Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/ti6o4U6sQAzOF6swbnDz8P8xVIY.roa
File: ti6o4U6sQAzOF6swbnDz8P8xVIY.roa (raw, json)
Hash identifier: sSKtaSrgo2SWnr49EXRKx1tSkYbiD2v2j+JYded+grk=
Subject key identifier: B6:2E:A8:E1:4E:AC:40:0C:CE:17:AB:30:6E:70:F3:F0:FF:31:54:86
Certificate issuer: /CN=a600fc96404289ac58b61047ddf862187f5ab27e
Certificate serial: 018CC5013F850EB198C1ECBA44ACD40B029B
Authority key identifier: A6:00:FC:96:40:42:89:AC:58:B6:10:47:DD:F8:62:18:7F:5A:B2:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgD8lkBCiaxYthBH3fhiGH9asn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/ti6o4U6sQAzOF6swbnDz8P8xVIY.roa
Signing time: Mon 01 Jan 2024 12:30:42 +0000
ROA not before: Mon 01 Jan 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198024
IP address blocks: 185.227.44.0/22 maxlen: 22
31.172.152.0/21 maxlen: 21
37.44.48.0/21 maxlen: 21
185.59.116.0/22 maxlen: 22
185.127.60.0/22 maxlen: 22
185.127.84.0/22 maxlen: 22
2a06:c780::/29 maxlen: 29
2a06:c840::/29 maxlen: 29
2a03:7b80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/pgD8lkBCiaxYthBH3fhiGH9asn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/pgD8lkBCiaxYthBH3fhiGH9asn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pgD8lkBCiaxYthBH3fhiGH9asn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3f:85:0e:b1:98:c1:ec:ba:44:ac:d4:0b:02:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a600fc96404289ac58b61047ddf862187f5ab27e
Validity
Not Before: Jan 1 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b62ea8e14eac400cce17ab306e70f3f0ff315486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:be:90:43:27:fd:00:63:45:d1:f7:41:13:c0:
6f:31:87:00:dc:53:db:9f:f0:c3:d4:5c:7e:4d:4e:
7e:42:db:94:06:f4:12:e9:90:2d:d6:54:88:46:8a:
2c:f5:bd:cb:f4:c0:49:b7:8a:e8:bf:56:41:c8:e6:
11:c5:b3:8c:15:f1:6d:da:e1:6b:5a:28:2f:68:3b:
5f:8c:9c:a0:27:3b:a1:e5:b6:37:a2:79:d3:3a:67:
2f:9c:29:36:cd:ac:34:7a:7e:85:f4:eb:5d:e2:06:
d3:8a:83:89:37:53:61:e4:46:b5:e6:c4:79:da:87:
b1:69:e1:d9:3c:79:d8:4a:fc:1b:01:1a:d0:3e:9c:
57:8b:c4:f3:b5:cc:0b:3f:94:58:0a:34:2d:f7:c6:
b5:2d:2c:f2:74:e5:7a:9a:0f:27:ce:af:04:85:e1:
76:52:26:2a:b0:8b:f6:d7:11:de:6f:14:38:54:19:
be:8a:2a:0a:e5:3e:19:28:75:27:7e:21:1d:b0:70:
24:f5:9e:cf:05:9f:a4:c5:5f:db:22:4b:df:0d:2a:
88:a3:43:aa:14:17:25:4d:cc:60:7d:3f:af:c5:02:
d3:c4:21:2a:1c:cc:3f:9b:f5:9b:ae:e2:8d:3c:0e:
0a:f6:df:2f:ad:81:1a:82:3b:8e:6c:db:34:ec:f5:
b2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2E:A8:E1:4E:AC:40:0C:CE:17:AB:30:6E:70:F3:F0:FF:31:54:86
X509v3 Authority Key Identifier:
keyid:A6:00:FC:96:40:42:89:AC:58:B6:10:47:DD:F8:62:18:7F:5A:B2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgD8lkBCiaxYthBH3fhiGH9asn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/ti6o4U6sQAzOF6swbnDz8P8xVIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3d7b8a-e074-4f16-a629-2128d840c429/1/pgD8lkBCiaxYthBH3fhiGH9asn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.152.0/21
