Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/0wezRukMCCVbhOrn7xSOENioaT0.roa
File: 0wezRukMCCVbhOrn7xSOENioaT0.roa (raw, json)
Hash identifier: nA6PmW2mvGpbOSVNasCxGt4wXmHbuowsHtaIZU9XQus=
Subject key identifier: D3:07:B3:46:E9:0C:08:25:5B:84:EA:E7:EF:14:8E:10:D8:A8:69:3D
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0192D4C5AAD7AC8DEB682AFE895B72A47107
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/0wezRukMCCVbhOrn7xSOENioaT0.roa
Signing time: Mon 28 Oct 2024 20:16:16 +0000
ROA not before: Mon 28 Oct 2024 20:16:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29262
IP address blocks: 185.85.189.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.87.24.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.98.60.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
2a0c:67c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d4:c5:aa:d7:ac:8d:eb:68:2a:fe:89:5b:72:a4:71:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Oct 28 20:16:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d307b346e90c08255b84eae7ef148e10d8a8693d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:90:ee:42:31:62:1d:8e:c2:83:bc:97:28:5d:
01:83:a0:10:77:23:a5:7e:9d:11:8f:1f:47:ef:e7:
2c:09:ca:d1:82:75:1e:eb:4b:53:c9:87:db:ed:35:
cc:12:a8:ab:46:55:84:dc:4e:d8:24:26:b9:b1:8e:
db:da:ea:eb:ee:ae:f9:fd:e2:b2:3c:74:67:8b:ff:
1b:c9:a4:4b:d1:ae:ad:c9:c3:69:d2:a1:bb:a2:20:
59:67:7c:f9:98:2a:ec:0d:50:30:f5:a5:20:52:d5:
33:15:c4:6b:91:c9:f2:a6:67:da:49:9c:86:c5:82:
bc:d8:98:94:4c:8a:6a:96:57:2b:83:cb:1d:dc:37:
76:1d:de:21:ee:96:25:06:1f:fa:70:16:0b:27:80:
68:83:ca:d9:f1:9f:3a:1f:0c:58:7d:87:6d:74:8a:
7c:4f:0c:a1:f7:7c:08:b9:ca:ca:89:12:c5:c7:8f:
85:49:53:68:ca:2b:f0:26:d8:75:10:b5:28:3a:f9:
4f:2b:2e:b2:30:20:c3:04:ba:bf:67:a7:eb:84:07:
a9:2c:b1:d2:1a:64:70:88:64:8c:5c:9b:ae:bd:20:
92:07:ab:8d:63:ab:10:91:c2:bd:79:39:e6:7b:d1:
99:bc:1d:cf:1f:15:9c:9d:72:a5:bd:ad:a0:fd:1a:
8d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:07:B3:46:E9:0C:08:25:5B:84:EA:E7:EF:14:8E:10:D8:A8:69:3D
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/0wezRukMCCVbhOrn7xSOENioaT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.98.60.0/24
185.119.80.0/22
185.141.32.0/24
IPv6:
2a0b:6780::/29
2a0c:67c0::/29
Signature Algorithm: sha256WithRSAEncryption
71:aa:17:01:61:29:75:c8:1a:c2:48:28:79:7c:59:5b:1d:8a:
f6:8e:01:bf:a2:1c:c9:b9:dd:5a:be:72:c2:73:1b:56:89:55:
ab:46:aa:5a:ff:04:4e:04:97:13:59:df:46:1c:a3:7f:c0:c9:
8d:b3:8a:4d:a4:ab:1b:82:e7:51:6d:52:65:72:49:6a:a8:28:
ba:10:4d:d0:42:d0:4c:ac:59:f0:8b:1b:13:32:4f:87:4d:da:
c4:55:4e:b6:af:d4:2e:28:d0:65:7e:c9:c4:a1:32:93:4b:9a:
9f:da:e0:3a:39:cf:00:cf:05:69:2b:5c:9f:50:a5:37:b0:04:
32:03:9e:74:b5:18:b8:2d:c3:0c:2d:74:cf:54:39:65:bb:9d:
5a:69:ed:a3:29:31:4c:5e:1f:16:19:40:1b:e5:84:e6:0f:b5:
5e:54:c4:32:d3:c5:fa:8b:45:94:b8:07:dc:0f:08:0b:d4:a3:
46:63:17:8c:6a:1f:3e:db:d4:4c:a1:bd:78:69:d5:68:2c:9c:
0a:3d:24:28:7a:55:62:c7:8c:c2:ef:e9:0c:8c:fe:de:74:2c:
a7:17:cc:f2:be:47:3c:75:83:25:67:a9:09:4f:c7:65:95:7c:
64:94:5f:84:32:79:74:e8:43:bb:c2:f2:36:13:29:29:d5:61:
5a:60:71:c7
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZLUxarXrI3raCr+iVtypHEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQxMDI4MjAxNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzA3YjM0NmU5MGMwODI1NWI4NGVhZTdlZjE0OGUxMGQ4YTg2OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpDuQjFiHY7Cg7yXKF0Bg6AQdyOl
fp0Rjx9H7+csCcrRgnUe60tTyYfb7TXMEqirRlWE3E7YJCa5sY7b2urr7q75/eKy
PHRni/8byaRL0a6tycNp0qG7oiBZZ3z5mCrsDVAw9aUgUtUzFcRrkcnypmfaSZyG
xYK82JiUTIpqllcrg8sd3Dd2Hd4h7pYlBh/6cBYLJ4Bog8rZ8Z86HwxYfYdtdIp8
Twyh93wIucrKiRLFx4+FSVNoyivwJth1ELUoOvlPKy6yMCDDBLq/Z6frhAepLLHS
GmRwiGSMXJuuvSCSB6uNY6sQkcK9eTnme9GZvB3PHxWcnXKlva2g/RqNJwIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFNMHs0bpDAglW4Tq5+8UjhDYqGk9MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvMHdlelJ1a01DQ1ZiaE9ybjd4U09FTmlvYVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBuBAIAATBoMAwDBAC5
Vb0DBAa5VYAwDAMEALlV7QMEBLlV4AMEALlWBQMEALlWDTAMAwQAuVaZAwQAuVaa
AwQCuVakAwQAuVcYAwQBuVcaMAwDBAC5V3kDBAK5V3gDBAC5YjwDBAK5d1ADBAC5
jSAwFAQCAAIwDgMFAyoLZ4ADBQMqDGfAMA0GCSqGSIb3DQEBCwUAA4IBAQBxqhcB
YSl1yBrCSCh5fFlbHYr2jgG/ohzJud1avnLCcxtWiVWrRqpa/wROBJcTWd9GHKN/
wMmNs4pNpKsbgudRbVJlcklqqCi6EE3QQtBMrFnwixsTMk+HTdrEVU62r9QuKNBl
fsnEoTKTS5qf2uA6Oc8AzwVpK1yfUKU3sAQyA550tRi4LcMMLXTPVDllu51aae2j
KTFMXh8WGUAb5YTmD7VeVMQy08X6i0WUuAfcDwgL1KNGYxeMah8+29RMob14adVo
LJwKPSQoelVix4zC7+kMjP7edCynF8zyvkc8dYMlZ6kJT8dllXxklF+EMnl06EO7
wvI2Eykp1WFaYHHH
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:44:41 2024 by rpki-client on console-fra.rpki-client.org