyeVJGTi1KdGdpU2pVWmVIdk0zSGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEtYzU0MDFmNmQ5MWQx
LzEvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wewQCAAEwdQMDAJPEAwQB
mWIkAwQAmWJEAwQAmWJHAwQAmWJTAwQAmWJkMAwDBACZYmkDBASZYmADBACZYnEw
DAMEAMBGWQMEAMBGWgMEAsBdFAMEAME6EwMEAME6FQMEAME6HwMEAMHdAgMEAMHd
DgMEAMHdqgMEAMHdtTANBgkqhkiG9w0BAQsFAAOCAQEAx1NBK6ozncSDk5wa7QWa
DeRMYY4fI3CB27Jj0re9WWGvvvUyCchD/Ce/DRt0BekKEVJInXLIUKMaBOJoS+ue
+LtRHyhfSoT4N5/YfwBx7IFtcVHcjKYs68E1Y/7ZsAfuphqr1KkmMoizjV6diNJ8
2xMVYMAB5OQhpyIAxYvxgGiluREjck0i3xsSRnTyfniHxVjreyNzHjsQouYQksVM
Lia8l384SafeX8uP6FOn7baTRubU73NIDpUhYgXiQa1S0Bp8xvXaL4nTcQw6MOVF
xO6eA7MF/t+eviDvDPEzf4tb1FhNSRR+ayNbXSaCwH+uTriSCg/BKCG1WTxsL6Tj
0Q==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:28:48 2024 by rpki-client on console-ams.rpki-client.org