Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/cvrmaIrLxlaZQh_lx3_kwYPRPno.roa
File: cvrmaIrLxlaZQh_lx3_kwYPRPno.roa (raw, json)
Hash identifier: LiPq5Kgz0hwnkaFSP5CWIHT4TrfxYz8A0k7VuK7Lar0=
Subject key identifier: 72:FA:E6:68:8A:CB:C6:56:99:42:1F:E5:C7:7F:E4:C1:83:D1:3E:7A
Certificate issuer: /CN=4186e6b9d1f78c94d63fac934ab9aadc0c96d43e
Certificate serial: 018CC8DE18A85730FCB86972F5B9FDEFFD53
Authority key identifier: 41:86:E6:B9:D1:F7:8C:94:D6:3F:AC:93:4A:B9:AA:DC:0C:96:D4:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QYbmudH3jJTWP6yTSrmq3AyW1D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/cvrmaIrLxlaZQh_lx3_kwYPRPno.roa
Signing time: Tue 02 Jan 2024 06:30:47 +0000
ROA not before: Tue 02 Jan 2024 06:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15516
IP address blocks: 79.98.192.0/21 maxlen: 21
195.135.216.0/22 maxlen: 22
62.61.128.0/19 maxlen: 19
81.161.128.0/18 maxlen: 18
77.75.160.0/21 maxlen: 21
91.100.0.0/15 maxlen: 15
85.24.0.0/17 maxlen: 17
87.72.0.0/15 maxlen: 15
82.211.224.0/19 maxlen: 19
82.147.224.0/19 maxlen: 19
2001:14d0::/29 maxlen: 29
2a01:558::/32 maxlen: 32
2a07:8900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/QYbmudH3jJTWP6yTSrmq3AyW1D4.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/QYbmudH3jJTWP6yTSrmq3AyW1D4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QYbmudH3jJTWP6yTSrmq3AyW1D4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:18:a8:57:30:fc:b8:69:72:f5:b9:fd:ef:fd:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4186e6b9d1f78c94d63fac934ab9aadc0c96d43e
Validity
Not Before: Jan 2 06:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72fae6688acbc65699421fe5c77fe4c183d13e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:70:1d:b3:f9:01:5c:21:1e:ca:b7:67:57:62:
6f:a3:a5:d6:d5:c1:0c:48:57:79:7c:3c:9a:cc:a1:
fb:ca:5c:d4:9b:fa:43:7f:a7:d0:81:29:76:34:7e:
f9:ef:85:cc:58:e9:5e:5e:0a:04:20:44:81:f4:72:
30:c8:79:e3:2c:d1:93:51:e3:38:5d:3e:27:93:75:
39:1e:74:fa:45:6e:99:d8:49:dc:fc:ed:7f:e1:71:
f8:cb:69:8c:dd:fb:31:e6:ec:57:76:36:57:54:e7:
40:2c:ba:7e:b6:40:ce:6b:8b:21:13:d0:ad:b5:a1:
04:65:d3:0c:77:d6:3c:ef:78:a9:42:a0:15:56:22:
fc:53:e0:a8:20:49:00:9b:5d:42:18:f5:15:df:c7:
a7:b2:28:82:6d:dd:ab:b8:fa:53:47:4d:88:d2:71:
52:85:a5:0c:45:93:b5:cf:dd:44:81:9b:cf:4b:7f:
f9:69:76:a0:5a:28:e5:b5:48:43:24:e1:be:3c:0d:
0b:a1:1f:0a:7d:76:7b:79:bb:d2:76:d2:d0:2c:1f:
bb:aa:20:a2:b0:5d:05:64:e6:cd:22:80:0d:a7:79:
32:87:e2:68:cc:95:68:15:cf:99:92:84:f6:17:3a:
6a:d5:5f:5c:b4:1f:c6:35:e0:de:91:60:62:ac:25:
19:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FA:E6:68:8A:CB:C6:56:99:42:1F:E5:C7:7F:E4:C1:83:D1:3E:7A
X509v3 Authority Key Identifier:
keyid:41:86:E6:B9:D1:F7:8C:94:D6:3F:AC:93:4A:B9:AA:DC:0C:96:D4:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QYbmudH3jJTWP6yTSrmq3AyW1D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/cvrmaIrLxlaZQh_lx3_kwYPRPno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/QYbmudH3jJTWP6yTSrmq3AyW1D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.61.128.0/19
