Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/V1ItKE1glt5tcMViL9359ujGnQY.roa
File: V1ItKE1glt5tcMViL9359ujGnQY.roa (raw, json)
Hash identifier: rrHzpsCAzsUeNIwz19x4BUeYERHIp7ER0GcavbEaAas=
Subject key identifier: 57:52:2D:28:4D:60:96:DE:6D:70:C5:62:2F:DD:F9:F6:E8:C6:9D:06
Certificate issuer: /CN=94db4b1e9ed68bb5c33228ae30e9cdd252b32fb8
Certificate serial: 018CC8DF50CB8551CF075C83538C1F49362D
Authority key identifier: 94:DB:4B:1E:9E:D6:8B:B5:C3:32:28:AE:30:E9:CD:D2:52:B3:2F:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/V1ItKE1glt5tcMViL9359ujGnQY.roa
Signing time: Tue 02 Jan 2024 06:32:07 +0000
ROA not before: Tue 02 Jan 2024 06:32:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35366
IP address blocks: 81.7.0.0/18 maxlen: 19
185.2.8.0/22 maxlen: 23
84.23.64.0/19 maxlen: 20
81.89.96.0/20 maxlen: 21
85.31.184.0/21 maxlen: 23
91.143.80.0/20 maxlen: 21
2a02:180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:50:cb:85:51:cf:07:5c:83:53:8c:1f:49:36:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94db4b1e9ed68bb5c33228ae30e9cdd252b32fb8
Validity
Not Before: Jan 2 06:32:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57522d284d6096de6d70c5622fddf9f6e8c69d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3b:b2:47:60:d0:1c:98:0a:c8:74:0b:e7:db:
99:24:de:04:1a:e6:c0:17:15:2e:96:a8:b5:44:6d:
94:1d:a3:0b:34:9f:fb:3c:0c:9a:33:c5:f0:ad:b0:
27:9c:a9:fa:45:37:a0:71:58:e9:31:15:c8:75:a5:
9d:85:dc:b4:d6:be:4b:5c:ef:83:99:e6:2d:29:d6:
08:7b:cd:47:08:97:5c:54:94:5a:d1:4b:f6:d2:3a:
61:b5:01:b9:06:57:f0:6a:c9:0d:17:15:2f:57:9a:
4e:85:ed:43:af:ae:4b:7a:1c:87:ae:2a:92:32:4a:
f7:1d:12:e4:a0:b3:be:80:ff:09:9e:9c:9f:20:03:
6a:0d:26:44:da:03:28:fc:12:5f:6e:bb:97:e9:c5:
8a:17:7b:74:37:a9:be:f7:dc:83:f6:c6:65:fd:d7:
a8:f9:81:8e:0f:7f:5c:f8:ce:f5:81:29:c4:f4:53:
a2:83:22:40:f1:50:4d:bf:15:38:2b:00:27:ae:4a:
5c:7b:e9:d4:99:ec:6a:8b:89:bd:27:02:5c:c6:ac:
a9:68:d7:1e:85:0e:08:ee:bf:1a:fd:f4:af:3a:f5:
65:5a:04:c9:28:73:35:22:dc:09:4d:ea:70:50:5a:
56:77:18:67:43:b6:59:9b:73:5d:0d:c1:4e:2f:06:
c5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:52:2D:28:4D:60:96:DE:6D:70:C5:62:2F:DD:F9:F6:E8:C6:9D:06
X509v3 Authority Key Identifier:
keyid:94:DB:4B:1E:9E:D6:8B:B5:C3:32:28:AE:30:E9:CD:D2:52:B3:2F:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/V1ItKE1glt5tcMViL9359ujGnQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/20f805-df63-4631-99bd-a256177739c6/1/lNtLHp7Wi7XDMiiuMOnN0lKzL7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.7.0.0/18
81.89.96.0/20
84.23.64.0/19
85.31.184.0/21
91.143.80.0/20
185.2.8.0/22
IPv6:
2a02:180::/32
