Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/UiGrY5GrtmQrvl2vl2abt2l24uE.roa
File: UiGrY5GrtmQrvl2vl2abt2l24uE.roa (raw, json)
Hash identifier: RD3k8HEeRPC909/AfXujc3on53zUIfkZuk2CS1SWAO0=
Subject key identifier: 52:21:AB:63:91:AB:B6:64:2B:BE:5D:AF:97:66:9B:B7:69:76:E2:E1
Certificate issuer: /CN=3b3daef89306a75f0b88191440742a720afb3f20
Certificate serial: 0192C2A79AAC5C14BFFD23BD001A3145CD9B
Authority key identifier: 3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/UiGrY5GrtmQrvl2vl2abt2l24uE.roa
Signing time: Fri 25 Oct 2024 07:50:16 +0000
ROA not before: Fri 25 Oct 2024 07:50:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24796
IP address blocks: 185.33.108.0/22 maxlen: 22
185.33.108.0/23 maxlen: 23
185.33.108.0/24 maxlen: 24
185.33.109.0/24 maxlen: 24
185.33.110.0/23 maxlen: 23
185.33.110.0/24 maxlen: 24
185.33.111.0/24 maxlen: 24
193.24.29.0/24 maxlen: 24
193.201.40.0/24 maxlen: 24
2a0f:80:1::/48 maxlen: 48
2a0f:80:2::/48 maxlen: 48
2a0f:80:3::/48 maxlen: 48
2a0f:80:a::/48 maxlen: 48
2a0f:80:b::/48 maxlen: 48
2a0f:80:c::/48 maxlen: 48
2a0f:80:d::/48 maxlen: 48
2a0f:80:e::/48 maxlen: 48
2a0f:80:f::/48 maxlen: 48
2a0f:80:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:a7:9a:ac:5c:14:bf:fd:23:bd:00:1a:31:45:cd:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3daef89306a75f0b88191440742a720afb3f20
Validity
Not Before: Oct 25 07:50:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5221ab6391abb6642bbe5daf97669bb76976e2e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:08:99:fa:13:5d:0b:a0:ee:17:81:a1:8f:1b:
69:7c:c7:f2:50:76:1e:bb:4b:71:dd:63:fb:1d:d7:
9f:8a:95:f1:1c:98:b6:82:25:b4:17:de:4a:72:05:
fa:ff:b3:4f:d8:38:7a:6a:f2:9d:c4:23:e9:8f:9c:
1e:79:84:a3:b6:f5:bf:c8:8a:18:ac:68:3c:25:78:
28:75:37:8a:50:82:fd:a2:f5:bd:da:42:67:0b:98:
9c:10:06:8a:12:69:8e:a6:58:7d:30:99:37:60:f5:
fa:c0:d2:60:ba:09:76:e3:f3:67:e1:d5:1e:7a:b8:
fa:f2:fe:ce:64:0d:92:f6:c1:91:86:86:12:75:fd:
aa:d8:82:9b:67:d0:9b:a0:87:9b:7c:41:ab:87:e6:
49:e4:4d:51:84:1d:d1:40:02:d8:3d:ca:f0:41:6a:
40:06:14:11:2c:2f:0f:fa:e2:da:04:c5:34:69:79:
f3:48:52:da:03:0d:45:62:f6:37:94:b9:6c:d8:de:
d2:a2:25:fa:59:25:86:45:cc:a4:e4:dc:7b:f7:7f:
38:ac:93:9f:65:a6:2a:8d:59:35:9b:57:33:5d:68:
ae:69:ef:c9:e2:d7:51:37:e1:8e:77:b1:8d:c7:ca:
be:fe:7c:b1:c7:4f:28:90:f4:0e:80:87:45:65:9b:
5a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:21:AB:63:91:AB:B6:64:2B:BE:5D:AF:97:66:9B:B7:69:76:E2:E1
X509v3 Authority Key Identifier:
keyid:3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/UiGrY5GrtmQrvl2vl2abt2l24uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.108.0/22
193.24.29.0/24
