Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/11gWv6T8bGz9J3LRDpz21-tLY5A.roa
File: 11gWv6T8bGz9J3LRDpz21-tLY5A.roa (raw, json)
Hash identifier: eQDyApIc8+ryBwtkdB2QEEsAymB+eTeXhZaK39lPyXs=
Subject key identifier: D7:58:16:BF:A4:FC:6C:6C:FD:27:72:D1:0E:9C:F6:D7:EB:4B:63:90
Certificate issuer: /CN=a72d178c8e53f52131c1fb64743c960cf897fd0c
Certificate serial: 018CC9BCEFF3EA8A678198B679F2CA0DCC0F
Authority key identifier: A7:2D:17:8C:8E:53:F5:21:31:C1:FB:64:74:3C:96:0C:F8:97:FD:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/11gWv6T8bGz9J3LRDpz21-tLY5A.roa
Signing time: Tue 02 Jan 2024 10:34:11 +0000
ROA not before: Tue 02 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203965
IP address blocks: 185.118.172.0/24 maxlen: 24
185.118.172.0/22 maxlen: 22
185.118.175.0/24 maxlen: 24
185.118.174.0/24 maxlen: 24
185.118.173.0/24 maxlen: 24
2a06:9380::/29 maxlen: 48
2a06:9380:172::/48 maxlen: 48
2a06:9380:173::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/py0XjI5T9SExwftkdDyWDPiX_Qw.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/py0XjI5T9SExwftkdDyWDPiX_Qw.mft
rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ef:f3:ea:8a:67:81:98:b6:79:f2:ca:0d:cc:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a72d178c8e53f52131c1fb64743c960cf897fd0c
Validity
Not Before: Jan 2 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d75816bfa4fc6c6cfd2772d10e9cf6d7eb4b6390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:dd:4a:29:88:79:7c:60:2c:28:82:d0:a5:23:
0b:d9:34:85:47:52:94:90:1e:30:a2:6e:8a:b2:b2:
ed:36:93:ae:5a:99:a8:5d:67:0d:70:fc:f7:b1:10:
72:a2:f0:d7:6d:73:b2:2f:9a:95:3c:c4:7f:7b:87:
f0:31:f8:2f:96:d8:4a:5b:5c:32:93:49:e8:81:fb:
f2:34:13:d8:1d:51:7c:a4:1c:e7:72:b6:98:32:99:
ca:0a:2c:32:56:4b:06:d7:be:49:ec:13:ad:1d:74:
75:e1:e1:b1:72:48:01:44:79:35:2c:79:b8:be:11:
91:db:af:5d:f0:e3:eb:73:20:68:59:d3:81:5f:70:
48:e3:f4:40:ad:fe:3e:61:c7:20:b0:35:5b:de:a9:
17:54:40:ee:ce:66:98:df:f1:0d:11:dc:4e:37:e0:
88:d6:3b:8c:e9:55:c9:b0:90:95:9d:ce:62:d3:a5:
8e:52:af:4c:4c:7f:73:a7:c3:b0:6d:b5:aa:55:e2:
0d:70:fd:2e:98:0f:49:52:74:c9:00:e3:ee:fa:30:
e5:bc:ca:f0:f9:ca:7a:9e:4f:81:1e:4e:e4:06:85:
1a:2f:34:e1:a7:93:ca:1c:9a:f3:fd:31:56:56:4e:
68:be:bd:40:41:b9:93:9c:8a:11:02:47:37:06:b1:
8b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:58:16:BF:A4:FC:6C:6C:FD:27:72:D1:0E:9C:F6:D7:EB:4B:63:90
X509v3 Authority Key Identifier:
keyid:A7:2D:17:8C:8E:53:F5:21:31:C1:FB:64:74:3C:96:0C:F8:97:FD:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/py0XjI5T9SExwftkdDyWDPiX_Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/11gWv6T8bGz9J3LRDpz21-tLY5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1b813a-5e86-45b0-99cd-28b9d261ecb1/1/py0XjI5T9SExwftkdDyWDPiX_Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.172.0/22
