Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/DWfzrcKb9Tln-0ewrEqDIZxvJ_g.roa
File: DWfzrcKb9Tln-0ewrEqDIZxvJ_g.roa (raw, json)
Hash identifier: Ca8F5EwlE2mIEcZwtjQbqv34COWrAYtXGzvWct7I5k8=
Subject key identifier: 0D:67:F3:AD:C2:9B:F5:39:67:FB:47:B0:AC:4A:83:21:9C:6F:27:F8
Certificate issuer: /CN=c3df2ef37007d54f86bba27573d33ad695c9ee5c
Certificate serial: 018CC26CFA0BB8237E8BCB19091D2F1EEEAA
Authority key identifier: C3:DF:2E:F3:70:07:D5:4F:86:BB:A2:75:73:D3:3A:D6:95:C9:EE:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w98u83AH1U-Gu6J1c9M61pXJ7lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/DWfzrcKb9Tln-0ewrEqDIZxvJ_g.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198187
IP address blocks: 193.42.241.0/24 maxlen: 24
193.42.242.0/24 maxlen: 24
193.42.242.0/23 maxlen: 23
193.42.243.0/24 maxlen: 24
185.174.112.0/23 maxlen: 23
185.174.112.0/22 maxlen: 22
185.174.112.0/24 maxlen: 24
185.174.115.0/24 maxlen: 24
185.174.113.0/24 maxlen: 24
185.174.114.0/24 maxlen: 24
185.174.114.0/23 maxlen: 23
91.232.62.0/24 maxlen: 24
91.232.62.0/23 maxlen: 23
91.232.63.0/24 maxlen: 24
176.100.192.0/21 maxlen: 21
176.100.192.0/23 maxlen: 23
176.100.192.0/22 maxlen: 22
176.100.198.0/23 maxlen: 23
176.100.196.0/23 maxlen: 23
176.100.196.0/22 maxlen: 22
176.100.194.0/23 maxlen: 23
91.231.23.0/24 maxlen: 24
195.170.190.0/24 maxlen: 24
193.42.240.0/24 maxlen: 24
193.42.240.0/22 maxlen: 22
193.42.240.0/23 maxlen: 23
195.182.10.0/24 maxlen: 24
195.182.15.0/24 maxlen: 24
195.182.19.0/24 maxlen: 24
2a0b:9d02:c000::/34 maxlen: 34
2a0b:9d02:8000::/34 maxlen: 34
2a0b:9d02:4000::/34 maxlen: 34
2a0b:9d02::/34 maxlen: 34
2a0b:9d02::/32 maxlen: 32
2a0b:9d02:8000::/33 maxlen: 33
2a0b:9d02::/33 maxlen: 33
2a0b:9d03:8000::/33 maxlen: 33
2a0b:9d03::/33 maxlen: 33
2a0b:9d03::/32 maxlen: 32
2a0b:9d03:c000::/34 maxlen: 34
2a0b:9d03:8000::/34 maxlen: 34
2a0b:9d03:4000::/34 maxlen: 34
2a0b:9d03::/34 maxlen: 34
2a0b:9d01:c000::/34 maxlen: 34
2a0b:9d01:8000::/34 maxlen: 34
2a0b:9d01:4000::/34 maxlen: 34
2a0b:9d01::/34 maxlen: 34
2a0b:9d01::/32 maxlen: 32
2a0b:9d01:8000::/33 maxlen: 33
2a0b:9d01::/33 maxlen: 33
2a0b:9d00:c000::/34 maxlen: 34
2a0b:9d00:8000::/34 maxlen: 34
2a0b:9d00:4000::/34 maxlen: 34
2a0b:9d00::/34 maxlen: 34
2a0b:9d00:8000::/33 maxlen: 33
2a0b:9d00::/33 maxlen: 33
2a0b:9d00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/w98u83AH1U-Gu6J1c9M61pXJ7lw.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/w98u83AH1U-Gu6J1c9M61pXJ7lw.mft
rsync://rpki.ripe.net/repository/DEFAULT/w98u83AH1U-Gu6J1c9M61pXJ7lw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fa:0b:b8:23:7e:8b:cb:19:09:1d:2f:1e:ee:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3df2ef37007d54f86bba27573d33ad695c9ee5c
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d67f3adc29bf53967fb47b0ac4a83219c6f27f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:2b:e6:cd:ba:07:f4:46:fb:ac:b0:24:09:b5:
b0:b9:d3:01:77:a8:58:8a:28:49:81:e3:29:8c:f6:
7e:e1:2a:6b:72:84:21:a7:8c:af:08:6b:66:28:ec:
84:0a:3a:90:a3:75:88:2b:b9:00:19:18:5e:04:a2:
a5:ae:fb:77:73:0e:25:25:bb:ca:29:c2:1d:bf:f9:
28:51:2a:0d:76:4d:07:2a:29:64:b8:bc:e0:41:20:
dd:78:a8:8a:37:a0:87:02:45:2d:64:cd:e1:89:63:
cf:65:63:51:ab:d6:a8:1c:fa:9d:66:62:b6:fa:22:
29:05:34:2c:4b:af:aa:be:09:83:22:bd:85:69:03:
3d:62:c6:85:26:89:10:c4:c3:a9:fb:90:c3:00:79:
89:02:7a:7c:f9:75:11:65:0e:fd:45:6a:26:ec:9b:
b4:34:c3:f3:df:f5:82:5d:9f:e1:1a:84:70:50:19:
4e:61:20:98:88:a9:10:13:dd:fe:de:cc:47:8d:23:
