Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/suxYWtuepRFF2ELVruBIkeOsoFw.roa
File: suxYWtuepRFF2ELVruBIkeOsoFw.roa (raw, json)
Hash identifier: /DBr89+uwS8rEFsuj+MxhxoF2yr2TERLk+uHN9jOkNw=
Subject key identifier: B2:EC:58:5A:DB:9E:A5:11:45:D8:42:D5:AE:E0:48:91:E3:AC:A0:5C
Certificate issuer: /CN=dbe0ca7c1e0e8a1c7ad02d0bb828b41188ae5243
Certificate serial: 018CC500F0AC7EBD957FF35311B6461B953D
Authority key identifier: DB:E0:CA:7C:1E:0E:8A:1C:7A:D0:2D:0B:B8:28:B4:11:88:AE:52:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/suxYWtuepRFF2ELVruBIkeOsoFw.roa
Signing time: Mon 01 Jan 2024 12:30:22 +0000
ROA not before: Mon 01 Jan 2024 12:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45014
IP address blocks: 194.150.252.0/23 maxlen: 24
217.172.128.0/20 maxlen: 24
185.18.32.0/24 maxlen: 24
185.184.236.0/22 maxlen: 22
159.253.56.0/21 maxlen: 24
80.93.160.0/20 maxlen: 24
92.60.96.0/20 maxlen: 24
2a00:1a90::/32 maxlen: 48
2a03:f2c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f0:ac:7e:bd:95:7f:f3:53:11:b6:46:1b:95:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe0ca7c1e0e8a1c7ad02d0bb828b41188ae5243
Validity
Not Before: Jan 1 12:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2ec585adb9ea51145d842d5aee04891e3aca05c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ce:df:ff:f3:0f:ba:23:bd:05:7f:9e:9c:8e:
bb:0a:66:b5:81:b3:e6:6d:fc:df:c7:86:68:ef:dc:
a6:e4:de:97:1a:ca:7f:e2:31:bd:e7:81:08:e3:7f:
08:f3:83:b6:79:8b:df:82:ee:6e:a8:c3:df:ac:63:
a5:e0:79:3b:f0:1a:4c:a2:1a:18:60:a3:c4:61:65:
e3:cb:ec:d2:5c:40:e1:93:4a:2e:ab:d1:f5:37:c7:
14:63:12:0e:a6:0b:f0:bc:bb:ff:99:16:2a:01:f5:
a4:aa:6d:e1:90:8b:ef:83:2f:80:6f:a4:53:b4:00:
41:11:a2:43:ef:27:a0:c5:fa:09:18:98:a4:63:91:
a1:3c:57:40:28:df:14:b7:89:a8:59:4f:94:bb:98:
8c:94:c4:c2:a7:f9:bd:55:23:5a:3f:87:5a:07:a2:
e9:04:1f:db:6b:59:1b:3b:34:81:67:ea:b7:40:75:
96:fe:48:c3:1c:2c:59:4b:91:fa:3c:a3:10:bc:a9:
2c:a1:95:9e:45:28:7b:47:85:14:c7:9f:cb:ad:f9:
df:cb:3a:96:28:af:8c:62:35:c0:16:fa:46:45:44:
72:d6:fc:98:c1:52:43:f8:92:37:3d:6d:3a:07:78:
70:10:01:f2:9b:69:39:96:3f:10:df:ae:81:b9:c4:
1f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EC:58:5A:DB:9E:A5:11:45:D8:42:D5:AE:E0:48:91:E3:AC:A0:5C
X509v3 Authority Key Identifier:
keyid:DB:E0:CA:7C:1E:0E:8A:1C:7A:D0:2D:0B:B8:28:B4:11:88:AE:52:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-DKfB4Oihx60C0LuCi0EYiuUkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/suxYWtuepRFF2ELVruBIkeOsoFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f3c8e8-c5bc-4211-a9ac-4f9112ede968/1/2-DKfB4Oihx60C0LuCi0EYiuUkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.160.0/20
92.60.96.0/20
159.253.56.0/21
185.18.32.0/24
185.184.236.0/22
