Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/ib8060HsWhLuUIh0pVr2nzQRBWk.roa
File: ib8060HsWhLuUIh0pVr2nzQRBWk.roa (raw, json)
Hash identifier: Pp9sVkPvGtEeBPNSPaniuhm9/UnYeIdECybFKBu5PsA=
Subject key identifier: 89:BF:34:EB:41:EC:5A:12:EE:50:88:74:A5:5A:F6:9F:34:11:05:69
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 018CC7935CF298E55BB969684878BE1651D5
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/ib8060HsWhLuUIh0pVr2nzQRBWk.roa
Signing time: Tue 02 Jan 2024 00:29:32 +0000
ROA not before: Tue 02 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48347
IP address blocks: 93.95.98.0/23 maxlen: 23
93.95.96.0/24 maxlen: 24
93.95.97.0/24 maxlen: 24
93.95.100.0/22 maxlen: 22
185.41.185.0/24 maxlen: 24
185.41.186.0/24 maxlen: 24
185.41.187.0/24 maxlen: 24
37.228.88.0/22 maxlen: 22
37.228.94.0/24 maxlen: 24
37.228.93.0/24 maxlen: 24
37.228.92.0/24 maxlen: 24
2a00:f440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.mft
rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:5c:f2:98:e5:5b:b9:69:68:48:78:be:16:51:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 2 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89bf34eb41ec5a12ee508874a55af69f34110569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f4:b7:7f:db:14:c8:90:4f:4d:ca:2f:d9:d0:
d1:43:b8:43:2f:a3:d3:be:3b:8b:27:87:05:cb:13:
99:a5:49:a3:1d:c5:a9:33:58:a7:fb:ee:3a:c4:eb:
ce:22:a5:b0:b6:1f:1d:27:cc:31:46:ab:05:1c:de:
ad:4c:4f:b9:11:72:8c:49:bd:f9:6f:f7:56:0a:01:
40:59:fd:e1:8f:a9:2a:a1:34:dc:b3:44:27:1e:87:
d1:46:99:17:05:da:ca:7a:40:c8:14:dd:e9:b2:9f:
fc:c6:87:56:94:af:53:f4:5e:fc:04:63:25:4b:4e:
bc:fd:62:01:87:46:a9:92:cb:cd:3b:0e:4a:eb:2a:
d3:14:77:f7:50:a8:61:2e:06:79:a8:e3:80:39:f7:
4a:41:62:e7:24:ea:58:45:6b:99:16:64:c7:58:72:
d3:ee:d1:f0:26:53:07:02:23:40:82:ab:0c:11:18:
77:b9:5e:fe:41:07:37:3c:1d:15:78:e3:45:f0:f8:
1b:3b:2a:01:d0:83:72:cc:03:e3:ac:85:37:95:73:
37:af:b3:2a:ae:d3:a3:29:6f:3c:39:0c:2b:0d:ed:
8e:6c:6c:20:01:1b:5a:45:4e:6d:d1:08:37:6c:d2:
9b:9e:c7:44:71:b4:c4:d5:68:2d:14:75:38:b4:5a:
9e:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BF:34:EB:41:EC:5A:12:EE:50:88:74:A5:5A:F6:9F:34:11:05:69
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/ib8060HsWhLuUIh0pVr2nzQRBWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.88.0-37.228.94.255
93.95.96.0/21
185.41.185.0-185.41.187.255
IPv6:
2a00:f440::/32
Signature Algorithm: sha256WithRSAEncryption
51:13:76:2f:9e:6c:ef:73:f7:75:b9:0f:66:8d:75:9e:49:4c:
2b:fa:16:05:a4:f4:a5:96:d4:c9:a3:29:0d:19:fd:8e:aa:08:
d5:9f:fb:e7:5e:a0:03:b9:f6:17:5e:8c:68:cd:dc:9a:75:1b:
0b:34:27:20:65:92:33:63:2d:d0:a6:bb:39:a0:8b:fd:7c:32:
72:56:37:60:75:0e:f5:9b:33:67:09:6b:f6:4b:72:c6:3c:2c:
98:7a:42:8d:75:21:dc:ad:9e:d1:8b:7d:a8:b6:21:01:03:36:
56:1c:79:95:f5:d7:84:7e:df:7c:42:32:a7:78:e2:12:6e:17:
77:66:22:44:28:99:2e:70:68:1c:2e:fc:32:f9:e3:72:23:82:
8f:d2:6e:1d:6f:57:fb:08:5a:16:77:da:3e:a2:c3:7e:e7:6e:
ab:57:23:b0:ce:3e:0e:82:f1:c1:df:c3:e1:07:0f:d0:5f:a5:
b1:10:f6:20:7f:97:c1:2d:de:a5:94:3c:b3:41:ff:a7:e7:10:
a3:44:1a:5b:94:81:74:63:6c:d3:9f:45:dc:db:76:33:2e:41:
6d:76:f7:7f:aa:2b:46:63:18:12:ee:53:8f:71:8e:fb:bb:33:
8a:54:d4:31:6e:40:0d:57:cc:97:21:39:1a:31:cd:79:91:c6:
cd:05:d3:08
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzHk1zymOVbuWloSHi+FlHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjQwMTAyMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJmMzRlYjQxZWM1YTEyZWU1MDg4NzRhNTVhZjY5ZjM0MTEwNTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPS3f9sUyJBPTcov2dDRQ7hDL6PT
vjuLJ4cFyxOZpUmjHcWpM1in++46xOvOIqWwth8dJ8wxRqsFHN6tTE+5EXKMSb35
b/dWCgFAWf3hj6kqoTTcs0QnHofRRpkXBdrKekDIFN3psp/8xodWlK9T9F78BGMl
S068/WIBh0apksvNOw5K6yrTFHf3UKhhLgZ5qOOAOfdKQWLnJOpYRWuZFmTHWHLT
7tHwJlMHAiNAgqsMERh3uV7+QQc3PB0VeONF8PgbOyoB0INyzAPjrIU3lXM3r7Mq
rtOjKW88OQwrDe2ObGwgARtaRU5t0Qg3bNKbnsdEcbTE1WgtFHU4tFqeHwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFIm/NOtB7FoS7lCIdKVa9p80EQVpMB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvaWI4MDYwSHNXaEx1VUloMHBWcjJuelFSQldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAMl5FgD
BAAl5F4DBANdX2AwDAMEALkpuQMEArkpuDANBAIAAjAHAwUAKgD0QDANBgkqhkiG
9w0BAQsFAAOCAQEAURN2L55s73P3dbkPZo11nklMK/oWBaT0pZbUyaMpDRn9jqoI
1Z/7516gA7n2F16MaM3cmnUbCzQnIGWSM2Mt0Ka7OaCL/XwyclY3YHUO9ZszZwlr
9ktyxjwsmHpCjXUh3K2e0Yt9qLYhAQM2Vhx5lfXXhH7ffEIyp3jiEm4Xd2YiRCiZ
LnBoHC78MvnjciOCj9JuHW9X+whaFnfaPqLDfuduq1cjsM4+DoLxwd/D4QcP0F+l
sRD2IH+XwS3epZQ8s0H/p+cQo0QaW5SBdGNs059F3Nt2My5BbXb3f6orRmMYEu5T
j3GO+7szilTUMW5ADVfMlyE5GjHNeZHGzQXTCA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:52:01 2024 by rpki-client on console-fra.rpki-client.org