Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/s6oAeBS50nl5ljTj3s_Ov5bptrE.roa
File: s6oAeBS50nl5ljTj3s_Ov5bptrE.roa (raw, json)
Hash identifier: XgiquuFoWJtA+7Xzw+tCdLli5chVnhfvTvNw1jtqSEQ=
Subject key identifier: B3:AA:00:78:14:B9:D2:79:79:96:34:E3:DE:CF:CE:BF:96:E9:B6:B1
Certificate issuer: /CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Certificate serial: 018CC6B928622E6687BF080491C742499138
Authority key identifier: AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/s6oAeBS50nl5ljTj3s_Ov5bptrE.roa
Signing time: Mon 01 Jan 2024 20:31:12 +0000
ROA not before: Mon 01 Jan 2024 20:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34960
IP address blocks: 194.126.145.0/24 maxlen: 24
194.126.144.0/23 maxlen: 23
194.126.144.0/24 maxlen: 24
185.122.48.0/22 maxlen: 22
185.122.48.0/24 maxlen: 24
5.149.4.0/24 maxlen: 24
5.149.3.0/24 maxlen: 24
5.149.2.0/24 maxlen: 24
5.149.1.0/24 maxlen: 24
5.149.0.0/24 maxlen: 24
5.149.0.0/21 maxlen: 21
185.120.92.0/24 maxlen: 24
5.149.7.0/24 maxlen: 24
5.149.6.0/24 maxlen: 24
5.149.5.0/24 maxlen: 24
2a01:48c0::/32 maxlen: 32
2a01:48c0:200::/40 maxlen: 40
2a01:48c0:100::/40 maxlen: 40
2a01:48c0::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:28:62:2e:66:87:bf:08:04:91:c7:42:49:91:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab30921d28c78ede81842f712e6cf72bde5a6080
Validity
Not Before: Jan 1 20:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3aa007814b9d279799634e3decfcebf96e9b6b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:85:b6:fc:0d:45:50:d4:65:33:bc:7f:d4:da:
37:e5:f7:ff:e8:70:c5:13:e1:bb:0e:ae:47:73:1a:
2d:85:db:b3:62:47:09:1e:1b:77:37:f7:fa:e8:6a:
ad:13:57:6b:97:fe:18:f5:eb:13:f1:36:ae:4a:2f:
f7:d6:ef:16:5a:c0:bc:14:08:ca:df:af:73:f3:fd:
9f:6e:c8:4c:a5:c2:03:49:c6:6e:1a:0d:e0:e2:e3:
8a:a8:6a:90:5f:f5:7b:41:a8:03:26:7d:e7:e2:59:
27:10:eb:3c:c4:5d:47:49:88:e5:b3:c3:ea:cf:5e:
ae:e3:8d:f5:c8:56:27:58:5f:50:8f:f1:4a:09:0a:
2a:70:7a:06:9f:02:0c:ea:05:f3:69:9d:18:53:e2:
cc:92:85:94:16:ec:6f:e1:58:67:4e:15:09:4f:a8:
dd:72:6a:2e:bb:ec:ca:4c:d9:49:d1:a1:a3:64:5f:
6a:fb:28:a1:ff:b7:47:11:3c:1b:2e:2f:8d:94:f6:
a6:db:95:c5:81:77:57:5f:cb:3a:92:66:a8:1d:0b:
ef:a6:05:7a:6d:5a:20:37:d1:ed:0f:8a:07:a4:0b:
41:0f:64:d8:47:b5:13:33:44:32:15:c9:17:7d:dd:
45:82:b1:90:43:5a:50:9f:87:cd:86:14:f9:0e:53:
45:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AA:00:78:14:B9:D2:79:79:96:34:E3:DE:CF:CE:BF:96:E9:B6:B1
X509v3 Authority Key Identifier:
keyid:AB:30:92:1D:28:C7:8E:DE:81:84:2F:71:2E:6C:F7:2B:DE:5A:60:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qzCSHSjHjt6BhC9xLmz3K95aYIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/s6oAeBS50nl5ljTj3s_Ov5bptrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3cd7ff-20d2-4cec-aeca-354399724b1e/1/qzCSHSjHjt6BhC9xLmz3K95aYIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.0.0/21
