Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/caPsD24tJ5uXrh81cq4cK0Vooic.roa
File: caPsD24tJ5uXrh81cq4cK0Vooic.roa (raw, json)
Hash identifier: i7KFZiaVPJCcK/63b9j1FUOlwvTaacYq0FP4fJxGP6s=
Subject key identifier: 71:A3:EC:0F:6E:2D:27:9B:97:AE:1F:35:72:AE:1C:2B:45:68:A2:27
Certificate issuer: /CN=f27c93ddb1a17151c56f22dcaf31dd8229463742
Certificate serial: 018CC64B0BBF12C43FA50BB54C18AF8E7703
Authority key identifier: F2:7C:93:DD:B1:A1:71:51:C5:6F:22:DC:AF:31:DD:82:29:46:37:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nyT3bGhcVHFbyLcrzHdgilGN0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/caPsD24tJ5uXrh81cq4cK0Vooic.roa
Signing time: Mon 01 Jan 2024 18:30:56 +0000
ROA not before: Mon 01 Jan 2024 18:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200810
IP address blocks: 185.77.176.0/22 maxlen: 24
185.246.248.0/22 maxlen: 24
185.245.188.0/22 maxlen: 24
89.36.80.0/21 maxlen: 24
2a05:6580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/8nyT3bGhcVHFbyLcrzHdgilGN0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/8nyT3bGhcVHFbyLcrzHdgilGN0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/8nyT3bGhcVHFbyLcrzHdgilGN0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:0b:bf:12:c4:3f:a5:0b:b5:4c:18:af:8e:77:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f27c93ddb1a17151c56f22dcaf31dd8229463742
Validity
Not Before: Jan 1 18:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71a3ec0f6e2d279b97ae1f3572ae1c2b4568a227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:25:ae:df:52:68:c6:88:33:52:06:46:2f:b4:
fa:1a:31:a0:22:c2:70:7b:2b:13:cd:4b:3d:32:c1:
0a:da:cd:34:d0:1c:07:d0:51:44:2a:3a:14:2f:05:
1c:be:09:8b:1b:7b:13:aa:ef:61:9c:2b:bd:c8:a0:
da:27:66:18:1c:d2:26:bb:29:e7:97:68:aa:84:54:
44:68:8b:62:54:ec:8f:75:c4:c8:95:e9:1d:8b:f2:
24:4b:17:61:8e:1d:50:77:a9:9d:33:a1:8b:f2:a0:
2c:98:49:be:6c:d3:4e:fd:83:8a:4c:81:93:37:78:
86:67:a0:ec:7f:7b:47:cd:c0:38:62:33:00:75:fb:
46:b9:58:68:51:56:69:5a:55:60:a0:66:dd:79:e5:
30:cd:31:bc:df:e5:a1:44:af:dd:1d:95:e8:8a:78:
58:ae:74:8f:4a:d7:49:47:ce:e9:92:28:8e:b7:26:
4d:8d:8f:85:f6:f1:73:fd:e1:58:87:5e:d3:60:38:
af:46:0f:58:11:76:d5:5c:5d:2d:1c:26:88:6e:46:
86:a5:5b:ef:22:7a:bc:4a:0e:49:60:c5:d1:45:67:
3d:7c:94:16:d8:a8:58:f2:c3:e2:87:60:13:41:8f:
a2:b5:71:6e:85:be:2e:56:80:3e:a7:74:67:41:e2:
41:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A3:EC:0F:6E:2D:27:9B:97:AE:1F:35:72:AE:1C:2B:45:68:A2:27
X509v3 Authority Key Identifier:
keyid:F2:7C:93:DD:B1:A1:71:51:C5:6F:22:DC:AF:31:DD:82:29:46:37:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nyT3bGhcVHFbyLcrzHdgilGN0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/caPsD24tJ5uXrh81cq4cK0Vooic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/8nyT3bGhcVHFbyLcrzHdgilGN0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.80.0/21
