Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/DApSb9jn6XET_VUrY55xmf-V2XA.roa
File: DApSb9jn6XET_VUrY55xmf-V2XA.roa (raw, json)
Hash identifier: Ru5R7iZTVrAJXwtXlTENzh3X41tddRtMVP75pJvPtG8=
Subject key identifier: 0C:0A:52:6F:D8:E7:E9:71:13:FD:55:2B:63:9E:71:99:FF:95:D9:70
Certificate issuer: /CN=d031655023bd141731d56fb8453ff0514f728865
Certificate serial: 018CC6B8460AFE25152FEB5FA8A4DB18243E
Authority key identifier: D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/DApSb9jn6XET_VUrY55xmf-V2XA.roa
Signing time: Mon 01 Jan 2024 20:30:14 +0000
ROA not before: Mon 01 Jan 2024 20:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59862
IP address blocks: 176.223.92.0/22 maxlen: 22
188.215.20.0/22 maxlen: 22
188.215.20.0/24 maxlen: 24
93.119.20.0/24 maxlen: 24
93.119.20.0/23 maxlen: 23
188.215.22.0/24 maxlen: 24
93.119.22.0/24 maxlen: 24
188.215.21.0/24 maxlen: 24
93.119.21.0/24 maxlen: 24
188.215.23.0/24 maxlen: 24
85.204.172.0/22 maxlen: 22
85.204.172.0/24 maxlen: 24
85.204.173.0/24 maxlen: 24
85.204.175.0/24 maxlen: 24
85.204.174.0/24 maxlen: 24
185.63.88.0/24 maxlen: 24
185.63.88.0/22 maxlen: 22
176.223.88.0/22 maxlen: 22
176.223.88.0/21 maxlen: 21
185.63.90.0/24 maxlen: 24
185.63.89.0/24 maxlen: 24
185.63.91.0/24 maxlen: 24
153.92.176.0/22 maxlen: 22
153.92.177.0/24 maxlen: 24
153.92.176.0/24 maxlen: 24
153.92.178.0/24 maxlen: 24
153.92.179.0/24 maxlen: 24
2a03:a60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 19:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:46:0a:fe:25:15:2f:eb:5f:a8:a4:db:18:24:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d031655023bd141731d56fb8453ff0514f728865
Validity
Not Before: Jan 1 20:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c0a526fd8e7e97113fd552b639e7199ff95d970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e3:79:0a:1c:63:0b:22:5f:47:73:12:62:04:
d6:b5:8c:ed:be:05:af:ef:6b:dc:b0:7b:9e:b8:e2:
b3:27:a8:fa:a6:fd:b6:48:b4:81:0f:8c:1d:a6:91:
57:de:f7:d0:97:af:82:9d:56:c9:08:1f:bc:89:b2:
2e:d0:53:91:dd:5a:08:3d:e2:89:ef:54:c4:0d:0b:
6e:d3:f2:67:e8:1d:f2:73:77:6d:06:02:f9:f8:e2:
bc:a8:17:94:89:e4:04:f5:0a:76:e5:b6:76:15:cf:
66:dd:a2:ff:e9:48:e3:29:0c:fa:70:24:23:d5:71:
9a:d2:00:ce:e1:a4:60:91:5f:d7:89:82:35:e3:1e:
4c:ea:54:71:2a:8d:4c:01:87:c0:76:d0:04:fa:3e:
53:4d:cd:d0:72:6a:a2:7c:0d:6d:5e:31:e0:98:97:
31:f1:80:dd:f7:73:cd:bc:04:bc:5c:9d:1f:d3:92:
ed:25:ad:19:5b:b4:3d:56:75:91:4d:75:9c:a3:52:
20:be:77:0a:b8:db:35:ed:f6:78:fc:b8:ad:53:42:
df:00:a7:fa:aa:b9:ec:02:a4:ec:f5:dc:7a:c6:32:
7b:cf:6b:6b:e7:13:2c:92:df:bb:65:bc:d7:61:1c:
16:a4:a4:15:05:41:ff:47:77:6d:06:f6:c1:9b:3c:
6c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0A:52:6F:D8:E7:E9:71:13:FD:55:2B:63:9E:71:99:FF:95:D9:70
X509v3 Authority Key Identifier:
