Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/CcBl_sYUYFsK6CCdkHkieuWIIWI.roa
File: CcBl_sYUYFsK6CCdkHkieuWIIWI.roa (raw, json)
Hash identifier: ufzyyU34zDBN1k19p0heZGJqSyKYzRLetkeFMMZv48U=
Subject key identifier: 09:C0:65:FE:C6:14:60:5B:0A:E8:20:9D:90:79:22:7A:E5:88:21:62
Certificate issuer: /CN=56aa1eed990ed031ee17b0b13da8f83e0efba2b0
Certificate serial: 018CC501384E6B174252A24B6A4BA7FE0332
Authority key identifier: 56:AA:1E:ED:99:0E:D0:31:EE:17:B0:B1:3D:A8:F8:3E:0E:FB:A2:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/CcBl_sYUYFsK6CCdkHkieuWIIWI.roa
Signing time: Mon 01 Jan 2024 12:30:40 +0000
ROA not before: Mon 01 Jan 2024 12:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201198
IP address blocks: 185.53.252.0/22 maxlen: 24
176.223.189.0/24 maxlen: 24
31.14.233.0/24 maxlen: 24
94.177.114.0/23 maxlen: 24
2a01:7c60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:38:4e:6b:17:42:52:a2:4b:6a:4b:a7:fe:03:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56aa1eed990ed031ee17b0b13da8f83e0efba2b0
Validity
Not Before: Jan 1 12:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09c065fec614605b0ae8209d9079227ae5882162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d4:91:2c:0d:b9:35:81:da:dc:3d:80:2c:d4:
67:c9:03:d7:6e:f8:33:7d:7b:4d:e8:5f:10:62:d3:
36:54:06:b6:3a:65:92:3c:2f:43:d4:cf:d8:e9:2a:
1f:ff:ff:42:a5:40:85:77:71:38:77:ba:36:6e:c8:
31:ed:9e:0c:17:0c:3a:60:4b:10:52:eb:1f:bc:f6:
b3:1b:d4:a6:c8:1b:6d:d7:c8:0e:e0:2a:ec:1e:68:
4e:3d:d7:12:ea:31:fc:bd:bb:36:6a:8e:d2:0d:cb:
67:ec:93:5b:44:52:41:f9:a5:bc:76:78:b7:bd:10:
5c:9b:4a:20:13:8a:4f:28:f1:a8:c4:80:5b:79:4f:
68:cd:3b:bc:7b:16:ee:8a:bf:db:e9:87:24:4d:0c:
2f:73:5b:11:24:cf:15:63:41:29:2d:01:25:2e:e7:
89:2c:1b:d8:17:a3:67:37:b9:a3:bc:cc:97:8a:90:
9e:68:eb:4f:f3:ae:ab:8f:7c:fd:00:fd:8f:f0:b4:
ee:0b:20:00:c5:8c:d8:1d:2a:d8:1f:c2:1b:6f:f2:
b1:5c:34:b8:b0:00:99:cd:3a:2a:3c:c7:d4:73:48:
b0:44:35:0f:ec:a6:5f:fb:76:47:d1:d4:4f:95:f8:
90:4d:1e:1e:74:11:72:d3:95:9d:e6:ed:30:d6:8e:
fb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C0:65:FE:C6:14:60:5B:0A:E8:20:9D:90:79:22:7A:E5:88:21:62
X509v3 Authority Key Identifier:
keyid:56:AA:1E:ED:99:0E:D0:31:EE:17:B0:B1:3D:A8:F8:3E:0E:FB:A2:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/CcBl_sYUYFsK6CCdkHkieuWIIWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/5d20f4-2977-4e06-9e72-ac4549977901/1/Vqoe7ZkO0DHuF7CxPaj4Pg77orA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.233.0/24
94.177.114.0/23
176.223.189.0/24
185.53.252.0/22
IPv6:
2a01:7c60::/32
Signature Algorithm: sha256WithRSAEncryption
