Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/C7zpZN-1q0H_M_S_vpNYnlFGVTA.roa
File: C7zpZN-1q0H_M_S_vpNYnlFGVTA.roa (raw, json)
Hash identifier: epMhPon6PxtUyLTu/HBkF3J2cyCB/KYTILmUnDYVUrU=
Subject key identifier: 0B:BC:E9:64:DF:B5:AB:41:FF:33:F4:BF:BE:93:58:9E:51:46:55:30
Certificate issuer: /CN=70b190d6f89a434cce5cb8c0d4b38a1669defb59
Certificate serial: 018CCA29FDB8D83339AFDEEED98E3C0461E3
Authority key identifier: 70:B1:90:D6:F8:9A:43:4C:CE:5C:B8:C0:D4:B3:8A:16:69:DE:FB:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/C7zpZN-1q0H_M_S_vpNYnlFGVTA.roa
Signing time: Tue 02 Jan 2024 12:33:18 +0000
ROA not before: Tue 02 Jan 2024 12:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206331
IP address blocks: 185.229.183.0/24 maxlen: 24
185.229.181.0/24 maxlen: 24
185.229.182.0/24 maxlen: 24
185.229.180.0/24 maxlen: 24
185.189.111.0/24 maxlen: 24
185.189.108.0/24 maxlen: 24
2a0b:e481::/32 maxlen: 32
2a0b:e484::/32 maxlen: 32
2a0b:e485::/32 maxlen: 32
2a0b:e482::/32 maxlen: 32
2a0b:e480::/29 maxlen: 29
2a0b:e483::/32 maxlen: 32
2a0b:e487::/32 maxlen: 32
2a0b:e480::/32 maxlen: 32
2a0b:e486::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:fd:b8:d8:33:39:af:de:ee:d9:8e:3c:04:61:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70b190d6f89a434cce5cb8c0d4b38a1669defb59
Validity
Not Before: Jan 2 12:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bbce964dfb5ab41ff33f4bfbe93589e51465530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:56:8b:35:24:48:c8:bc:5a:d1:3e:d8:43:90:
59:a8:41:09:df:24:1f:40:81:8e:da:61:86:3d:7d:
84:2a:37:b8:f4:c3:e8:d2:e7:20:46:79:9b:5e:9e:
db:7e:39:12:e7:f4:e2:af:60:7d:04:51:68:68:0b:
5b:cf:aa:a3:ac:9d:a3:f3:29:fa:24:f5:d4:c9:8e:
25:ea:a6:8a:64:5a:42:26:5c:f7:ce:85:df:f8:94:
65:c4:0a:aa:0e:64:26:7e:11:aa:f1:bb:60:77:06:
e6:1d:6b:87:42:d9:d5:23:22:87:61:2c:3f:8f:64:
24:a2:fb:91:6c:44:89:fc:2c:b8:f4:69:dd:43:d8:
86:e5:91:d8:72:3f:dc:51:5d:b6:a5:d6:09:6f:71:
08:c2:b7:8f:0c:01:a2:61:b6:3c:6e:6b:27:43:61:
01:dd:69:80:b3:54:1a:ca:c5:b3:5c:a7:3a:6f:69:
13:4e:cc:f9:c6:38:c4:fc:b7:49:70:53:0d:f8:ca:
fe:38:5e:a1:fb:c6:64:79:8c:a4:9d:4b:16:00:38:
9d:fa:af:5f:eb:8e:ba:a8:e7:dd:2b:a6:f4:f7:7d:
6a:c9:ab:f9:dd:ac:1c:b1:16:23:f1:73:23:22:7d:
08:2a:34:28:38:3f:df:f4:1e:61:cf:de:ad:57:bd:
be:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:BC:E9:64:DF:B5:AB:41:FF:33:F4:BF:BE:93:58:9E:51:46:55:30
X509v3 Authority Key Identifier:
keyid:70:B1:90:D6:F8:9A:43:4C:CE:5C:B8:C0:D4:B3:8A:16:69:DE:FB:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/C7zpZN-1q0H_M_S_vpNYnlFGVTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.108.0/24
185.189.111.0/24
