Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/b4W1LiLl1ynuNZ36RjGo79KstIY.roa
File: b4W1LiLl1ynuNZ36RjGo79KstIY.roa (raw, json)
Hash identifier: gaWzHSimknvtAnLqot8+UNzjLICsxu3ZdeWWhPQ9OlA=
Subject key identifier: 6F:85:B5:2E:22:E5:D7:29:EE:35:9D:FA:46:31:A8:EF:D2:AC:B4:86
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018CC64AE23A4895170641B7E0F1A6CDBBD0
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/b4W1LiLl1ynuNZ36RjGo79KstIY.roa
Signing time: Mon 01 Jan 2024 18:30:45 +0000
ROA not before: Mon 01 Jan 2024 18:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34358
IP address blocks: 85.121.136.0/23 maxlen: 23
217.156.42.0/24 maxlen: 24
217.156.44.0/23 maxlen: 23
85.120.35.0/24 maxlen: 24
81.180.200.0/24 maxlen: 24
217.156.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e2:3a:48:95:17:06:41:b7:e0:f1:a6:cd:bb:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 18:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f85b52e22e5d729ee359dfa4631a8efd2acb486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b6:85:2e:ac:f9:4e:de:a5:9d:79:77:6a:01:
d5:ed:37:5e:ff:97:d2:9e:1e:ed:e1:2f:bd:12:ed:
b5:5f:53:3a:72:6e:53:2b:39:61:49:66:c2:ff:95:
f9:ae:a2:42:4a:a5:25:92:10:be:2b:27:e4:57:ca:
3b:8e:06:85:30:05:3e:b8:f1:44:d2:2e:bc:ca:e3:
7a:84:76:e2:51:8c:db:4c:43:62:a7:f1:9c:24:56:
c0:d4:5c:ea:bf:94:d5:1a:89:c1:5c:08:b8:2d:14:
41:c7:b0:07:c7:ec:98:5a:a8:a8:2c:c2:00:ef:80:
bb:2e:b6:78:b0:49:8a:ce:49:ba:70:0f:c8:45:df:
19:a3:0d:3f:ae:46:35:7d:91:38:37:14:e9:c5:55:
da:e2:b2:a3:d2:23:82:2d:9e:3d:ed:f4:fc:49:66:
9a:b8:c4:66:6f:2d:b8:a9:40:38:bd:78:f7:df:53:
a6:32:6f:e1:e6:77:03:af:6a:35:87:97:d9:a6:a9:
77:43:c0:8b:61:41:b0:fe:6b:df:c5:8f:96:cf:56:
02:ba:55:bf:0e:65:d9:4e:8e:cf:cf:3d:1d:58:ee:
b8:a0:1e:8d:c1:9a:a2:54:03:2b:85:7d:c7:b2:92:
0e:41:cb:5e:86:31:be:32:21:b1:a6:c3:64:b8:ee:
73:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:85:B5:2E:22:E5:D7:29:EE:35:9D:FA:46:31:A8:EF:D2:AC:B4:86
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/b4W1LiLl1ynuNZ36RjGo79KstIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.180.200.0/24
85.120.35.0/24
85.121.136.0/23
217.156.42.0/24
217.156.44.0/23
217.156.103.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ae:70:eb:d4:88:fa:ee:dc:ef:be:23:aa:0b:f8:56:46:3a:
dd:28:c1:c8:22:bd:9e:86:b3:ed:c7:4e:53:6f:a5:cd:96:44:
21:a8:f3:62:60:b5:5b:f9:9e:39:62:4b:7f:b2:30:aa:51:3c:
bc:10:06:9a:6d:d3:ab:e7:15:8d:5d:50:e1:84:ec:1b:84:0c:
59:e7:73:7b:45:ef:42:ff:52:a9:bc:fe:90:b6:78:2f:7d:ae:
3b:5e:76:91:53:61:3c:be:f3:92:7d:49:b1:5c:ee:a6:4a:5e:
ae:fd:0b:b1:c8:8e:41:2d:8b:ee:e3:c4:45:a2:42:31:73:0b:
d3:fb:50:c7:e6:bc:3b:c4:52:1c:a2:ad:d1:3c:b1:d2:93:66:
4c:ba:f8:3c:84:94:a1:ca:5c:5c:93:38:d7:37:7c:69:5b:52:
8d:be:12:0b:d6:92:44:82:cd:c8:5a:5b:ab:05:43:0c:e3:b6:
da:33:cf:d6:2a:73:9d:8d:93:c1:49:91:23:ca:62:26:9f:09:
2c:b6:09:8e:fc:ee:fa:ec:d4:9b:bc:a0:7e:8c:2c:f2:11:17:
44:7b:9c:5b:1b:e6:aa:b0:ae:3e:e6:c9:8f:06:32:02:6b:71:
e8:7d:4c:0e:af:ae:ed:02:c1:d0:f9:80:34:68:00:59:d9:cd:
7a:2d:ef:02
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzGSuI6SJUXBkG34PGmzbvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Zjg1YjUyZTIyZTVkNzI5ZWUzNTlkZmE0NjMxYThlZmQyYWNiNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoraFLqz5Tt6lnXl3agHV7Tde/5fS
nh7t4S+9Eu21X1M6cm5TKzlhSWbC/5X5rqJCSqUlkhC+KyfkV8o7jgaFMAU+uPFE
0i68yuN6hHbiUYzbTENip/GcJFbA1Fzqv5TVGonBXAi4LRRBx7AHx+yYWqioLMIA
74C7LrZ4sEmKzkm6cA/IRd8Zow0/rkY1fZE4NxTpxVXa4rKj0iOCLZ497fT8SWaa
uMRmby24qUA4vXj331OmMm/h5ncDr2o1h5fZpql3Q8CLYUGw/mvfxY+Wz1YCulW/
DmXZTo7Pzz0dWO64oB6NwZqiVAMrhX3HspIOQctehjG+MiGxpsNkuO5z5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG+FtS4i5dcp7jWd+kYxqO/SrLSGMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvYjRXMUxpTGwxeW51TlozNlJqR283OUtzdElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUbTIAwQA
VXgjAwQBVXmIAwQA2ZwqAwQB2ZwsAwQA2ZxnMA0GCSqGSIb3DQEBCwUAA4IBAQCN
rnDr1Ij67tzvviOqC/hWRjrdKMHIIr2ehrPtx05Tb6XNlkQhqPNiYLVb+Z45Ykt/
sjCqUTy8EAaabdOr5xWNXVDhhOwbhAxZ53N7Re9C/1KpvP6Qtngvfa47XnaRU2E8
vvOSfUmxXO6mSl6u/QuxyI5BLYvu48RFokIxcwvT+1DH5rw7xFIcoq3RPLHSk2ZM
uvg8hJShylxckzjXN3xpW1KNvhIL1pJEgs3IWlurBUMM47baM8/WKnOdjZPBSZEj
ymImnwkstgmO/O767NSbvKB+jCzyERdEe5xbG+aqsK4+5smPBjICa3HofUwOr67t
AsHQ+YA0aABZ2c16Le8C
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:47:16 2024 by rpki-client on console-fra.rpki-client.org