Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/F4X6EirF9a4DMb-5jG6KwR9nlLM.roa
File: F4X6EirF9a4DMb-5jG6KwR9nlLM.roa (raw, json)
Hash identifier: HwWXWpzyDv3uVJh2QaLeWWleTCUQ9dEkk3VyTf5OZkU=
Subject key identifier: 17:85:FA:12:2A:C5:F5:AE:03:31:BF:B9:8C:6E:8A:C1:1F:67:94:B3
Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Certificate serial: 0192803C5ABEA77284B422240F51DEDDF1F1
Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/F4X6EirF9a4DMb-5jG6KwR9nlLM.roa
Signing time: Sat 12 Oct 2024 10:18:11 +0000
ROA not before: Sat 12 Oct 2024 10:18:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8455
IP address blocks: 31.22.80.0/21 maxlen: 21
31.22.84.0/24 maxlen: 24
45.148.184.0/22 maxlen: 22
45.148.187.0/24 maxlen: 24
95.142.96.0/20 maxlen: 20
130.193.4.0/24 maxlen: 24
178.237.32.0/20 maxlen: 20
178.237.34.0/24 maxlen: 24
178.237.42.0/24 maxlen: 24
178.237.43.0/24 maxlen: 24
185.27.16.0/22 maxlen: 22
193.202.74.0/23 maxlen: 23
193.202.88.0/24 maxlen: 24
2a00:1188::/29 maxlen: 29
2a00:1188:8::/48 maxlen: 48
2a00:1188:9::/48 maxlen: 48
2a00:1188:b::/48 maxlen: 48
2a00:1188:c::/48 maxlen: 48
2a00:1188:d::/48 maxlen: 48
2a00:1188:13::/48 maxlen: 48
2a00:1188:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:80:3c:5a:be:a7:72:84:b4:22:24:0f:51:de:dd:f1:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Validity
Not Before: Oct 12 10:18:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1785fa122ac5f5ae0331bfb98c6e8ac11f6794b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5d:6c:3d:71:7f:db:43:d4:e0:17:62:84:8e:
ef:ff:c9:f4:44:e1:9d:d0:88:60:1f:c6:e2:c1:20:
f2:f5:85:cc:10:e6:53:57:6b:3f:7a:c8:cb:36:cf:
e4:b5:22:d4:9d:48:56:24:24:f8:e0:8d:ae:bc:63:
c4:7f:40:05:f8:5d:b1:80:b6:0e:30:38:08:3f:e5:
ad:10:22:78:94:ea:af:7c:2e:3c:86:f0:b8:da:ae:
41:f3:9f:b7:ab:b8:bd:9a:42:d8:7b:94:5a:a0:e3:
d6:df:2c:1e:1d:4f:41:b6:01:62:9b:da:a6:03:d7:
de:59:eb:39:82:ec:e7:d0:cc:f1:08:1d:54:a6:b3:
9b:f5:06:5d:8f:b8:93:18:ee:fe:20:4b:a8:c0:64:
e1:7c:5a:ee:07:a3:b9:77:86:46:09:d0:c0:a2:b0:
38:ce:87:05:18:6f:ef:dd:67:04:21:ea:c0:c8:26:
5f:ee:f8:af:06:20:de:f5:2c:f6:e4:f1:40:85:7f:
b9:2b:c4:2c:9f:8a:54:0d:cf:d9:c7:c1:1a:d3:79:
74:bf:dc:f1:a2:b3:e8:c1:31:e7:5a:20:f0:bf:98:
d1:c0:ca:7d:f7:fa:e9:10:56:e4:6d:5b:11:35:d3:
5d:e9:53:65:d1:ab:83:dc:71:99:f0:24:3b:0a:7b:
b2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:85:FA:12:2A:C5:F5:AE:03:31:BF:B9:8C:6E:8A:C1:1F:67:94:B3
X509v3 Authority Key Identifier:
keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/F4X6EirF9a4DMb-5jG6KwR9nlLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.80.0/21