185.77.176.0/22
185.245.188.0/22
185.246.248.0/22
IPv6:
2a05:6580::/32
Signature Algorithm: sha256WithRSAEncryption
a2:b7:45:53:e3:4c:c8:ea:f4:a6:5c:89:06:01:3a:e0:29:b6:
47:38:a9:27:70:17:cd:73:57:17:03:3e:fb:59:7b:81:a8:ce:
eb:e1:79:07:19:9f:fb:82:db:30:c8:1b:21:41:6e:aa:73:28:
9d:35:e5:d8:62:d8:27:f4:95:e1:20:83:47:de:f0:af:97:fd:
cd:18:1b:d1:9f:bc:89:70:1f:e1:ef:32:69:e5:5c:c5:49:b4:
ff:7e:26:49:85:55:38:32:ff:f6:a8:f4:1d:36:ab:e7:69:25:
d0:c7:81:0c:1a:7a:8e:7c:c8:a4:b0:46:1f:8d:e9:c4:90:c6:
12:5a:c3:86:2c:96:50:98:b5:a0:07:79:30:e8:3a:9a:e6:e8:
89:0b:c8:ba:22:1a:7b:66:d2:af:70:93:c1:cc:7b:b2:18:35:
86:84:04:9f:d1:79:8d:e3:ee:d9:04:f8:f1:da:94:67:92:4e:
55:8f:8b:d1:59:a8:3a:13:4a:28:96:91:88:0c:bc:1a:0b:c2:
20:74:15:86:86:b7:d5:5d:7e:74:28:d4:c0:9a:8c:91:f1:38:
41:3f:8c:16:01:37:af:a4:1c:aa:09:ca:85:e6:e8:ea:11:7c:
f0:21:3a:11:a7:d1:a4:90:7d:8e:1b:ab:a3:86:76:23:fa:28:
72:eb:c4:c1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGSwu/EsQ/pQu1TBivjncDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyN2M5M2RkYjFhMTcxNTFjNTZmMjJkY2FmMzFkZDgyMjk0
NjM3NDIwHhcNMjQwMTAxMTgzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWEzZWMwZjZlMmQyNzliOTdhZTFmMzU3MmFlMWMyYjQ1NjhhMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCWu31JoxogzUgZGL7T6GjGgIsJw
eysTzUs9MsEK2s000BwH0FFEKjoULwUcvgmLG3sTqu9hnCu9yKDaJ2YYHNImuynn
l2iqhFREaItiVOyPdcTIlekdi/IkSxdhjh1Qd6mdM6GL8qAsmEm+bNNO/YOKTIGT
N3iGZ6Dsf3tHzcA4YjMAdftGuVhoUVZpWlVgoGbdeeUwzTG83+WhRK/dHZXoinhY
rnSPStdJR87pkiiOtyZNjY+F9vFz/eFYh17TYDivRg9YEXbVXF0tHCaIbkaGpVvv
Inq8Sg5JYMXRRWc9fJQW2KhY8sPih2ATQY+itXFuhb4uVoA+p3RnQeJBbQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHGj7A9uLSebl64fNXKuHCtFaKInMB8GA1UdIwQY
MBaAFPJ8k92xoXFRxW8i3K8x3YIpRjdCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG55VDNiR2hjVkhGYnlMY3J6SGRnaWxHTjBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85NDRmMDktNDA2ZS00OTg1LTk5Mjkt
MzZlMGM4YWZlMjZhLzEvY2FQc0QyNHRKNXVYcmg4MWNxNGNLMFZvb2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS85NDRmMDktNDA2ZS00OTg1LTk5MjktMzZlMGM4YWZlMjZh
LzEvOG55VDNiR2hjVkhGYnlMY3J6SGRnaWxHTjBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDWSRQAwQC
uU2wAwQCufW8AwQCufb4MA0EAgACMAcDBQAqBWWAMA0GCSqGSIb3DQEBCwUAA4IB
AQCit0VT40zI6vSmXIkGATrgKbZHOKkncBfNc1cXAz77WXuBqM7r4XkHGZ/7gtsw
yBshQW6qcyidNeXYYtgn9JXhIINH3vCvl/3NGBvRn7yJcB/h7zJp5VzFSbT/fiZJ
hVU4Mv/2qPQdNqvnaSXQx4EMGnqOfMiksEYfjenEkMYSWsOGLJZQmLWgB3kw6Dqa
5uiJC8i6Ihp7ZtKvcJPBzHuyGDWGhASf0XmN4+7ZBPjx2pRnkk5Vj4vRWag6E0oo
lpGIDLwaC8IgdBWGhrfVXX50KNTAmoyR8ThBP4wWATevpByqCcqF5ujqEXzwIToR
p9GkkH2OG6ujhnYj+ihy68TB
-----END CERTIFICATE-----
Generated at Tue May 21 20:58:34 2024 by rpki-client on console-fra.rpki-client.org