Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/iaCAd2vAvedXHDGP1lUH_E_KM8A.roa
File: iaCAd2vAvedXHDGP1lUH_E_KM8A.roa (raw, json)
Hash identifier: dyOOxLshxZ5tzdjQv2bDDgrD+ZI8YY4RTwLw+T09ohs=
Subject key identifier: 89:A0:80:77:6B:C0:BD:E7:57:1C:31:8F:D6:55:07:FC:4F:CA:33:C0
Certificate issuer: /CN=687726d38fcf2a7fbbb7bfc28d63fe3579ed211d
Certificate serial: 018CC348A380A3EEE437E7289B82AF091BC7
Authority key identifier: 68:77:26:D3:8F:CF:2A:7F:BB:B7:BF:C2:8D:63:FE:35:79:ED:21:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/iaCAd2vAvedXHDGP1lUH_E_KM8A.roa
Signing time: Mon 01 Jan 2024 04:29:26 +0000
ROA not before: Mon 01 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55002
IP address blocks: 185.170.88.0/24 maxlen: 24
185.170.90.0/24 maxlen: 24
194.11.166.0/24 maxlen: 24
194.11.164.0/24 maxlen: 24
193.8.190.0/24 maxlen: 24
193.8.191.0/24 maxlen: 24
193.134.94.0/24 maxlen: 24
193.73.208.0/24 maxlen: 24
2a09:5f80:2::/48 maxlen: 48
2a09:5f80::/48 maxlen: 48
2a09:5f80:3::/48 maxlen: 48
2001:67c:4f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/aHcm04_PKn-7t7_CjWP-NXntIR0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/aHcm04_PKn-7t7_CjWP-NXntIR0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a3:80:a3:ee:e4:37:e7:28:9b:82:af:09:1b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=687726d38fcf2a7fbbb7bfc28d63fe3579ed211d
Validity
Not Before: Jan 1 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89a080776bc0bde7571c318fd65507fc4fca33c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fc:ce:21:60:12:20:b2:3f:d5:a3:de:43:ec:
37:b5:b3:5f:3b:17:26:db:69:3f:c9:a6:38:6d:ce:
7b:eb:9e:81:6c:9d:58:79:b1:8c:51:8a:9e:25:f4:
4a:67:43:c5:2c:de:24:8c:19:2c:df:83:24:0c:0b:
bb:d8:27:ed:b3:36:df:1c:5d:fc:da:a1:dd:c1:e9:
9b:c6:9b:0e:53:31:b3:aa:0d:4a:bc:2f:81:e6:c0:
1d:03:f4:b2:14:21:93:40:3d:12:f5:6f:4f:3e:71:
40:b2:5a:23:90:b5:1b:4f:b0:7c:22:5a:aa:68:73:
c1:bf:ce:90:e5:83:61:24:97:b7:e6:86:75:51:a5:
6f:e6:1e:51:ff:76:1a:13:7d:12:7d:cb:d2:63:e9:
78:8c:ac:d0:c6:f9:1a:f5:0f:15:d9:0f:a9:0a:a2:
bf:1a:2d:e0:83:78:20:d4:39:08:55:eb:99:55:b2:
8c:e1:25:89:ac:7d:0d:34:a0:79:ab:dd:cd:7f:7c:
f3:7d:82:05:57:59:00:49:c7:8c:93:ff:f7:75:05:
dc:4e:9f:be:ef:77:91:bf:2d:66:63:70:6d:0b:32:
de:8b:28:3d:20:41:b6:be:55:f9:d0:62:bc:23:af:
13:ef:1b:30:e3:da:d6:31:b5:3b:82:1e:7b:af:eb:
2b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A0:80:77:6B:C0:BD:E7:57:1C:31:8F:D6:55:07:FC:4F:CA:33:C0
X509v3 Authority Key Identifier:
keyid:68:77:26:D3:8F:CF:2A:7F:BB:B7:BF:C2:8D:63:FE:35:79:ED:21:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHcm04_PKn-7t7_CjWP-NXntIR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/iaCAd2vAvedXHDGP1lUH_E_KM8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/e71e27-c687-4fd7-8180-4b2da197a7e6/1/aHcm04_PKn-7t7_CjWP-NXntIR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.88.0/24
