Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/cg29crYHNsVDv0cHD4Ab3DHRXSc.roa
File: cg29crYHNsVDv0cHD4Ab3DHRXSc.roa (raw, json)
Hash identifier: S24StioDT1R5w3wKrIoSkNCMsg5rwYylRXsZlpcHr64=
Subject key identifier: 72:0D:BD:72:B6:07:36:C5:43:BF:47:07:0F:80:1B:DC:31:D1:5D:27
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 018CC2DB66906EDFA3A9D344B2AF7A34A681
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/cg29crYHNsVDv0cHD4Ab3DHRXSc.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61026
IP address blocks: 185.9.22.0/23 maxlen: 24
82.196.16.0/21 maxlen: 24
91.232.187.0/24 maxlen: 24
185.20.42.0/24 maxlen: 24
185.20.40.0/22 maxlen: 22
185.20.43.0/24 maxlen: 24
185.20.40.0/24 maxlen: 24
185.20.41.0/24 maxlen: 24
2a04:1500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:66:90:6e:df:a3:a9:d3:44:b2:af:7a:34:a6:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=720dbd72b60736c543bf47070f801bdc31d15d27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c7:7b:8e:22:30:03:2a:a5:17:10:73:9b:55:
b9:71:42:af:7f:c3:60:51:2f:54:ce:15:6a:53:c9:
66:30:85:89:75:12:c0:cf:5e:0a:b5:c3:cd:fc:b8:
2a:02:68:5e:92:61:f4:ec:40:fa:b7:d9:12:36:fb:
69:c4:06:f4:34:da:8c:d4:26:05:f3:24:b9:5e:eb:
f9:7a:4d:b3:74:a0:88:d8:8a:1d:6d:22:9d:c6:e0:
72:17:2b:0e:b6:44:81:c2:b2:b8:e0:37:7d:aa:f7:
87:9e:4a:0f:ff:36:88:b2:3c:f1:f1:7a:47:42:6f:
1c:54:5f:7c:a9:e7:f7:78:34:b6:6c:bb:b6:83:54:
1b:dc:c1:8c:4b:94:b7:99:08:d9:e3:ca:4a:f9:10:
aa:73:f6:ea:82:08:a9:a2:f1:31:8b:38:5c:4c:59:
db:ab:c8:fb:6c:99:b3:9a:0f:0e:30:0b:53:28:67:
e3:01:80:3d:f0:a8:a3:3e:30:18:64:43:45:02:e7:
a5:42:fa:26:c7:1c:4c:39:09:ca:22:4b:67:b4:93:
e9:6c:fb:f9:86:4d:58:8b:41:55:4c:f1:fb:97:07:
97:3a:2b:1e:26:86:9d:3d:82:90:7c:80:0b:fd:8f:
0a:c5:e3:39:17:be:31:a2:a7:23:d8:99:e9:dc:c7:
2e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0D:BD:72:B6:07:36:C5:43:BF:47:07:0F:80:1B:DC:31:D1:5D:27
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/cg29crYHNsVDv0cHD4Ab3DHRXSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.196.16.0/21
91.232.187.0/24
185.9.22.0/23
185.20.40.0/22
IPv6:
2a04:1500::/29
Signature Algorithm: sha256WithRSAEncryption
78:f9:e4:12:b5:30:6a:0b:33:cf:8f:19:0e:f6:bc:3a:33:7e:
c5:4f:98:d8:95:95:fe:a4:9e:d1:34:0d:03:42:3a:9e:dc:59:
b0:21:b8:79:4d:af:79:4e:cd:9d:5a:f0:ec:ed:b5:2c:4b:97:
7e:68:b6:b5:a3:fb:76:c2:10:38:cb:d8:6f:50:72:91:b1:2d:
4e:58:cb:2d:13:a5:1d:0a:f8:26:da:9a:c2:08:36:8d:e6:d7:
61:68:a3:f9:a8:b9:0a:25:ee:2e:40:f8:4d:ca:3a:8f:a3:cf:
8f:04:ec:4a:16:71:36:50:07:d0:10:38:5c:bd:64:d9:13:c0:
cc:0b:b8:3e:72:8d:57:bb:bc:c2:64:97:b7:94:da:4d:5f:36:
7b:15:cb:32:28:c5:06:d0:82:0a:b2:9a:96:c6:ed:2e:20:21:
c0:12:36:07:ae:03:b8:6c:9b:85:fd:ce:41:d5:33:cc:16:60:
66:2f:c1:de:67:58:bc:5d:71:56:b3:f4:0c:04:4a:8d:9e:4a:
94:ad:00:75:f3:60:3d:f8:c1:72:27:b5:fc:d1:b5:d2:74:71:
f5:67:8d:55:bf:db:a4:18:76:77:fe:3a:ce:ff:12:da:87:67:
47:9f:db:7c:31:ae:09:68:db:af:4f:ee:13:f8:a3:90:d9:05:
8d:73:9a:3a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzC22aQbt+jqdNEsq96NKaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBkYmQ3MmI2MDczNmM1NDNiZjQ3MDcwZjgwMWJkYzMxZDE1ZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMd7jiIwAyqlFxBzm1W5cUKvf8Ng
US9UzhVqU8lmMIWJdRLAz14KtcPN/LgqAmhekmH07ED6t9kSNvtpxAb0NNqM1CYF
8yS5Xuv5ek2zdKCI2IodbSKdxuByFysOtkSBwrK44Dd9qveHnkoP/zaIsjzx8XpH
Qm8cVF98qef3eDS2bLu2g1Qb3MGMS5S3mQjZ48pK+RCqc/bqggipovExizhcTFnb
q8j7bJmzmg8OMAtTKGfjAYA98KijPjAYZENFAuelQvomxxxMOQnKIktntJPpbPv5
hk1Yi0FVTPH7lweXOiseJoadPYKQfIAL/Y8KxeM5F74xoqcj2Jnp3McuewIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHINvXK2BzbFQ79HBw+AG9wx0V0nMB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvY2cyOWNyWUhOc1ZEdjBjSEQ0QWIzREhSWFNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDUsQQAwQA
W+i7AwQBuQkWAwQCuRQoMA0EAgACMAcDBQMqBBUAMA0GCSqGSIb3DQEBCwUAA4IB
AQB4+eQStTBqCzPPjxkO9rw6M37FT5jYlZX+pJ7RNA0DQjqe3FmwIbh5Ta95Ts2d
WvDs7bUsS5d+aLa1o/t2whA4y9hvUHKRsS1OWMstE6UdCvgm2prCCDaN5tdhaKP5
qLkKJe4uQPhNyjqPo8+PBOxKFnE2UAfQEDhcvWTZE8DMC7g+co1Xu7zCZJe3lNpN
XzZ7FcsyKMUG0IIKspqWxu0uICHAEjYHrgO4bJuF/c5B1TPMFmBmL8HeZ1i8XXFW
s/QMBEqNnkqUrQB182A9+MFyJ7X80bXSdHH1Z41Vv9ukGHZ3/jrO/xLah2dHn9t8
Ma4JaNuvT+4T+KOQ2QWNc5o6
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:39:20 2024 by rpki-client on console-fra.rpki-client.org