Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/_KqA1tfDRG9-oGxisQTLJnBuYXU.roa
File: _KqA1tfDRG9-oGxisQTLJnBuYXU.roa (raw, json)
Hash identifier: o9vbccs5UcaXqiJK1Kw1Olg3W+YijyzR+exjYOVfBpE=
Subject key identifier: FC:AA:80:D6:D7:C3:44:6F:7E:A0:6C:62:B1:04:CB:26:70:6E:61:75
Certificate issuer: /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial: 018DC5C4B8DF0B7182D404F89CCC9332A94B
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/_KqA1tfDRG9-oGxisQTLJnBuYXU.roa
Signing time: Tue 20 Feb 2024 09:07:00 +0000
ROA not before: Tue 20 Feb 2024 09:07:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.252.204.0/24 maxlen: 24
185.122.200.0/24 maxlen: 24
185.122.201.0/24 maxlen: 24
185.122.202.0/24 maxlen: 24
185.122.203.0/24 maxlen: 24
185.130.57.0/24 maxlen: 24
185.130.58.0/24 maxlen: 24
185.130.59.0/24 maxlen: 24
185.198.72.0/24 maxlen: 24
185.198.74.0/24 maxlen: 24
185.198.75.0/24 maxlen: 24
2a07:cd00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:c4:b8:df:0b:71:82:d4:04:f8:9c:cc:93:32:a9:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
Validity
Not Before: Feb 20 09:07:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcaa80d6d7c3446f7ea06c62b104cb26706e6175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b8:3b:64:30:c3:6a:b9:ca:fc:a8:67:15:42:
e9:e1:c2:5c:22:e9:0f:87:96:f4:69:4f:59:e3:7a:
c8:92:81:42:8d:c6:49:8c:aa:77:44:cf:cc:be:d5:
0b:d1:f0:f5:32:8f:57:73:c5:02:93:75:32:84:80:
c5:e2:0b:3b:d7:c8:b4:95:3f:dc:4d:21:02:37:f9:
ba:7c:9a:15:09:0b:b0:08:b7:bf:12:d1:3f:53:9e:
34:58:05:10:11:9b:af:f0:a8:dd:1d:7c:65:f6:b3:
31:2d:05:da:f5:16:a1:3c:83:3d:61:ff:1d:6d:55:
9f:a1:77:9a:19:4c:93:b5:9d:89:20:d2:9e:1d:ac:
1e:02:fe:c9:8a:46:82:fb:be:7a:46:c2:a5:0b:40:
e5:f2:98:83:8f:29:8f:a4:2d:a5:a5:7f:8d:48:dd:
1d:49:9b:0e:bc:83:64:b9:10:25:1c:30:91:ad:4f:
d7:40:87:70:e0:22:4f:33:cb:c1:d1:33:40:21:e4:
8f:3a:70:d7:5c:da:90:5f:a6:3d:9b:51:5a:10:57:
1d:9d:95:94:86:70:8f:66:25:35:6d:8b:09:d7:8f:
d2:0a:bf:b1:ae:17:33:b3:54:2e:20:44:2d:8b:ab:
95:7e:56:4e:73:e7:07:5b:fd:48:c2:6b:c8:eb:56:
02:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AA:80:D6:D7:C3:44:6F:7E:A0:6C:62:B1:04:CB:26:70:6E:61:75
X509v3 Authority Key Identifier:
keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/_KqA1tfDRG9-oGxisQTLJnBuYXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.204.0/24
185.122.200.0/22
185.130.57.0-185.130.59.255
185.198.72.0/24
