Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/6b1b64-2564-47a7-b1c1-52835db6512c/1/L_e3zk7V9O622dbvVzCSskKozzI.roa
File: L_e3zk7V9O622dbvVzCSskKozzI.roa (raw, json)
Hash identifier: izrqg/9Wj0abVJ1xLIDLaKQLQl8gfa2jjyYPxdvr18Q=
Subject key identifier: 2F:F7:B7:CE:4E:D5:F4:EE:B6:D9:D6:EF:57:30:92:B2:42:A8:CF:32
Certificate issuer: /CN=7d3b2c333b729557ac0be02740b22296d802bf81
Certificate serial: 018CC5DC385B9DCE6F4E25892372C3256A5E
Authority key identifier: 7D:3B:2C:33:3B:72:95:57:AC:0B:E0:27:40:B2:22:96:D8:02:BF:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fTssMztylVesC-AnQLIiltgCv4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/6b1b64-2564-47a7-b1c1-52835db6512c/1/L_e3zk7V9O622dbvVzCSskKozzI.roa
Signing time: Mon 01 Jan 2024 16:29:53 +0000
ROA not before: Mon 01 Jan 2024 16:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207242
IP address blocks: 185.195.84.0/22 maxlen: 22
185.162.24.0/22 maxlen: 22
185.194.44.0/22 maxlen: 22
185.195.224.0/22 maxlen: 22
185.242.72.0/22 maxlen: 22
2a0a:5f40::/32 maxlen: 32
2a0c:c380::/32 maxlen: 32
2a07:ca40::/29 maxlen: 29
2a0a:5640::/32 maxlen: 32
2a0a:4440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/6b1b64-2564-47a7-b1c1-52835db6512c/1/fTssMztylVesC-AnQLIiltgCv4E.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/6b1b64-2564-47a7-b1c1-52835db6512c/1/fTssMztylVesC-AnQLIiltgCv4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fTssMztylVesC-AnQLIiltgCv4E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:38:5b:9d:ce:6f:4e:25:89:23:72:c3:25:6a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d3b2c333b729557ac0be02740b22296d802bf81
Validity
Not Before: Jan 1 16:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ff7b7ce4ed5f4eeb6d9d6ef573092b242a8cf32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b7:28:17:7f:a7:ed:f6:28:aa:b4:b8:19:2a:
d0:d2:d6:a6:59:92:0a:76:a5:ee:04:bf:e2:2c:10:
0f:4c:15:18:1a:bc:e3:d0:3b:98:e1:d3:12:c5:df:
f9:88:70:08:61:51:1c:c5:ef:1c:37:e5:34:4c:4f:
3a:74:d9:bf:19:20:43:a9:c0:50:a6:ab:bc:cf:a9:
27:4f:50:da:74:51:e3:29:f3:a3:6c:88:bd:06:c6:
ac:75:b3:cc:0d:90:d1:8f:e5:b8:09:04:8e:e6:83:
a9:17:58:8c:41:c9:68:26:89:04:05:c0:d2:d1:16:
5d:a8:f2:41:b1:a5:45:c6:eb:b8:c3:91:dc:22:eb:
82:ea:ac:e1:53:0b:ef:19:cb:be:d6:db:5d:53:7a:
b9:77:5f:0b:de:00:c1:97:2f:e2:3b:61:88:fa:05:
d9:1f:9c:a8:f4:1d:1d:2b:27:15:f8:39:9e:9d:94:
72:a3:fa:6e:70:9d:ac:d1:1d:17:fa:6b:51:8e:98:
d6:39:41:0b:c0:e4:21:c8:b3:02:d4:b1:0f:d1:a0:
06:6b:20:68:ca:6c:d8:ad:5a:00:68:fb:3c:d0:9f:
f3:ad:3c:8c:74:0e:79:c4:be:62:0b:1c:f5:77:7d:
a8:f8:90:04:61:83:2a:38:29:5b:e7:b7:52:63:8c:
4a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F7:B7:CE:4E:D5:F4:EE:B6:D9:D6:EF:57:30:92:B2:42:A8:CF:32
X509v3 Authority Key Identifier:
keyid:7D:3B:2C:33:3B:72:95:57:AC:0B:E0:27:40:B2:22:96:D8:02:BF:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fTssMztylVesC-AnQLIiltgCv4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/6b1b64-2564-47a7-b1c1-52835db6512c/1/L_e3zk7V9O622dbvVzCSskKozzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/6b1b64-2564-47a7-b1c1-52835db6512c/1/fTssMztylVesC-AnQLIiltgCv4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.24.0/22
