Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/4711a1-4d25-47e6-acf7-b0712ab0b077/1/66Re73Jhnhs0gKrcD3NEQr_zpxQ.roa
File: 66Re73Jhnhs0gKrcD3NEQr_zpxQ.roa (raw, json)
Hash identifier: s8lgkiCqw/ckuQhxNd+bjfKUfe01nm2gYMx/MO49ZhQ=
Subject key identifier: EB:A4:5E:EF:72:61:9E:1B:34:80:AA:DC:0F:73:44:42:BF:F3:A7:14
Certificate issuer: /CN=4a2027dbb89427a8e031b90962e26e44affa5a95
Certificate serial: 018CC9BC34C4386327FF7DE554C86A34C23D
Authority key identifier: 4A:20:27:DB:B8:94:27:A8:E0:31:B9:09:62:E2:6E:44:AF:FA:5A:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiAn27iUJ6jgMbkJYuJuRK_6WpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/4711a1-4d25-47e6-acf7-b0712ab0b077/1/66Re73Jhnhs0gKrcD3NEQr_zpxQ.roa
Signing time: Tue 02 Jan 2024 10:33:23 +0000
ROA not before: Tue 02 Jan 2024 10:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24800
IP address blocks: 185.96.88.0/22 maxlen: 22
185.108.252.0/22 maxlen: 22
185.108.108.0/22 maxlen: 22
185.109.76.0/22 maxlen: 22
185.109.88.0/22 maxlen: 22
185.107.168.0/22 maxlen: 22
185.96.180.0/22 maxlen: 22
185.107.176.0/22 maxlen: 22
185.109.12.0/22 maxlen: 22
185.108.100.0/22 maxlen: 22
185.109.64.0/22 maxlen: 22
2a00:4020::/32 maxlen: 32
2a00:4820::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/4711a1-4d25-47e6-acf7-b0712ab0b077/1/SiAn27iUJ6jgMbkJYuJuRK_6WpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/4711a1-4d25-47e6-acf7-b0712ab0b077/1/SiAn27iUJ6jgMbkJYuJuRK_6WpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/SiAn27iUJ6jgMbkJYuJuRK_6WpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:34:c4:38:63:27:ff:7d:e5:54:c8:6a:34:c2:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a2027dbb89427a8e031b90962e26e44affa5a95
Validity
Not Before: Jan 2 10:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eba45eef72619e1b3480aadc0f734442bff3a714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:72:c6:7e:67:5a:2a:50:7f:56:d7:bd:a9:fe:
08:bd:10:c3:dc:48:eb:f9:e1:60:38:a8:1a:74:96:
6d:16:bd:11:19:98:4e:0c:e7:8e:4b:61:f2:cf:5e:
66:03:54:b5:3e:78:c5:b7:e3:94:12:c8:e1:4f:e9:
9b:8d:1c:4a:ed:34:b2:cd:1f:3c:e7:2d:50:93:7c:
ca:04:c8:10:3c:5a:c2:3a:a5:65:3f:3f:20:e0:81:
c3:d8:43:22:b6:a0:eb:59:9d:78:2e:40:a8:30:56:
8e:bc:d0:9e:46:b9:1d:35:e6:e2:ad:a0:55:23:fd:
c3:ad:1b:36:9a:3d:f9:05:05:c8:4f:e5:9e:c1:82:
16:15:5a:d7:25:9c:0b:89:39:6f:6f:1c:df:a9:2c:
55:bc:66:0a:d0:ec:48:3b:62:25:31:51:68:ba:40:
f3:93:a1:bb:e6:34:b8:47:42:aa:22:99:be:11:16:
fb:c5:71:ee:46:3e:31:3e:76:02:3a:a9:c9:49:8d:
b1:ed:66:53:24:67:e8:51:51:c7:0d:75:f9:bc:4d:
c4:94:7c:27:79:41:1a:b6:b1:ac:10:73:aa:d9:95:
b6:e5:0d:70:21:cd:1b:bd:bb:64:bf:0c:73:9c:e2:
f1:24:c4:60:a6:79:62:a8:18:f1:4f:e3:a1:d3:e9:
b5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A4:5E:EF:72:61:9E:1B:34:80:AA:DC:0F:73:44:42:BF:F3:A7:14
X509v3 Authority Key Identifier:
keyid:4A:20:27:DB:B8:94:27:A8:E0:31:B9:09:62:E2:6E:44:AF:FA:5A:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiAn27iUJ6jgMbkJYuJuRK_6WpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4711a1-4d25-47e6-acf7-b0712ab0b077/1/66Re73Jhnhs0gKrcD3NEQr_zpxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4711a1-4d25-47e6-acf7-b0712ab0b077/1/SiAn27iUJ6jgMbkJYuJuRK_6WpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.88.0/22
