Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/pq6liQynwslUvBHrJ3LFKPcvG2A.roa
File: pq6liQynwslUvBHrJ3LFKPcvG2A.roa (raw, json)
Hash identifier: sMuJtb6N8AEvoyKhaMe4yE153kLX0jhrdHivMrBcDpo=
Subject key identifier: A6:AE:A5:89:0C:A7:C2:C9:54:BC:11:EB:27:72:C5:28:F7:2F:1B:60
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 018CC9BBB3747698D6E498A81959E0A1AEBF
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/pq6liQynwslUvBHrJ3LFKPcvG2A.roa
Signing time: Tue 02 Jan 2024 10:32:50 +0000
ROA not before: Tue 02 Jan 2024 10:32:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20766
IP address blocks: 185.57.124.0/22 maxlen: 22
80.67.160.0/19 maxlen: 19
80.67.182.0/24 maxlen: 24
193.23.30.0/24 maxlen: 24
45.94.17.0/24 maxlen: 24
45.94.18.0/23 maxlen: 23
2a0f:6780::/29 maxlen: 29
2a04:9ac2::/32 maxlen: 32
2001:910::/32 maxlen: 32
2001:913:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:b3:74:76:98:d6:e4:98:a8:19:59:e0:a1:ae:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 10:32:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6aea5890ca7c2c954bc11eb2772c528f72f1b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4e:05:87:90:39:26:50:1d:12:27:1a:d5:f1:
95:89:6f:c7:97:8d:6f:ab:ad:4b:d3:87:7c:d3:62:
fc:e4:62:b7:31:70:31:92:71:28:40:14:07:3f:82:
eb:8d:9a:48:84:0b:e0:76:05:96:ea:e7:d5:cb:5d:
dd:a2:fd:77:b5:a8:f5:65:76:03:c5:b9:b3:e0:9e:
1f:93:fd:de:6e:cc:00:4e:a6:2c:64:39:8b:5f:f0:
9f:fa:30:89:1c:cd:d9:dc:31:a4:b0:97:a9:c1:cc:
97:f7:35:65:cf:b9:9a:db:7c:9b:72:95:77:0e:47:
3a:3b:e6:33:ca:21:09:e5:08:1c:45:ed:ba:e9:ce:
de:49:7c:2e:6d:70:ec:f3:e4:37:54:dc:21:8d:48:
0b:a6:f0:b6:25:21:cd:f9:36:88:9a:1e:43:2f:90:
18:aa:79:d6:1f:b0:cf:00:cd:a6:4c:6c:30:e2:a8:
fd:d8:ae:81:9b:13:6c:26:e7:52:4e:e8:27:a9:61:
1b:7b:4c:4b:bb:28:57:52:94:d5:50:07:02:71:8d:
53:f5:ec:3e:a7:ce:ec:10:48:31:96:96:83:c0:2a:
26:5e:61:98:ff:94:ec:62:7a:ad:18:52:d5:5f:63:
77:ee:d9:a1:ca:94:5d:49:a0:8c:05:4d:00:03:74:
ee:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:AE:A5:89:0C:A7:C2:C9:54:BC:11:EB:27:72:C5:28:F7:2F:1B:60
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/pq6liQynwslUvBHrJ3LFKPcvG2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.17.0-45.94.19.255
80.67.160.0/19
185.57.124.0/22
193.23.30.0/24
IPv6:
2001:910::/32
2001:913:4000::/36
2a04:9ac2::/32
2a0f:6780::/29
Signature Algorithm: sha256WithRSAEncryption
81:3a:72:06:32:5d:c0:95:d0:ad:b7:b4:ce:33:00:6a:2b:2f:
29:79:c4:02:27:54:36:f3:14:44:aa:e6:da:05:85:c2:9a:7b:
f5:74:c3:4f:f6:93:e6:22:37:95:ff:ae:18:28:8d:fb:3b:83:
dc:8a:5c:6f:34:3a:f1:00:ea:e6:9e:3b:1b:ff:aa:0a:05:0b:
52:3a:e5:b2:64:75:37:2b:a6:bc:b1:91:57:41:dd:c7:e7:f5:
1e:06:73:ab:98:96:29:93:eb:22:f0:97:d9:17:8c:17:c5:3a:
b7:64:61:52:a2:b8:6d:d0:10:b7:b8:6d:80:fc:8c:c0:9c:a1:
13:7b:cc:5a:1d:1a:1e:96:34:88:bc:06:40:00:ca:34:e6:c5:
9f:a1:dd:e6:4f:52:0e:ca:40:5b:6e:b1:f3:73:23:07:c7:7f:
e2:10:3d:c5:b4:57:43:f7:7f:77:80:30:aa:ae:68:da:97:40:
f4:d5:0d:12:db:19:92:07:7d:31:be:a2:ee:e7:db:45:46:d9:
c4:e2:b1:19:26:8e:21:85:ca:72:36:5a:ab:a4:51:20:51:e5:
44:68:97:e0:94:c8:28:65:3d:50:06:90:87:70:3e:67:99:6e:
69:c4:27:26:79:3d:a0:9f:b3:d1:ad:c1:65:e3:4c:a6:2b:b0:
a4:55:3d:4b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzJu7N0dpjW5JioGVngoa6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjQwMTAyMTAzMjUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmFlYTU4OTBjYTdjMmM5NTRiYzExZWIyNzcyYzUyOGY3MmYxYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjE4Fh5A5JlAdEica1fGViW/Hl41v
q61L04d802L85GK3MXAxknEoQBQHP4LrjZpIhAvgdgWW6ufVy13dov13taj1ZXYD
xbmz4J4fk/3ebswATqYsZDmLX/Cf+jCJHM3Z3DGksJepwcyX9zVlz7ma23ybcpV3
Dkc6O+YzyiEJ5QgcRe266c7eSXwubXDs8+Q3VNwhjUgLpvC2JSHN+TaImh5DL5AY
qnnWH7DPAM2mTGww4qj92K6BmxNsJudSTugnqWEbe0xLuyhXUpTVUAcCcY1T9ew+
p87sEEgxlpaDwComXmGY/5TsYnqtGFLVX2N37tmhypRdSaCMBU0AA3Tu1wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKaupYkMp8LJVLwR6ydyxSj3LxtgMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvcHE2bGlReW53c2xVdkJIckozTEZLUGN2RzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAmBAIAATAgMAwDBAAtXhED
BAItXhADBAVQQ6ADBAK5OXwDBADBFx4wIwQCAAIwHQMFACABCRADBgQgAQkTQAMF
ACoEmsIDBQMqD2eAMA0GCSqGSIb3DQEBCwUAA4IBAQCBOnIGMl3AldCtt7TOMwBq
Ky8pecQCJ1Q28xREqubaBYXCmnv1dMNP9pPmIjeV/64YKI37O4PcilxvNDrxAOrm
njsb/6oKBQtSOuWyZHU3K6a8sZFXQd3H5/UeBnOrmJYpk+si8JfZF4wXxTq3ZGFS
orht0BC3uG2A/IzAnKETe8xaHRoeljSIvAZAAMo05sWfod3mT1IOykBbbrHzcyMH
x3/iED3FtFdD9393gDCqrmjal0D01Q0S2xmSB30xvqLu59tFRtnE4rEZJo4hhcpy
NlqrpFEgUeVEaJfglMgoZT1QBpCHcD5nmW5pxCcmeT2gn7PRrcFl40ymK7CkVT1L
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:49:46 2024 by rpki-client on console-fra.rpki-client.org