Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/RNnQuS8DiVDElTOjHJ54EQ7Qfhs.roa
File: RNnQuS8DiVDElTOjHJ54EQ7Qfhs.roa (raw, json)
Hash identifier: S7daPWscsZjPCZGVxwKhi9pcQEnMxU38KlU8FVP7jGY=
Subject key identifier: 44:D9:D0:B9:2F:03:89:50:C4:95:33:A3:1C:9E:78:11:0E:D0:7E:1B
Certificate issuer: /CN=c54eac151ffa9e997aa2ee60f3b38132deccd49c
Certificate serial: 018CC56ED39546CFA92F7541B98969DF86F1
Authority key identifier: C5:4E:AC:15:1F:FA:9E:99:7A:A2:EE:60:F3:B3:81:32:DE:CC:D4:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xU6sFR_6npl6ou5g87OBMt7M1Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/RNnQuS8DiVDElTOjHJ54EQ7Qfhs.roa
Signing time: Mon 01 Jan 2024 14:30:23 +0000
ROA not before: Mon 01 Jan 2024 14:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35617
IP address blocks: 185.225.128.0/22 maxlen: 24
109.239.240.0/20 maxlen: 24
85.204.42.0/24 maxlen: 24
212.81.60.0/22 maxlen: 24
86.104.135.0/24 maxlen: 24
178.132.88.0/21 maxlen: 24
185.59.132.0/22 maxlen: 24
2a04:e240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/xU6sFR_6npl6ou5g87OBMt7M1Jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/xU6sFR_6npl6ou5g87OBMt7M1Jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/xU6sFR_6npl6ou5g87OBMt7M1Jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d3:95:46:cf:a9:2f:75:41:b9:89:69:df:86:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c54eac151ffa9e997aa2ee60f3b38132deccd49c
Validity
Not Before: Jan 1 14:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44d9d0b92f038950c49533a31c9e78110ed07e1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:bf:15:44:56:83:2c:88:9d:02:59:e7:34:01:
9b:57:01:46:26:7e:88:e3:fb:2e:33:67:fa:82:6d:
be:19:ca:c2:3a:c9:45:47:dd:e1:0f:61:d0:5c:1e:
3e:37:24:fb:ac:c5:36:34:56:93:61:a8:81:f7:b3:
90:a3:9c:16:bd:35:6e:6b:6b:b7:8c:35:b2:31:8a:
0c:01:c0:d0:88:65:26:02:48:d7:3c:f0:91:c9:3d:
11:5f:dc:d7:1e:be:8e:57:5a:e9:3b:ec:b8:b2:dd:
b5:82:0d:81:6d:05:12:a5:81:f4:97:dc:30:03:0d:
b3:d4:46:3c:62:03:60:ae:4f:9a:32:32:b1:ab:2b:
1a:0e:64:2e:58:3a:59:1c:21:c9:b0:d8:61:cc:da:
c1:ae:64:08:a5:b5:fc:26:99:cd:dd:fc:61:f6:9b:
6f:c6:e2:07:9b:42:07:a4:10:69:c5:08:c9:bb:51:
9f:96:40:cb:a9:9b:2d:3a:90:b4:f4:fc:8e:b8:7a:
f9:4a:f3:b6:31:ad:3c:a5:f8:cd:7b:d2:7b:83:d7:
41:78:44:01:6d:93:54:30:76:34:8b:5e:3e:d6:58:
64:1c:d6:fc:1f:7d:f4:5f:dc:8a:a5:21:69:7c:f5:
09:fc:10:da:0a:46:2a:a4:8b:14:dc:90:c7:96:1e:
a2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:D9:D0:B9:2F:03:89:50:C4:95:33:A3:1C:9E:78:11:0E:D0:7E:1B
X509v3 Authority Key Identifier:
keyid:C5:4E:AC:15:1F:FA:9E:99:7A:A2:EE:60:F3:B3:81:32:DE:CC:D4:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xU6sFR_6npl6ou5g87OBMt7M1Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/RNnQuS8DiVDElTOjHJ54EQ7Qfhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/xU6sFR_6npl6ou5g87OBMt7M1Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.42.0/24