keyid:D0:31:65:50:23:BD:14:17:31:D5:6F:B8:45:3F:F0:51:4F:72:88:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DFlUCO9FBcx1W-4RT_wUU9yiGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/DApSb9jn6XET_VUrY55xmf-V2XA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/9cf95f-73d3-4e4f-a979-d8bd2f56bc8c/1/0DFlUCO9FBcx1W-4RT_wUU9yiGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.172.0/22
93.119.20.0-93.119.22.255
153.92.176.0/22
176.223.88.0/21
185.63.88.0/22
188.215.20.0/22
IPv6:
2a03:a60::/32
Signature Algorithm: sha256WithRSAEncryption
5c:49:7c:2c:aa:3f:49:5f:a6:29:50:3f:d7:d7:3a:bb:c8:be:
e6:8d:04:cf:b6:18:86:68:1b:f7:7a:73:e7:3c:a7:d1:5b:32:
8c:35:67:e1:5f:47:70:66:b8:45:94:61:42:0a:ba:ca:cc:2d:
24:cf:1d:6f:66:14:c3:4b:b9:e0:ed:4a:5c:a8:99:61:80:30:
51:d3:0c:12:ba:9b:f9:db:0e:48:9e:e2:8d:e0:ed:b6:db:b6:
c6:eb:28:dd:92:a4:6a:ba:0c:ff:f5:bd:69:72:dd:d9:69:58:
f3:0e:41:db:16:2d:98:0e:6f:d5:cb:e2:ca:1e:25:a8:82:d6:
16:15:14:c1:cf:75:c8:80:37:93:e3:45:3d:de:49:67:ee:fe:
b0:d6:2a:a5:b7:49:95:40:e7:8a:7b:08:c3:f1:29:be:a0:69:
60:19:40:1c:e1:14:78:36:d9:a2:24:62:ae:85:25:ac:2d:dd:
ec:b2:ca:7e:75:04:00:93:ce:1c:8b:11:da:b7:c7:44:13:12:
c0:87:29:00:5a:20:cf:d0:10:b8:f3:ba:85:ee:25:3a:a9:21:
02:28:7a:88:54:6d:5b:69:ce:8b:af:90:9b:5e:82:f3:ac:dd:
e0:cf:f3:7c:fd:57:c5:cc:7c:cc:22:5e:d5:4a:3c:12:0e:36:
a1:f7:15:21
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzGuEYK/iUVL+tfqKTbGCQ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzE2NTUwMjNiZDE0MTczMWQ1NmZiODQ1M2ZmMDUxNGY3
Mjg4NjUwHhcNMjQwMTAxMjAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzBhNTI2ZmQ4ZTdlOTcxMTNmZDU1MmI2MzllNzE5OWZmOTVkOTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgON5ChxjCyJfR3MSYgTWtYztvgWv
72vcsHueuOKzJ6j6pv22SLSBD4wdppFX3vfQl6+CnVbJCB+8ibIu0FOR3VoIPeKJ
71TEDQtu0/Jn6B3yc3dtBgL5+OK8qBeUieQE9Qp25bZ2Fc9m3aL/6UjjKQz6cCQj
1XGa0gDO4aRgkV/XiYI14x5M6lRxKo1MAYfAdtAE+j5TTc3QcmqifA1tXjHgmJcx
8YDd93PNvAS8XJ0f05LtJa0ZW7Q9VnWRTXWco1IgvncKuNs17fZ4/LitU0LfAKf6
qrnsAqTs9dx6xjJ7z2tr5xMskt+7ZbzXYRwWpKQVBUH/R3dtBvbBmzxsewIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAwKUm/Y5+lxE/1VK2OecZn/ldlwMB8GA1UdIwQY
MBaAFNAxZVAjvRQXMdVvuEU/8FFPcohlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERGbFVDTzlGQmN4MVctNFJUX3dVVTl5aUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85Y2Y5NWYtNzNkMy00ZTRmLWE5Nzkt
ZDhiZDJmNTZiYzhjLzEvREFwU2I5am42WEVUX1ZVclk1NXhtZi1WMlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85Y2Y5NWYtNzNkMy00ZTRmLWE5NzktZDhiZDJmNTZiYzhj
LzEvMERGbFVDTzlGQmN4MVctNFJUX3dVVTl5aUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCVcysMAwD
BAJddxQDBABddxYDBAKZXLADBAOw31gDBAK5P1gDBAK81xQwDQQCAAIwBwMFACoD
CmAwDQYJKoZIhvcNAQELBQADggEBAFxJfCyqP0lfpilQP9fXOrvIvuaNBM+2GIZo
G/d6c+c8p9FbMow1Z+FfR3BmuEWUYUIKusrMLSTPHW9mFMNLueDtSlyomWGAMFHT
DBK6m/nbDkie4o3g7bbbtsbrKN2SpGq6DP/1vWly3dlpWPMOQdsWLZgOb9XL4soe
JaiC1hYVFMHPdciAN5PjRT3eSWfu/rDWKqW3SZVA54p7CMPxKb6gaWAZQBzhFHg2
2aIkYq6FJawt3eyyyn51BACTzhyLEdq3x0QTEsCHKQBaIM/QELjzuoXuJTqpIQIo
eohUbVtpzouvkJtegvOs3eDP83z9V8XMfMwiXtVKPBIONqH3FSE=
-----END CERTIFICATE-----
Generated at Sat May 18 22:47:12 2024 by rpki-client on console-ams.rpki-client.org