Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/t1BFR05GuGxRhrnZJOodFQKfrzo.roa
File: t1BFR05GuGxRhrnZJOodFQKfrzo.roa (raw, json)
Hash identifier: fcp488X5Bc0EY3HlOcZHncHZFojA/3Bt7KZoa/y4H3U=
Subject key identifier: B7:50:45:47:4E:46:B8:6C:51:86:B9:D9:24:EA:1D:15:02:9F:AF:3A
Certificate issuer: /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial: 0192F9070C67C4533E8387AB5895515B5FAB
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/t1BFR05GuGxRhrnZJOodFQKfrzo.roa
Signing time: Mon 04 Nov 2024 21:14:01 +0000
ROA not before: Mon 04 Nov 2024 21:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 188.190.0.0/24 maxlen: 24
188.190.1.0/24 maxlen: 24
188.190.2.0/24 maxlen: 24
188.190.6.0/24 maxlen: 24
188.190.7.0/24 maxlen: 24
188.190.8.0/24 maxlen: 24
188.190.9.0/24 maxlen: 24
188.190.12.0/24 maxlen: 24
188.190.13.0/24 maxlen: 24
188.190.14.0/24 maxlen: 24
188.190.15.0/24 maxlen: 24
188.190.16.0/24 maxlen: 24
188.190.17.0/24 maxlen: 24
188.190.18.0/24 maxlen: 24
188.190.19.0/24 maxlen: 24
188.190.20.0/24 maxlen: 24
188.190.21.0/24 maxlen: 24
188.190.22.0/24 maxlen: 24
188.190.23.0/24 maxlen: 24
188.190.24.0/24 maxlen: 24
188.190.25.0/24 maxlen: 24
188.190.26.0/24 maxlen: 24
188.190.27.0/24 maxlen: 24
188.190.28.0/24 maxlen: 24
188.190.29.0/24 maxlen: 24
188.190.30.0/24 maxlen: 24
188.190.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f9:07:0c:67:c4:53:3e:83:87:ab:58:95:51:5b:5f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Validity
Not Before: Nov 4 21:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b75045474e46b86c5186b9d924ea1d15029faf3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f8:0d:46:be:79:1f:ce:d2:12:ef:31:20:9a:
37:75:7d:b8:82:d7:2b:9d:27:7a:27:69:87:98:57:
d5:f9:73:a6:d3:a9:1c:da:eb:ba:46:72:6b:cf:c4:
e3:42:7b:4c:d1:7f:9b:fe:b5:95:db:75:17:24:83:
49:1a:9e:68:c6:af:52:a7:8f:4d:71:d6:1f:fd:e5:
44:32:f5:65:42:5f:65:5e:83:d4:dc:6b:ea:96:bf:
b3:a2:09:78:8d:3a:41:54:66:b4:d1:92:20:fb:b8:
ad:f8:fe:b6:f3:c6:65:72:af:4f:a7:87:9d:bb:1f:
21:36:6a:3f:8d:4d:6e:00:55:7c:99:f5:7a:e5:dd:
32:bf:e6:2c:ab:62:04:26:4d:4b:3c:1e:88:15:8a:
05:cb:c8:af:51:41:da:bc:22:03:3e:1c:85:79:f2:
10:82:06:a0:58:4a:38:1c:77:b7:50:01:93:f9:c2:
57:f1:4c:22:2c:ff:b8:1e:6f:3e:52:78:10:d0:ca:
e6:c5:f9:2b:81:69:66:31:af:9b:81:42:fb:fc:0c:
b2:8c:03:20:be:64:c7:1b:7d:67:5c:76:44:99:55:
46:e6:6c:c3:f6:7a:2d:2e:8d:4e:38:e6:0b:59:94:
fc:4b:2b:88:79:02:54:ac:16:d9:9c:83:e8:29:0b:
dc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:50:45:47:4E:46:B8:6C:51:86:B9:D9:24:EA:1D:15:02:9F:AF:3A