45.148.184.0/22
95.142.96.0/20
130.193.4.0/24
178.237.32.0/20
185.27.16.0/22
193.202.74.0/23
193.202.88.0/24
IPv6:
2a00:1188::/29
Signature Algorithm: sha256WithRSAEncryption
06:38:cd:e3:4a:75:33:14:52:70:02:81:b3:e7:0b:cc:5a:da:
63:d5:b5:51:c1:35:23:7f:5e:28:d8:b4:06:e8:19:4c:d8:40:
4d:ef:2e:a2:a2:0f:c8:72:11:d7:51:c8:b9:0d:17:a1:8e:95:
f5:e9:0e:79:4e:4b:0b:a3:d1:37:02:a5:11:9c:b9:be:19:34:
4b:68:d5:ce:85:e7:fe:57:81:de:77:eb:22:b5:4a:2e:37:0a:
75:1d:ab:77:e4:0e:e8:2d:f0:a7:d3:c1:59:1c:4b:1e:c8:2c:
ec:ac:bb:b6:5d:96:c8:42:7a:b1:7c:f0:1a:bd:6c:f3:2a:76:
bf:b3:b4:75:ec:10:d3:f1:a0:7a:16:6f:51:86:f2:89:05:e1:
4e:f4:d8:e0:d3:2a:5b:22:4d:f0:4a:5a:ac:38:7c:30:c9:87:
73:90:29:28:13:96:2a:0d:75:77:d9:32:8e:9c:5c:d8:44:4e:
de:05:84:3e:c8:d0:12:99:6d:72:18:23:ca:4d:1c:47:bf:f1:
43:69:40:d4:b4:c6:2f:36:44:ad:d2:df:0c:5d:f8:d2:49:9f:
51:78:53:27:5e:76:72:cb:24:90:6b:c5:1a:b7:a8:6f:3b:36:
c7:36:e7:b8:cf:90:05:3a:e5:92:7b:12:a6:3c:2e:4d:2a:c5:
ec:c6:a9:2d
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZKAPFq+p3KEtCIkD1He3fHxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4
NDlkMTcwHhcNMjQxMDEyMTAxODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzg1ZmExMjJhYzVmNWFlMDMzMWJmYjk4YzZlOGFjMTFmNjc5NGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp11sPXF/20PU4BdihI7v/8n0ROGd
0IhgH8biwSDy9YXMEOZTV2s/esjLNs/ktSLUnUhWJCT44I2uvGPEf0AF+F2xgLYO
MDgIP+WtECJ4lOqvfC48hvC42q5B85+3q7i9mkLYe5RaoOPW3yweHU9BtgFim9qm
A9feWes5guzn0MzxCB1UprOb9QZdj7iTGO7+IEuowGThfFruB6O5d4ZGCdDAorA4
zocFGG/v3WcEIerAyCZf7vivBiDe9Sz25PFAhX+5K8Qsn4pUDc/Zx8Ea03l0v9zx
orPowTHnWiDwv5jRwMp99/rpEFbkbVsRNdNd6VNl0auD3HGZ8CQ7Cnuy3wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBeF+hIqxfWuAzG/uYxuisEfZ5SzMB8GA1UdIwQY
MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt
OWRkOTk3ZWVmNGVmLzEvRjRYNkVpckY5YTRETWItNWpHNkt3UjlubExNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm
LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDHxZQAwQC
LZS4AwQEX45gAwQAgsEEAwQEsu0gAwQCuRsQAwQBwcpKAwQAwcpYMA0EAgACMAcD
BQMqABGIMA0GCSqGSIb3DQEBCwUAA4IBAQAGOM3jSnUzFFJwAoGz5wvMWtpj1bVR
wTUjf14o2LQG6BlM2EBN7y6iog/IchHXUci5DRehjpX16Q55TksLo9E3AqURnLm+
GTRLaNXOhef+V4Hed+sitUouNwp1Hat35A7oLfCn08FZHEseyCzsrLu2XZbIQnqx
fPAavWzzKna/s7R17BDT8aB6Fm9RhvKJBeFO9Njg0ypbIk3wSlqsOHwwyYdzkCko
E5YqDXV32TKOnFzYRE7eBYQ+yNASmW1yGCPKTRxHv/FDaUDUtMYvNkSt0t8MXfjS
SZ9ReFMnXnZyyySQa8Uat6hvOzbHNue4z5AFOuWSexKmPC5NKsXsxqkt
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:54:45 2024 by rpki-client on console-fra.rpki-client.org