Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/c0XU94hSEsi5LjZjnp3xxTOqT7g.roa
File: c0XU94hSEsi5LjZjnp3xxTOqT7g.roa (raw, json)
Hash identifier: +JL5VPkCu/i8ZQjRSZcoomRj8L3Mt8nxLle45N3GEKo=
Subject key identifier: 73:45:D4:F7:88:52:12:C8:B9:2E:36:63:9E:9D:F1:C5:33:AA:4F:B8
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 018D60F26A82F724128F8BDF24345EC78139
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/c0XU94hSEsi5LjZjnp3xxTOqT7g.roa
Signing time: Wed 31 Jan 2024 19:15:16 +0000
ROA not before: Wed 31 Jan 2024 19:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206892
IP address blocks: 45.95.44.0/22 maxlen: 24
94.199.178.0/23 maxlen: 24
94.199.179.0/24 maxlen: 24
95.140.32.0/24 maxlen: 24
95.140.38.0/23 maxlen: 24
185.161.72.0/22 maxlen: 24
185.199.28.0/22 maxlen: 24
185.234.181.0/24 maxlen: 24
185.234.182.0/23 maxlen: 24
194.39.44.0/22 maxlen: 24
195.200.232.0/23 maxlen: 24
2a07:c280::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:60:f2:6a:82:f7:24:12:8f:8b:df:24:34:5e:c7:81:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Jan 31 19:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7345d4f7885212c8b92e36639e9df1c533aa4fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:39:6a:5e:d1:e7:c9:89:c4:1c:d8:1b:bf:d7:
78:73:fd:b3:23:bb:48:f7:37:3f:a6:d1:82:a1:aa:
09:db:05:33:92:54:f5:6d:ee:89:92:c8:fd:8b:c8:
e2:77:7f:a7:da:a0:99:20:c7:14:d1:9e:c9:18:f2:
60:c5:36:b8:3a:cb:76:b2:32:82:8d:62:ad:ac:f0:
f3:82:2c:e0:1b:0c:21:1f:45:78:cb:54:70:36:bc:
e9:fd:7d:be:9a:df:1d:7a:13:02:95:01:77:b5:21:
16:ee:06:ce:bc:f8:bb:4e:de:02:23:42:35:68:1a:
96:8a:f4:3f:d1:ae:59:48:21:c2:13:63:2d:6b:f4:
d5:4c:cb:0b:28:7f:6d:64:83:1a:af:c3:78:4d:b9:
38:57:4c:7d:46:cb:bd:9f:45:76:ca:16:ab:82:26:
14:ed:68:0b:87:74:34:19:d1:b6:bc:0d:e8:a6:09:
0e:e4:36:55:7c:c3:95:0d:ff:ed:75:0e:35:7e:38:
ae:a3:20:7a:8b:7e:ed:05:62:63:67:d7:1e:65:17:
63:27:96:00:53:b5:e2:54:f9:ee:46:4e:9d:64:7e:
21:67:20:6e:14:d2:98:55:0f:a9:56:d2:ae:2e:0e:
c8:c9:2d:2e:03:a6:29:31:80:5e:93:a0:1a:61:01:
2c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:45:D4:F7:88:52:12:C8:B9:2E:36:63:9E:9D:F1:C5:33:AA:4F:B8
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/c0XU94hSEsi5LjZjnp3xxTOqT7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.44.0/22
94.199.178.0/23
95.140.32.0/24
95.140.38.0/23
185.161.72.0/22
185.199.28.0/22