185.229.180.0/22
IPv6:
2a0b:e480::/29
Signature Algorithm: sha256WithRSAEncryption
2a:a5:39:20:1d:70:97:ff:c3:1c:b3:04:e1:35:25:ad:6e:9f:
93:ac:8b:c9:c5:fe:2e:b8:b5:a7:05:f9:65:55:10:7b:5b:84:
56:0e:61:fd:4d:55:44:4f:e9:2a:85:71:3f:46:28:14:c2:d9:
12:7a:0b:c9:ea:26:e4:ba:35:fd:95:43:68:d0:1b:8a:24:cc:
f2:97:fb:f8:cb:ef:09:9d:cc:52:22:32:e4:ff:b9:6b:4f:52:
b0:fa:05:e5:1c:22:4d:44:fd:e5:69:a8:4f:e7:de:80:26:b9:
90:e7:25:39:7f:71:b2:33:35:c1:fc:e6:22:d1:d4:25:bf:d1:
1c:8a:01:89:66:64:35:5a:96:26:61:fd:49:71:35:75:e5:83:
5c:fc:e3:a6:54:9e:f5:70:a8:b3:e1:47:0b:62:97:ac:d8:58:
9b:4d:04:02:24:0e:50:a4:26:c2:84:ef:f8:77:3f:23:51:fd:
47:cf:ee:16:66:90:d7:da:2d:89:de:01:ef:73:50:49:63:89:
80:4a:73:62:44:03:18:79:6d:ed:04:b0:75:1d:e6:57:1e:78:
f0:a9:2a:1f:e8:39:f7:ec:62:fd:bd:64:00:77:38:35:7e:b2:
5c:a0:df:0e:f2:a6:bb:01:cd:70:5e:20:94:74:0b:2d:30:8a:
09:64:7b:2b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKKf242DM5r97u2Y48BGHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjE5MGQ2Zjg5YTQzNGNjZTVjYjhjMGQ0YjM4YTE2Njlk
ZWZiNTkwHhcNMjQwMTAyMTIzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmJjZTk2NGRmYjVhYjQxZmYzM2Y0YmZiZTkzNTg5ZTUxNDY1NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VaLNSRIyLxa0T7YQ5BZqEEJ3yQf
QIGO2mGGPX2EKje49MPo0ucgRnmbXp7bfjkS5/Tir2B9BFFoaAtbz6qjrJ2j8yn6
JPXUyY4l6qaKZFpCJlz3zoXf+JRlxAqqDmQmfhGq8btgdwbmHWuHQtnVIyKHYSw/
j2QkovuRbESJ/Cy49GndQ9iG5ZHYcj/cUV22pdYJb3EIwrePDAGiYbY8bmsnQ2EB
3WmAs1QaysWzXKc6b2kTTsz5xjjE/LdJcFMN+Mr+OF6h+8ZkeYyknUsWADid+q9f
6466qOfdK6b0931qyav53awcsRYj8XMjIn0IKjQoOD/f9B5hz96tV72+0wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAu86WTftatB/zP0v76TWJ5RRlUwMB8GA1UdIwQY
MBaAFHCxkNb4mkNMzly4wNSzihZp3vtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xHUTF2aWFRMHpPWExqQTFMT0tGbW5lLTFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yM2RjNjEtN2U5ZC00MGIzLTkxYjYt
NDZiZDdkNzk0ZmI2LzEvQzd6cFpOLTFxMEhfTV9TX3ZwTllubEZHVlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yM2RjNjEtN2U5ZC00MGIzLTkxYjYtNDZiZDdkNzk0ZmI2
LzEvY0xHUTF2aWFRMHpPWExqQTFMT0tGbW5lLTFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAub1sAwQA
ub1vAwQCueW0MA0EAgACMAcDBQMqC+SAMA0GCSqGSIb3DQEBCwUAA4IBAQAqpTkg
HXCX/8McswThNSWtbp+TrIvJxf4uuLWnBfllVRB7W4RWDmH9TVVET+kqhXE/RigU
wtkSegvJ6ibkujX9lUNo0BuKJMzyl/v4y+8JncxSIjLk/7lrT1Kw+gXlHCJNRP3l
aahP596AJrmQ5yU5f3GyMzXB/OYi0dQlv9EcigGJZmQ1WpYmYf1JcTV15YNc/OOm
VJ71cKiz4UcLYpes2FibTQQCJA5QpCbChO/4dz8jUf1Hz+4WZpDX2i2J3gHvc1BJ
Y4mASnNiRAMYeW3tBLB1HeZXHnjwqSof6Dn37GL9vWQAdzg1frJcoN8O8qa7Ac1w
XiCUdAstMIoJZHsr
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:27 2024 by rpki-client on console-fra.rpki-client.org