Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/RXU2YldJq4Uv7kjtdlRirGiLkAA.roa
File: RXU2YldJq4Uv7kjtdlRirGiLkAA.roa (raw, json)
Hash identifier: tY/nRrRPqemxyQfQSdM/+9bT4pk4RY94UxSTa8gmDAg=
Subject key identifier: 45:75:36:62:57:49:AB:85:2F:EE:48:ED:76:54:62:AC:68:8B:90:00
Certificate issuer: /CN=772f7035c2893b28cd04fd1a9b3cacd2428c8dfd
Certificate serial: 01924D1F1147F6D6A132F865350BD3D0054D
Authority key identifier: 77:2F:70:35:C2:89:3B:28:CD:04:FD:1A:9B:3C:AC:D2:42:8C:8D:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/RXU2YldJq4Uv7kjtdlRirGiLkAA.roa
Signing time: Wed 02 Oct 2024 12:05:34 +0000
ROA not before: Wed 02 Oct 2024 12:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60277
IP address blocks: 185.32.252.0/22 maxlen: 22
185.190.204.0/22 maxlen: 22
193.57.206.0/23 maxlen: 23
193.57.216.0/23 maxlen: 23
2a00:ca20::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft
rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:1f:11:47:f6:d6:a1:32:f8:65:35:0b:d3:d0:05:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=772f7035c2893b28cd04fd1a9b3cacd2428c8dfd
Validity
Not Before: Oct 2 12:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=457536625749ab852fee48ed765462ac688b9000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:38:23:b1:12:3a:f4:7f:50:d4:36:9f:2c:01:
07:6f:5a:63:8d:0c:da:54:fd:56:67:d2:10:b2:41:
34:c2:38:c0:25:1e:e8:b2:cf:73:4d:51:3b:61:d2:
ca:77:df:08:66:26:ce:8d:80:dc:70:2e:70:45:1c:
38:60:01:2d:a1:86:55:75:ad:05:b0:58:6c:1a:44:
c4:76:58:39:d4:f3:d1:ed:a3:be:92:5a:12:b4:b1:
db:d9:c7:4f:5f:2c:8e:00:72:ca:d7:61:4f:dd:47:
97:7f:6a:a6:27:7f:f6:6a:bd:29:07:44:79:b1:fc:
de:1a:71:fd:b6:fe:c2:09:bd:4b:da:52:7e:8b:06:
6a:49:13:92:ac:cc:20:57:55:d1:43:0c:5b:28:99:
bc:57:51:65:35:d3:f8:85:f4:84:7c:65:82:fd:b5:
f3:41:88:1f:b3:f2:f4:ba:53:37:77:f3:fa:d0:b9:
9b:d2:85:ba:ba:00:69:fb:14:e6:1f:2c:53:77:a8:
a7:1f:2e:34:ae:e7:59:67:38:e2:de:36:47:f7:7d:
40:c6:1b:d2:d2:b0:77:de:1b:58:60:8f:25:cb:c6:
81:2d:43:36:29:b0:dc:53:44:18:cb:a4:66:a6:a8:
5e:67:1c:c2:c9:7c:3c:a1:3c:52:9f:e1:84:ef:0d:
2f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:75:36:62:57:49:AB:85:2F:EE:48:ED:76:54:62:AC:68:8B:90:00
X509v3 Authority Key Identifier:
keyid:77:2F:70:35:C2:89:3B:28:CD:04:FD:1A:9B:3C:AC:D2:42:8C:8D:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/RXU2YldJq4Uv7kjtdlRirGiLkAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.252.0/22
185.190.204.0/22
193.57.206.0/23
193.57.216.0/23
IPv6:
2a00:ca20::/29
