Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/CD05z5h8Fjwsst4XHRJ-36q7auQ.roa
File: CD05z5h8Fjwsst4XHRJ-36q7auQ.roa (raw, json)
Hash identifier: T2ZSnZevG2oei1gZUSMRppOxumdX7e1ZhTvKV8l7GL4=
Subject key identifier: 08:3D:39:CF:98:7C:16:3C:2C:B2:DE:17:1D:12:7E:DF:AA:BB:6A:E4
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 0192B02EE8616D0D82E0E82DB5216CE5D597
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/CD05z5h8Fjwsst4XHRJ-36q7auQ.roa
Signing time: Mon 21 Oct 2024 17:45:17 +0000
ROA not before: Mon 21 Oct 2024 17:45:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 77.72.104.0/21 maxlen: 24
84.18.0.0/19 maxlen: 24
92.60.160.0/20 maxlen: 24
176.98.220.0/22 maxlen: 24
185.66.60.0/22 maxlen: 24
185.145.224.0/22 maxlen: 24
185.155.64.0/22 maxlen: 24
185.173.44.0/22 maxlen: 24
185.187.180.0/22 maxlen: 24
185.224.76.0/22 maxlen: 24
193.34.240.0/22 maxlen: 24
195.5.64.0/19 maxlen: 24
195.5.64.0/24 maxlen: 24
195.5.65.0/24 maxlen: 24
195.5.66.0/24 maxlen: 24
195.5.67.0/24 maxlen: 24
212.49.128.0/18 maxlen: 24
212.66.161.0/24 maxlen: 24
212.66.162.0/23 maxlen: 24
212.66.164.0/22 maxlen: 24
212.66.168.0/21 maxlen: 24
212.66.176.0/20 maxlen: 24
212.163.0.0/16 maxlen: 24
213.9.128.0/17 maxlen: 24
213.192.192.0/18 maxlen: 24
2001:ac0::/32 maxlen: 48
2a0d:59c1::/32 maxlen: 32
2a0d:59c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b0:2e:e8:61:6d:0d:82:e0:e8:2d:b5:21:6c:e5:d5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Oct 21 17:45:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=083d39cf987c163c2cb2de171d127edfaabb6ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:24:cf:20:fb:da:43:71:e3:62:03:11:80:cc:
8e:27:66:11:c2:8b:5a:2d:1d:32:5f:ed:15:0d:0c:
e1:15:d4:a4:2f:5c:fe:8c:58:6f:96:68:92:ff:fd:
ed:8f:71:c1:55:ca:c7:d4:10:5c:d6:1d:02:9d:0b:
fe:02:4f:1b:ea:d4:05:a5:fc:11:e3:8e:99:68:83:
62:fa:9d:57:0f:9d:d2:5a:9c:a4:3e:1a:a5:7a:c6:
06:45:61:31:dc:a2:01:66:8b:ac:52:a2:22:1c:c5:
56:bc:6a:04:f7:6b:e4:17:c5:b3:f7:e0:54:1a:c7:
68:45:f6:e1:10:a5:60:19:9c:8e:ac:88:b7:a9:ae:
79:95:97:2c:34:94:45:9b:6e:d2:3a:72:3e:3d:45:
c9:5c:83:bb:6d:6a:f0:2a:fd:59:63:84:76:f0:0f:
3e:d5:ae:21:7c:22:04:ab:75:47:95:e8:fd:4a:77:
46:31:05:47:31:2e:f0:3e:47:51:13:8b:f3:49:28:
7e:fc:36:e8:c2:84:42:30:4d:4e:c1:51:8b:8b:3c:
98:dc:0e:7a:13:20:89:2e:f1:89:f7:1a:0e:ce:2d:
5b:d5:3b:b8:ee:80:c2:92:f1:1c:e6:93:32:1e:37:
c5:f1:61:47:12:df:d8:ce:36:47:65:bf:a6:50:a7:
82:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:3D:39:CF:98:7C:16:3C:2C:B2:DE:17:1D:12:7E:DF:AA:BB:6A:E4
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/CD05z5h8Fjwsst4XHRJ-36q7auQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.104.0/21
84.18.0.0/19
