Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/atfuluyqUY9HZIGDHmIMsXQqDAU.roa
File: atfuluyqUY9HZIGDHmIMsXQqDAU.roa (raw, json)
Hash identifier: iKM9tWdM/bpTmVGkpgEGCy4DqUM/WsevrZg7R6PIERo=
Subject key identifier: 6A:D7:EE:96:EC:AA:51:8F:47:64:81:83:1E:62:0C:B1:74:2A:0C:05
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 018CC424D4D12B9300FAE5BA3CA63AE51E11
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/atfuluyqUY9HZIGDHmIMsXQqDAU.roa
Signing time: Mon 01 Jan 2024 08:29:57 +0000
ROA not before: Mon 01 Jan 2024 08:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16376
IP address blocks: 185.68.0.0/22 maxlen: 24
185.122.216.0/22 maxlen: 24
185.71.24.0/22 maxlen: 24
37.35.88.0/21 maxlen: 24
94.199.184.0/21 maxlen: 24
2a0a:fd80::/29 maxlen: 36
2a03:25e0::/32 maxlen: 40
2a01:b280::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 14:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:d4:d1:2b:93:00:fa:e5:ba:3c:a6:3a:e5:1e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 08:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ad7ee96ecaa518f476481831e620cb1742a0c05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ac:2f:94:b8:42:07:63:a1:d6:6a:8b:78:70:
53:af:10:7e:86:be:71:c3:b1:75:e9:cb:60:65:45:
2a:fa:ec:c6:31:ad:a8:04:f4:2b:71:2d:7b:d1:96:
ca:90:40:09:d6:97:c6:5f:e9:b2:67:6f:97:de:7c:
3e:78:95:4e:6d:f2:10:52:73:d3:0c:ca:50:c3:4d:
e6:2a:a5:ec:9c:c1:2c:86:15:5c:80:90:14:81:7c:
ce:41:48:89:24:1c:bc:06:5e:63:d0:6e:1b:c6:f3:
d3:6e:b1:49:1b:95:27:b2:45:05:48:b6:c9:87:01:
06:9e:c4:cc:30:93:21:e3:6d:ba:39:51:c7:22:1e:
41:c5:14:72:c6:09:6a:53:e2:44:71:f2:60:8d:e6:
7a:d0:5d:82:05:c0:b1:ef:17:2a:9e:5b:a3:7f:68:
08:0f:d8:38:58:77:e3:f9:da:cc:6a:08:46:1e:a4:
5f:27:41:67:0a:e9:11:e6:ce:63:08:5a:5d:4d:6c:
2a:58:b3:51:2d:ca:28:f5:5f:6d:15:15:86:eb:95:
cc:ff:a1:d7:8e:55:99:44:5c:ce:fb:af:e1:9c:6b:
11:65:1b:64:6d:11:c2:8b:5d:82:40:79:46:e8:ad:
7f:3b:7c:ed:7c:ff:2b:e2:9a:13:98:07:ec:37:ac:
f3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D7:EE:96:EC:AA:51:8F:47:64:81:83:1E:62:0C:B1:74:2A:0C:05
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/atfuluyqUY9HZIGDHmIMsXQqDAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.88.0/21
94.199.184.0/21
185.68.0.0/22
185.71.24.0/22
185.122.216.0/22
IPv6:
2a01:b280::/29
2a03:25e0::/32
2a0a:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
15:b0:79:a6:e8:02:36:3a:6d:80:31:10:72:22:2e:f2:ee:14:
fb:55:63:84:0a:3f:02:1f:3d:fa:98:aa:fc:20:5d:56:62:1e:
75:41:7c:5f:88:96:b7:5e:f6:eb:b1:44:d6:95:8b:f7:35:5e:
25:4d:9f:e8:22:e1:0b:07:fa:6d:16:87:23:0e:d4:16:4a:04:
de:2a:b6:51:3a:12:86:71:5e:b6:51:b2:7f:c3:e1:ca:47:ee:
ec:65:24:62:83:6d:9b:a1:69:cb:06:bb:35:b6:8e:5b:44:6c:
3c:fb:4f:92:c4:54:92:3a:16:5f:36:72:ed:0d:41:13:cd:0a:
fc:4c:14:d7:1d:dc:7b:2d:08:71:5f:3a:47:85:3c:0c:b5:9a:
fa:d4:a1:36:16:c0:71:13:f2:e4:51:aa:a8:1e:52:e1:5f:57:
94:62:9d:a7:82:93:4c:56:68:af:9c:15:8d:95:ea:d3:ab:9b:
d3:a7:2f:29:3e:5d:d7:75:de:c7:b1:b7:26:39:03:8d:78:ec:
f2:27:43:75:2a:0b:4c:61:d7:60:7a:a0:d8:8f:57:ce:6f:14:
29:24:86:ca:0f:e8:b9:41:8c:12:d8:60:47:f9:a9:74:ba:3d:
1f:ae:ca:d6:0d:1e:3e:94:6b:f1:1f:62:13:6e:02:8a:4a:6c:
24:ea:71:21
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzEJNTRK5MA+uW6PKY65R4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjQwMTAxMDgyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQ3ZWU5NmVjYWE1MThmNDc2NDgxODMxZTYyMGNiMTc0MmEwYzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArawvlLhCB2Oh1mqLeHBTrxB+hr5x
w7F16ctgZUUq+uzGMa2oBPQrcS170ZbKkEAJ1pfGX+myZ2+X3nw+eJVObfIQUnPT
DMpQw03mKqXsnMEshhVcgJAUgXzOQUiJJBy8Bl5j0G4bxvPTbrFJG5UnskUFSLbJ
hwEGnsTMMJMh4226OVHHIh5BxRRyxglqU+JEcfJgjeZ60F2CBcCx7xcqnlujf2gI
D9g4WHfj+drMaghGHqRfJ0FnCukR5s5jCFpdTWwqWLNRLcoo9V9tFRWG65XM/6HX
jlWZRFzO+6/hnGsRZRtkbRHCi12CQHlG6K1/O3ztfP8r4poTmAfsN6zzQwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFGrX7pbsqlGPR2SBgx5iDLF0KgwFMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvYXRmdWx1eXFVWTlIWklHREhtSU1zWFFxREFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGItYzI1Nzc5MmRhZGM0
LzEveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQDJSNYAwQD
Xse4AwQCuUQAAwQCuUcYAwQCuXrYMBsEAgACMBUDBQMqAbKAAwUAKgMl4AMFAyoK
/YAwDQYJKoZIhvcNAQELBQADggEBABWweaboAjY6bYAxEHIiLvLuFPtVY4QKPwIf
PfqYqvwgXVZiHnVBfF+Ilrde9uuxRNaVi/c1XiVNn+gi4QsH+m0WhyMO1BZKBN4q
tlE6EoZxXrZRsn/D4cpH7uxlJGKDbZuhacsGuzW2jltEbDz7T5LEVJI6Fl82cu0N
QRPNCvxMFNcd3HstCHFfOkeFPAy1mvrUoTYWwHET8uRRqqgeUuFfV5RinaeCk0xW
aK+cFY2V6tOrm9OnLyk+Xdd13sextyY5A4147PInQ3UqC0xh12B6oNiPV85vFCkk
hsoP6LlBjBLYYEf5qXS6PR+uytYNHj6Ua/EfYhNuAopKbCTqcSE=
-----END CERTIFICATE-----
Generated at Mon Jun 3 22:42:26 2024 by rpki-client on console-fra.rpki-client.org