Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/tQJCZxIpeoeff0zDR9enWFRN5uA.roa
File: tQJCZxIpeoeff0zDR9enWFRN5uA.roa (raw, json)
Hash identifier: nYdtpxhWFUDklhIalYgQuFmwZboTOH0N9TTNLppyeok=
Subject key identifier: B5:02:42:67:12:29:7A:87:9F:7F:4C:C3:47:D7:A7:58:54:4D:E6:E0
Certificate issuer: /CN=b2ec1ba6854bbf5bc3ed554ff7fef3ba5fe4cb51
Certificate serial: 018CC6B8A81E3861090A50564741449A77B9
Authority key identifier: B2:EC:1B:A6:85:4B:BF:5B:C3:ED:55:4F:F7:FE:F3:BA:5F:E4:CB:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/suwbpoVLv1vD7VVP9_7zul_ky1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/tQJCZxIpeoeff0zDR9enWFRN5uA.roa
Signing time: Mon 01 Jan 2024 20:30:39 +0000
ROA not before: Mon 01 Jan 2024 20:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35205
IP address blocks: 185.48.208.0/22 maxlen: 22
80.84.192.0/19 maxlen: 19
80.84.192.0/22 maxlen: 22
80.84.192.0/20 maxlen: 20
80.84.208.0/21 maxlen: 21
80.84.208.0/20 maxlen: 20
2a04:a080::/30 maxlen: 30
2a04:a080::/29 maxlen: 29
2a04:a084::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/suwbpoVLv1vD7VVP9_7zul_ky1E.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/suwbpoVLv1vD7VVP9_7zul_ky1E.mft
rsync://rpki.ripe.net/repository/DEFAULT/suwbpoVLv1vD7VVP9_7zul_ky1E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:a8:1e:38:61:09:0a:50:56:47:41:44:9a:77:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2ec1ba6854bbf5bc3ed554ff7fef3ba5fe4cb51
Validity
Not Before: Jan 1 20:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b502426712297a879f7f4cc347d7a758544de6e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:88:2e:cd:4f:04:d8:56:e4:0b:56:cd:44:b8:
80:01:c2:11:9a:d6:16:27:21:e2:80:69:a5:65:57:
ed:a5:2d:ff:63:b9:bb:82:0b:56:f2:bd:00:07:96:
e6:b4:39:c4:c1:c7:9f:82:65:74:4b:74:aa:03:33:
d2:cb:6e:c9:b0:89:2d:6a:d3:af:cd:fc:19:c5:7b:
c6:d6:59:06:00:95:6b:c5:a0:f9:ee:51:0d:e1:d2:
18:97:3f:11:7b:50:79:84:59:e6:81:70:78:63:1e:
e4:6e:48:25:57:35:81:28:9b:19:65:fb:92:b1:75:
86:d9:be:d2:c8:86:3d:e1:b6:ee:9b:02:88:5e:4a:
fe:a9:df:2e:18:a6:20:63:30:8e:7c:d5:35:b4:ea:
d5:ee:12:a4:de:8b:7d:69:db:74:7b:38:42:37:c2:
4d:3c:26:36:3d:56:a8:70:1b:68:9a:6e:f0:a2:15:
27:30:a8:0f:97:55:4a:b7:58:da:98:63:31:92:92:
9a:08:d0:4c:2a:ca:c9:47:96:7f:e2:76:f5:c4:30:
69:87:20:71:6c:f8:36:18:7e:71:e1:5f:81:18:7c:
8c:ec:6f:33:3b:dd:b1:9e:0b:a3:de:8c:ed:45:42:
0d:f3:ed:52:32:cf:8f:86:27:51:a4:e6:0f:69:7f:
d3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:02:42:67:12:29:7A:87:9F:7F:4C:C3:47:D7:A7:58:54:4D:E6:E0
X509v3 Authority Key Identifier:
keyid:B2:EC:1B:A6:85:4B:BF:5B:C3:ED:55:4F:F7:FE:F3:BA:5F:E4:CB:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/suwbpoVLv1vD7VVP9_7zul_ky1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/tQJCZxIpeoeff0zDR9enWFRN5uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5279ef-a1c9-4da2-a1c5-1d8d933d6c00/1/suwbpoVLv1vD7VVP9_7zul_ky1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.192.0/19
