Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/rQazSabJpfOzYJR3Eyfd-l3Qhsw.roa
File: rQazSabJpfOzYJR3Eyfd-l3Qhsw.roa (raw, json)
Hash identifier: /RsJvbxEzpKVqgaoSerivbBNz00gKw0T9+DqcgmvkLk=
Subject key identifier: AD:06:B3:49:A6:C9:A5:F3:B3:60:94:77:13:27:DD:FA:5D:D0:86:CC
Certificate issuer: /CN=63d92b8256159894d2b9b25f4d85986c172723c3
Certificate serial: 018CC501569B031C619F300B0E9BEA5B9CCC
Authority key identifier: 63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/rQazSabJpfOzYJR3Eyfd-l3Qhsw.roa
Signing time: Mon 01 Jan 2024 12:30:48 +0000
ROA not before: Mon 01 Jan 2024 12:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29033
IP address blocks: 81.20.32.0/20 maxlen: 20
81.20.41.0/24 maxlen: 24
81.20.40.0/24 maxlen: 24
185.129.176.0/22 maxlen: 22
2a00:1fd0:ecc1::/48 maxlen: 48
2a00:1fd0:ecc2::/48 maxlen: 48
2a00:1fd0:ae00::/40 maxlen: 48
2a00:1fd0:ec00::/48 maxlen: 48
2a00:1fd0:ecc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:56:9b:03:1c:61:9f:30:0b:0e:9b:ea:5b:9c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d92b8256159894d2b9b25f4d85986c172723c3
Validity
Not Before: Jan 1 12:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad06b349a6c9a5f3b36094771327ddfa5dd086cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9f:f2:f6:da:19:6f:2c:34:7b:89:3e:6b:c4:
12:d5:84:b2:e5:fb:a0:72:03:72:cc:cc:a1:a9:b4:
91:7f:bd:6a:69:7a:fe:e7:ed:cc:0c:ff:18:f5:bf:
b6:c7:a7:7f:a0:54:64:f6:5c:ef:b3:14:12:89:82:
89:b9:cf:d4:5f:73:ed:f8:4e:13:17:1d:cb:d4:33:
67:a5:6d:9a:4e:53:2b:09:ed:eb:c9:5a:e6:ef:bb:
7a:19:89:a8:7f:b6:a3:c7:a2:ff:38:f1:b7:f4:fd:
d4:33:bf:4d:a0:3b:8a:c4:ee:a5:31:f4:01:fd:a7:
b5:a8:db:92:f2:1b:0f:b9:bd:5e:18:27:1b:be:83:
ab:4e:a0:66:8b:5f:ce:15:ca:40:c9:d2:14:94:d0:
bb:d3:6d:23:ce:75:b9:1a:97:9a:46:77:32:90:2b:
88:4a:10:e0:28:b3:fd:4e:53:dc:c7:68:2b:d7:e8:
c9:dd:14:fd:77:65:fb:f3:ea:a9:52:32:73:35:62:
8f:86:b1:45:a1:04:c8:43:94:62:1d:f2:aa:c9:69:
ce:fa:b4:20:c9:00:7b:86:78:b7:8f:57:a2:c2:98:
80:f9:90:4b:1f:62:38:f9:93:e3:6a:11:24:28:82:
70:06:4e:5e:f3:4b:17:1f:d8:68:ee:0f:44:95:96:
cb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:06:B3:49:A6:C9:A5:F3:B3:60:94:77:13:27:DD:FA:5D:D0:86:CC
X509v3 Authority Key Identifier:
keyid:63:D9:2B:82:56:15:98:94:D2:B9:B2:5F:4D:85:98:6C:17:27:23:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9krglYVmJTSubJfTYWYbBcnI8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/rQazSabJpfOzYJR3Eyfd-l3Qhsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/26d917-8c91-45ab-8442-e4e52ac0fefe/1/Y9krglYVmJTSubJfTYWYbBcnI8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.20.32.0/20
185.129.176.0/22