86.104.135.0/24
109.239.240.0/20
178.132.88.0/21
185.59.132.0/22
185.225.128.0/22
212.81.60.0/22
IPv6:
2a04:e240::/29
Signature Algorithm: sha256WithRSAEncryption
3e:80:4e:07:05:c6:fb:67:2a:d2:8a:a4:78:05:ae:9b:57:c0:
f7:2b:ac:14:02:be:52:04:5e:dd:9b:37:51:df:c1:e6:d8:cf:
3e:c2:2c:e8:f6:24:b4:f4:e4:e5:3d:9f:4c:54:c9:20:39:74:
9f:c6:35:63:1a:d9:ef:45:65:c1:cd:2c:bc:d2:ad:39:04:63:
4a:65:56:ac:fd:9e:e0:ab:63:6c:c0:d8:41:73:13:a2:1a:c7:
ed:0d:86:3f:99:1a:2d:ac:7d:ac:7c:70:47:0c:14:ed:0b:0a:
dd:fe:57:88:46:be:03:f4:3e:b4:2d:9d:95:6b:2a:7d:a2:b8:
33:ad:80:fb:d3:20:23:d9:36:e4:28:5c:75:c7:4c:3e:7a:63:
d8:f9:38:13:ef:e3:b6:78:e3:f2:49:d0:1d:d4:3d:e0:50:5a:
bb:03:09:e6:cc:8c:94:20:e9:b6:d9:23:54:8a:8a:22:db:5e:
25:7f:74:57:72:2a:8a:02:52:ce:6d:64:91:22:e8:06:f5:74:
7c:eb:90:e8:cf:8f:23:ac:7c:fe:ac:dd:49:6e:6c:01:f6:db:
dd:af:2b:74:32:bd:2a:7a:ba:b5:20:7a:ba:52:41:51:97:d3:
2b:f0:5b:4c:1b:80:21:5c:80:51:75:e1:a8:37:6c:7d:61:bb:
0f:c6:0a:3a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFbtOVRs+pL3VBuYlp34bxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NGVhYzE1MWZmYTllOTk3YWEyZWU2MGYzYjM4MTMyZGVj
Y2Q0OWMwHhcNMjQwMTAxMTQzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGQ5ZDBiOTJmMDM4OTUwYzQ5NTMzYTMxYzllNzgxMTBlZDA3ZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir8VRFaDLIidAlnnNAGbVwFGJn6I
4/suM2f6gm2+GcrCOslFR93hD2HQXB4+NyT7rMU2NFaTYaiB97OQo5wWvTVua2u3
jDWyMYoMAcDQiGUmAkjXPPCRyT0RX9zXHr6OV1rpO+y4st21gg2BbQUSpYH0l9ww
Aw2z1EY8YgNgrk+aMjKxqysaDmQuWDpZHCHJsNhhzNrBrmQIpbX8JpnN3fxh9ptv
xuIHm0IHpBBpxQjJu1GflkDLqZstOpC09PyOuHr5SvO2Ma08pfjNe9J7g9dBeEQB
bZNUMHY0i14+1lhkHNb8H330X9yKpSFpfPUJ/BDaCkYqpIsU3JDHlh6iDwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFETZ0LkvA4lQxJUzoxyeeBEO0H4bMB8GA1UdIwQY
MBaAFMVOrBUf+p6ZeqLuYPOzgTLezNScMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFU2c0ZSXzZucGw2b3U1Zzg3T0JNdDdNMUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8wNDlkNmQtYmM0ZS00Y2ZiLWJhMWUt
NzczYzkxYTI4MTAwLzEvUk5uUXVTOERpVkRFbFRPakhKNTRFUTdRZmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8wNDlkNmQtYmM0ZS00Y2ZiLWJhMWUtNzczYzkxYTI4MTAw
LzEveFU2c0ZSXzZucGw2b3U1Zzg3T0JNdDdNMUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAVcwqAwQA
VmiHAwQEbe/wAwQDsoRYAwQCuTuEAwQCueGAAwQC1FE8MA0EAgACMAcDBQMqBOJA
MA0GCSqGSIb3DQEBCwUAA4IBAQA+gE4HBcb7ZyrSiqR4Ba6bV8D3K6wUAr5SBF7d
mzdR38Hm2M8+wizo9iS09OTlPZ9MVMkgOXSfxjVjGtnvRWXBzSy80q05BGNKZVas
/Z7gq2NswNhBcxOiGsftDYY/mRotrH2sfHBHDBTtCwrd/leIRr4D9D60LZ2Vayp9
orgzrYD70yAj2TbkKFx1x0w+emPY+TgT7+O2eOPySdAd1D3gUFq7AwnmzIyUIOm2
2SNUiooi214lf3RXciqKAlLObWSRIugG9XR865Doz48jrHz+rN1JbmwB9tvdryt0
Mr0qerq1IHq6UkFRl9Mr8FtMG4AhXIBRdeGoN2x9YbsPxgo6
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:13:40 2024 by rpki-client on console-ams.rpki-client.org