194.150.252.0/23
217.172.128.0/20
IPv6:
2a00:1a90::/32
2a03:f2c0::/32
Signature Algorithm: sha256WithRSAEncryption
93:ef:27:40:12:6b:47:8b:8b:8d:21:ac:9c:37:15:d5:11:bf:
26:9c:48:80:8d:54:9c:a8:26:2f:41:ce:04:0d:63:fb:f3:7d:
0a:72:32:33:eb:5d:18:40:70:e5:29:e1:5f:c0:53:99:b9:0e:
c2:c0:2d:c5:53:94:0f:cc:9a:e6:27:c0:79:09:39:bd:a0:c0:
fb:75:f6:84:ba:d1:39:aa:43:c2:e4:7b:05:97:ce:ed:52:71:
6d:90:bd:6a:77:e5:24:75:16:42:8f:be:e2:e3:92:87:17:5d:
d8:d2:47:23:23:fd:0b:9d:e4:7b:74:28:47:0a:32:37:fc:7a:
d6:19:9a:2b:a3:ca:37:ba:d6:f2:03:f7:56:17:99:2e:c4:5f:
20:f1:d9:a1:f4:12:3f:7c:e0:f2:c6:7e:1a:bc:b2:86:2e:b4:
fc:46:6c:9a:60:20:78:1c:8c:0a:7c:83:0f:6d:b9:db:8a:53:
2d:bc:c7:92:f8:52:00:18:05:b2:54:a5:eb:c7:68:98:83:82:
0b:00:70:1e:cb:c5:a4:71:1a:11:10:6f:f0:2f:4e:75:84:ac:
a5:f1:8c:58:e8:2b:60:7a:bc:23:53:4f:c6:6e:5e:e6:a5:3f:
67:0c:8c:58:c7:fc:d4:a4:25:47:bd:17:15:2b:93:57:a4:46:
c2:88:2f:ed
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzFAPCsfr2Vf/NTEbZGG5U9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZTBjYTdjMWUwZThhMWM3YWQwMmQwYmI4MjhiNDExODhh
ZTUyNDMwHhcNMjQwMTAxMTIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmVjNTg1YWRiOWVhNTExNDVkODQyZDVhZWUwNDg5MWUzYWNhMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM7f//MPuiO9BX+enI67Cma1gbPm
bfzfx4Zo79ym5N6XGsp/4jG954EI438I84O2eYvfgu5uqMPfrGOl4Hk78BpMohoY
YKPEYWXjy+zSXEDhk0ouq9H1N8cUYxIOpgvwvLv/mRYqAfWkqm3hkIvvgy+Ab6RT
tABBEaJD7yegxfoJGJikY5GhPFdAKN8Ut4moWU+Uu5iMlMTCp/m9VSNaP4daB6Lp
BB/ba1kbOzSBZ+q3QHWW/kjDHCxZS5H6PKMQvKksoZWeRSh7R4UUx5/LrfnfyzqW
KK+MYjXAFvpGRURy1vyYwVJD+JI3PW06B3hwEAHym2k5lj8Q366BucQfnwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFLLsWFrbnqURRdhC1a7gSJHjrKBcMB8GA1UdIwQY
MBaAFNvgynweDoocetAtC7gotBGIrlJDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1ES2ZCNE9paHg2MEMwTHVDaTBFWWl1VWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mM2M4ZTgtYzViYy00MjExLWE5YWMt
NGY5MTEyZWRlOTY4LzEvc3V4WVd0dWVwUkZGMkVMVnJ1QklrZU9zb0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mM2M4ZTgtYzViYy00MjExLWE5YWMtNGY5MTEyZWRlOTY4
LzEvMi1ES2ZCNE9paHg2MEMwTHVDaTBFWWl1VWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQEUF2gAwQE
XDxgAwQDn/04AwQAuRIgAwQCubjsAwQBwpb8AwQE2ayAMBQEAgACMA4DBQAqABqQ
AwUAKgPywDANBgkqhkiG9w0BAQsFAAOCAQEAk+8nQBJrR4uLjSGsnDcV1RG/JpxI
gI1UnKgmL0HOBA1j+/N9CnIyM+tdGEBw5SnhX8BTmbkOwsAtxVOUD8ya5ifAeQk5
vaDA+3X2hLrROapDwuR7BZfO7VJxbZC9anflJHUWQo++4uOShxdd2NJHIyP9C53k
e3QoRwoyN/x61hmaK6PKN7rW8gP3VheZLsRfIPHZofQSP3zg8sZ+Gryyhi60/EZs
mmAgeByMCnyDD22524pTLbzHkvhSABgFslSl68domIOCCwBwHsvFpHEaERBv8C9O
dYSspfGMWOgrYHq8I1NPxm5e5qU/ZwyMWMf81KQlR70XFSuTV6RGwogv7Q==
-----END CERTIFICATE-----
Generated at Fri May 10 09:18:09 2024 by rpki-client on console-fra.rpki-client.org