Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/CAzMzSbNk8GBVq96rfkHTpd6YZU.roa
File: CAzMzSbNk8GBVq96rfkHTpd6YZU.roa (raw, json)
Hash identifier: kmrgpi81qJ9VdMdqW22qiOcqIbj5oIgL3WmBrbAvanc=
Subject key identifier: 08:0C:CC:CD:26:CD:93:C1:81:56:AF:7A:AD:F9:07:4E:97:7A:61:95
Certificate issuer: /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial: 018CC6B90A11D62CFEE253A24E3C0302FB77
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/CAzMzSbNk8GBVq96rfkHTpd6YZU.roa
Signing time: Mon 01 Jan 2024 20:31:04 +0000
ROA not before: Mon 01 Jan 2024 20:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51175
IP address blocks: 194.29.180.0/22 maxlen: 22
185.101.188.0/22 maxlen: 22
195.110.50.0/23 maxlen: 23
213.5.0.0/21 maxlen: 21
185.11.108.0/22 maxlen: 22
46.148.80.0/20 maxlen: 20
178.219.128.0/20 maxlen: 20
2a00:c020::/32 maxlen: 32
2a03:22c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:0a:11:d6:2c:fe:e2:53:a2:4e:3c:03:02:fb:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Validity
Not Before: Jan 1 20:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=080ccccd26cd93c18156af7aadf9074e977a6195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:93:b8:ce:20:63:86:5b:9b:d2:b6:62:a0:d6:
c3:7a:4b:76:13:8c:1a:96:89:3d:01:d3:29:b4:a8:
8d:08:89:a3:0c:c6:6f:54:8b:7d:23:3a:1e:7e:05:
d3:2d:42:f7:92:b9:58:77:ad:ae:c4:cc:d4:e2:bb:
18:6f:6a:e4:b0:28:1a:b4:0c:ba:fd:d1:0b:83:d6:
09:ac:0b:55:91:3e:17:e7:75:8e:cb:7c:af:ac:06:
70:c6:dd:cb:b7:9e:27:22:aa:40:4c:31:0c:fa:3e:
40:5d:16:94:07:f5:5c:4d:f9:e2:28:29:60:f6:f6:
fd:6e:35:b2:28:31:e8:da:7d:30:98:81:89:7d:bc:
e6:19:bf:c2:23:80:70:7c:67:60:be:49:9e:ea:e5:
2d:a1:b2:4d:a8:96:52:27:63:db:65:32:08:e3:03:
0c:20:3e:ba:3a:e9:54:d4:f0:de:d5:1f:b6:34:0a:
1c:3f:d9:e9:9f:2b:69:da:03:a3:f7:26:70:ec:36:
05:00:c6:0e:50:77:c8:45:08:05:69:e8:72:15:23:
3e:69:7a:c4:46:cd:80:1d:e9:1b:23:bd:ae:0b:34:
ef:56:58:d3:af:fc:62:df:7b:ae:86:17:c6:10:12:
eb:64:db:94:a0:02:7a:0c:01:5c:f7:83:27:08:1f:
24:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:0C:CC:CD:26:CD:93:C1:81:56:AF:7A:AD:F9:07:4E:97:7A:61:95
X509v3 Authority Key Identifier:
keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/CAzMzSbNk8GBVq96rfkHTpd6YZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.80.0/20
178.219.128.0/20
185.11.108.0/22
185.101.188.0/22
194.29.180.0/22
195.110.50.0/23
213.5.0.0/21
IPv6:
2a00:c020::/32
2a03:22c0::/32
Signature Algorithm: sha256WithRSAEncryption
