Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/aQeRZssLVoMJ6LnNxId8_niwOZ4.roa
File: aQeRZssLVoMJ6LnNxId8_niwOZ4.roa (raw, json)
Hash identifier: 3fcxtKu7beVwCzli8MMmfZ0rc0nV+SW+hq/ZV02bOSI=
Subject key identifier: 69:07:91:66:CB:0B:56:83:09:E8:B9:CD:C4:87:7C:FE:78:B0:39:9E
Certificate issuer: /CN=99b0425b71c2b51cd7ebe47d3efe7cb9861b4d82
Certificate serial: 018CC26D32A45AA622160F3F4EFD1007E30A
Authority key identifier: 99:B0:42:5B:71:C2:B5:1C:D7:EB:E4:7D:3E:FE:7C:B9:86:1B:4D:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mbBCW3HCtRzX6-R9Pv58uYYbTYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/aQeRZssLVoMJ6LnNxId8_niwOZ4.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208611
IP address blocks: 185.122.10.0/24 maxlen: 24
185.122.8.0/24 maxlen: 24
185.122.11.0/24 maxlen: 24
185.122.9.0/24 maxlen: 24
185.194.240.0/24 maxlen: 24
185.194.243.0/24 maxlen: 24
185.194.241.0/24 maxlen: 24
185.194.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/mbBCW3HCtRzX6-R9Pv58uYYbTYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/mbBCW3HCtRzX6-R9Pv58uYYbTYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/mbBCW3HCtRzX6-R9Pv58uYYbTYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:32:a4:5a:a6:22:16:0f:3f:4e:fd:10:07:e3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99b0425b71c2b51cd7ebe47d3efe7cb9861b4d82
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69079166cb0b568309e8b9cdc4877cfe78b0399e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bc:84:e2:93:a6:48:6b:29:82:f7:24:1d:f7:
e1:cb:1d:2b:89:52:94:28:ca:cf:51:3f:f5:e5:8d:
d5:40:02:65:0a:83:6c:7b:35:4c:19:35:a2:60:c6:
43:e9:4a:9a:17:b3:49:7b:7e:b3:d9:62:8e:71:3d:
b1:a9:dc:8d:31:dc:06:ad:27:0b:7a:03:52:e3:96:
d6:c3:31:ab:85:ec:91:5e:95:39:79:56:26:2f:1a:
da:1a:eb:67:75:a8:4a:ea:a1:e1:d4:14:a4:be:68:
92:80:fa:02:ed:3c:49:80:e6:04:00:28:c3:be:3c:
e5:66:42:5f:2c:d9:19:02:13:e5:0c:63:d8:72:57:
b3:6d:36:16:0a:00:dc:c6:cc:e8:ab:c8:bb:98:1b:
fd:a7:fd:b1:d1:ae:8a:f2:00:73:90:6d:bf:34:2e:
24:8c:55:92:58:c4:1b:30:ae:b9:b7:e6:4c:73:7f:
be:59:ee:e6:56:61:dd:a4:8d:44:12:18:09:44:53:
a8:cd:ae:45:d1:e7:1d:2c:8d:32:d1:47:2c:18:75:
76:5a:25:90:06:31:9f:20:30:b0:0d:0d:a2:a2:de:
45:3e:50:0e:ef:99:65:a5:64:68:db:43:92:5e:9d:
fb:65:aa:98:97:47:d5:3c:4e:e6:b2:3d:a8:77:9d:
5d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:07:91:66:CB:0B:56:83:09:E8:B9:CD:C4:87:7C:FE:78:B0:39:9E
X509v3 Authority Key Identifier:
keyid:99:B0:42:5B:71:C2:B5:1C:D7:EB:E4:7D:3E:FE:7C:B9:86:1B:4D:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mbBCW3HCtRzX6-R9Pv58uYYbTYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/aQeRZssLVoMJ6LnNxId8_niwOZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e982d-ad5b-4100-8d9d-d1efceec34c1/1/mbBCW3HCtRzX6-R9Pv58uYYbTYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.8.0/22