185.234.181.0-185.234.183.255
194.39.44.0/22
195.200.232.0/23
IPv6:
2a07:c280::/32
Signature Algorithm: sha256WithRSAEncryption
74:fc:fa:70:4b:45:da:31:50:0f:f1:e3:00:eb:c9:3a:b6:42:
79:68:ac:d1:fe:1d:f7:0a:e5:f8:78:f0:d3:ee:ae:53:c4:52:
8b:69:de:08:4c:87:69:08:e0:57:50:22:6e:5a:2c:87:65:8d:
b3:84:be:6b:dc:50:59:f8:7a:f0:05:53:2e:89:f4:3d:23:ea:
94:1a:31:d0:58:75:a6:1b:8a:85:2b:31:d3:ca:da:16:41:9a:
a4:83:83:1d:0e:d2:c9:b3:7a:3d:72:86:83:62:66:64:22:0a:
1d:08:42:ec:8d:c1:37:5b:e5:cb:94:8f:3a:9c:01:17:2e:03:
ff:12:0c:a5:69:2a:11:46:57:08:cd:83:85:57:6f:2d:dd:cc:
8e:2d:8c:a9:c8:d8:0c:c5:56:46:bc:49:73:bd:ef:b1:30:82:
e3:85:b8:fc:bb:d7:ad:c3:98:dc:a3:19:4c:c9:09:b3:5c:7b:
cf:4c:1a:78:91:b8:51:f0:12:80:33:cf:f8:df:17:be:be:65:
92:63:bd:29:69:01:d7:ee:b7:c4:dc:d9:0f:b1:1a:dc:13:bf:
3a:99:c3:5e:bb:68:70:22:02:6f:eb:a6:ba:c1:bd:75:8e:54:
1d:01:29:d1:9d:c2:89:f1:16:6a:be:dc:09:ba:b3:db:67:48:
c1:e4:2b:b4
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY1g8mqC9yQSj4vfJDRex4E5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjQwMTMxMTkxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQ1ZDRmNzg4NTIxMmM4YjkyZTM2NjM5ZTlkZjFjNTMzYWE0ZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzlqXtHnyYnEHNgbv9d4c/2zI7tI
9zc/ptGCoaoJ2wUzklT1be6Jksj9i8jid3+n2qCZIMcU0Z7JGPJgxTa4Ost2sjKC
jWKtrPDzgizgGwwhH0V4y1RwNrzp/X2+mt8dehMClQF3tSEW7gbOvPi7Tt4CI0I1
aBqWivQ/0a5ZSCHCE2Mta/TVTMsLKH9tZIMar8N4Tbk4V0x9Rsu9n0V2yhargiYU
7WgLh3Q0GdG2vA3opgkO5DZVfMOVDf/tdQ41fjiuoyB6i37tBWJjZ9ceZRdjJ5YA
U7XiVPnuRk6dZH4hZyBuFNKYVQ+pVtKuLg7IyS0uA6YpMYBek6AaYQEsCwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFHNF1PeIUhLIuS42Y56d8cUzqk+4MB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvYzBYVTk0aFNFc2k1TGpaam5wM3h4VE9xVDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCLV8sAwQB
XseyAwQAX4wgAwQBX4wmAwQCuaFIAwQCucccMAwDBAC56rUDBAO56rADBALCJywD
BAHDyOgwDQQCAAIwBwMFACoHwoAwDQYJKoZIhvcNAQELBQADggEBAHT8+nBLRdox
UA/x4wDryTq2QnlorNH+HfcK5fh48NPurlPEUotp3ghMh2kI4FdQIm5aLIdljbOE
vmvcUFn4evAFUy6J9D0j6pQaMdBYdaYbioUrMdPK2hZBmqSDgx0O0smzej1yhoNi
ZmQiCh0IQuyNwTdb5cuUjzqcARcuA/8SDKVpKhFGVwjNg4VXby3dzI4tjKnI2AzF
Vka8SXO977EwguOFuPy7163DmNyjGUzJCbNce89MGniRuFHwEoAzz/jfF76+ZZJj
vSlpAdfut8Tc2Q+xGtwTvzqZw167aHAiAm/rprrBvXWOVB0BKdGdwonxFmq+3Am6
s9tnSMHkK7Q=
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:01:49 2024 by rpki-client on console-fra.rpki-client.org