185.96.180.0/22
185.107.168.0/22
185.107.176.0/22
185.108.100.0/22
185.108.108.0/22
185.108.252.0/22
185.109.12.0/22
185.109.64.0/22
185.109.76.0/22
185.109.88.0/22
IPv6:
2a00:4020::/32
2a00:4820::/32
Signature Algorithm: sha256WithRSAEncryption
51:33:a1:fd:53:4c:e8:35:c9:e7:8e:ef:2e:28:13:19:38:23:
63:48:73:64:3e:b6:b8:41:29:a7:46:f0:63:63:32:fa:87:f1:
4d:9d:ca:d3:83:64:46:08:65:c4:b9:14:fc:6d:99:86:ec:a2:
1b:dd:ea:40:99:67:90:01:a3:b3:5d:ae:ed:c8:81:0d:a7:ea:
81:85:d0:3e:a4:12:61:44:52:d5:c5:08:1a:5e:9e:16:2e:79:
d2:17:82:8d:3e:ec:5c:34:7a:83:94:04:73:a6:32:d1:c2:58:
d3:48:b6:e9:84:2d:55:0e:da:c8:97:a4:28:ac:cf:09:ef:a1:
a7:09:f3:d3:58:f1:11:ea:87:75:ba:ec:2d:62:5c:d4:1e:28:
b6:47:63:07:52:8e:e4:ac:9e:3e:fd:15:ad:6a:ca:5a:2e:b0:
cc:42:fb:57:18:05:9b:bb:d9:4c:0e:f6:99:57:1d:e3:47:04:
6a:b1:ed:c5:d7:78:31:77:14:0f:ce:8c:f6:83:2c:f7:60:a1:
f7:4b:90:be:96:f8:06:d6:84:0a:df:bb:87:2c:52:e9:2a:37:
f0:d9:46:78:47:87:bc:e8:ef:bb:a2:df:23:e0:0a:91:2f:9f:
f1:83:35:88:e0:42:22:a7:54:1d:63:1f:4a:c6:4d:1d:e8:59:
22:42:0c:94
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzJvDTEOGMn/33lVMhqNMI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMjAyN2RiYjg5NDI3YThlMDMxYjkwOTYyZTI2ZTQ0YWZm
YTVhOTUwHhcNMjQwMTAyMTAzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmE0NWVlZjcyNjE5ZTFiMzQ4MGFhZGMwZjczNDQ0MmJmZjNhNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHLGfmdaKlB/Vte9qf4IvRDD3Ejr
+eFgOKgadJZtFr0RGZhODOeOS2Hyz15mA1S1PnjFt+OUEsjhT+mbjRxK7TSyzR88
5y1Qk3zKBMgQPFrCOqVlPz8g4IHD2EMitqDrWZ14LkCoMFaOvNCeRrkdNebiraBV
I/3DrRs2mj35BQXIT+WewYIWFVrXJZwLiTlvbxzfqSxVvGYK0OxIO2IlMVFoukDz
k6G75jS4R0KqIpm+ERb7xXHuRj4xPnYCOqnJSY2x7WZTJGfoUVHHDXX5vE3ElHwn
eUEatrGsEHOq2ZW25Q1wIc0bvbtkvwxznOLxJMRgpnliqBjxT+Oh0+m1WwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFOukXu9yYZ4bNICq3A9zREK/86cUMB8GA1UdIwQY
MBaAFEogJ9u4lCeo4DG5CWLibkSv+lqVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2lBbjI3aVVKNmpnTWJrSll1SnVSS182V3BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80NzExYTEtNGQyNS00N2U2LWFjZjct
YjA3MTJhYjBiMDc3LzEvNjZSZTczSmhuaHMwZ0tyY0QzTkVRcl96cHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80NzExYTEtNGQyNS00N2U2LWFjZjctYjA3MTJhYjBiMDc3
LzEvU2lBbjI3aVVKNmpnTWJrSll1SnVSS182V3BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQCuWBYAwQC
uWC0AwQCuWuoAwQCuWuwAwQCuWxkAwQCuWxsAwQCuWz8AwQCuW0MAwQCuW1AAwQC
uW1MAwQCuW1YMBQEAgACMA4DBQAqAEAgAwUAKgBIIDANBgkqhkiG9w0BAQsFAAOC
AQEAUTOh/VNM6DXJ547vLigTGTgjY0hzZD62uEEpp0bwY2My+ofxTZ3K04NkRghl
xLkU/G2ZhuyiG93qQJlnkAGjs12u7ciBDafqgYXQPqQSYURS1cUIGl6eFi550heC
jT7sXDR6g5QEc6Yy0cJY00i26YQtVQ7ayJekKKzPCe+hpwnz01jxEeqHdbrsLWJc
1B4otkdjB1KO5KyePv0VrWrKWi6wzEL7VxgFm7vZTA72mVcd40cEarHtxdd4MXcU
D86M9oMs92Ch90uQvpb4BtaECt+7hyxS6So38NlGeEeHvOjvu6LfI+AKkS+f8YM1
iOBCIqdUHWMfSsZNHehZIkIMlA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:13:21 2024 by rpki-client on console-ams.rpki-client.org