0c:4f:a0:32:65:46:0c:9d:62:7e:53:8a:a6:59:7c:d2:dd:df:
72:0c:12:75:cb:c0:c8:a2:1d:57:94:ea:95:07:eb:58:b4:96:
96:f9:dd:c5:f4:4d:94:7f:23:37:d6:0f:4e:75:6b:89:3c:50:
b0:a4:4d:b1:95:02:7a:55:a8:3b:c8:37:64:c1:d4:59:74:18:
95:0f:60:52:66:cd:e7:c7:f6:34:b5:c0:15:9d:a6:9c:e2:fe:
4b:e0:f7:34:2f:24:dc:0a:30:17:cc:03:41:23:ac:de:dc:23:
cd:6f:9d:5f:ed:61:3d:37:10:c4:5d:b8:59:3f:99:63:9d:2d:
51:56:27:51:6a:1d:db:6c:ad:b8:3d:a4:2e:c9:1f:0e:9b:c2:
03:dc:c3:4d:44:71:25:7c:3c:1f:c1:97:36:31:3e:c9:db:33:
35:c0:8b:55:c8:84:0e:ad:f4:83:11:51:e9:7c:e5:b0:09:0d:
13:26:22:fe:2b:c3:c4:62:4e:f5:67:1a:ac:6c:c5:f7:a9:b6:
d6:5c:8d:b7:72:1b:cb:55:7b:43:fd:b7:af:e0:21:a4:3a:a3:
63:66:bb:c6:67:13:ea:88:15:49:fd:bc:49:22:db:c5:8b:bb:
ec:c1:b6:31:a8:5a:61:db:05:e2:7e:d0:d3:1e:40:3a:dc:79:
57:3c:eb:f4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAThOaxdCUqJLakun/gMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWExZWVkOTkwZWQwMzFlZTE3YjBiMTNkYThmODNlMGVm
YmEyYjAwHhcNMjQwMTAxMTIzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWMwNjVmZWM2MTQ2MDViMGFlODIwOWQ5MDc5MjI3YWU1ODgyMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9SRLA25NYHa3D2ALNRnyQPXbvgz
fXtN6F8QYtM2VAa2OmWSPC9D1M/Y6Sof//9CpUCFd3E4d7o2bsgx7Z4MFww6YEsQ
UusfvPazG9SmyBtt18gO4CrsHmhOPdcS6jH8vbs2ao7SDctn7JNbRFJB+aW8dni3
vRBcm0ogE4pPKPGoxIBbeU9ozTu8exbuir/b6YckTQwvc1sRJM8VY0EpLQElLueJ
LBvYF6NnN7mjvMyXipCeaOtP866rj3z9AP2P8LTuCyAAxYzYHSrYH8Ibb/KxXDS4
sACZzToqPMfUc0iwRDUP7KZf+3ZH0dRPlfiQTR4edBFy05Wd5u0w1o77bQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAnAZf7GFGBbCuggnZB5InrliCFiMB8GA1UdIwQY
MBaAFFaqHu2ZDtAx7hewsT2o+D4O+6KwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFvZTdaa08wREh1RjdDeFBhajRQZzc3b3JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81ZDIwZjQtMjk3Ny00ZTA2LTllNzIt
YWM0NTQ5OTc3OTAxLzEvQ2NCbF9zWVVZRnNLNkNDZGtIa2lldVdJSVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81ZDIwZjQtMjk3Ny00ZTA2LTllNzItYWM0NTQ5OTc3OTAx
LzEvVnFvZTdaa08wREh1RjdDeFBhajRQZzc3b3JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAHw7pAwQB
XrFyAwQAsN+9AwQCuTX8MA0EAgACMAcDBQAqAXxgMA0GCSqGSIb3DQEBCwUAA4IB
AQAMT6AyZUYMnWJ+U4qmWXzS3d9yDBJ1y8DIoh1XlOqVB+tYtJaW+d3F9E2UfyM3
1g9OdWuJPFCwpE2xlQJ6Vag7yDdkwdRZdBiVD2BSZs3nx/Y0tcAVnaac4v5L4Pc0
LyTcCjAXzANBI6ze3CPNb51f7WE9NxDEXbhZP5ljnS1RVidRah3bbK24PaQuyR8O
m8ID3MNNRHElfDwfwZc2MT7J2zM1wItVyIQOrfSDEVHpfOWwCQ0TJiL+K8PEYk71
ZxqsbMX3qbbWXI23chvLVXtD/bev4CGkOqNjZrvGZxPqiBVJ/bxJItvFi7vswbYx
qFph2wXiftDTHkA63HlXPOv0
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:55:32 2024 by rpki-client on console-fra.rpki-client.org