Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/7a542d-719e-46d0-a5cc-061dd681332c/1/iy4arj3HpBm4HeMdtKuF4iJYXtA.roa
File: iy4arj3HpBm4HeMdtKuF4iJYXtA.roa (raw, json)
Hash identifier: hjdhwOkvz04hMLgJpQO4ImbdGDxbgFmx5Pm4l78d7D0=
Subject key identifier: 8B:2E:1A:AE:3D:C7:A4:19:B8:1D:E3:1D:B4:AB:85:E2:22:58:5E:D0
Certificate issuer: /CN=36af041d12c4adb66f8c16113c9a6147d02388d9
Certificate serial: 018CC94D53213B0AA699D3D7D2151E0A9DC3
Authority key identifier: 36:AF:04:1D:12:C4:AD:B6:6F:8C:16:11:3C:9A:61:47:D0:23:88:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nq8EHRLErbZvjBYRPJphR9AjiNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/7a542d-719e-46d0-a5cc-061dd681332c/1/iy4arj3HpBm4HeMdtKuF4iJYXtA.roa
Signing time: Tue 02 Jan 2024 08:32:17 +0000
ROA not before: Tue 02 Jan 2024 08:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198203
IP address blocks: 81.4.108.0/22 maxlen: 24
81.4.124.0/22 maxlen: 24
81.4.120.0/22 maxlen: 24
185.34.219.0/24 maxlen: 24
185.34.218.0/24 maxlen: 24
185.34.216.0/24 maxlen: 24
91.229.232.0/24 maxlen: 24
81.4.104.0/22 maxlen: 24
81.4.100.0/22 maxlen: 24
185.56.60.0/22 maxlen: 24
185.56.61.0/24 maxlen: 24
176.56.224.0/20 maxlen: 24
176.56.232.0/24 maxlen: 24
176.56.237.0/24 maxlen: 24
176.56.238.0/24 maxlen: 24
176.56.236.0/24 maxlen: 24
2a00:d880::/32 maxlen: 48
2a00:d880:4::/48 maxlen: 48
2a02:50e0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/7a542d-719e-46d0-a5cc-061dd681332c/1/Nq8EHRLErbZvjBYRPJphR9AjiNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/7a542d-719e-46d0-a5cc-061dd681332c/1/Nq8EHRLErbZvjBYRPJphR9AjiNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nq8EHRLErbZvjBYRPJphR9AjiNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:53:21:3b:0a:a6:99:d3:d7:d2:15:1e:0a:9d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36af041d12c4adb66f8c16113c9a6147d02388d9
Validity
Not Before: Jan 2 08:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b2e1aae3dc7a419b81de31db4ab85e222585ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e6:53:43:d5:e3:60:e8:ad:4a:04:bf:62:b4:
75:bd:b5:c5:a0:ce:35:0e:a6:91:16:fc:0e:e6:1c:
94:1f:b7:be:dc:93:74:21:fb:35:c7:d2:00:13:a9:
d3:7e:ac:9e:87:b5:a0:9b:3a:b4:3f:62:fc:21:db:
7a:ff:b3:6e:b8:28:48:ed:dd:cb:6f:21:3f:d8:ce:
4d:b8:26:45:1f:25:b2:4a:69:3d:e1:37:4f:a3:f6:
dc:b4:60:e4:98:91:b2:db:ca:cd:2d:5f:a3:e5:c7:
85:50:43:01:ac:33:b7:01:e6:c0:91:86:63:ee:e1:
a8:57:a4:c4:9f:ed:b8:a7:d4:f6:3b:09:f5:32:cd:
ed:9b:e0:ab:0e:32:7d:dd:08:b4:21:27:00:66:6a:
17:9a:71:8a:f5:d0:18:10:8c:d4:76:0f:7a:47:80:
68:b9:62:f1:be:7c:61:27:c6:be:cb:2d:1e:3d:0b:
11:91:c0:fd:2f:b5:16:9c:d5:59:8a:1f:e8:98:63:
e1:19:9b:4d:d9:42:aa:95:7d:b7:f7:5d:3f:a7:ea:
94:78:fb:01:0e:b3:3c:c1:ae:de:98:66:12:2a:11:
be:63:2e:18:24:83:34:82:0e:c3:06:a2:05:6d:24:
e0:38:80:ec:85:24:4a:d4:b7:39:a6:c6:da:c8:c4:
e9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2E:1A:AE:3D:C7:A4:19:B8:1D:E3:1D:B4:AB:85:E2:22:58:5E:D0
X509v3 Authority Key Identifier:
