Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/cQ-CF4iyyzonAuzotXGWKze2ns4.roa
File: cQ-CF4iyyzonAuzotXGWKze2ns4.roa (raw, json)
Hash identifier: TEcCI3GtEU5vGj1c14EuZy8f7gth8YEJusL5Sss5pJI=
Subject key identifier: 71:0F:82:17:88:B2:CB:3A:27:02:EC:E8:B5:71:96:2B:37:B6:9E:CE
Certificate issuer: /CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Certificate serial: 018CC42451525B6DC810E23A84F511939996
Authority key identifier: C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/cQ-CF4iyyzonAuzotXGWKze2ns4.roa
Signing time: Mon 01 Jan 2024 08:29:23 +0000
ROA not before: Mon 01 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16342
IP address blocks: 85.89.160.0/20 maxlen: 20
77.237.0.0/19 maxlen: 19
85.89.176.0/20 maxlen: 20
185.67.216.0/22 maxlen: 22
185.67.217.0/24 maxlen: 24
185.67.216.0/24 maxlen: 24
185.67.218.0/24 maxlen: 24
185.67.219.0/24 maxlen: 24
31.182.0.0/15 maxlen: 18
217.113.224.0/20 maxlen: 20
2a03:af80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.mft
rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 16:03:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:51:52:5b:6d:c8:10:e2:3a:84:f5:11:93:99:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Validity
Not Before: Jan 1 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=710f821788b2cb3a2702ece8b571962b37b69ece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b4:5a:19:2b:d7:d3:45:5e:f0:a8:d6:95:e8:
56:2f:eb:78:c0:c9:e9:57:e1:a8:5a:5d:5d:61:9c:
6f:3e:56:c7:2b:18:99:13:f5:c4:61:7b:08:55:c3:
0a:4a:82:fc:c0:50:67:a8:83:81:fd:ad:19:94:16:
7e:25:66:a8:56:7d:78:26:d7:8b:20:4f:dc:73:d6:
c1:55:a1:cc:48:47:7a:df:1f:c9:50:69:03:bf:aa:
87:e6:5b:9c:6a:40:cf:83:f9:1b:82:fa:bf:49:98:
a1:a4:72:85:23:10:39:b5:ec:f9:b8:92:2a:c0:38:
e0:09:7a:ee:2b:54:42:49:7a:f0:57:e6:47:43:d0:
ff:a7:12:b4:f8:3e:92:b4:e9:b3:5b:05:06:0f:08:
93:7a:c4:e8:14:47:c5:29:1c:8e:92:93:4e:1b:65:
ec:81:d2:2f:a9:d0:50:d6:98:fd:19:6c:0d:57:ff:
11:4e:82:0a:08:61:a5:de:34:13:20:eb:49:b7:bf:
12:62:ed:75:9b:1b:75:93:88:17:02:21:3c:d4:c0:
db:2e:ff:87:f1:f7:88:52:8f:52:fc:81:0b:b8:04:
06:5d:f9:bd:08:2c:a1:26:c0:b7:63:df:4c:99:52:
7f:53:be:6a:65:74:a3:37:97:fa:5d:ea:3d:12:cb:
3f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:0F:82:17:88:B2:CB:3A:27:02:EC:E8:B5:71:96:2B:37:B6:9E:CE
X509v3 Authority Key Identifier:
keyid:C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/cQ-CF4iyyzonAuzotXGWKze2ns4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.182.0.0/15
77.237.0.0/19
85.89.160.0/19