185.170.90.0/24
193.8.190.0/23
193.73.208.0/24
193.134.94.0/24
194.11.164.0/24
194.11.166.0/24
IPv6:
2001:67c:4f0::/48
2a09:5f80::/48
2a09:5f80:2::/47
Signature Algorithm: sha256WithRSAEncryption
9b:19:5d:f9:99:af:f2:e2:ab:54:5a:04:70:65:1e:27:26:2e:
45:12:47:ed:55:ea:aa:13:d0:57:ee:36:e6:3b:e9:64:78:87:
52:ce:b9:a5:d2:8e:ca:63:63:e4:23:bd:40:ca:4b:36:27:18:
cb:d4:10:a1:b3:bc:fb:0a:20:7e:08:71:f6:3d:26:84:e2:be:
fa:c8:39:36:88:06:9a:0e:de:c5:62:96:91:29:aa:90:0e:56:
7f:77:05:57:7b:31:ed:bc:3c:cd:7d:83:ed:55:6b:52:98:0a:
29:39:8c:e0:be:19:09:4a:26:08:b0:53:82:ab:d0:e6:c6:e9:
38:07:87:73:25:ff:65:95:8e:34:bd:e3:be:92:66:03:b3:92:
87:55:d5:b3:aa:12:14:f8:b6:d0:a3:e0:c2:9c:dd:c0:8f:cc:
c7:d5:9a:a7:9d:de:13:6b:0d:08:a9:29:59:a4:a0:7e:39:d6:
82:6c:0c:88:89:f3:89:ee:18:9a:a7:b6:07:2f:9d:45:ea:87:
23:04:de:73:a4:43:67:04:0f:6a:c2:43:f1:80:22:16:06:3d:
99:aa:af:4e:b1:2d:06:a6:4d:b1:f4:b8:fc:2f:47:2f:58:26:
40:80:15:22:9a:3e:92:27:28:a6:6e:c6:29:a4:0a:2f:b3:3e:
94:c6:a1:72
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzDSKOAo+7kN+com4KvCRvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NzcyNmQzOGZjZjJhN2ZiYmI3YmZjMjhkNjNmZTM1Nzll
ZDIxMWQwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWEwODA3NzZiYzBiZGU3NTcxYzMxOGZkNjU1MDdmYzRmY2EzM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfzOIWASILI/1aPeQ+w3tbNfOxcm
22k/yaY4bc57656BbJ1YebGMUYqeJfRKZ0PFLN4kjBks34MkDAu72CftszbfHF38
2qHdwembxpsOUzGzqg1KvC+B5sAdA/SyFCGTQD0S9W9PPnFAslojkLUbT7B8Ilqq
aHPBv86Q5YNhJJe35oZ1UaVv5h5R/3YaE30SfcvSY+l4jKzQxvka9Q8V2Q+pCqK/
Gi3gg3gg1DkIVeuZVbKM4SWJrH0NNKB5q93Nf3zzfYIFV1kASceMk//3dQXcTp++
73eRvy1mY3BtCzLeiyg9IEG2vlX50GK8I68T7xsw49rWMbU7gh57r+srVQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFImggHdrwL3nVxwxj9ZVB/xPyjPAMB8GA1UdIwQY
MBaAFGh3JtOPzyp/u7e/wo1j/jV57SEdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUhjbTA0X1BLbi03dDdfQ2pXUC1OWG50SVIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9lNzFlMjctYzY4Ny00ZmQ3LTgxODAt
NGIyZGExOTdhN2U2LzEvaWFDQWQydkF2ZWRYSERHUDFsVUhfRV9LTThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9lNzFlMjctYzY4Ny00ZmQ3LTgxODAtNGIyZGExOTdhN2U2
LzEvYUhjbTA0X1BLbi03dDdfQ2pXUC1OWG50SVIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAwBAIAATAqAwQAuapYAwQA
uapaAwQBwQi+AwQAwUnQAwQAwYZeAwQAwgukAwQAwgumMCEEAgACMBsDBwAgAQZ8
BPADBwAqCV+AAAADBwEqCV+AAAIwDQYJKoZIhvcNAQELBQADggEBAJsZXfmZr/Li
q1RaBHBlHicmLkUSR+1V6qoT0FfuNuY76WR4h1LOuaXSjspjY+QjvUDKSzYnGMvU
EKGzvPsKIH4IcfY9JoTivvrIOTaIBpoO3sVilpEpqpAOVn93BVd7Me28PM19g+1V
a1KYCik5jOC+GQlKJgiwU4Kr0ObG6TgHh3Ml/2WVjjS9476SZgOzkodV1bOqEhT4
ttCj4MKc3cCPzMfVmqed3hNrDQipKVmkoH451oJsDIiJ84nuGJqntgcvnUXqhyME
3nOkQ2cED2rCQ/GAIhYGPZmqr06xLQamTbH0uPwvRy9YJkCAFSKaPpInKKZuximk
Ci+zPpTGoXI=
-----END CERTIFICATE-----
Generated at Mon May 20 15:30:49 2024 by rpki-client on console-fra.rpki-client.org