98:2a:59:66:dc:a1:88:6e:b3:a0:5f:8d:5e:c6:fd:20:ce:dd:
fd:d2:f8:f3:8e:22:95:9b:20:48:25:ad:d2:d0:a3:3d:61:cf:
9a:14:8a:bb:1c:25:de:39:7f:99:53:8a:31:d3:ec:80:78:88:
db:5e:44:37:be:84:81:49:f4:22:58:f2:8d:14:ed:70:1b:82:
d8:ef:6d:e4:19:0c:28:e9:02:84:ce:4f:49:21:80:e5:ec:c1:
a3:36:f1:94:a7:f4:ff:fc:da:65:a0:74:eb:9e:d4:7c:7e:61:
f5:9a:56:88:af:4d:0c:95:41:4d:7b:48:87:2f:89:b6:81:a1:
3b:dd:f6:81:67:2c:35:77:3a:73:a5:2a:c9:70:2f:dc:a3:f0:
f6:96:09:db:25:6e:0c:7d:f2:88:7e:f9:da:7a:e5:a7:44:7f:
2c:1e:b3:fb:2f:05:44:82:1e:27:7d:a8:da:d9:cb:08:c5:6d:
93:42:da:b4:09:f8:fa:ff:f5:0b:32:11:56:79:72:a7:a7:1d:
2e:cd:62:5c:99:10:97:6c:e7:d8:1c:cc:44:38:db:17:77:89:
89:fc:ef:7c:c5:76:ff:11:e9:a1:d0:8a:e8:ff:f2:84:52:fb:
50:41:aa:15:5c:70:65:d8:b4:33:fd:7d:eb:1e:c2:db:4e:69:
df:07:28:3f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzGuQoR1iz+4lOiTjwDAvt3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWYwY2IwNmE1YTQ3YjRkZGFjN2Y0ZDZkZmQ0NGFiYTRk
MzFmMmUwHhcNMjQwMTAxMjAzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODBjY2NjZDI2Y2Q5M2MxODE1NmFmN2FhZGY5MDc0ZTk3N2E2MTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJO4ziBjhlub0rZioNbDekt2E4wa
lok9AdMptKiNCImjDMZvVIt9IzoefgXTLUL3krlYd62uxMzU4rsYb2rksCgatAy6
/dELg9YJrAtVkT4X53WOy3yvrAZwxt3Lt54nIqpATDEM+j5AXRaUB/VcTfniKClg
9vb9bjWyKDHo2n0wmIGJfbzmGb/CI4BwfGdgvkme6uUtobJNqJZSJ2PbZTII4wMM
ID66OulU1PDe1R+2NAocP9npnytp2gOj9yZw7DYFAMYOUHfIRQgFaehyFSM+aXrE
Rs2AHekbI72uCzTvVljTr/xi33uuhhfGEBLrZNuUoAJ6DAFc94MnCB8khwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFAgMzM0mzZPBgVaveq35B06XemGVMB8GA1UdIwQY
MBaAFE1fDLBqWke03ax/TW39RKuk0x8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2Mt
ZGM4YjUyZTNlYTBhLzEvQ0F6TXpTYk5rOEdCVnE5NnJma0hUcGQ2WVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2MtZGM4YjUyZTNlYTBh
LzEvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQELpRQAwQE
stuAAwQCuQtsAwQCuWW8AwQCwh20AwQBw24yAwQD1QUAMBQEAgACMA4DBQAqAMAg
AwUAKgMiwDANBgkqhkiG9w0BAQsFAAOCAQEAmCpZZtyhiG6zoF+NXsb9IM7d/dL4
844ilZsgSCWt0tCjPWHPmhSKuxwl3jl/mVOKMdPsgHiI215EN76EgUn0IljyjRTt
cBuC2O9t5BkMKOkChM5PSSGA5ezBozbxlKf0//zaZaB0657UfH5h9ZpWiK9NDJVB
TXtIhy+JtoGhO932gWcsNXc6c6UqyXAv3KPw9pYJ2yVuDH3yiH752nrlp0R/LB6z
+y8FRIIeJ32o2tnLCMVtk0LatAn4+v/1CzIRVnlyp6cdLs1iXJkQl2zn2BzMRDjb
F3eJifzvfMV2/xHpodCK6P/yhFL7UEGqFVxwZdi0M/196x7C205p3wcoPw==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:16:14 2024 by rpki-client on console-ams.rpki-client.org