Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/32nBAG-kacrVjC-zwS49iyH2dHs.roa
File: 32nBAG-kacrVjC-zwS49iyH2dHs.roa (raw, json)
Hash identifier: 9hOSTWFSkmvEUW23gvTdshhic9kuQELyb0V+ZoyXCtA=
Subject key identifier: DF:69:C1:00:6F:A4:69:CA:D5:8C:2F:B3:C1:2E:3D:8B:21:F6:74:7B
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018FEC6E6072C656177B2D17E68325CF1255
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/32nBAG-kacrVjC-zwS49iyH2dHs.roa
Signing time: Thu 06 Jun 2024 07:23:27 +0000
ROA not before: Thu 06 Jun 2024 07:23:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40980
IP address blocks: 144.208.192.0/21 maxlen: 22
144.208.200.0/22 maxlen: 22
185.50.234.0/24 maxlen: 24
2a01:aea0:dd3::/48 maxlen: 48
2a01:aea0:dd4::/48 maxlen: 48
2a01:aea0:dd5::/48 maxlen: 48
2a01:aea0:dd6::/48 maxlen: 48
2a01:aea0:df3::/48 maxlen: 48
2a01:aea0:df4::/48 maxlen: 48
2a01:aea0:df5::/48 maxlen: 48
2a01:aea0:df6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ec:6e:60:72:c6:56:17:7b:2d:17:e6:83:25:cf:12:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jun 6 07:23:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df69c1006fa469cad58c2fb3c12e3d8b21f6747b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cd:20:35:f2:08:21:b0:12:e4:7f:71:54:54:
06:52:55:f3:35:93:9e:d2:71:5f:67:e3:d5:56:66:
0c:3b:a3:05:b9:27:48:80:59:a8:9f:f9:4e:59:d1:
b6:61:52:b4:13:15:0f:b7:74:c3:d7:6e:24:87:32:
32:8b:80:f2:e3:32:9e:5d:59:50:95:d5:3e:aa:13:
74:b2:77:7f:25:61:d9:a2:b4:75:e5:84:3d:0b:94:
6b:87:8f:13:74:3d:c9:a2:15:a6:09:a9:48:3f:48:
75:19:5b:be:ee:79:96:ef:50:53:96:8a:a9:a9:df:
7f:58:49:81:f7:3c:94:3d:71:88:a6:6c:a7:52:73:
b6:a3:5f:cb:93:ee:b3:61:42:00:df:e4:f2:9e:9b:
c2:59:05:27:46:c2:da:15:bc:bb:86:79:ff:7e:da:
75:87:5d:3b:10:9f:19:52:a1:7d:dd:fb:85:63:64:
37:66:4a:a7:e4:68:04:df:44:c8:fa:cc:9f:6b:13:
04:4a:ee:72:de:ff:56:81:cb:0e:7e:f0:f2:14:41:
d8:08:58:a1:c7:98:43:ae:6c:e7:25:46:7d:ae:25:
de:04:85:0a:cb:42:7f:7d:c2:99:c8:e6:c4:04:f3:
af:1c:5d:f0:56:bf:13:df:07:d4:d2:26:b7:54:90:
1e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:69:C1:00:6F:A4:69:CA:D5:8C:2F:B3:C1:2E:3D:8B:21:F6:74:7B
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/32nBAG-kacrVjC-zwS49iyH2dHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.192.0-144.208.203.255
185.50.234.0/24
IPv6:
2a01:aea0:dd3::-2a01:aea0:dd6:ffff:ffff:ffff:ffff:ffff
2a01:aea0:df3::-2a01:aea0:df6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c9:02:5e:09:0c:2e:ba:de:c2:57:7a:49:81:93:79:cd:f1:68:
c5:a1:b0:89:59:41:d0:ed:a4:6a:9f:61:52:9e:b9:ec:ce:2f:
07:49:35:6c:77:5c:13:31:94:63:89:b7:d8:9d:bb:eb:aa:52:
6e:59:11:8c:5c:40:ed:57:bb:51:e0:5b:fd:80:f2:d7:13:eb:
ba:4b:f6:e1:35:fc:19:18:f8:d0:54:b6:e7:2b:a6:7c:00:5a:
29:52:4f:26:d8:bf:d8:a2:a0:cb:45:85:57:15:0f:a5:70:8e:
2b:b0:da:cc:e3:c4:24:92:3d:e8:21:37:cd:63:4f:29:da:40:
17:cd:28:03:f2:34:1d:75:b6:df:ba:21:43:59:f7:0f:0a:5e:
b1:e3:c4:9f:f7:de:25:66:82:64:63:ce:89:35:26:14:98:99:
15:09:6e:52:65:00:64:e0:04:ba:55:97:d0:b6:cf:6d:7b:23:
33:ae:5b:49:00:b3:2f:26:6e:e7:8d:00:fe:62:7c:70:6f:bf:
08:5a:12:e2:58:56:08:cb:90:8e:84:34:d6:9f:76:82:0a:2a:
73:2c:a2:2d:c9:a1:b0:c3:1d:8c:43:48:ed:3c:07:82:c8:b4:
64:63:15:9d:27:03:af:97:e3:d0:75:31:a1:60:c8:96:e8:76:
c5:c5:79:03
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY/sbmByxlYXey0X5oMlzxJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwNjA2MDcyMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjY5YzEwMDZmYTQ2OWNhZDU4YzJmYjNjMTJlM2Q4YjIxZjY3NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv80gNfIIIbAS5H9xVFQGUlXzNZOe
0nFfZ+PVVmYMO6MFuSdIgFmon/lOWdG2YVK0ExUPt3TD124khzIyi4Dy4zKeXVlQ
ldU+qhN0snd/JWHZorR15YQ9C5Rrh48TdD3JohWmCalIP0h1GVu+7nmW71BTloqp
qd9/WEmB9zyUPXGIpmynUnO2o1/Lk+6zYUIA3+TynpvCWQUnRsLaFby7hnn/ftp1
h107EJ8ZUqF93fuFY2Q3Zkqn5GgE30TI+syfaxMESu5y3v9WgcsOfvDyFEHYCFih
x5hDrmznJUZ9riXeBIUKy0J/fcKZyObEBPOvHF3wVr8T3wfU0ia3VJAenwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFN9pwQBvpGnK1Ywvs8EuPYsh9nR7MB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvMzJuQkFHLWthY3JWakMtendTNDlpeUgyZEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAaBAIAATAUMAwDBAaQ0MAD
BAKQ0MgDBAC5MuowLgQCAAIwKDASAwcAKgGuoA3TAwcAKgGuoA3WMBIDBwAqAa6g
DfMDBwAqAa6gDfYwDQYJKoZIhvcNAQELBQADggEBAMkCXgkMLrrewld6SYGTec3x
aMWhsIlZQdDtpGqfYVKeuezOLwdJNWx3XBMxlGOJt9idu+uqUm5ZEYxcQO1Xu1Hg
W/2A8tcT67pL9uE1/BkY+NBUtucrpnwAWilSTybYv9iioMtFhVcVD6Vwjiuw2szj
xCSSPeghN81jTynaQBfNKAPyNB11tt+6IUNZ9w8KXrHjxJ/33iVmgmRjzok1JhSY
mRUJblJlAGTgBLpVl9C2z217IzOuW0kAsy8mbueNAP5ifHBvvwhaEuJYVgjLkI6E
NNafdoIKKnMsoi3JobDDHYxDSO08B4LItGRjFZ0nA6+X49B1MaFgyJbodsXFeQM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:48:14 2024 by rpki-client on console-fra.rpki-client.org