Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/R94vGDYsv5pRv5vsg5qkexr6uoI.roa
File: R94vGDYsv5pRv5vsg5qkexr6uoI.roa (raw, json)
Hash identifier: MtmkrSQ3fTN3ZC4aZPOTdgQJw9YNBNZvk1Y/w87dKyQ=
Subject key identifier: 47:DE:2F:18:36:2C:BF:9A:51:BF:9B:EC:83:9A:A4:7B:1A:FA:BA:82
Certificate issuer: /CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Certificate serial: 018CC5DC064325D418FAF508BBB7734F3260
Authority key identifier: 4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/R94vGDYsv5pRv5vsg5qkexr6uoI.roa
Signing time: Mon 01 Jan 2024 16:29:40 +0000
ROA not before: Mon 01 Jan 2024 16:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24995
IP address blocks: 185.194.188.0/22 maxlen: 24
193.201.60.0/22 maxlen: 24
94.199.160.0/22 maxlen: 22
94.199.160.0/21 maxlen: 24
2a02:680::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:06:43:25:d4:18:fa:f5:08:bb:b7:73:4f:32:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Validity
Not Before: Jan 1 16:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47de2f18362cbf9a51bf9bec839aa47b1afaba82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:c6:42:84:f7:05:f1:9b:54:2a:9e:7f:ea:c4:
74:89:6e:0e:a2:a8:c0:1b:e4:0c:4d:3a:4b:1f:7c:
26:2d:bf:28:ee:68:58:b5:51:9a:f4:c9:b9:00:2d:
8c:c1:54:f2:3d:3b:93:6b:96:b8:a8:9e:f5:eb:b0:
37:57:6b:dd:1e:99:90:6b:62:d3:96:6a:3d:68:5d:
d7:5b:c7:5c:5f:b4:f5:20:f3:0b:4e:c7:09:82:4e:
1c:6c:62:69:e6:15:08:6c:6e:79:36:a5:d7:4e:48:
ce:8a:86:d4:c1:55:19:85:66:8f:4f:4f:cf:2d:41:
16:9b:83:db:15:26:fb:a7:46:54:11:f7:91:2f:b3:
51:3a:16:cb:bc:6e:bf:82:ca:af:a1:91:b8:20:67:
1f:f8:ce:34:74:91:e2:c1:7d:f7:9f:bf:36:8d:df:
98:51:dc:f1:d0:4c:8d:58:8c:c6:68:44:d2:08:9e:
b1:3d:86:0a:ee:a1:dc:21:e7:29:17:35:f5:40:9d:
86:e8:f8:f0:7a:f6:74:e9:59:11:8b:bf:69:2a:37:
1e:35:86:df:b1:90:b9:ce:a0:b5:a6:d2:67:05:b5:
63:71:c1:3e:3f:a6:b3:76:fa:45:4e:a5:20:64:7b:
88:5a:bb:a4:7c:7c:44:0b:f0:8c:52:78:6d:42:9f:
a1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:DE:2F:18:36:2C:BF:9A:51:BF:9B:EC:83:9A:A4:7B:1A:FA:BA:82
X509v3 Authority Key Identifier:
keyid:4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/R94vGDYsv5pRv5vsg5qkexr6uoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.160.0/21
185.194.188.0/22
193.201.60.0/22
IPv6:
2a02:680::/36
Signature Algorithm: sha256WithRSAEncryption
92:99:da:e1:bc:0e:05:59:34:6c:60:fe:f6:21:4c:b7:7e:40:
8a:a8:df:8f:9f:f4:e3:cf:30:91:ab:9a:b9:0a:89:4d:24:b2:
c5:72:b7:66:64:07:89:f2:b9:db:38:e8:50:7b:b6:dc:50:55:
22:e9:fa:7d:a7:1d:88:f8:62:6a:bf:13:4d:e6:42:f5:98:61:
f3:c5:36:83:f1:e4:77:50:4d:7e:c5:39:c3:f1:b9:8d:d9:3d:
13:bc:84:85:ed:00:5a:63:34:9e:d5:00:dc:15:be:b7:5d:b0:
dd:cc:20:41:d1:0a:12:7f:82:4f:aa:d2:fa:1d:c1:dc:e7:53:
2b:16:ab:67:69:6b:ba:1e:34:6f:1b:4a:e1:ca:e3:a5:c1:4e:
d0:c0:46:ea:a4:e5:42:f0:2b:81:e3:a9:c2:1e:eb:87:76:66:
e8:f8:42:78:bf:83:7b:6b:e8:7e:58:e5:9f:35:c7:fc:b8:80:
96:ec:fa:a4:93:cc:cb:f4:ff:55:42:36:b3:7e:78:b5:af:c9:
ed:54:e7:f2:0a:ba:ab:63:9b:d4:6a:92:0f:dd:1c:98:30:3a:
e8:4d:7a:ac:61:04:90:d9:0f:bc:ae:24:72:cf:1f:16:77:61:
93:1f:56:44:5b:33:11:6f:ad:3d:36:a9:4a:e9:10:2e:8a:2b:
14:db:40:aa
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzF3AZDJdQY+vUIu7dzTzJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTExMzI0ZTg2OWJjNGNhNWVjOGJhZDBkM2RkZmY2ODU0
NDE5NzkwHhcNMjQwMTAxMTYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2RlMmYxODM2MmNiZjlhNTFiZjliZWM4MzlhYTQ3YjFhZmFiYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMZChPcF8ZtUKp5/6sR0iW4OoqjA
G+QMTTpLH3wmLb8o7mhYtVGa9Mm5AC2MwVTyPTuTa5a4qJ7167A3V2vdHpmQa2LT
lmo9aF3XW8dcX7T1IPMLTscJgk4cbGJp5hUIbG55NqXXTkjOiobUwVUZhWaPT0/P
LUEWm4PbFSb7p0ZUEfeRL7NROhbLvG6/gsqvoZG4IGcf+M40dJHiwX33n782jd+Y
Udzx0EyNWIzGaETSCJ6xPYYK7qHcIecpFzX1QJ2G6PjwevZ06VkRi79pKjceNYbf
sZC5zqC1ptJnBbVjccE+P6azdvpFTqUgZHuIWrukfHxEC/CMUnhtQp+hDwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEfeLxg2LL+aUb+b7IOapHsa+rqCMB8GA1UdIwQY
MBaAFEyREyToabxMpeyLrQ093/aFRBl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUt
YjdkMWNhYzUxZTBjLzEvUjk0dkdEWXN2NXBSdjV2c2c1cWtleHI2dW9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUtYjdkMWNhYzUxZTBj
LzEvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDXsegAwQC
ucK8AwQCwck8MA4EAgACMAgDBgQqAgaAADANBgkqhkiG9w0BAQsFAAOCAQEAkpna
4bwOBVk0bGD+9iFMt35Aiqjfj5/0488wkauauQqJTSSyxXK3ZmQHifK52zjoUHu2
3FBVIun6facdiPhiar8TTeZC9Zhh88U2g/Hkd1BNfsU5w/G5jdk9E7yEhe0AWmM0
ntUA3BW+t12w3cwgQdEKEn+CT6rS+h3B3OdTKxarZ2lruh40bxtK4crjpcFO0MBG
6qTlQvArgeOpwh7rh3Zm6PhCeL+De2vofljlnzXH/LiAluz6pJPMy/T/VUI2s354
ta/J7VTn8gq6q2Ob1GqSD90cmDA66E16rGEEkNkPvK4kcs8fFndhkx9WRFszEW+t
PTapSukQLoorFNtAqg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:45:48 2024 by rpki-client on console-fra.rpki-client.org