Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/_aaxxvBoJBt89n_6b1yAE4bxDpQ.roa
File: _aaxxvBoJBt89n_6b1yAE4bxDpQ.roa (raw, json)
Hash identifier: 1fb53tFOpWcj7sLAQN+ntdodfPJWC+q+g+VAbf5DpBU=
Subject key identifier: FD:A6:B1:C6:F0:68:24:1B:7C:F6:7F:FA:6F:5C:80:13:86:F1:0E:94
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CC348A9031F41991F846522EBADD76B0E
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/_aaxxvBoJBt89n_6b1yAE4bxDpQ.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 193.38.155.0/24 maxlen: 24
185.213.194.0/24 maxlen: 24
194.62.160.0/24 maxlen: 24
193.163.87.0/24 maxlen: 24
195.225.83.0/24 maxlen: 24
5.180.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a9:03:1f:41:99:1f:84:65:22:eb:ad:d7:6b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fda6b1c6f068241b7cf67ffa6f5c801386f10e94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:60:a1:81:77:32:91:f0:e3:93:a2:ea:4a:87:
8e:e1:7a:7a:26:f9:42:81:7c:d0:b2:9d:75:8b:00:
25:96:ab:31:ae:e3:ac:c6:bb:a1:23:0a:82:5c:4d:
9a:c0:eb:7a:80:18:8f:66:e5:7f:35:a5:7c:b3:1a:
5a:2e:6b:a2:1a:d9:09:00:56:24:e2:4f:fb:5a:20:
78:eb:a8:77:d1:16:c9:df:bb:47:55:33:0a:2a:34:
12:e9:84:03:c6:b3:c7:97:c3:fa:96:fd:2d:98:e3:
06:55:40:2d:69:47:93:f9:f5:7a:38:61:37:41:4e:
78:3e:fa:db:1c:16:a6:47:3f:e9:fd:75:cc:83:0b:
65:9b:9d:9e:d1:6b:8c:04:3b:7c:60:40:0a:3b:52:
0a:ed:5f:87:c9:e0:8c:be:73:dc:6b:13:d3:36:ba:
b2:ba:e1:0d:08:77:94:9d:54:0b:db:bb:ac:ea:6f:
f1:a9:6b:d0:61:ce:b3:e3:8e:b6:cf:64:28:80:7a:
ac:de:dd:da:52:d4:b7:5f:69:ba:c7:3e:17:6f:dc:
c7:30:3a:2f:99:36:1f:8e:0f:66:28:d2:6f:80:1d:
d5:90:93:a2:59:d2:16:72:2d:11:63:de:d0:9b:62:
3e:5b:7f:c1:67:2a:c3:1b:2d:e6:21:2b:94:83:eb:
db:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A6:B1:C6:F0:68:24:1B:7C:F6:7F:FA:6F:5C:80:13:86:F1:0E:94
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/_aaxxvBoJBt89n_6b1yAE4bxDpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.177.0/24
185.213.194.0/24
193.38.155.0/24
193.163.87.0/24
194.62.160.0/24
195.225.83.0/24
Signature Algorithm: sha256WithRSAEncryption
99:c6:b8:c3:97:bd:d7:e6:04:98:29:bc:9e:34:6b:55:99:91:
7b:87:7d:1a:46:5f:03:8a:e7:ad:10:d9:4a:ab:d2:61:51:68:
1e:6a:a3:10:71:69:f8:6e:36:01:80:84:b2:b8:9f:c7:13:22:
52:4b:f2:c6:6b:8c:5f:f8:0d:af:d6:61:6b:5f:1e:16:1e:cd:
6e:78:fd:a2:f2:0b:1b:ad:fd:34:ac:fb:b8:e1:60:da:d7:ce:
70:cf:4d:88:f5:cb:6a:4a:bc:6d:d7:ca:3a:42:74:99:8f:66:
28:e3:d5:46:8d:5c:e6:48:36:83:6f:71:06:db:0a:34:a6:a4:
c5:a1:99:97:41:35:dc:0d:d8:4c:6e:43:7b:9a:fb:80:eb:3c:
02:61:f3:52:15:03:12:4f:f0:5d:a8:1e:e2:83:70:07:e1:f8:
e0:b3:70:25:6c:0d:c8:a3:dd:30:6f:ab:ea:f9:34:0b:4b:d8:
d0:0a:90:92:81:c0:bd:1a:14:f7:72:fc:04:8b:44:1a:ee:37:
a0:52:bd:cb:30:31:c2:3e:40:f5:93:83:40:1f:00:42:86:cd:
01:80:23:34:89:5b:fe:ad:bd:92:ce:e5:32:6e:76:c8:b9:1c:
77:d1:0c:48:71:49:a7:7d:13:e9:e7:7d:97:0a:0e:e2:97:00:
cc:1b:43:b5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzDSKkDH0GZH4RlIuut12sOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGE2YjFjNmYwNjgyNDFiN2NmNjdmZmE2ZjVjODAxMzg2ZjEwZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2ChgXcykfDjk6LqSoeO4Xp6JvlC
gXzQsp11iwAllqsxruOsxruhIwqCXE2awOt6gBiPZuV/NaV8sxpaLmuiGtkJAFYk
4k/7WiB466h30RbJ37tHVTMKKjQS6YQDxrPHl8P6lv0tmOMGVUAtaUeT+fV6OGE3
QU54PvrbHBamRz/p/XXMgwtlm52e0WuMBDt8YEAKO1IK7V+HyeCMvnPcaxPTNrqy
uuENCHeUnVQL27us6m/xqWvQYc6z4462z2QogHqs3t3aUtS3X2m6xz4Xb9zHMDov
mTYfjg9mKNJvgB3VkJOiWdIWci0RY97Qm2I+W3/BZyrDGy3mISuUg+vbWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP2mscbwaCQbfPZ/+m9cgBOG8Q6UMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvX2FheHh2Qm9KQnQ4OW5fNmIxeUFFNGJ4RHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbSxAwQA
udXCAwQAwSabAwQAwaNXAwQAwj6gAwQAw+FTMA0GCSqGSIb3DQEBCwUAA4IBAQCZ
xrjDl73X5gSYKbyeNGtVmZF7h30aRl8DiuetENlKq9JhUWgeaqMQcWn4bjYBgISy
uJ/HEyJSS/LGa4xf+A2v1mFrXx4WHs1ueP2i8gsbrf00rPu44WDa185wz02I9ctq
Srxt18o6QnSZj2Yo49VGjVzmSDaDb3EG2wo0pqTFoZmXQTXcDdhMbkN7mvuA6zwC
YfNSFQMST/BdqB7ig3AH4fjgs3AlbA3Io90wb6vq+TQLS9jQCpCSgcC9GhT3cvwE
i0Qa7jegUr3LMDHCPkD1k4NAHwBChs0BgCM0iVv+rb2SzuUybnbIuRx30QxIcUmn
fRPp532XCg7ilwDMG0O1
-----END CERTIFICATE-----
Generated at Fri May 10 17:09:57 2024 by rpki-client on console-ams.rpki-client.org