Signature Algorithm: sha256WithRSAEncryption
8e:1c:58:43:63:30:fb:5f:b8:28:60:08:43:6c:b4:b7:1a:11:
75:1d:26:c4:52:0c:6c:91:eb:79:47:4d:c2:50:db:c7:fd:3a:
ff:17:cd:c5:9e:4c:cc:c2:42:88:8b:f1:c3:08:7b:b0:39:84:
ff:0f:a8:5d:1b:d8:94:21:13:7f:8d:23:aa:8d:45:2f:d7:d0:
e0:13:36:5c:e4:ea:66:95:68:a0:99:d6:df:5b:57:b9:a5:e6:
ab:8a:fa:00:94:4c:34:29:d0:2d:0b:98:79:a5:f7:d6:63:21:
40:06:9b:ed:9c:3f:99:6d:de:66:a7:b5:0a:ab:f1:00:95:0a:
da:b9:ab:fa:ad:e4:ea:9e:39:41:ec:8e:46:ad:c5:32:26:46:
04:38:25:a3:96:0c:6b:24:17:d5:6f:9e:04:38:2f:35:49:4a:
ec:58:30:66:f4:fa:10:b2:a3:de:74:88:39:68:88:5f:02:d0:
21:e1:bc:d4:4d:b9:69:85:55:97:ff:2d:86:f6:a6:73:f2:a6:
e7:6c:d6:03:83:dc:51:77:15:fe:e2:70:a3:0f:7d:83:4a:dc:
9b:95:b6:13:83:86:48:61:b6:be:fe:5b:1c:0a:90:18:40:93:
79:c0:f6:fc:c7:32:94:c4:ac:46:2a:96:3d:2f:de:68:7b:bb:
b9:02:67:c6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzI31DLhVHPB1yDU4wfSTYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZGI0YjFlOWVkNjhiYjVjMzMyMjhhZTMwZTljZGQyNTJi
MzJmYjgwHhcNMjQwMTAyMDYzMjA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzUyMmQyODRkNjA5NmRlNmQ3MGM1NjIyZmRkZjlmNmU4YzY5ZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDuyR2DQHJgKyHQL59uZJN4EGubA
FxUulqi1RG2UHaMLNJ/7PAyaM8XwrbAnnKn6RTegcVjpMRXIdaWdhdy01r5LXO+D
meYtKdYIe81HCJdcVJRa0Uv20jphtQG5BlfwaskNFxUvV5pOhe1Dr65LehyHriqS
Mkr3HRLkoLO+gP8JnpyfIANqDSZE2gMo/BJfbruX6cWKF3t0N6m+99yD9sZl/deo
+YGOD39c+M71gSnE9FOigyJA8VBNvxU4KwAnrkpce+nUmexqi4m9JwJcxqypaNce
hQ4I7r8a/fSvOvVlWgTJKHM1ItwJTepwUFpWdxhnQ7ZZm3NdDcFOLwbFBwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFdSLShNYJbebXDFYi/d+fboxp0GMB8GA1UdIwQY
MBaAFJTbSx6e1ou1wzIorjDpzdJSsy+4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE50TEhwN1dpN1hETWlpdU1Pbk4wbEt6TDdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yMGY4MDUtZGY2My00NjMxLTk5YmQt
YTI1NjE3NzczOWM2LzEvVjFJdEtFMWdsdDV0Y01WaUw5MzU5dWpHblFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yMGY4MDUtZGY2My00NjMxLTk5YmQtYTI1NjE3NzczOWM2
LzEvbE50TEhwN1dpN1hETWlpdU1Pbk4wbEt6TDdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGUQcAAwQE
UVlgAwQFVBdAAwQDVR+4AwQEW49QAwQCuQIIMA0EAgACMAcDBQAqAgGAMA0GCSqG
SIb3DQEBCwUAA4IBAQCOHFhDYzD7X7goYAhDbLS3GhF1HSbEUgxsket5R03CUNvH
/Tr/F83FnkzMwkKIi/HDCHuwOYT/D6hdG9iUIRN/jSOqjUUv19DgEzZc5OpmlWig
mdbfW1e5pearivoAlEw0KdAtC5h5pffWYyFABpvtnD+Zbd5mp7UKq/EAlQrauav6
reTqnjlB7I5GrcUyJkYEOCWjlgxrJBfVb54EOC81SUrsWDBm9PoQsqPedIg5aIhf
AtAh4bzUTblphVWX/y2G9qZz8qbnbNYDg9xRdxX+4nCjD32DStyblbYTg4ZIYba+
/lscCpAYQJN5wPb8xzKUxKxGKpY9L95oe7u5AmfG
-----END CERTIFICATE-----
Generated at Fri Jun 7 12:56:14 2024 by rpki-client on console-ams.rpki-client.org