X509v3 Authority Key Identifier:
keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/t1BFR05GuGxRhrnZJOodFQKfrzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.0.0-188.190.2.255
188.190.6.0-188.190.9.255
188.190.12.0-188.190.31.255
Signature Algorithm: sha256WithRSAEncryption
2a:f6:22:88:04:ca:76:bc:b0:32:27:70:c3:db:e6:86:27:10:
1d:57:e3:75:ed:c4:14:14:11:9b:6b:7b:dd:50:c8:9d:1c:3f:
b8:db:8e:3f:9b:db:7a:a0:da:14:85:69:77:32:41:f4:20:2e:
ae:00:c8:32:4f:9e:bb:16:1e:f7:18:ef:a8:48:72:6c:a0:3f:
f5:2d:88:75:63:9a:e0:0d:95:af:b6:26:12:86:d8:0c:fd:7f:
13:61:ae:c6:80:e2:d2:f6:7a:b2:e2:1e:15:c4:36:84:4b:eb:
10:0a:ab:bb:a8:d2:8a:8c:03:5f:84:c9:9e:df:fd:c3:38:c0:
d4:c8:9e:7b:84:e3:e0:0f:f9:1f:d5:b2:67:6b:71:eb:d5:e5:
1d:93:b3:fc:24:fa:a3:64:74:ec:7e:ab:db:dc:eb:64:41:b7:
4a:07:6e:c3:1d:aa:8f:f0:77:2d:06:15:3f:86:9e:7f:db:18:
95:5b:5e:22:91:66:6c:5e:75:1e:fb:ea:dc:56:48:bb:8a:a6:
cb:fd:72:4a:34:5d:82:05:03:aa:86:6f:ec:c1:c3:41:df:89:
90:a9:de:ef:12:21:b1:c8:60:d3:2e:13:42:ca:18:88:8b:dc:
96:fb:cc:d9:47:a8:6f:dd:ad:0b:b2:33:02:cc:6b:b6:0e:01:
bf:21:4b:be
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZL5BwxnxFM+g4erWJVRW1+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjQxMTA0MjExNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzUwNDU0NzRlNDZiODZjNTE4NmI5ZDkyNGVhMWQxNTAyOWZhZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/gNRr55H87SEu8xIJo3dX24gtcr
nSd6J2mHmFfV+XOm06kc2uu6RnJrz8TjQntM0X+b/rWV23UXJINJGp5oxq9Sp49N
cdYf/eVEMvVlQl9lXoPU3Gvqlr+zogl4jTpBVGa00ZIg+7it+P6288Zlcq9Pp4ed
ux8hNmo/jU1uAFV8mfV65d0yv+Ysq2IEJk1LPB6IFYoFy8ivUUHavCIDPhyFefIQ
ggagWEo4HHe3UAGT+cJX8UwiLP+4Hm8+UngQ0MrmxfkrgWlmMa+bgUL7/AyyjAMg
vmTHG31nXHZEmVVG5mzD9notLo1OOOYLWZT8SyuIeQJUrBbZnIPoKQvcswIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLdQRUdORrhsUYa52STqHRUCn686MB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvdDFCRlIwNUd1R3hSaHJuWkpPb2RGUUtmcnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAATApMAsDAwG8vgME
ALy+AjAMAwQBvL4GAwQBvL4IMAwDBAK8vgwDBAW8vgAwDQYJKoZIhvcNAQELBQAD
ggEBACr2IogEyna8sDIncMPb5oYnEB1X43XtxBQUEZtre91QyJ0cP7jbjj+b23qg
2hSFaXcyQfQgLq4AyDJPnrsWHvcY76hIcmygP/UtiHVjmuANla+2JhKG2Az9fxNh
rsaA4tL2erLiHhXENoRL6xAKq7uo0oqMA1+EyZ7f/cM4wNTInnuE4+AP+R/Vsmdr
cevV5R2Ts/wk+qNkdOx+q9vc62RBt0oHbsMdqo/wdy0GFT+Gnn/bGJVbXiKRZmxe
dR776txWSLuKpsv9cko0XYIFA6qGb+zBw0HfiZCp3u8SIbHIYNMuE0LKGIiL3Jb7
zNlHqG/drQuyMwLMa7YOAb8hS74=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:43:08 2024 by rpki-client on console-fra.rpki-client.org