Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/rVTnvUl4oJF0NZLJigsRu29agDc.roa
File: rVTnvUl4oJF0NZLJigsRu29agDc.roa (raw, json)
Hash identifier: XDl0nfUbtZv3lJ52mPQ165u4LcRz1MQtn6oM5BdEDec=
Subject key identifier: AD:54:E7:BD:49:78:A0:91:74:35:92:C9:8A:0B:11:BB:6F:5A:80:37
Certificate issuer: /CN=b194f0304eedd363c6622fd91c59b10871aa3044
Certificate serial: 018CCA99A5AFA5C1EFC2193A57FD67CC0FAB
Authority key identifier: B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/rVTnvUl4oJF0NZLJigsRu29agDc.roa
Signing time: Tue 02 Jan 2024 14:35:16 +0000
ROA not before: Tue 02 Jan 2024 14:35:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30870
IP address blocks: 185.40.56.0/22 maxlen: 24
185.108.116.0/22 maxlen: 24
194.30.160.0/24 maxlen: 24
87.101.8.0/21 maxlen: 21
2a01:4d60::/32 maxlen: 48
2a06:4a80::/29 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:a5:af:a5:c1:ef:c2:19:3a:57:fd:67:cc:0f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b194f0304eedd363c6622fd91c59b10871aa3044
Validity
Not Before: Jan 2 14:35:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad54e7bd4978a091743592c98a0b11bb6f5a8037
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:de:26:09:11:cf:14:23:06:f4:be:73:a4:29:
b6:3b:ec:34:b7:50:2b:f9:c7:71:e2:87:6b:90:fb:
38:25:21:47:0a:fe:6c:80:a1:6e:be:6b:e7:3e:23:
6d:d0:c7:db:78:65:73:ee:f8:33:bc:84:59:2e:a4:
57:be:60:36:b1:75:4b:96:2d:51:42:93:06:96:59:
bf:05:20:50:64:c8:d3:0e:6b:f4:cf:d1:d2:b5:b1:
49:62:cc:f0:a0:63:50:58:b1:86:5e:a1:ab:85:f3:
8e:77:bc:3b:d0:2e:07:41:06:be:9b:1c:c7:95:6e:
29:bc:bf:03:79:b5:43:d8:21:9b:0d:35:e4:a0:35:
b6:64:a0:2c:93:48:ad:10:5c:cc:f2:14:9d:d9:4f:
2e:4f:e1:ba:0d:18:3b:3e:f0:d2:36:ae:7b:79:e7:
9b:20:d4:1d:ac:9b:ed:38:e2:be:74:f3:1c:c8:41:
b4:dd:a5:9b:69:53:82:0c:aa:3e:2f:11:55:a3:2c:
3d:6a:74:87:63:0d:ff:7a:96:d5:47:80:13:1b:f1:
1e:25:c1:9f:71:22:c0:40:3e:35:e9:5b:b9:be:7e:
f6:8f:39:72:a1:a8:92:ba:57:14:6e:50:fd:80:23:
06:0f:35:f4:1f:3f:1e:a5:fd:d3:69:3f:7d:7a:1b:
1c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:54:E7:BD:49:78:A0:91:74:35:92:C9:8A:0B:11:BB:6F:5A:80:37
X509v3 Authority Key Identifier:
keyid:B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/rVTnvUl4oJF0NZLJigsRu29agDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.101.8.0/21
185.40.56.0/22
185.108.116.0/22
194.30.160.0/24
IPv6:
2a01:4d60::/32
2a06:4a80::/29
Signature Algorithm: sha256WithRSAEncryption