185.67.216.0/22
217.113.224.0/20
IPv6:
2a03:af80::/29
Signature Algorithm: sha256WithRSAEncryption
01:33:99:cf:43:b8:6a:af:b9:5d:b5:f3:02:04:96:96:0e:6b:
ca:75:4c:bf:5d:f1:39:42:59:a7:b6:94:cb:5c:49:fb:c3:cb:
8d:76:2f:22:f1:f2:08:58:0e:fa:3d:29:2b:43:7f:9b:a6:a1:
81:37:7b:92:c7:48:5f:5a:bb:a4:bd:01:61:c9:5d:db:a2:23:
ff:89:22:e7:fe:a9:28:2a:e3:0b:ae:1a:8b:76:25:4d:20:63:
f5:21:01:00:c5:d2:8a:87:aa:de:ca:51:03:96:ee:2a:c5:39:
5f:f5:34:f1:78:c7:2c:84:23:b0:79:1f:76:aa:17:23:80:70:
20:ec:7d:65:1c:40:d9:4b:6f:4a:5a:2b:dd:3a:b3:ce:32:bc:
cf:30:a6:24:a7:09:63:b0:d9:8b:56:b0:64:fd:8f:42:37:c7:
fe:39:29:f4:86:51:09:bc:f7:d3:4d:9a:41:66:93:93:5b:31:
36:86:97:5c:da:38:81:ff:ff:13:19:cd:b4:6a:f1:57:14:04:
d6:9e:b1:48:4c:5f:02:cb:37:3a:06:1f:4b:1b:0c:a7:03:34:
26:57:ae:0f:78:22:68:1e:e5:46:16:f5:c3:58:90:e1:f8:e4:
f8:16:69:67:5b:be:a6:8b:1b:c5:89:9d:46:1f:30:8d:dc:56:
d5:4f:27:51
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzEJFFSW23IEOI6hPURk5mWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3OTgzYjNhOTc1OGZjYmU3ODczM2Q5MTU1YWVkMjY2Yzg4
MmEyM2MwHhcNMjQwMTAxMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTBmODIxNzg4YjJjYjNhMjcwMmVjZThiNTcxOTYyYjM3YjY5ZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7RaGSvX00Ve8KjWlehWL+t4wMnp
V+GoWl1dYZxvPlbHKxiZE/XEYXsIVcMKSoL8wFBnqIOB/a0ZlBZ+JWaoVn14JteL
IE/cc9bBVaHMSEd63x/JUGkDv6qH5lucakDPg/kbgvq/SZihpHKFIxA5tez5uJIq
wDjgCXruK1RCSXrwV+ZHQ9D/pxK0+D6StOmzWwUGDwiTesToFEfFKRyOkpNOG2Xs
gdIvqdBQ1pj9GWwNV/8RToIKCGGl3jQTIOtJt78SYu11mxt1k4gXAiE81MDbLv+H
8feIUo9S/IELuAQGXfm9CCyhJsC3Y99MmVJ/U75qZXSjN5f6Xeo9Ess/kQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHEPgheIsss6JwLs6LVxlis3tp7OMB8GA1UdIwQY
MBaAFMeYOzqXWPy+eHM9kVWu0mbIgqI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEt
MjM4NDA1ZjJjZGU5LzEvY1EtQ0Y0aXl5em9uQXV6b3RYR1dLemUybnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEtMjM4NDA1ZjJjZGU5
LzEveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMBH7YDBAVN
7QADBAVVWaADBAK5Q9gDBATZceAwDQQCAAIwBwMFAyoDr4AwDQYJKoZIhvcNAQEL
BQADggEBAAEzmc9DuGqvuV218wIElpYOa8p1TL9d8TlCWae2lMtcSfvDy412LyLx
8ghYDvo9KStDf5umoYE3e5LHSF9au6S9AWHJXduiI/+JIuf+qSgq4wuuGot2JU0g
Y/UhAQDF0oqHqt7KUQOW7irFOV/1NPF4xyyEI7B5H3aqFyOAcCDsfWUcQNlLb0pa
K906s84yvM8wpiSnCWOw2YtWsGT9j0I3x/45KfSGUQm899NNmkFmk5NbMTaGl1za
OIH//xMZzbRq8VcUBNaesUhMXwLLNzoGH0sbDKcDNCZXrg94Imge5UYW9cNYkOH4
5PgWaWdbvqaLG8WJnUYfMI3cVtVPJ1E=
-----END CERTIFICATE-----
Generated at Sun Jun 16 19:45:32 2024 by rpki-client on console-fra.rpki-client.org