Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/1-XLN5qGNEVkyS6VqQrZ02VX4eaI.roa
File: 1-XLN5qGNEVkyS6VqQrZ02VX4eaI.roa (raw, json)
Hash identifier: 5mpIbStdQMn302qt4rdN3al7L6r5dSsJJ05jRDD8s3o=
Subject key identifier: F9:72:CD:E6:A1:8D:11:59:32:4B:A5:6A:42:B6:74:D9:55:F8:79:A2
Certificate issuer: /CN=374cc2ffd769c18e5e6f0dfc9a0ea74fb3f8c108
Certificate serial: 018D3C7C8BBB21072FE6DFBFD47EC5DC8B40
Authority key identifier: 37:4C:C2:FF:D7:69:C1:8E:5E:6F:0D:FC:9A:0E:A7:4F:B3:F8:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N0zC_9dpwY5ebw38mg6nT7P4wQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/1-XLN5qGNEVkyS6VqQrZ02VX4eaI.roa
Signing time: Wed 24 Jan 2024 17:20:11 +0000
ROA not before: Wed 24 Jan 2024 17:20:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53589
IP address blocks: 85.236.152.0/21 maxlen: 24
146.88.232.0/21 maxlen: 24
185.22.108.0/22 maxlen: 24
185.22.111.0/24 maxlen: 24
185.221.180.0/22 maxlen: 24
209.16.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/N0zC_9dpwY5ebw38mg6nT7P4wQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/N0zC_9dpwY5ebw38mg6nT7P4wQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/N0zC_9dpwY5ebw38mg6nT7P4wQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3c:7c:8b:bb:21:07:2f:e6:df:bf:d4:7e:c5:dc:8b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374cc2ffd769c18e5e6f0dfc9a0ea74fb3f8c108
Validity
Not Before: Jan 24 17:20:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f972cde6a18d1159324ba56a42b674d955f879a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:52:ff:00:c3:d2:7a:a0:9a:2b:d4:fc:58:35:
5e:77:cd:9a:24:1a:a7:b0:94:ab:9a:76:bd:86:31:
91:3a:37:28:d6:06:64:3f:c6:50:b6:51:9d:71:2e:
6d:f1:b9:cc:24:af:cf:3a:ff:ea:c4:ff:48:6e:e3:
e6:f5:83:ee:c5:43:f4:2e:f6:33:63:54:ed:b4:62:
a4:a6:03:2c:fe:4e:ba:bd:b4:a3:8e:ee:c0:6f:54:
64:8f:ee:4c:d1:7d:93:fb:57:7c:b1:c6:6a:77:55:
32:42:02:98:f7:66:ec:c4:d5:2d:e3:9c:4c:f1:d3:
50:81:5a:d7:bf:dd:0c:fc:ad:a7:42:d9:ea:cd:48:
9d:6a:ea:d6:ff:d9:8f:97:71:ea:07:3c:22:2a:65:
1a:9f:1c:bd:ae:8f:19:55:67:66:f8:cd:4a:8f:80:
22:d5:7e:bb:35:72:c5:5e:90:22:a3:62:ad:ac:0e:
07:4b:c0:38:db:87:d0:37:77:f6:a6:9b:36:65:6f:
3e:18:3c:95:61:e2:56:bc:90:71:a7:35:3c:80:33:
e3:51:ab:3e:a9:59:bf:ec:cd:92:f5:2b:f5:7e:c5:
d5:92:b8:3f:2f:8d:5c:41:dd:0e:3a:eb:a5:59:27:
4e:69:41:35:e1:5a:a4:fc:36:2b:a1:96:55:7c:93:
0b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:72:CD:E6:A1:8D:11:59:32:4B:A5:6A:42:B6:74:D9:55:F8:79:A2
X509v3 Authority Key Identifier:
keyid:37:4C:C2:FF:D7:69:C1:8E:5E:6F:0D:FC:9A:0E:A7:4F:B3:F8:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N0zC_9dpwY5ebw38mg6nT7P4wQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/1-XLN5qGNEVkyS6VqQrZ02VX4eaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/24c5a3-2a31-4b85-840e-26806ec35c20/1/N0zC_9dpwY5ebw38mg6nT7P4wQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.236.152.0/21