77.75.160.0/21
79.98.192.0/21
81.161.128.0/18
82.147.224.0/19
82.211.224.0/19
85.24.0.0/17
87.72.0.0/15
91.100.0.0/15
195.135.216.0/22
IPv6:
2001:14d0::/29
2a01:558::/32
2a07:8900::/29
Signature Algorithm: sha256WithRSAEncryption
51:c6:5d:2d:30:24:0c:42:f7:05:07:c2:85:c6:bb:69:bd:2d:
0f:1f:75:c4:69:20:4d:b8:95:41:6b:59:5d:9e:ba:39:3b:36:
27:91:f8:55:85:2c:c3:7a:f8:82:a7:cf:e9:39:38:25:a9:82:
12:78:6b:5c:ff:48:90:49:ee:56:17:ed:6f:33:ce:7c:f2:e1:
6f:9a:f6:eb:28:a3:2d:02:6e:ef:7e:e0:f8:80:7f:bd:cd:2b:
6c:a2:6d:5d:3c:e4:f3:ee:2c:66:e7:1e:03:45:69:cd:a6:c8:
1b:67:8d:68:67:42:38:b2:6c:0e:1c:fa:10:e1:fb:d4:f5:34:
d7:40:4c:b8:03:fb:e2:12:48:57:8f:f2:ba:0e:ae:1e:7a:e1:
63:60:6f:53:e3:11:1c:69:f2:34:cd:74:26:6e:e6:20:ae:34:
0a:c1:75:96:53:7d:d7:a0:0b:2a:a2:2b:02:0a:44:da:1c:40:
d6:04:40:34:41:4d:59:9d:be:f5:2c:46:ef:99:b7:c8:54:7c:
b1:a1:4e:58:e5:6c:35:cf:f5:77:49:f6:ff:6b:c1:a4:b8:3b:
ab:2b:14:57:c3:87:a7:01:e6:87:b8:cf:32:a7:f6:48:a9:b1:
55:1f:30:b2:1f:4a:a6:a0:c3:aa:a1:f9:d2:f5:ca:2a:c3:35:
fa:18:6d:88
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzI3hioVzD8uGly9bn97/1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxODZlNmI5ZDFmNzhjOTRkNjNmYWM5MzRhYjlhYWRjMGM5
NmQ0M2UwHhcNMjQwMTAyMDYzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmZhZTY2ODhhY2JjNjU2OTk0MjFmZTVjNzdmZTRjMTgzZDEzZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnAds/kBXCEeyrdnV2Jvo6XW1cEM
SFd5fDyazKH7ylzUm/pDf6fQgSl2NH7574XMWOleXgoEIESB9HIwyHnjLNGTUeM4
XT4nk3U5HnT6RW6Z2Enc/O1/4XH4y2mM3fsx5uxXdjZXVOdALLp+tkDOa4shE9Ct
taEEZdMMd9Y873ipQqAVViL8U+CoIEkAm11CGPUV38ensiiCbd2ruPpTR02I0nFS
haUMRZO1z91EgZvPS3/5aXagWijltUhDJOG+PA0LoR8KfXZ7ebvSdtLQLB+7qiCi
sF0FZObNIoANp3kyh+JozJVoFc+ZkoT2Fzpq1V9ctB/GNeDekWBirCUZHQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFHL65miKy8ZWmUIf5cd/5MGD0T56MB8GA1UdIwQY
MBaAFEGG5rnR94yU1j+sk0q5qtwMltQ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVlibXVkSDNqSlRXUDZ5VFNybXEzQXlXMUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xYjlhNjYtZjgyMC00NWEwLWIwMmQt
ZDc4NzY2ZDhjODU4LzEvY3ZybWFJckx4bGFaUWhfbHgzX2t3WVBSUG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xYjlhNjYtZjgyMC00NWEwLWIwMmQtZDc4NzY2ZDhjODU4
LzEvUVlibXVkSDNqSlRXUDZ5VFNybXEzQXlXMUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBABAIAATA6AwQFPj2AAwQD
TUugAwQDT2LAAwQGUaGAAwQFUpPgAwQFUtPgAwQHVRgAAwMBV0gDAwFbZAMEAsOH
2DAbBAIAAjAVAwUDIAEU0AMFACoBBVgDBQMqB4kAMA0GCSqGSIb3DQEBCwUAA4IB
AQBRxl0tMCQMQvcFB8KFxrtpvS0PH3XEaSBNuJVBa1ldnro5OzYnkfhVhSzDeviC
p8/pOTglqYISeGtc/0iQSe5WF+1vM8588uFvmvbrKKMtAm7vfuD4gH+9zStsom1d
POTz7ixm5x4DRWnNpsgbZ41oZ0I4smwOHPoQ4fvU9TTXQEy4A/viEkhXj/K6Dq4e
euFjYG9T4xEcafI0zXQmbuYgrjQKwXWWU33XoAsqoisCCkTaHEDWBEA0QU1Znb71
LEbvmbfIVHyxoU5Y5Ww1z/V3Sfb/a8GkuDurKxRXw4enAeaHuM8yp/ZIqbFVHzCy
H0qmoMOqofnS9coqwzX6GG2I
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:51 2024 by rpki-client on console-fra.rpki-client.org