Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/cVdwFsU1ZlJRuc4Mz5-Z3Bt0Ta4.roa
File: cVdwFsU1ZlJRuc4Mz5-Z3Bt0Ta4.roa (raw, json)
Hash identifier: MFQ9TBe00ccrnmLZLoFFUNMUWQhWL/h62hchYWezCyU=
Subject key identifier: 71:57:70:16:C5:35:66:52:51:B9:CE:0C:CF:9F:99:DC:1B:74:4D:AE
Certificate issuer: /CN=6ab7b9cee004300eafe09bf12fcb6da1dd30a4d7
Certificate serial: 018CC94BF2EC99B39386794BE1C3F9047531
Authority key identifier: 6A:B7:B9:CE:E0:04:30:0E:AF:E0:9B:F1:2F:CB:6D:A1:DD:30:A4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/are5zuAEMA6v4JvxL8ttod0wpNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/cVdwFsU1ZlJRuc4Mz5-Z3Bt0Ta4.roa
Signing time: Tue 02 Jan 2024 08:30:46 +0000
ROA not before: Tue 02 Jan 2024 08:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203489
IP address blocks: 213.137.32.0/19 maxlen: 21
82.145.160.0/19 maxlen: 19
178.20.72.0/21 maxlen: 21
31.24.136.0/21 maxlen: 21
69.172.96.0/19 maxlen: 19
185.3.36.0/22 maxlen: 22
2a00:fa80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/are5zuAEMA6v4JvxL8ttod0wpNc.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/are5zuAEMA6v4JvxL8ttod0wpNc.mft
rsync://rpki.ripe.net/repository/DEFAULT/are5zuAEMA6v4JvxL8ttod0wpNc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:f2:ec:99:b3:93:86:79:4b:e1:c3:f9:04:75:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ab7b9cee004300eafe09bf12fcb6da1dd30a4d7
Validity
Not Before: Jan 2 08:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71577016c535665251b9ce0ccf9f99dc1b744dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6b:72:8c:9c:2b:58:50:37:b2:ad:4e:50:94:
cd:94:0b:a4:4a:14:c0:57:d8:ff:8a:32:69:44:f4:
8a:38:a7:7a:a5:41:e8:a0:7e:42:6b:31:21:2a:52:
34:09:3b:07:b6:3a:96:ba:7a:6b:a7:c2:ae:8e:6a:
e3:4a:98:c4:b6:84:b6:41:da:15:e6:61:e9:d1:fc:
9e:fa:e3:37:5e:e2:86:8d:82:23:77:03:9f:b1:58:
2b:c7:02:5f:c5:c3:96:bd:b5:23:c0:b9:a0:f8:37:
9c:3a:4b:4b:1a:fb:80:dd:ee:10:0f:66:ad:e9:86:
48:cd:b8:22:cb:bb:09:2a:6d:a9:63:24:1e:c5:f2:
89:f6:93:32:bc:0e:7e:d1:ab:03:04:b5:2d:92:e1:
2d:5f:aa:7a:d0:f6:28:55:9e:2e:e1:74:ea:2b:d1:
d0:5e:cb:56:1c:dc:21:76:6b:c1:69:96:b6:f2:d7:
7c:d5:1c:25:d5:79:62:f8:2d:a7:11:fe:5d:45:0f:
9c:c5:6b:06:27:94:55:c3:ec:97:e9:8d:87:8b:bb:
f5:a5:51:2b:0d:cb:8d:4a:4e:e4:9f:90:63:60:f4:
a8:5d:70:dc:d3:b6:db:ce:77:3e:e8:2f:5c:8d:25:
29:13:25:ef:c7:22:ab:6c:58:b8:62:bf:f1:b9:fc:
44:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:57:70:16:C5:35:66:52:51:B9:CE:0C:CF:9F:99:DC:1B:74:4D:AE
X509v3 Authority Key Identifier:
keyid:6A:B7:B9:CE:E0:04:30:0E:AF:E0:9B:F1:2F:CB:6D:A1:DD:30:A4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/are5zuAEMA6v4JvxL8ttod0wpNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/cVdwFsU1ZlJRuc4Mz5-Z3Bt0Ta4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7d11e2-5274-447e-9fe6-88aa6fd0aa8e/1/are5zuAEMA6v4JvxL8ttod0wpNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.136.0/21
