Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/14ygQq0Lgh1jZCGKE5dOoF7o09I.roa
File: 14ygQq0Lgh1jZCGKE5dOoF7o09I.roa (raw, json)
Hash identifier: hAKbbdaqBLUrYzrIapdYygpC3hgSqTylCdqRgAkXtR0=
Subject key identifier: D7:8C:A0:42:AD:0B:82:1D:63:64:21:8A:13:97:4E:A0:5E:E8:D3:D2
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 0190BF5C49D26A57A06B7F6DB970F403AEA4
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/14ygQq0Lgh1jZCGKE5dOoF7o09I.roa
Signing time: Wed 17 Jul 2024 06:23:34 +0000
ROA not before: Wed 17 Jul 2024 06:23:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47596
IP address blocks: 185.120.56.0/24 maxlen: 24
185.120.57.0/24 maxlen: 24
185.120.58.0/24 maxlen: 24
212.22.64.0/24 maxlen: 24
212.22.77.0/24 maxlen: 24
2a06:c3c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:5c:49:d2:6a:57:a0:6b:7f:6d:b9:70:f4:03:ae:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Jul 17 06:23:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d78ca042ad0b821d6364218a13974ea05ee8d3d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:96:c2:c2:f6:e1:e3:23:b3:11:f6:83:0f:76:
84:eb:72:68:37:d6:2f:11:45:6f:d3:53:ce:99:69:
45:d7:ca:a2:eb:c5:09:36:43:6b:d8:9d:6b:99:58:
f8:30:ff:fa:5c:6f:82:db:61:8c:f8:64:0e:a0:22:
ff:fd:38:c0:a7:53:6f:e3:e7:93:68:ea:8e:35:4a:
b0:0c:4c:1f:03:6b:b3:6e:80:5a:4c:0f:e5:a9:35:
34:cd:12:96:08:43:b1:b5:c8:fa:51:4c:1f:e9:b8:
2c:d4:19:f4:9c:22:fc:c9:e2:de:09:53:28:14:a1:
e1:c9:4b:32:50:b1:e8:5d:50:00:66:68:b7:3a:11:
0c:ae:80:ed:15:0f:f6:b6:7c:01:ea:e9:15:22:ab:
57:1a:98:d2:fe:cb:54:94:b4:4c:b9:03:57:e1:0b:
47:90:f1:e6:93:b7:96:f0:87:e3:49:bb:68:0c:77:
a9:99:76:a6:02:92:85:af:70:69:58:b8:2a:7b:c0:
1b:42:1a:84:37:e0:16:e4:4a:0f:c7:3f:33:70:87:
5f:1c:b9:95:ec:2e:fb:f2:f5:9a:2c:f1:34:c9:04:
44:62:5a:b6:b3:02:f5:5d:d4:89:b7:e2:94:9a:b3:
35:1a:50:59:14:79:88:87:d7:a3:fe:34:fc:7c:20:
df:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8C:A0:42:AD:0B:82:1D:63:64:21:8A:13:97:4E:A0:5E:E8:D3:D2
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/14ygQq0Lgh1jZCGKE5dOoF7o09I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.56.0-185.120.58.255
212.22.64.0/24
212.22.77.0/24
IPv6:
2a06:c3c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
b2:89:36:7c:92:75:78:ef:41:eb:a4:52:38:65:a1:34:8a:5e:
7a:a9:45:b1:04:13:65:3d:2f:49:a4:7a:f4:0c:88:39:3e:76:
5d:36:0b:81:0f:30:26:4a:92:79:0a:4f:ca:38:37:06:b0:5b:
ff:2c:d1:78:99:da:3e:86:e5:60:eb:c5:28:22:eb:f9:77:8a:
bb:f3:2d:e5:df:54:5a:a0:0f:4b:3e:96:19:da:be:74:76:ac:
ee:ec:ba:4a:dd:70:d7:6a:0c:8a:f6:47:c4:5b:55:92:39:d6:
69:c7:eb:c8:a3:39:c3:3c:a6:81:a2:79:df:18:3c:16:85:06:
0d:a9:11:12:69:77:24:ed:44:13:e6:c7:3a:50:fd:ed:9b:7f:
30:23:12:74:ef:bd:10:04:4b:56:f0:d8:3a:70:85:31:3e:ba:
20:5d:94:1f:83:20:2c:39:70:52:cf:98:80:8e:ad:db:67:f0:
22:91:9d:46:05:f8:43:cb:3f:37:7d:27:4e:fb:c9:10:01:55:
79:ed:26:dd:76:81:6a:d2:cc:e1:b9:92:93:a1:29:1c:4b:a6:
bf:54:44:dd:9d:49:3a:7f:c8:e1:8d:0b:bc:38:e0:fc:61:62:
85:d7:84:d2:55:f7:73:f8:25:62:c6:09:da:7b:a3:26:63:d9:
70:a2:8c:bf
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZC/XEnSalega39tuXD0A66kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjQwNzE3MDYyMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzhjYTA0MmFkMGI4MjFkNjM2NDIxOGExMzk3NGVhMDVlZThkM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpbCwvbh4yOzEfaDD3aE63JoN9Yv
EUVv01POmWlF18qi68UJNkNr2J1rmVj4MP/6XG+C22GM+GQOoCL//TjAp1Nv4+eT
aOqONUqwDEwfA2uzboBaTA/lqTU0zRKWCEOxtcj6UUwf6bgs1Bn0nCL8yeLeCVMo
FKHhyUsyULHoXVAAZmi3OhEMroDtFQ/2tnwB6ukVIqtXGpjS/stUlLRMuQNX4QtH
kPHmk7eW8IfjSbtoDHepmXamApKFr3BpWLgqe8AbQhqEN+AW5EoPxz8zcIdfHLmV
7C778vWaLPE0yQREYlq2swL1XdSJt+KUmrM1GlBZFHmIh9ej/jT8fCDf/QIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFNeMoEKtC4IdY2QhihOXTqBe6NPSMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvMTR5Z1FxMExnaDFqWkNHS0U1ZE9vRjdvMDlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAO5eDgD
BAC5eDoDBADUFkADBADUFk0wDwQCAAIwCQMHACoGw8AAATANBgkqhkiG9w0BAQsF
AAOCAQEAsok2fJJ1eO9B66RSOGWhNIpeeqlFsQQTZT0vSaR69AyIOT52XTYLgQ8w
JkqSeQpPyjg3BrBb/yzReJnaPoblYOvFKCLr+XeKu/Mt5d9UWqAPSz6WGdq+dHas
7uy6St1w12oMivZHxFtVkjnWacfryKM5wzymgaJ53xg8FoUGDakREml3JO1EE+bH
OlD97Zt/MCMSdO+9EARLVvDYOnCFMT66IF2UH4MgLDlwUs+YgI6t22fwIpGdRgX4
Q8s/N30nTvvJEAFVee0m3XaBatLM4bmSk6EpHEumv1RE3Z1JOn/I4Y0LvDjg/GFi
hdeE0lX3c/glYsYJ2nujJmPZcKKMvw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:14:20 2024 by rpki-client on console-fra.rpki-client.org