193.201.40.0/24
IPv6:
2a0f:80:1::-2a0f:80:3:ffff:ffff:ffff:ffff:ffff
2a0f:80:a::-2a0f:80:10:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:6c:96:9c:b6:ba:30:fb:06:99:f8:ab:e9:3a:79:15:ec:39:
a3:bd:f5:ca:82:53:b1:24:c4:37:db:06:1d:4c:bd:3d:ea:36:
79:75:e0:e8:70:38:c1:15:9f:29:6c:6d:94:ea:5e:77:66:eb:
84:00:d3:26:dd:4b:95:70:91:c1:45:ee:64:f8:da:1f:fd:cd:
7d:bf:69:58:86:38:c5:1b:8f:97:4b:b4:e2:c6:f0:b2:b8:ed:
dd:a3:f4:17:95:9b:af:c7:af:4b:b8:92:e5:55:59:b3:74:d5:
dd:f7:93:3b:04:ae:a1:af:1a:65:42:79:32:4f:1b:85:d5:61:
5e:4f:bf:8c:e6:23:e8:18:59:6c:14:49:a8:74:a8:60:18:f0:
3e:2a:cb:1e:13:30:69:12:90:af:8e:84:db:99:77:0f:55:dc:
f7:72:8b:1d:2c:ea:6d:4f:09:33:97:4f:5b:d3:62:11:30:ff:
51:c3:aa:27:13:9e:97:4c:ee:22:3d:5d:9c:4c:1d:69:0d:83:
ef:b1:89:99:29:0d:18:70:06:1a:6e:59:4a:7b:54:8e:04:c6:
36:f8:f9:d9:ea:26:60:32:52:37:c4:af:58:46:eb:7c:e5:ce:
74:ff:07:22:87:90:46:cc:55:a3:ba:53:fa:92:2e:4d:a4:51:
c3:20:26:b2
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZLCp5qsXBS//SO9ABoxRc2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiM2RhZWY4OTMwNmE3NWYwYjg4MTkxNDQwNzQyYTcyMGFm
YjNmMjAwHhcNMjQxMDI1MDc1MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjIxYWI2MzkxYWJiNjY0MmJiZTVkYWY5NzY2OWJiNzY5NzZlMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAiZ+hNdC6DuF4GhjxtpfMfyUHYe
u0tx3WP7HdefipXxHJi2giW0F95KcgX6/7NP2Dh6avKdxCPpj5weeYSjtvW/yIoY
rGg8JXgodTeKUIL9ovW92kJnC5icEAaKEmmOplh9MJk3YPX6wNJgugl24/Nn4dUe
erj68v7OZA2S9sGRhoYSdf2q2IKbZ9CboIebfEGrh+ZJ5E1RhB3RQALYPcrwQWpA
BhQRLC8P+uLaBMU0aXnzSFLaAw1FYvY3lLls2N7SoiX6WSWGRcyk5Nx79384rJOf
ZaYqjVk1m1czXWiuae/J4tdRN+GOd7GNx8q+/nyxx08okPQOgIdFZZtaywIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFIhq2ORq7ZkK75dr5dmm7dpduLhMB8GA1UdIwQY
MBaAFDs9rviTBqdfC4gZFEB0KnIK+z8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUt
YWFjYWQ4NmM2MTdkLzEvVWlHclk1R3J0bVFydmwydmwyYWJ0MmwyNHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9mMTUwYjEtNDNiOS00OTExLWEwMDUtYWFjYWQ4NmM2MTdk
LzEvT3oydS1KTUdwMThMaUJrVVFIUXFjZ3I3UHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAYBAIAATASAwQCuSFsAwQA
wRgdAwQAwckoMC4EAgACMCgwEgMHACoPAIAAAQMHAioPAIAAADASAwcBKg8AgAAK
AwcAKg8AgAAQMA0GCSqGSIb3DQEBCwUAA4IBAQBXbJactrow+waZ+KvpOnkV7Dmj
vfXKglOxJMQ32wYdTL096jZ5deDocDjBFZ8pbG2U6l53ZuuEANMm3UuVcJHBRe5k
+Nof/c19v2lYhjjFG4+XS7TixvCyuO3do/QXlZuvx69LuJLlVVmzdNXd95M7BK6h
rxplQnkyTxuF1WFeT7+M5iPoGFlsFEmodKhgGPA+KsseEzBpEpCvjoTbmXcPVdz3
cosdLOptTwkzl09b02IRMP9Rw6onE56XTO4iPV2cTB1pDYPvsYmZKQ0YcAYabllK
e1SOBMY2+PnZ6iZgMlI3xK9YRut85c50/wcih5BGzFWjulP6ki5NpFHDICay
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:26 2024 by rpki-client on console-ams.rpki-client.org