37.44.48.0/21
185.59.116.0/22
185.127.60.0/22
185.127.84.0/22
185.227.44.0/22
IPv6:
2a03:7b80::/32
2a06:c780::/29
2a06:c840::/29
Signature Algorithm: sha256WithRSAEncryption
5c:40:18:72:8d:9f:7f:fe:8f:6f:51:5d:de:fa:c0:96:c8:30:
70:8c:94:34:5b:6f:b2:fa:87:4f:78:c8:d5:ca:79:9b:3d:21:
6b:fd:46:6b:7a:de:85:b1:86:ce:dc:c0:c7:7c:92:71:ad:aa:
93:a7:44:06:e2:37:c9:b7:90:f4:b6:0a:fe:9a:3e:bd:f3:55:
65:41:c8:7e:97:48:6e:bd:b2:9d:a4:51:fb:22:ae:62:b5:75:
40:91:2b:5c:fe:9e:27:3c:ae:00:ea:b3:8e:47:fe:a0:d7:81:
7b:26:fd:5b:a3:08:9c:1c:6c:2f:5b:78:06:09:93:b6:4f:a3:
c1:92:53:fe:57:0c:b6:b4:1a:b4:31:1e:cf:82:b1:58:85:de:
11:81:d8:db:80:74:5e:b7:41:0e:86:dc:73:9e:ee:1f:c6:ef:
ad:52:6c:c4:b7:14:0b:82:43:fb:24:f4:d4:25:9e:74:20:89:
92:fb:54:e2:60:b1:00:39:e8:41:9e:03:e7:1a:0a:25:c3:c7:
36:ef:aa:5d:66:00:9d:f4:ea:08:f3:39:59:49:79:15:94:f0:
db:1d:29:e7:1b:92:dd:ac:f9:80:36:18:97:e3:cf:9a:3b:f6:
b1:9d:20:07:33:86:12:79:48:a5:d2:59:f5:14:dd:06:b5:70:
e5:b8:7d:1a
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzFAT+FDrGYwey6RKzUCwKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDBmYzk2NDA0Mjg5YWM1OGI2MTA0N2RkZjg2MjE4N2Y1
YWIyN2UwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjJlYThlMTRlYWM0MDBjY2UxN2FiMzA2ZTcwZjNmMGZmMzE1NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm76QQyf9AGNF0fdBE8BvMYcA3FPb
n/DD1Fx+TU5+QtuUBvQS6ZAt1lSIRoos9b3L9MBJt4rov1ZByOYRxbOMFfFt2uFr
WigvaDtfjJygJzuh5bY3onnTOmcvnCk2zaw0en6F9Otd4gbTioOJN1Nh5Ea15sR5
2oexaeHZPHnYSvwbARrQPpxXi8TztcwLP5RYCjQt98a1LSzydOV6mg8nzq8EheF2
UiYqsIv21xHebxQ4VBm+iioK5T4ZKHUnfiEdsHAk9Z7PBZ+kxV/bIkvfDSqIo0Oq
FBclTcxgfT+vxQLTxCEqHMw/m/WbruKNPA4K9t8vrYEagjuObNs07PWylQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFLYuqOFOrEAMzherMG5w8/D/MVSGMB8GA1UdIwQY
MBaAFKYA/JZAQomsWLYQR934Yhh/WrJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdEOGxrQkNpYXhZdGhCSDNmaGlHSDlhc240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zZDdiOGEtZTA3NC00ZjE2LWE2Mjkt
MjEyOGQ4NDBjNDI5LzEvdGk2bzRVNnNRQXpPRjZzd2JuRHo4UDh4VklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zZDdiOGEtZTA3NC00ZjE2LWE2MjktMjEyOGQ4NDBjNDI5
LzEvcGdEOGxrQkNpYXhZdGhCSDNmaGlHSDlhc240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDH6yYAwQD
JSwwAwQCuTt0AwQCuX88AwQCuX9UAwQCueMsMBsEAgACMBUDBQAqA3uAAwUDKgbH
gAMFAyoGyEAwDQYJKoZIhvcNAQELBQADggEBAFxAGHKNn3/+j29RXd76wJbIMHCM
lDRbb7L6h094yNXKeZs9IWv9Rmt63oWxhs7cwMd8knGtqpOnRAbiN8m3kPS2Cv6a
Pr3zVWVByH6XSG69sp2kUfsirmK1dUCRK1z+nic8rgDqs45H/qDXgXsm/VujCJwc
bC9beAYJk7ZPo8GSU/5XDLa0GrQxHs+CsViF3hGB2NuAdF63QQ6G3HOe7h/G761S
bMS3FAuCQ/sk9NQlnnQgiZL7VOJgsQA56EGeA+caCiXDxzbvql1mAJ306gjzOVlJ
eRWU8NsdKecbkt2s+YA2GJfjz5o79rGdIAczhhJ5SKXSWfUU3Qa1cOW4fRo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:52:01 2024 by rpki-client on console-fra.rpki-client.org