146.88.232.0/21
185.22.108.0/22
185.221.180.0/22
209.16.158.0/24
Signature Algorithm: sha256WithRSAEncryption
09:09:4f:95:e4:4f:34:2c:e0:c8:a3:f2:a8:7b:1d:e6:f8:c2:
b6:8f:4b:93:ca:86:33:f8:3f:d1:80:da:82:78:43:10:8c:61:
c6:e8:c4:2f:37:74:32:72:2c:85:df:79:e8:7a:a9:42:f5:f6:
50:2f:55:4f:d3:f8:fd:50:06:29:84:c5:71:b8:51:9d:65:36:
15:65:c1:fa:a3:e1:7e:24:02:da:e6:f6:bf:e6:7f:24:d7:d7:
2a:1a:7d:27:e7:a6:5d:ed:7a:47:cd:a2:4f:8d:84:80:27:98:
87:af:05:59:85:f0:8a:63:a1:9d:f6:d0:01:33:86:9d:48:07:
5b:be:c6:d1:41:00:57:ae:bc:95:cc:b0:02:7c:51:0f:e7:23:
8b:be:e2:90:b5:8e:d8:3a:f1:51:3f:72:0a:b1:fc:47:ec:b6:
c5:5d:44:b3:e3:c6:75:1d:9e:df:8c:05:c4:5e:91:44:64:74:
3c:1b:92:d7:43:17:6c:b5:d6:fe:ee:bb:e6:b9:d0:41:42:25:
53:72:c7:2c:66:c7:62:03:b7:26:09:0d:c0:94:1c:20:08:d3:
32:5b:5a:db:72:f1:2c:0c:55:4f:b7:a5:3c:68:ec:d5:ca:ec:
0c:10:6b:f5:e9:fa:2d:0d:68:d3:e6:17:b4:53:af:a6:8e:74:
7c:bf:11:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY08fIu7IQcv5t+/1H7F3ItAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGNjMmZmZDc2OWMxOGU1ZTZmMGRmYzlhMGVhNzRmYjNm
OGMxMDgwHhcNMjQwMTI0MTcyMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTcyY2RlNmExOGQxMTU5MzI0YmE1NmE0MmI2NzRkOTU1Zjg3OWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFL/AMPSeqCaK9T8WDVed82aJBqn
sJSrmna9hjGROjco1gZkP8ZQtlGdcS5t8bnMJK/POv/qxP9IbuPm9YPuxUP0LvYz
Y1TttGKkpgMs/k66vbSjju7Ab1Rkj+5M0X2T+1d8scZqd1UyQgKY92bsxNUt45xM
8dNQgVrXv90M/K2nQtnqzUidaurW/9mPl3HqBzwiKmUanxy9ro8ZVWdm+M1Kj4Ai
1X67NXLFXpAio2KtrA4HS8A424fQN3f2pps2ZW8+GDyVYeJWvJBxpzU8gDPjUas+
qVm/7M2S9Sv1fsXVkrg/L41cQd0OOuulWSdOaUE14Vqk/DYroZZVfJML3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlyzeahjRFZMkulakK2dNlV+HmiMB8GA1UdIwQY
MBaAFDdMwv/XacGOXm8N/JoOp0+z+MEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjB6Q185ZHB3WTVlYnczOG1nNm5UN1A0d1FnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNGM1YTMtMmEzMS00Yjg1LTg0MGUt
MjY4MDZlYzM1YzIwLzEvMS1YTE41cUdORVZreVM2VnFRclowMlZYNGVhSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDYvMjRjNWEzLTJhMzEtNGI4NS04NDBlLTI2ODA2ZWMzNWMy
MC8xL04wekNfOWRwd1k1ZWJ3MzhtZzZuVDdQNHdRZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEA1XsmAME
A5JY6AMEArkWbAMEArndtAMEANEQnjANBgkqhkiG9w0BAQsFAAOCAQEACQlPleRP
NCzgyKPyqHsd5vjCto9Lk8qGM/g/0YDagnhDEIxhxujELzd0MnIshd956HqpQvX2
UC9VT9P4/VAGKYTFcbhRnWU2FWXB+qPhfiQC2ub2v+Z/JNfXKhp9J+emXe16R82i
T42EgCeYh68FWYXwimOhnfbQATOGnUgHW77G0UEAV668lcywAnxRD+cji77ikLWO
2DrxUT9yCrH8R+y2xV1Es+PGdR2e34wFxF6RRGR0PBuS10MXbLXW/u675rnQQUIl
U3LHLGbHYgO3JgkNwJQcIAjTMlta23LxLAxVT7elPGjs1crsDBBr9en6LQ1o0+YX
tFOvpo50fL8Rpg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:25:46 2024 by rpki-client on console-ams.rpki-client.org