Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/rjbzZJF3uvqe93de_mKvF5HzrlY.roa
File: rjbzZJF3uvqe93de_mKvF5HzrlY.roa (raw, json)
Hash identifier: YWRtU+KHLJl2voSK8O8QWl/rDGwId7pM04MtS8CI6Xo=
Subject key identifier: AE:36:F3:64:91:77:BA:FA:9E:F7:77:5E:FE:62:AF:17:91:F3:AE:56
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 018CC500E78C65E3A3748D6B0E9984728F6B
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/rjbzZJF3uvqe93de_mKvF5HzrlY.roa
Signing time: Mon 01 Jan 2024 12:30:19 +0000
ROA not before: Mon 01 Jan 2024 12:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207249
IP address blocks: 185.161.232.0/22 maxlen: 24
185.68.44.0/22 maxlen: 22
185.68.44.0/24 maxlen: 24
185.68.46.0/24 maxlen: 24
185.68.47.0/24 maxlen: 24
91.206.20.0/24 maxlen: 24
91.206.20.0/23 maxlen: 23
2a05:1600::/32 maxlen: 32
2a07:c880::/29 maxlen: 32
2a07:c883::/32 maxlen: 32
2a05:1600::/29 maxlen: 29
2a07:c881::/32 maxlen: 32
2a07:c884::/32 maxlen: 32
2a07:c880::/32 maxlen: 32
2a05:1602::/32 maxlen: 32
2a05:1601::/32 maxlen: 32
2a07:c882::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:e7:8c:65:e3:a3:74:8d:6b:0e:99:84:72:8f:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 12:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae36f3649177bafa9ef7775efe62af1791f3ae56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:12:ff:0a:2f:30:9d:c4:79:a7:35:8c:e1:0d:
19:de:95:27:5e:ea:cc:fe:7a:c5:59:4d:5c:dd:e1:
da:cd:a7:4b:9b:62:23:2f:c0:22:54:2e:bd:b4:78:
06:cd:6d:37:61:87:c9:67:c4:35:12:ea:b5:44:0a:
db:1a:ad:fe:bb:de:ff:fd:5f:47:4f:70:71:68:b5:
61:df:5e:b7:60:14:10:b4:e4:9c:59:6d:35:86:50:
8f:9a:1f:21:f1:a6:ab:83:57:53:d6:45:c5:37:dd:
58:74:33:14:b0:32:b1:1e:96:b3:55:7a:93:b5:f9:
9b:0b:4f:dd:27:56:95:7f:03:53:74:23:d5:19:69:
99:6e:cd:af:52:ad:38:aa:80:53:15:a7:55:9f:9b:
3f:40:3e:9c:5b:3c:88:a4:e5:10:87:01:e2:d1:47:
da:08:de:64:0a:53:0e:57:e5:b1:82:43:72:f2:df:
72:e2:98:e9:30:eb:a5:bf:a7:a6:be:09:2d:c8:b5:
bb:31:f3:c8:0a:44:eb:ce:48:06:74:7b:3b:0e:c8:
bd:4d:ff:64:b2:95:72:ef:bf:2d:bc:49:ac:b9:69:
75:f4:0f:87:36:74:7b:d2:c9:2e:95:fb:cd:c9:22:
43:7a:37:41:71:ac:93:a9:e1:62:a4:ec:7c:09:0d:
7f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:36:F3:64:91:77:BA:FA:9E:F7:77:5E:FE:62:AF:17:91:F3:AE:56
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/rjbzZJF3uvqe93de_mKvF5HzrlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/23
185.68.44.0/22
185.161.232.0/22
IPv6:
2a05:1600::/29
2a07:c880::/29
Signature Algorithm: sha256WithRSAEncryption
2d:98:dd:9b:d7:14:4e:a9:9f:d5:c5:66:ce:60:a2:47:4a:11:
4a:31:4d:3a:78:74:7d:c2:28:40:25:2c:19:54:8c:69:28:24:
da:4e:41:d2:06:bc:28:f8:77:39:58:d1:31:d3:e3:79:93:87:
3e:8f:8f:c2:ee:34:6e:0e:31:e4:d5:89:38:91:83:36:ce:7c:
1b:31:fe:30:98:a7:62:d1:95:02:60:4e:1e:fa:6d:c2:37:32:
4a:7a:5c:99:74:4e:b2:db:07:85:7f:34:7f:6e:03:68:c4:61:
d4:63:0f:fe:ee:da:cc:1e:90:30:13:cb:83:4e:7b:97:80:5f:
4c:96:5d:86:79:09:63:de:6b:7d:01:ab:25:83:63:89:49:85:
20:cf:4b:f2:fb:43:cf:9b:cf:82:33:f4:1f:e6:af:d7:bb:bc:
62:e7:96:f7:f5:6c:2a:5c:06:e6:0f:5c:2c:b9:74:85:a9:03:
a0:3a:53:b1:97:eb:ed:32:69:d6:79:b1:ae:eb:04:29:7d:8d:
c9:c4:2c:49:29:f3:95:ba:04:92:29:3a:d5:10:71:30:d4:a1:
07:a2:58:fb:6e:1a:be:c1:80:1e:ed:4d:20:cc:b8:51:38:07:
02:ee:d8:40:36:3c:6b:1c:a3:98:10:0f:81:ea:34:ed:cb:6f:
a0:92:2b:fa
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzFAOeMZeOjdI1rDpmEco9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjQwMTAxMTIzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTM2ZjM2NDkxNzdiYWZhOWVmNzc3NWVmZTYyYWYxNzkxZjNhZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhL/Ci8wncR5pzWM4Q0Z3pUnXurM
/nrFWU1c3eHazadLm2IjL8AiVC69tHgGzW03YYfJZ8Q1Euq1RArbGq3+u97//V9H
T3BxaLVh3163YBQQtOScWW01hlCPmh8h8aarg1dT1kXFN91YdDMUsDKxHpazVXqT
tfmbC0/dJ1aVfwNTdCPVGWmZbs2vUq04qoBTFadVn5s/QD6cWzyIpOUQhwHi0Ufa
CN5kClMOV+WxgkNy8t9y4pjpMOulv6emvgktyLW7MfPICkTrzkgGdHs7Dsi9Tf9k
spVy778tvEmsuWl19A+HNnR70skulfvNySJDejdBcayTqeFipOx8CQ1/dQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFK4282SRd7r6nvd3Xv5irxeR865WMB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEvcmpielpKRjN1dnFlOTNkZV9tS3ZGNUh6cmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQBW84UAwQC
uUQsAwQCuaHoMBQEAgACMA4DBQMqBRYAAwUDKgfIgDANBgkqhkiG9w0BAQsFAAOC
AQEALZjdm9cUTqmf1cVmzmCiR0oRSjFNOnh0fcIoQCUsGVSMaSgk2k5B0ga8KPh3
OVjRMdPjeZOHPo+Pwu40bg4x5NWJOJGDNs58GzH+MJinYtGVAmBOHvptwjcySnpc
mXROstsHhX80f24DaMRh1GMP/u7azB6QMBPLg057l4BfTJZdhnkJY95rfQGrJYNj
iUmFIM9L8vtDz5vPgjP0H+av17u8YueW9/VsKlwG5g9cLLl0hakDoDpTsZfr7TJp
1nmxrusEKX2NycQsSSnzlboEkik61RBxMNShB6JY+24avsGAHu1NIMy4UTgHAu7Y
QDY8axyjmBAPgeo07ctvoJIr+g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:52:02 2024 by rpki-client on console-fra.rpki-client.org