keyid:36:AF:04:1D:12:C4:AD:B6:6F:8C:16:11:3C:9A:61:47:D0:23:88:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nq8EHRLErbZvjBYRPJphR9AjiNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/7a542d-719e-46d0-a5cc-061dd681332c/1/iy4arj3HpBm4HeMdtKuF4iJYXtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/7a542d-719e-46d0-a5cc-061dd681332c/1/Nq8EHRLErbZvjBYRPJphR9AjiNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.4.100.0-81.4.111.255
81.4.120.0/21
91.229.232.0/24
176.56.224.0/20
185.34.216.0/24
185.34.218.0/23
185.56.60.0/22
IPv6:
2a00:d880::/32
2a02:50e0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:96:b6:b8:80:c6:6f:15:80:ae:cb:9f:89:53:4e:2c:1c:58:
0e:50:d2:11:64:6a:f9:fa:47:fd:a8:22:d0:1d:b6:ab:28:2c:
32:e6:95:77:a5:7d:08:61:82:2d:01:21:79:82:1f:be:13:24:
ba:cb:36:98:64:08:39:b0:77:45:48:23:68:fa:c1:0a:c0:39:
09:11:df:1b:2a:51:a4:68:49:19:c5:c4:5f:b5:c7:ad:d1:cc:
fa:cc:42:24:49:4c:7c:78:df:5c:f4:b2:39:e4:26:86:82:df:
52:95:c4:95:fd:7d:5b:64:7d:6b:67:43:4f:51:d6:5e:02:fc:
92:83:2b:3e:35:18:35:ff:5c:b9:b8:f8:1f:31:29:7c:e9:19:
54:69:67:c9:e8:a2:29:19:ab:e9:eb:fb:1d:d2:2a:ff:70:51:
ff:dc:69:84:66:6b:ed:f8:66:08:25:d2:11:be:5a:15:b1:a4:
6e:ff:5e:1c:4a:27:f2:af:42:9b:5f:64:4c:46:15:4e:a6:91:
4a:b8:6a:80:17:b0:35:af:99:95:a6:12:53:78:b0:8b:48:1d:
f3:66:7f:16:49:09:f5:b8:f2:71:b4:fc:a0:6b:48:e6:53:21:
a7:91:bf:ba:01:9c:5f:3f:15:cb:89:11:a9:90:14:8c:b0:2c:
0f:6e:c2:95
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzJTVMhOwqmmdPX0hUeCp3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YWYwNDFkMTJjNGFkYjY2ZjhjMTYxMTNjOWE2MTQ3ZDAy
Mzg4ZDkwHhcNMjQwMTAyMDgzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjJlMWFhZTNkYzdhNDE5YjgxZGUzMWRiNGFiODVlMjIyNTg1ZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOZTQ9XjYOitSgS/YrR1vbXFoM41
DqaRFvwO5hyUH7e+3JN0Ifs1x9IAE6nTfqyeh7Wgmzq0P2L8Idt6/7NuuChI7d3L
byE/2M5NuCZFHyWySmk94TdPo/bctGDkmJGy28rNLV+j5ceFUEMBrDO3AebAkYZj
7uGoV6TEn+24p9T2Own1Ms3tm+CrDjJ93Qi0IScAZmoXmnGK9dAYEIzUdg96R4Bo
uWLxvnxhJ8a+yy0ePQsRkcD9L7UWnNVZih/omGPhGZtN2UKqlX23910/p+qUePsB
DrM8wa7emGYSKhG+Yy4YJIM0gg7DBqIFbSTgOIDshSRK1Lc5psbayMTpPwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIsuGq49x6QZuB3jHbSrheIiWF7QMB8GA1UdIwQY
MBaAFDavBB0SxK22b4wWETyaYUfQI4jZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnE4RUhSTEVyYlp2akJZUlBKcGhSOUFqaU5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83YTU0MmQtNzE5ZS00NmQwLWE1Y2Mt
MDYxZGQ2ODEzMzJjLzEvaXk0YXJqM0hwQm00SGVNZHRLdUY0aUpZWHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83YTU0MmQtNzE5ZS00NmQwLWE1Y2MtMDYxZGQ2ODEzMzJj
LzEvTnE4RUhSTEVyYlp2akJZUlBKcGhSOUFqaU5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA4BAIAATAyMAwDBAJRBGQD
BARRBGADBANRBHgDBABb5egDBASwOOADBAC5ItgDBAG5ItoDBAK5ODwwFAQCAAIw
DgMFACoA2IADBQAqAlDgMA0GCSqGSIb3DQEBCwUAA4IBAQALlra4gMZvFYCuy5+J
U04sHFgOUNIRZGr5+kf9qCLQHbarKCwy5pV3pX0IYYItASF5gh++EyS6yzaYZAg5
sHdFSCNo+sEKwDkJEd8bKlGkaEkZxcRftcet0cz6zEIkSUx8eN9c9LI55CaGgt9S
lcSV/X1bZH1rZ0NPUdZeAvySgys+NRg1/1y5uPgfMSl86RlUaWfJ6KIpGavp6/sd
0ir/cFH/3GmEZmvt+GYIJdIRvloVsaRu/14cSifyr0KbX2RMRhVOppFKuGqAF7A1
r5mVphJTeLCLSB3zZn8WSQn1uPJxtPyga0jmUyGnkb+6AZxfPxXLiRGpkBSMsCwP
bsKV
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:00:35 2024 by rpki-client on console-fra.rpki-client.org