IPv6:
2a06:9380::/29
Signature Algorithm: sha256WithRSAEncryption
9c:53:94:13:c4:68:62:ad:50:00:01:0d:60:a4:ea:b8:13:70:
4e:bd:d2:f5:b9:a1:0e:19:5e:b2:ff:15:5f:83:56:49:5a:b8:
20:77:07:ec:aa:7a:df:e0:58:f0:0f:cc:3e:54:b1:40:19:e1:
d1:71:1e:14:21:9d:f9:90:4f:71:7f:5c:10:7c:db:3f:df:42:
5a:76:79:5c:c7:f5:77:96:05:0e:0e:85:03:b0:6d:96:0b:53:
e3:ca:fa:a6:99:49:fe:49:ce:a9:3c:8c:a3:c4:93:5e:eb:4c:
02:58:1e:7e:17:93:50:e0:48:dc:fb:62:69:99:7d:e8:9c:46:
71:39:bd:97:90:e7:0b:6d:d4:f6:d6:b9:f2:35:bf:d5:40:32:
5a:d5:d5:f0:f1:74:b4:fc:bd:77:d3:ab:3e:a1:f1:72:c8:44:
7a:09:41:e3:02:5e:24:0e:04:ed:e8:85:6f:dc:4c:8c:75:eb:
0e:4f:3d:8c:04:42:c4:a8:bc:eb:bd:5c:ac:6d:8e:c1:39:63:
56:9a:60:81:3d:0b:e4:a8:44:0e:1b:a1:61:7e:ac:93:1c:18:
43:7e:d8:7b:01:0d:e0:96:c3:35:43:ec:e2:68:11:aa:92:57:
5e:b0:72:15:fa:6b:32:76:14:15:27:cb:41:c1:b1:59:5d:40:
6d:6e:56:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvO/z6opngZi2efLKDcwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MmQxNzhjOGU1M2Y1MjEzMWMxZmI2NDc0M2M5NjBjZjg5
N2ZkMGMwHhcNMjQwMTAyMTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzU4MTZiZmE0ZmM2YzZjZmQyNzcyZDEwZTljZjZkN2ViNGI2MzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsd1KKYh5fGAsKILQpSML2TSFR1KU
kB4wom6KsrLtNpOuWpmoXWcNcPz3sRByovDXbXOyL5qVPMR/e4fwMfgvlthKW1wy
k0nogfvyNBPYHVF8pBzncraYMpnKCiwyVksG175J7BOtHXR14eGxckgBRHk1LHm4
vhGR269d8OPrcyBoWdOBX3BI4/RArf4+YccgsDVb3qkXVEDuzmaY3/ENEdxON+CI
1juM6VXJsJCVnc5i06WOUq9MTH9zp8OwbbWqVeINcP0umA9JUnTJAOPu+jDlvMrw
+cp6nk+BHk7kBoUaLzThp5PKHJrz/TFWVk5ovr1AQbmTnIoRAkc3BrGL9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNdYFr+k/Gxs/Sdy0Q6c9tfrS2OQMB8GA1UdIwQY
MBaAFKctF4yOU/UhMcH7ZHQ8lgz4l/0MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHkwWGpJNVQ5U0V4d2Z0a2REeVdEUGlYX1F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYjgxM2EtNWU4Ni00NWIwLTk5Y2Qt
MjhiOWQyNjFlY2IxLzEvMTFnV3Y2VDhiR3o5SjNMUkRwejIxLXRMWTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYjgxM2EtNWU4Ni00NWIwLTk5Y2QtMjhiOWQyNjFlY2Ix
LzEvcHkwWGpJNVQ5U0V4d2Z0a2REeVdEUGlYX1F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXasMA0E
AgACMAcDBQMqBpOAMA0GCSqGSIb3DQEBCwUAA4IBAQCcU5QTxGhirVAAAQ1gpOq4
E3BOvdL1uaEOGV6y/xVfg1ZJWrggdwfsqnrf4FjwD8w+VLFAGeHRcR4UIZ35kE9x
f1wQfNs/30Jadnlcx/V3lgUODoUDsG2WC1PjyvqmmUn+Sc6pPIyjxJNe60wCWB5+
F5NQ4Ejc+2JpmX3onEZxOb2XkOcLbdT21rnyNb/VQDJa1dXw8XS0/L1306s+ofFy
yER6CUHjAl4kDgTt6IVv3EyMdesOTz2MBELEqLzrvVysbY7BOWNWmmCBPQvkqEQO
G6FhfqyTHBhDfth7AQ3glsM1Q+ziaBGqkldesHIV+msydhQVJ8tBwbFZXUBtblZG
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:38:52 2024 by rpki-client on console-ams.rpki-client.org