92.60.160.0/20
176.98.220.0/22
185.66.60.0/22
185.145.224.0/22
185.155.64.0/22
185.173.44.0/22
185.187.180.0/22
185.224.76.0/22
193.34.240.0/22
195.5.64.0/19
212.49.128.0/18
212.66.161.0-212.66.191.255
212.163.0.0/16
213.9.128.0/17
213.192.192.0/18
IPv6:
2001:ac0::/32
2a0d:59c1::/32
2a0d:59c7::/32
Signature Algorithm: sha256WithRSAEncryption
dc:90:77:61:22:22:c7:ea:2a:21:3b:d3:12:e4:52:91:ca:4a:
e1:58:19:c2:aa:85:d0:b8:a0:4e:8a:5d:19:65:f5:72:34:44:
b1:15:f8:09:a4:3b:5d:c1:05:37:8e:ea:3f:6c:df:e3:3a:c4:
69:73:d3:3b:5a:2e:3c:28:27:7f:f1:4e:42:b5:f8:0e:3d:e4:
a3:55:60:b8:52:15:48:e4:87:41:0e:34:cc:12:92:39:37:20:
bc:be:d6:5d:7e:99:fa:97:0c:1d:ab:48:20:16:a6:45:2d:52:
03:ce:fc:b6:b0:f8:11:2f:88:6f:01:4b:e0:68:a8:da:7b:6b:
b8:52:14:ac:6f:c1:16:e7:e5:08:37:54:d1:02:e3:b6:0c:3e:
63:57:b6:c8:bf:b9:08:cf:eb:96:f0:fe:68:ae:06:85:2d:f1:
64:01:72:49:40:43:9b:f4:be:b4:18:a2:30:4e:5f:31:40:7d:
9d:11:d1:ac:2a:d5:b9:00:69:7d:32:9b:92:a9:e8:05:af:48:
11:7e:09:e1:9f:fd:e0:ab:36:ca:8b:95:b2:1d:65:58:e3:26:
9e:28:d9:46:8d:a3:74:e0:f2:24:de:9b:97:cd:dd:c0:ed:34:
0a:19:93:43:31:58:41:9d:c1:0a:73:5c:be:f3:e9:13:3d:2c:
a0:76:25:81
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZKwLuhhbQ2C4OgttSFs5dWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjQxMDIxMTc0NTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODNkMzljZjk4N2MxNjNjMmNiMmRlMTcxZDEyN2VkZmFhYmI2YWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCTPIPvaQ3HjYgMRgMyOJ2YRwota
LR0yX+0VDQzhFdSkL1z+jFhvlmiS//3tj3HBVcrH1BBc1h0CnQv+Ak8b6tQFpfwR
446ZaINi+p1XD53SWpykPhqlesYGRWEx3KIBZousUqIiHMVWvGoE92vkF8Wz9+BU
GsdoRfbhEKVgGZyOrIi3qa55lZcsNJRFm27SOnI+PUXJXIO7bWrwKv1ZY4R28A8+
1a4hfCIEq3VHlej9SndGMQVHMS7wPkdRE4vzSSh+/DbowoRCME1OwVGLizyY3A56
EyCJLvGJ9xoOzi1b1Tu47oDCkvEc5pMyHjfF8WFHEt/YzjZHZb+mUKeCYQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFAg9Oc+YfBY8LLLeFx0Sft+qu2rkMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvQ0QwNXo1aDhGandzc3Q0WEhSSi0zNnE3YXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjBzBAIAATBtAwQDTUho
AwQFVBIAAwQEXDygAwQCsGLcAwQCuUI8AwQCuZHgAwQCuZtAAwQCua0sAwQCubu0
AwQCueBMAwQCwSLwAwQFwwVAAwQG1DGAMAwDBADUQqEDBAbUQoADAwDUowMEB9UJ
gAMEBtXAwDAbBAIAAjAVAwUAIAEKwAMFACoNWcEDBQAqDVnHMA0GCSqGSIb3DQEB
CwUAA4IBAQDckHdhIiLH6iohO9MS5FKRykrhWBnCqoXQuKBOil0ZZfVyNESxFfgJ
pDtdwQU3juo/bN/jOsRpc9M7Wi48KCd/8U5CtfgOPeSjVWC4UhVI5IdBDjTMEpI5
NyC8vtZdfpn6lwwdq0ggFqZFLVIDzvy2sPgRL4hvAUvgaKjae2u4UhSsb8EW5+UI
N1TRAuO2DD5jV7bIv7kIz+uW8P5orgaFLfFkAXJJQEOb9L60GKIwTl8xQH2dEdGs
KtW5AGl9MpuSqegFr0gRfgnhn/3gqzbKi5WyHWVY4yaeKNlGjaN04PIk3puXzd3A
7TQKGZNDMVhBncEKc1y+8+kTPSygdiWB
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:11:18 2024 by rpki-client on console-fra.rpki-client.org