IPv6:
2a00:1fd0:ae00::/40
2a00:1fd0:ec00::/48
2a00:1fd0:ecc0::-2a00:1fd0:ecc2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0e:fa:bf:59:cd:b8:fd:80:d0:67:da:31:e6:be:12:03:d3:06:
9b:99:a7:30:32:86:31:ec:3c:15:b8:cf:d3:67:a5:a1:1b:a4:
83:eb:96:2a:32:05:fc:e0:93:1a:b9:90:17:90:46:fe:c8:45:
d7:96:06:0a:13:bb:be:04:cb:e9:a9:19:69:52:41:03:3c:90:
3e:f8:7a:e4:3a:98:b7:f1:7c:5b:2f:8c:3a:0e:39:b0:1c:eb:
16:ea:56:d5:49:76:3c:a8:ff:6c:80:7c:76:55:25:9d:3c:e6:
1d:5a:8c:28:b9:82:05:f3:9b:32:73:e2:5e:28:6c:56:34:6a:
c0:e9:09:be:46:f2:a5:a2:1b:96:da:94:e0:3b:88:b0:70:6c:
4e:09:34:67:45:30:d4:dd:86:c6:72:1f:65:15:b7:bd:4f:f9:
a0:a6:b2:01:3f:22:c3:7c:93:30:c3:1f:2a:61:86:cb:28:8e:
db:cb:df:5f:15:ca:bd:6e:1c:a9:53:bc:46:0a:34:b1:37:75:
89:8d:bc:5a:8b:1f:3d:98:12:2b:b6:fa:8f:f8:72:71:c4:dd:
60:13:dc:3a:b0:13:be:9d:71:d8:5a:c9:b2:b5:8a:aa:12:13:
ed:51:d6:a0:be:71:37:ef:be:6a:c3:84:4f:29:32:34:31:36:
2a:a2:83:c3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFAVabAxxhnzALDpvqW5zMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDkyYjgyNTYxNTk4OTRkMmI5YjI1ZjRkODU5ODZjMTcy
NzIzYzMwHhcNMjQwMTAxMTIzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDA2YjM0OWE2YzlhNWYzYjM2MDk0NzcxMzI3ZGRmYTVkZDA4NmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ/y9toZbyw0e4k+a8QS1YSy5fug
cgNyzMyhqbSRf71qaXr+5+3MDP8Y9b+2x6d/oFRk9lzvsxQSiYKJuc/UX3Pt+E4T
Fx3L1DNnpW2aTlMrCe3ryVrm77t6GYmof7ajx6L/OPG39P3UM79NoDuKxO6lMfQB
/ae1qNuS8hsPub1eGCcbvoOrTqBmi1/OFcpAydIUlNC7020jznW5GpeaRncykCuI
ShDgKLP9TlPcx2gr1+jJ3RT9d2X78+qpUjJzNWKPhrFFoQTIQ5RiHfKqyWnO+rQg
yQB7hni3j1eiwpiA+ZBLH2I4+ZPjahEkKIJwBk5e80sXH9ho7g9ElZbLUQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFK0Gs0mmyaXzs2CUdxMn3fpd0IbMMB8GA1UdIwQY
MBaAFGPZK4JWFZiU0rmyX02FmGwXJyPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDIt
ZTRlNTJhYzBmZWZlLzEvclFhelNhYkpwZk96WUpSM0V5ZmQtbDNRaHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNmQ5MTctOGM5MS00NWFiLTg0NDItZTRlNTJhYzBmZWZl
LzEvWTlrcmdsWVZtSlRTdWJKZlRZV1liQmNuSThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTASBAIAATAMAwQEURQgAwQC
uYGwMCsEAgACMCUDBgAqAB/QrgMHACoAH9DsADASAwcGKgAf0OzAAwcAKgAf0OzC
MA0GCSqGSIb3DQEBCwUAA4IBAQAO+r9Zzbj9gNBn2jHmvhID0wabmacwMoYx7DwV
uM/TZ6WhG6SD65YqMgX84JMauZAXkEb+yEXXlgYKE7u+BMvpqRlpUkEDPJA++Hrk
Opi38XxbL4w6DjmwHOsW6lbVSXY8qP9sgHx2VSWdPOYdWowouYIF85syc+JeKGxW
NGrA6Qm+RvKlohuW2pTgO4iwcGxOCTRnRTDU3YbGch9lFbe9T/mgprIBPyLDfJMw
wx8qYYbLKI7by99fFcq9bhypU7xGCjSxN3WJjbxaix89mBIrtvqP+HJxxN1gE9w6
sBO+nXHYWsmytYqqEhPtUdagvnE3775qw4RPKTI0MTYqooPD
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:39:30 2024 by rpki-client on console-fra.rpki-client.org