c1:fb:d8:16:08:94:93:26:57:1f:fa:8a:f4:fa:6b:fa:07:55:
a9:19:c3:95:d2:e1:f5:b1:3e:15:b2:65:8b:0b:11:30:54:91:
d4:8a:c8:e9:36:40:66:e4:6c:e6:2e:bf:bf:8f:01:70:0e:83:
7b:2f:1a:6b:84:ca:31:a6:51:b1:e0:79:00:7b:3b:c1:5d:60:
cc:a5:b1:d4:f3:8f:91:27:d5:7d:bb:2b:be:eb:39:4b:1f:17:
08:46:e5:cb:99:d8:00:85:50:ec:ae:28:2c:ee:f5:d6:09:61:
05:7c:bc:e3:42:03:6c:f9:06:fa:5d:72:bd:cc:15:ed:3a:45:
dc:29:c4:68:54:56:eb:7e:54:e9:ab:7d:93:eb:01:69:29:19:
22:e1:1e:37:3d:75:bb:9f:90:c7:f5:65:d0:a9:cd:b3:d1:3c:
81:ae:42:71:87:2c:9c:e8:55:a7:48:04:86:0c:3a:3f:08:ef:
31:ba:29:c6:66:05:a0:d5:25:f9:d9:a5:ac:8f:7b:85:fc:cf:
da:8e:e0:38:be:f1:47:72:8b:ba:73:05:78:cb:a3:76:32:75:
51:12:cf:91:9d:c1:1a:2a:e5:1a:50:a0:6c:b5:ba:b2:0a:73:
bd:0a:39:f0:87:38:1e:02:6b:c7:59:83:12:f2:3d:78:8a:4e:
2c:87:48:56
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzKmaWvpcHvwhk6V/1nzA+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOTRmMDMwNGVlZGQzNjNjNjYyMmZkOTFjNTliMTA4NzFh
YTMwNDQwHhcNMjQwMTAyMTQzNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDU0ZTdiZDQ5NzhhMDkxNzQzNTkyYzk4YTBiMTFiYjZmNWE4MDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt4mCRHPFCMG9L5zpCm2O+w0t1Ar
+cdx4odrkPs4JSFHCv5sgKFuvmvnPiNt0MfbeGVz7vgzvIRZLqRXvmA2sXVLli1R
QpMGllm/BSBQZMjTDmv0z9HStbFJYszwoGNQWLGGXqGrhfOOd7w70C4HQQa+mxzH
lW4pvL8DebVD2CGbDTXkoDW2ZKAsk0itEFzM8hSd2U8uT+G6DRg7PvDSNq57eeeb
INQdrJvtOOK+dPMcyEG03aWbaVOCDKo+LxFVoyw9anSHYw3/epbVR4ATG/EeJcGf
cSLAQD416Vu5vn72jzlyoaiSulcUblD9gCMGDzX0Hz8epf3TaT99ehscEQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFK1U571JeKCRdDWSyYoLEbtvWoA3MB8GA1UdIwQY
MBaAFLGU8DBO7dNjxmIv2RxZsQhxqjBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUt
YWZiZGJkYWQ1OGE1LzEvclZUbnZVbDRvSkYwTlpMSmlnc1J1MjlhZ0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUtYWZiZGJkYWQ1OGE1
LzEvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDV2UIAwQC
uSg4AwQCuWx0AwQAwh6gMBQEAgACMA4DBQAqAU1gAwUDKgZKgDANBgkqhkiG9w0B
AQsFAAOCAQEAwfvYFgiUkyZXH/qK9Ppr+gdVqRnDldLh9bE+FbJliwsRMFSR1IrI
6TZAZuRs5i6/v48BcA6Dey8aa4TKMaZRseB5AHs7wV1gzKWx1POPkSfVfbsrvus5
Sx8XCEbly5nYAIVQ7K4oLO711glhBXy840IDbPkG+l1yvcwV7TpF3CnEaFRW635U
6at9k+sBaSkZIuEeNz11u5+Qx/Vl0KnNs9E8ga5CcYcsnOhVp0gEhgw6PwjvMbop
xmYFoNUl+dmlrI97hfzP2o7gOL7xR3KLunMFeMujdjJ1URLPkZ3BGirlGlCgbLW6
sgpzvQo58Ic4HgJrx1mDEvI9eIpOLIdIVg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:19:40 2024 by rpki-client on console-ams.rpki-client.org