185.120.92.0/24
185.122.48.0/22
194.126.144.0/23
IPv6:
2a01:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
83:72:4c:6b:ac:37:60:5e:75:47:57:e6:69:11:7d:ad:7e:bd:
d2:4a:ba:2e:19:31:00:e8:6e:d5:ab:33:6b:8b:c5:c6:f2:0d:
6f:65:43:41:25:47:d1:cf:e6:8d:03:b6:89:fa:0d:5d:f2:bd:
8c:e0:77:a0:b2:ba:21:27:5f:23:f2:2e:3a:e1:38:81:b9:81:
85:8e:9d:96:8b:17:91:b9:79:44:b3:89:dc:06:37:1f:51:fd:
1a:ca:bb:f7:53:e3:24:32:82:85:43:80:d5:db:b9:20:6c:25:
03:8e:d7:de:20:1f:e1:06:ef:d6:a5:2d:9b:cc:b6:7d:b0:14:
c7:02:29:91:06:77:94:60:ba:d3:b1:57:97:05:f0:bb:72:64:
8e:a1:93:1f:cf:9f:e2:97:bf:73:c1:a5:26:3f:59:34:92:ab:
15:a4:1f:15:05:91:1e:fc:0f:c3:04:43:22:00:98:76:df:8c:
14:bd:b9:5e:d7:21:69:3a:af:dc:c1:22:c3:11:be:08:8b:06:
41:89:4a:40:c8:6c:ea:13:fc:ee:a0:02:dc:d0:ad:e2:71:68:
a2:a8:4d:47:ea:2f:14:66:3c:f3:76:f2:e6:87:be:b2:b1:02:
a0:aa:3c:e8:b7:da:be:ce:1d:91:84:8f:02:b8:d4:fc:62:5b:
23:da:c3:c4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGuShiLmaHvwgEkcdCSZE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMzA5MjFkMjhjNzhlZGU4MTg0MmY3MTJlNmNmNzJiZGU1
YTYwODAwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2FhMDA3ODE0YjlkMjc5Nzk5NjM0ZTNkZWNmY2ViZjk2ZTliNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIW2/A1FUNRlM7x/1No35ff/6HDF
E+G7Dq5HcxothduzYkcJHht3N/f66GqtE1drl/4Y9esT8TauSi/31u8WWsC8FAjK
369z8/2fbshMpcIDScZuGg3g4uOKqGqQX/V7QagDJn3n4lknEOs8xF1HSYjls8Pq
z16u4431yFYnWF9Qj/FKCQoqcHoGnwIM6gXzaZ0YU+LMkoWUFuxv4VhnThUJT6jd
cmouu+zKTNlJ0aGjZF9q+yih/7dHETwbLi+NlPam25XFgXdXX8s6kmaoHQvvpgV6
bVogN9HtD4oHpAtBD2TYR7UTM0QyFckXfd1FgrGQQ1pQn4fNhhT5DlNFdQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLOqAHgUudJ5eZY0497Pzr+W6baxMB8GA1UdIwQY
MBaAFKswkh0ox47egYQvcS5s9yveWmCAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2Et
MzU0Mzk5NzI0YjFlLzEvczZvQWVCUzUwbmw1bGpUajNzX092NWJwdHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zY2Q3ZmYtMjBkMi00Y2VjLWFlY2EtMzU0Mzk5NzI0YjFl
LzEvcXpDU0hTakhqdDZCaEM5eExtejNLOTVhWUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZUAAwQA
uXhcAwQCuXowAwQBwn6QMA0EAgACMAcDBQAqAUjAMA0GCSqGSIb3DQEBCwUAA4IB
AQCDckxrrDdgXnVHV+ZpEX2tfr3SSrouGTEA6G7VqzNri8XG8g1vZUNBJUfRz+aN
A7aJ+g1d8r2M4HegsrohJ18j8i464TiBuYGFjp2WixeRuXlEs4ncBjcfUf0ayrv3
U+MkMoKFQ4DV27kgbCUDjtfeIB/hBu/WpS2bzLZ9sBTHAimRBneUYLrTsVeXBfC7
cmSOoZMfz5/il79zwaUmP1k0kqsVpB8VBZEe/A/DBEMiAJh234wUvble1yFpOq/c
wSLDEb4IiwZBiUpAyGzqE/zuoALc0K3icWiiqE1H6i8UZjzzdvLmh76ysQKgqjzo
t9q+zh2RhI8CuNT8Ylsj2sPE
-----END CERTIFICATE-----
Generated at Fri Jun 14 19:41:50 2024 by rpki-client on console-fra.rpki-client.org