2d:d5:69:95:35:76:07:84:f5:77:93:f4:3c:f0:ce:
e8:d0:78:ae:b7:0e:e7:ba:5c:4c:ef:70:7e:c8:1a:
32:e8:97:ae:c7:ba:c1:7f:a4:f6:ee:82:54:f0:04:
ff:eb:9c:04:95:1b:67:bb:75:cb:78:f9:65:0a:58:
98:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:67:F3:AD:C2:9B:F5:39:67:FB:47:B0:AC:4A:83:21:9C:6F:27:F8
X509v3 Authority Key Identifier:
keyid:C3:DF:2E:F3:70:07:D5:4F:86:BB:A2:75:73:D3:3A:D6:95:C9:EE:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w98u83AH1U-Gu6J1c9M61pXJ7lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/DWfzrcKb9Tln-0ewrEqDIZxvJ_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/w98u83AH1U-Gu6J1c9M61pXJ7lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.23.0/24
91.232.62.0/23
176.100.192.0/21
185.174.112.0/22
193.42.240.0/22
195.170.190.0/24
195.182.10.0/24
195.182.15.0/24
195.182.19.0/24
IPv6:
2a0b:9d00::/30
Signature Algorithm: sha256WithRSAEncryption
41:66:3e:b9:a4:76:48:8c:d5:33:ac:f5:31:c5:94:6d:f8:9f:
4c:4a:45:5d:cb:ca:48:a0:9a:e1:86:96:d0:17:9d:a3:ad:ac:
14:ce:7e:d3:dd:9c:20:3b:87:a2:65:ff:07:ce:b0:fc:bc:b8:
f7:c5:32:f9:42:9d:9d:ec:78:14:5b:33:bb:30:94:e4:39:53:
0d:71:ba:f7:cc:7e:b5:25:ea:fa:78:03:72:03:73:04:df:72:
95:a1:4c:0e:4b:8b:58:54:7e:02:3c:c8:1e:2a:da:a7:da:a6:
11:74:95:cb:57:47:58:04:52:a7:ce:a1:39:5a:6f:76:ac:23:
f1:3f:3c:bb:04:17:6b:8c:02:9f:27:96:8b:f0:21:ac:ef:3b:
8f:e6:6d:00:ea:7c:26:26:22:f4:d1:67:3e:15:6a:eb:20:5a:
ac:c7:89:ab:20:71:dd:37:b7:29:de:92:69:3f:9b:1a:53:2c:
d6:9b:00:d0:a3:ae:7a:47:35:d0:50:80:db:fb:e2:3d:34:78:
12:3e:49:7d:2b:b0:bf:3f:f2:31:df:6d:08:f2:f8:6b:c5:6e:
3a:e1:84:6f:9f:f3:f1:3c:48:98:f2:c1:b5:4a:c3:5c:1b:0b:
58:57:4a:2e:4b:d8:ca:81:28:e6:7a:fe:d2:b2:83:e6:b3:e3:
d2:e7:78:96
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzCbPoLuCN+i8sZCR0vHu6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZGYyZWYzNzAwN2Q1NGY4NmJiYTI3NTczZDMzYWQ2OTVj
OWVlNWMwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDY3ZjNhZGMyOWJmNTM5NjdmYjQ3YjBhYzRhODMyMTljNmYyN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ivmzboH9Eb7rLAkCbWwudMBd6hY
iihJgeMpjPZ+4SprcoQhp4yvCGtmKOyECjqQo3WIK7kAGRheBKKlrvt3cw4lJbvK
KcIdv/koUSoNdk0HKilkuLzgQSDdeKiKN6CHAkUtZM3hiWPPZWNRq9aoHPqdZmK2
+iIpBTQsS6+qvgmDIr2FaQM9YsaFJokQxMOp+5DDAHmJAnp8+XURZQ79RWom7Ju0
NMPz3/WCXZ/hGoRwUBlOYSCYiKkQE93+3sxHjSMt1WmVNXYHhPV3k/Q88M7o0Hiu
tw7nulxM73B+yBoy6Jeux7rBf6T27oJU8AT/65wElRtnu3XLePllCliYpQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFA1n863Cm/U5Z/tHsKxKgyGcbyf4MB8GA1UdIwQY
MBaAFMPfLvNwB9VPhruidXPTOtaVye5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzk4dTgzQUgxVS1HdTZKMWM5TTYxcFhKN2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85YTk3ZjAtNTBiNi00ODQ0LTg5ZDQt
MjNhMjc2YTQyOGFiLzEvRFdmenJjS2I5VGxuLTBld3JFcURJWnh2Sl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85YTk3ZjAtNTBiNi00ODQ0LTg5ZDQtMjNhMjc2YTQyOGFi
LzEvdzk4dTgzQUgxVS1HdTZKMWM5TTYxcFhKN2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAW+cXAwQB
W+g+AwQDsGTAAwQCua5wAwQCwSrwAwQAw6q+AwQAw7YKAwQAw7YPAwQAw7YTMA0E
AgACMAcDBQIqC50AMA0GCSqGSIb3DQEBCwUAA4IBAQBBZj65pHZIjNUzrPUxxZRt
+J9MSkVdy8pIoJrhhpbQF52jrawUzn7T3ZwgO4eiZf8HzrD8vLj3xTL5Qp2d7HgU
WzO7MJTkOVMNcbr3zH61Jer6eANyA3ME33KVoUwOS4tYVH4CPMgeKtqn2qYRdJXL
V0dYBFKnzqE5Wm92rCPxPzy7BBdrjAKfJ5aL8CGs7zuP5m0A6nwmJiL00Wc+FWrr
IFqsx4mrIHHdN7cp3pJpP5saUyzWmwDQo656RzXQUIDb++I9NHgSPkl9K7C/P/Ix
320I8vhrxW464YRvn/PxPEiY8sG1SsNcGwtYV0ouS9jKgSjmev7SsoPms+PS53iW
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:20:15 2024 by rpki-client on console-fra.rpki-client.org