185.194.240.0/22
Signature Algorithm: sha256WithRSAEncryption
87:f4:d7:f2:3a:ec:60:42:33:7c:35:68:c3:55:c9:5c:89:63:
6f:11:03:b6:b1:93:80:78:e2:11:3e:e0:ea:7d:0b:92:1e:fc:
70:55:83:bd:84:77:2f:9d:02:98:2d:49:3c:22:cc:74:05:25:
de:41:84:24:6b:9d:a7:2d:fc:3c:d0:3f:0c:ee:63:30:27:65:
f9:41:a6:0e:29:3f:a3:de:ea:1f:65:d3:79:0c:82:a7:17:ef:
87:a0:84:6f:7f:60:ab:d4:5e:52:ee:7d:1a:76:ad:06:99:f5:
57:03:d2:50:fc:72:de:99:53:63:6f:54:11:bd:77:51:f1:73:
68:54:24:57:e2:d6:75:70:c6:20:21:af:a4:22:1f:1f:cf:19:
ed:1f:37:55:22:99:f4:8b:15:6b:57:9b:ec:9a:11:c7:cc:3c:
1e:14:1b:eb:24:b5:cf:59:d4:09:48:da:e2:55:29:ae:d2:4e:
f7:c4:03:ea:cf:7f:b9:34:03:14:04:42:fe:f2:9f:e1:b0:bc:
c8:f7:5a:06:e5:48:96:88:3d:a4:94:45:68:30:7d:5e:1d:de:
d8:0f:fe:90:a9:50:bb:58:d1:0a:d4:3c:bd:01:f2:96:29:6f:
9b:90:e4:89:bc:f7:29:30:6c:de:d2:60:f8:2e:7f:e6:83:d3:
82:7d:7f:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbTKkWqYiFg8/Tv0QB+MKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YjA0MjViNzFjMmI1MWNkN2ViZTQ3ZDNlZmU3Y2I5ODYx
YjRkODIwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA3OTE2NmNiMGI1NjgzMDllOGI5Y2RjNDg3N2NmZTc4YjAzOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7yE4pOmSGspgvckHffhyx0riVKU
KMrPUT/15Y3VQAJlCoNsezVMGTWiYMZD6UqaF7NJe36z2WKOcT2xqdyNMdwGrScL
egNS45bWwzGrheyRXpU5eVYmLxraGutndahK6qHh1BSkvmiSgPoC7TxJgOYEACjD
vjzlZkJfLNkZAhPlDGPYclezbTYWCgDcxszoq8i7mBv9p/2x0a6K8gBzkG2/NC4k
jFWSWMQbMK65t+ZMc3++We7mVmHdpI1EEhgJRFOoza5F0ecdLI0y0UcsGHV2WiWQ
BjGfIDCwDQ2iot5FPlAO75llpWRo20OSXp37ZaqYl0fVPE7msj2od51diwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGkHkWbLC1aDCei5zcSHfP54sDmeMB8GA1UdIwQY
MBaAFJmwQltxwrUc1+vkfT7+fLmGG02CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWJCQ1czSEN0UnpYNi1SOVB2NTh1WVliVFlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTk4MmQtYWQ1Yi00MTAwLThkOWQt
ZDFlZmNlZWMzNGMxLzEvYVFlUlpzc0xWb01KNkxuTnhJZDhfbml3T1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTk4MmQtYWQ1Yi00MTAwLThkOWQtZDFlZmNlZWMzNGMx
LzEvbWJCQ1czSEN0UnpYNi1SOVB2NTh1WVliVFlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXoIAwQC
ucLwMA0GCSqGSIb3DQEBCwUAA4IBAQCH9NfyOuxgQjN8NWjDVclciWNvEQO2sZOA
eOIRPuDqfQuSHvxwVYO9hHcvnQKYLUk8Isx0BSXeQYQka52nLfw80D8M7mMwJ2X5
QaYOKT+j3uofZdN5DIKnF++HoIRvf2Cr1F5S7n0adq0GmfVXA9JQ/HLemVNjb1QR
vXdR8XNoVCRX4tZ1cMYgIa+kIh8fzxntHzdVIpn0ixVrV5vsmhHHzDweFBvrJLXP
WdQJSNriVSmu0k73xAPqz3+5NAMUBEL+8p/hsLzI91oG5UiWiD2klEVoMH1eHd7Y
D/6QqVC7WNEK1Dy9AfKWKW+bkOSJvPcpMGze0mD4Ln/mg9OCfX/a
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:13:41 2024 by rpki-client on console-fra.rpki-client.org