185.198.74.0/23
IPv6:
2a07:cd00::/48
Signature Algorithm: sha256WithRSAEncryption
a6:3b:98:1c:de:fe:27:53:5c:b7:b7:6c:4a:87:e3:be:90:84:
e2:33:19:6c:ef:9f:2a:88:3e:6f:32:89:f2:ba:3a:10:21:25:
c3:f5:99:a2:ce:d0:70:26:f8:d1:09:23:23:82:3c:dd:df:da:
55:68:f1:06:3a:70:ee:14:9e:09:2d:87:52:1d:ac:fc:2b:c0:
54:51:74:89:e6:be:25:44:0a:45:e6:26:64:7b:e7:b9:e0:8d:
0c:31:79:2a:13:64:73:ec:66:e9:72:dc:31:5c:09:45:19:ae:
0a:fb:f1:c6:90:33:18:b6:b6:95:06:df:62:9c:51:46:cc:34:
74:ac:f6:0c:5d:5b:91:ca:fd:15:fa:76:cf:0f:ed:20:5a:6b:
ef:aa:1d:29:84:05:16:ae:6b:a1:a5:b3:e3:99:65:8f:1d:e3:
96:cd:e7:a6:a5:63:0e:70:c0:c2:45:16:a5:f4:84:69:d3:c4:
4f:0a:80:aa:cf:eb:25:4c:60:02:a0:87:3c:16:69:49:9c:ff:
6f:7b:45:ff:bd:93:5f:cc:16:0b:28:85:a9:63:0b:cf:20:c0:
77:ec:b3:bf:9e:fa:0d:13:26:f2:b7:ee:c3:de:56:a0:f3:04:
cb:72:9a:85:24:23:22:06:96:7a:8c:14:8e:c1:82:64:36:94:
78:39:2d:a7
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY3FxLjfC3GC1AT4nMyTMqlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm
NDRmYmEwHhcNMjQwMjIwMDkwNzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2FhODBkNmQ3YzM0NDZmN2VhMDZjNjJiMTA0Y2IyNjcwNmU2MTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7g7ZDDDarnK/KhnFULp4cJcIukP
h5b0aU9Z43rIkoFCjcZJjKp3RM/MvtUL0fD1Mo9Xc8UCk3UyhIDF4gs718i0lT/c
TSECN/m6fJoVCQuwCLe/EtE/U540WAUQEZuv8KjdHXxl9rMxLQXa9RahPIM9Yf8d
bVWfoXeaGUyTtZ2JINKeHaweAv7JikaC+756RsKlC0Dl8piDjymPpC2lpX+NSN0d
SZsOvINkuRAlHDCRrU/XQIdw4CJPM8vB0TNAIeSPOnDXXNqQX6Y9m1FaEFcdnZWU
hnCPZiU1bYsJ14/SCr+xrhczs1QuIEQti6uVflZOc+cHW/1IwmvI61YCqwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPyqgNbXw0RvfqBsYrEEyyZwbmF1MB8GA1UdIwQY
MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt
YWVhYzE2MjI3YzI1LzEvX0txQTF0ZkRSRzktb0d4aXNRVExKbkJ1WVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1
LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQABfzMAwQC
uXrIMAwDBAC5gjkDBAK5gjgDBAC5xkgDBAG5xkowDwQCAAIwCQMHACoHzQAAADAN
BgkqhkiG9w0BAQsFAAOCAQEApjuYHN7+J1Nct7dsSofjvpCE4jMZbO+fKog+bzKJ
8ro6ECElw/WZos7QcCb40QkjI4I83d/aVWjxBjpw7hSeCS2HUh2s/CvAVFF0iea+
JUQKReYmZHvnueCNDDF5KhNkc+xm6XLcMVwJRRmuCvvxxpAzGLa2lQbfYpxRRsw0
dKz2DF1bkcr9Ffp2zw/tIFpr76odKYQFFq5roaWz45lljx3jls3npqVjDnDAwkUW
pfSEadPETwqAqs/rJUxgAqCHPBZpSZz/b3tF/72TX8wWCyiFqWMLzyDAd+yzv576
DRMm8rfuw95WoPMEy3KahSQjIgaWeowUjsGCZDaUeDktpw==
-----END CERTIFICATE-----
Generated at Thu May 2 08:11:06 2024 by rpki-client on console-ams.rpki-client.org