69.172.96.0/19
82.145.160.0/19
178.20.72.0/21
185.3.36.0/22
213.137.32.0/19
IPv6:
2a00:fa80::/29
Signature Algorithm: sha256WithRSAEncryption
b8:db:2f:2b:fe:fb:49:9d:71:5c:07:4b:a2:b0:3f:bd:43:e2:
69:85:1c:a8:10:95:40:65:99:45:93:64:66:5c:03:27:12:12:
d9:1f:98:51:9d:ec:52:33:42:71:ea:2c:a4:94:2f:25:2b:63:
41:5b:bf:7d:1c:b1:96:d5:a1:f2:d8:fc:cb:00:8f:d8:be:87:
8f:ae:a7:0d:20:14:d9:d9:d1:e6:cb:8d:43:f6:58:b9:f1:9b:
13:ce:3c:0a:f1:70:8a:ac:37:2f:b5:df:39:9f:ea:fc:cd:81:
8a:63:53:6f:cb:62:1f:08:9a:ef:f0:3d:e6:eb:93:53:83:9f:
63:b9:11:88:8b:8b:e3:49:8f:ff:75:3f:1e:b4:41:63:b9:bb:
cc:f4:be:b5:1e:d4:e3:08:8e:0d:d2:80:5f:00:5a:35:89:bd:
03:77:a2:ab:9a:b7:7f:ae:20:75:e3:79:41:b8:a7:cc:a5:f9:
88:85:63:03:2b:d6:2e:44:15:55:c2:2a:8a:51:87:42:6c:38:
ff:ba:ee:ab:c4:7c:ca:41:3d:77:30:c7:1f:2d:2a:49:b4:57:
e3:ed:4b:20:18:06:fb:0a:21:1d:1a:3c:9c:f4:c6:1b:82:64:
09:22:35:c6:79:35:17:7c:b6:29:0a:67:f8:88:b3:82:76:62:
dc:ec:27:1b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzJS/LsmbOThnlL4cP5BHUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYjdiOWNlZTAwNDMwMGVhZmUwOWJmMTJmY2I2ZGExZGQz
MGE0ZDcwHhcNMjQwMTAyMDgzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTU3NzAxNmM1MzU2NjUyNTFiOWNlMGNjZjlmOTlkYzFiNzQ0ZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGtyjJwrWFA3sq1OUJTNlAukShTA
V9j/ijJpRPSKOKd6pUHooH5CazEhKlI0CTsHtjqWunprp8KujmrjSpjEtoS2QdoV
5mHp0fye+uM3XuKGjYIjdwOfsVgrxwJfxcOWvbUjwLmg+DecOktLGvuA3e4QD2at
6YZIzbgiy7sJKm2pYyQexfKJ9pMyvA5+0asDBLUtkuEtX6p60PYoVZ4u4XTqK9HQ
XstWHNwhdmvBaZa28td81Rwl1Xli+C2nEf5dRQ+cxWsGJ5RVw+yX6Y2Hi7v1pVEr
DcuNSk7kn5BjYPSoXXDc07bbznc+6C9cjSUpEyXvxyKrbFi4Yr/xufxEewIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHFXcBbFNWZSUbnODM+fmdwbdE2uMB8GA1UdIwQY
MBaAFGq3uc7gBDAOr+Cb8S/LbaHdMKTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXJlNXp1QUVNQTZ2NEp2eEw4dHRvZDB3cE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83ZDExZTItNTI3NC00NDdlLTlmZTYt
ODhhYTZmZDBhYThlLzEvY1Zkd0ZzVTFabEpSdWM0TXo1LVozQnQwVGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83ZDExZTItNTI3NC00NDdlLTlmZTYtODhhYTZmZDBhYThl
LzEvYXJlNXp1QUVNQTZ2NEp2eEw4dHRvZDB3cE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDHxiIAwQF
RaxgAwQFUpGgAwQDshRIAwQCuQMkAwQF1YkgMA0EAgACMAcDBQMqAPqAMA0GCSqG
SIb3DQEBCwUAA4IBAQC42y8r/vtJnXFcB0uisD+9Q+JphRyoEJVAZZlFk2RmXAMn
EhLZH5hRnexSM0Jx6iyklC8lK2NBW799HLGW1aHy2PzLAI/YvoePrqcNIBTZ2dHm
y41D9li58ZsTzjwK8XCKrDcvtd85n+r8zYGKY1Nvy2IfCJrv8D3m65NTg59juRGI
i4vjSY//dT8etEFjubvM9L61HtTjCI4N0oBfAFo1ib0Dd6Krmrd/riB143lBuKfM
pfmIhWMDK9YuRBVVwiqKUYdCbDj/uu6rxHzKQT13MMcfLSpJtFfj7UsgGAb7CiEd
Gjyc9MYbgmQJIjXGeTUXfLYpCmf4iLOCdmLc7Ccb
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:28:46 2024 by rpki-client on console-ams.rpki-client.org