185.194.44.0/22
185.195.84.0/22
185.195.224.0/22
185.242.72.0/22
IPv6:
2a07:ca40::/29
2a0a:4440::/32
2a0a:5640::/32
2a0a:5f40::/32
2a0c:c380::/32
Signature Algorithm: sha256WithRSAEncryption
8a:e7:52:60:f5:20:66:2a:86:50:f3:9e:f6:c0:b9:19:3a:5c:
ae:e4:57:9a:c5:3c:54:51:6c:60:a7:ec:48:fa:bf:72:8c:c5:
e7:d0:ad:f5:f7:4a:0a:d7:3e:9d:9a:8f:1c:9c:4f:ef:f3:89:
29:e0:9a:1d:9e:9c:21:8a:bb:75:c9:22:bb:65:9e:79:ec:fe:
01:09:e6:25:1e:9c:67:44:8b:45:bf:5c:d2:81:12:83:42:5a:
cb:4e:83:43:d4:1b:85:fc:12:0e:40:82:96:44:37:8b:0d:81:
48:e0:7a:b9:3e:8b:49:49:8a:15:94:8f:bc:b0:a1:73:dd:26:
89:6f:48:30:e1:cf:09:b3:9d:76:12:69:93:66:53:8d:38:fc:
ea:e6:73:29:ff:09:d3:da:f5:61:1f:b1:2c:2d:1c:ec:15:7b:
d3:74:39:be:68:0d:92:80:59:ac:69:d1:68:4a:88:8b:ee:cd:
49:c4:65:52:90:0e:10:83:48:69:2a:54:c8:ba:c8:10:05:f5:
90:46:fd:d5:24:e5:43:54:bc:bc:fa:5a:7a:bc:53:35:70:24:
3d:8f:ed:67:64:bc:2f:ac:a2:36:23:90:cb:f1:71:a4:37:1f:
92:68:cf:d9:7e:04:d1:74:99:ee:2b:3c:d0:72:70:b4:18:fc:
6b:1e:c5:48
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYzF3Dhbnc5vTiWJI3LDJWpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkM2IyYzMzM2I3Mjk1NTdhYzBiZTAyNzQwYjIyMjk2ZDgw
MmJmODEwHhcNMjQwMTAxMTYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmY3YjdjZTRlZDVmNGVlYjZkOWQ2ZWY1NzMwOTJiMjQyYThjZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrcoF3+n7fYoqrS4GSrQ0tamWZIK
dqXuBL/iLBAPTBUYGrzj0DuY4dMSxd/5iHAIYVEcxe8cN+U0TE86dNm/GSBDqcBQ
pqu8z6knT1DadFHjKfOjbIi9BsasdbPMDZDRj+W4CQSO5oOpF1iMQcloJokEBcDS
0RZdqPJBsaVFxuu4w5HcIuuC6qzhUwvvGcu+1ttdU3q5d18L3gDBly/iO2GI+gXZ
H5yo9B0dKycV+DmenZRyo/pucJ2s0R0X+mtRjpjWOUELwOQhyLMC1LEP0aAGayBo
ymzYrVoAaPs80J/zrTyMdA55xL5iCxz1d32o+JAEYYMqOClb57dSY4xKLwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFC/3t85O1fTuttnW71cwkrJCqM8yMB8GA1UdIwQY
MBaAFH07LDM7cpVXrAvgJ0CyIpbYAr+BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlRzc016dHlsVmVzQy1BblFMSWlsdGdDdjRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82YjFiNjQtMjU2NC00N2E3LWIxYzEt
NTI4MzVkYjY1MTJjLzEvTF9lM3prN1Y5TzYyMmRidlZ6Q1Nza0tvenpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82YjFiNjQtMjU2NC00N2E3LWIxYzEtNTI4MzVkYjY1MTJj
LzEvZlRzc016dHlsVmVzQy1BblFMSWlsdGdDdjRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAkBAIAATAeAwQCuaIYAwQC
ucIsAwQCucNUAwQCucPgAwQCufJIMCkEAgACMCMDBQMqB8pAAwUAKgpEQAMFACoK
VkADBQAqCl9AAwUAKgzDgDANBgkqhkiG9w0BAQsFAAOCAQEAiudSYPUgZiqGUPOe
9sC5GTpcruRXmsU8VFFsYKfsSPq/cozF59Ct9fdKCtc+nZqPHJxP7/OJKeCaHZ6c
IYq7dckiu2Weeez+AQnmJR6cZ0SLRb9c0oESg0Jay06DQ9QbhfwSDkCClkQ3iw2B
SOB6uT6LSUmKFZSPvLChc90miW9IMOHPCbOddhJpk2ZTjTj86uZzKf8J09r1YR+x
LC0c7BV703Q5vmgNkoBZrGnRaEqIi+7NScRlUpAOEINIaSpUyLrIEAX1kEb91STl
Q1S8vPpaerxTNXAkPY/tZ2S8L6yiNiOQy/FxpDcfkmjP2X4E0XSZ7is80HJwtBj8
ax7FSA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:56:19 2024 by rpki-client on console-fra.rpki-client.org