Signature Algorithm: sha256WithRSAEncryption
79:6e:f3:58:d2:44:49:88:61:77:68:d0:b1:2a:d5:fc:28:76:
e1:ca:43:aa:68:79:e0:d4:0e:46:52:dd:db:c2:d7:19:46:b5:
42:e7:3f:3e:1b:52:63:fe:55:1e:74:90:18:c5:f8:5c:f6:0f:
ef:62:31:b3:3d:7e:e1:91:fa:2d:f5:af:50:65:fd:e5:2d:13:
1d:89:3e:f8:a8:64:b1:d1:bb:a0:0b:19:05:f2:7a:53:50:81:
33:c6:6e:57:51:63:61:cd:c6:8f:e9:32:30:43:78:8c:b7:e5:
ea:1a:33:03:b2:63:dd:21:d8:28:55:c1:a8:d8:ab:ad:a5:e3:
44:5f:d2:9c:17:46:e5:16:0a:16:44:d1:9e:7d:f7:eb:26:14:
db:38:48:90:a2:27:41:d9:ab:50:5d:df:71:48:07:60:0a:f6:
d0:c1:28:80:1c:b7:0f:fb:63:54:6d:6f:0a:73:7f:cc:8a:23:
17:a8:26:72:c3:0d:eb:92:9d:a3:6b:6c:df:3c:a4:02:11:c3:
77:46:58:f1:d5:8b:cf:63:29:d2:5d:59:f0:00:b6:fe:88:d6:
c7:3d:7e:b0:ca:48:49:b2:34:5d:02:b6:fe:39:35:86:69:b9:
26:4d:0a:0f:ff:ef:d7:77:af:d3:af:e9:4d:d4:06:40:76:e1:
13:ce:72:03
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZJNHxFH9tahMvhlNQvT0AVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MmY3MDM1YzI4OTNiMjhjZDA0ZmQxYTliM2NhY2QyNDI4
YzhkZmQwHhcNMjQxMDAyMTIwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTc1MzY2MjU3NDlhYjg1MmZlZTQ4ZWQ3NjU0NjJhYzY4OGI5MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDgjsRI69H9Q1DafLAEHb1pjjQza
VP1WZ9IQskE0wjjAJR7oss9zTVE7YdLKd98IZibOjYDccC5wRRw4YAEtoYZVda0F
sFhsGkTEdlg51PPR7aO+kloStLHb2cdPXyyOAHLK12FP3UeXf2qmJ3/2ar0pB0R5
sfzeGnH9tv7CCb1L2lJ+iwZqSROSrMwgV1XRQwxbKJm8V1FlNdP4hfSEfGWC/bXz
QYgfs/L0ulM3d/P60Lmb0oW6ugBp+xTmHyxTd6inHy40rudZZzji3jZH931AxhvS
0rB33htYYI8ly8aBLUM2KbDcU0QYy6RmpqheZxzCyXw8oTxSn+GE7w0vyQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEV1NmJXSauFL+5I7XZUYqxoi5AAMB8GA1UdIwQY
MBaAFHcvcDXCiTsozQT9Gps8rNJCjI39MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80MWVhZTAtNmI3Mi00NjI0LTljMjQt
ODMwMzVhZmU0YTM3LzEvUlhVMllsZEpxNFV2N2tqdGRsUmlyR2lMa0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi80MWVhZTAtNmI3Mi00NjI0LTljMjQtODMwMzVhZmU0YTM3
LzEvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuSD8AwQC
ub7MAwQBwTnOAwQBwTnYMA0EAgACMAcDBQMqAMogMA0GCSqGSIb3DQEBCwUAA4IB
AQB5bvNY0kRJiGF3aNCxKtX8KHbhykOqaHng1A5GUt3bwtcZRrVC5z8+G1Jj/lUe
dJAYxfhc9g/vYjGzPX7hkfot9a9QZf3lLRMdiT74qGSx0bugCxkF8npTUIEzxm5X
UWNhzcaP6TIwQ3iMt+XqGjMDsmPdIdgoVcGo2KutpeNEX9KcF0blFgoWRNGefffr
JhTbOEiQoidB2atQXd9xSAdgCvbQwSiAHLcP+2NUbW8Kc3/MiiMXqCZyww3rkp2j
a2zfPKQCEcN3Rljx1YvPYynSXVnwALb+iNbHPX6wykhJsjRdArb+OTWGabkmTQoP
/+/Xd6/Tr+lN1AZAduETznID
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:39 2024 by rpki-client on console-fra.rpki-client.org