185.48.208.0/22
IPv6:
2a04:a080::/29
Signature Algorithm: sha256WithRSAEncryption
7b:8e:a5:ce:9e:a4:ea:0c:91:68:77:4b:03:4b:28:14:9a:a4:
6d:e0:46:d3:06:d0:3f:e7:36:93:d1:6e:a7:22:36:23:22:5c:
3d:5a:61:8f:e5:56:00:64:f6:c4:38:62:bc:e5:c8:81:b0:dc:
43:8a:76:0a:84:60:c8:78:29:58:97:7c:56:63:23:f3:89:ed:
5a:9d:b0:c6:9a:1d:5d:c3:c3:f5:ad:0d:48:a1:bb:7f:33:ce:
fb:29:be:be:68:fb:e6:bf:df:ae:6f:f7:8d:0f:b2:41:83:97:
ad:6c:00:de:30:bf:76:b0:69:dd:58:af:ad:60:c3:2a:ca:8c:
e7:7a:e0:b2:25:cd:44:14:64:76:ee:2c:55:24:f8:e1:cd:0c:
d3:8e:73:42:c5:77:80:76:6a:de:37:d9:01:2e:bf:3b:b2:94:
c2:c8:0f:c8:fd:d2:50:52:83:6a:4c:d6:3f:70:ac:5d:fb:cb:
85:ac:84:4c:89:b2:e4:13:44:04:64:e3:84:5c:5d:9a:12:80:
27:ae:4b:75:49:ff:85:05:a4:ab:8c:ed:43:e0:32:3f:54:db:
ec:15:1f:80:31:7f:40:7d:a0:b4:1f:fb:53:97:5b:fa:c8:e0:
57:d5:59:a9:20:f8:65:1d:f6:92:40:38:4b:d2:c1:5a:8f:80:
98:2d:88:51
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuKgeOGEJClBWR0FEmne5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZWMxYmE2ODU0YmJmNWJjM2VkNTU0ZmY3ZmVmM2JhNWZl
NGNiNTEwHhcNMjQwMTAxMjAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTAyNDI2NzEyMjk3YTg3OWY3ZjRjYzM0N2Q3YTc1ODU0NGRlNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYguzU8E2FbkC1bNRLiAAcIRmtYW
JyHigGmlZVftpS3/Y7m7ggtW8r0AB5bmtDnEwcefgmV0S3SqAzPSy27JsIktatOv
zfwZxXvG1lkGAJVrxaD57lEN4dIYlz8Re1B5hFnmgXB4Yx7kbkglVzWBKJsZZfuS
sXWG2b7SyIY94bbumwKIXkr+qd8uGKYgYzCOfNU1tOrV7hKk3ot9adt0ezhCN8JN
PCY2PVaocBtomm7wohUnMKgPl1VKt1jamGMxkpKaCNBMKsrJR5Z/4nb1xDBphyBx
bPg2GH5x4V+BGHyM7G8zO92xnguj3oztRUIN8+1SMs+PhidRpOYPaX/T3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLUCQmcSKXqHn39Mw0fXp1hUTebgMB8GA1UdIwQY
MBaAFLLsG6aFS79bw+1VT/f+87pf5MtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3V3YnBvVkx2MXZEN1ZWUDlfN3p1bF9reTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81Mjc5ZWYtYTFjOS00ZGEyLWExYzUt
MWQ4ZDkzM2Q2YzAwLzEvdFFKQ1p4SXBlb2VmZjB6RFI5ZW5XRlJONXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81Mjc5ZWYtYTFjOS00ZGEyLWExYzUtMWQ4ZDkzM2Q2YzAw
LzEvc3V3YnBvVkx2MXZEN1ZWUDlfN3p1bF9reTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFUFTAAwQC
uTDQMA0EAgACMAcDBQMqBKCAMA0GCSqGSIb3DQEBCwUAA4IBAQB7jqXOnqTqDJFo
d0sDSygUmqRt4EbTBtA/5zaT0W6nIjYjIlw9WmGP5VYAZPbEOGK85ciBsNxDinYK
hGDIeClYl3xWYyPzie1anbDGmh1dw8P1rQ1Iobt/M877Kb6+aPvmv9+ub/eND7JB
g5etbADeML92sGndWK+tYMMqyozneuCyJc1EFGR27ixVJPjhzQzTjnNCxXeAdmre
N9kBLr87spTCyA/I/dJQUoNqTNY/cKxd+8uFrIRMibLkE0QEZOOEXF2aEoAnrkt1
Sf+FBaSrjO1D4DI/VNvsFR+AMX9AfaC0H/tTl1v6yOBX1VmpIPhlHfaSQDhL0sFa
j4CYLYhR
-----END CERTIFICATE-----
Generated at Sat Sep 28 15:58:54 2024 by rpki-client on console-fra.rpki-client.org