Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/VDsgyczH2kcdRoVQK49Rzr4L8fU.roa
File: VDsgyczH2kcdRoVQK49Rzr4L8fU.roa (raw, json)
Hash identifier: 9nM0Rula0wfczrHTTqCH32FlqATbrJ1po3yGeW20N5g=
Subject key identifier: 54:3B:20:C9:CC:C7:DA:47:1D:46:85:50:2B:8F:51:CE:BE:0B:F1:F5
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 0190EF3CE8B002EF54EBAE5265F34442AA4C
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/VDsgyczH2kcdRoVQK49Rzr4L8fU.roa
Signing time: Fri 26 Jul 2024 13:31:04 +0000
ROA not before: Fri 26 Jul 2024 13:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42388
IP address blocks: 144.208.214.232/29 maxlen: 29
144.208.243.0/24 maxlen: 24
185.81.206.64/26 maxlen: 26
185.81.206.128/26 maxlen: 26
185.81.208.0/24 maxlen: 24
188.172.219.64/32 maxlen: 32
188.172.235.188/32 maxlen: 32
188.172.248.0/24 maxlen: 24
213.227.160.0/24 maxlen: 24
213.227.168.222/32 maxlen: 32
213.227.191.0/24 maxlen: 24
217.146.18.0/24 maxlen: 24
217.146.22.170/32 maxlen: 32
217.146.26.216/32 maxlen: 32
2a00:11c0:5:613::1000/128 maxlen: 128
2a00:11c0:d::1a/128 maxlen: 128
2a00:11c0:e:ffff:1::1000/128 maxlen: 128
2a00:11c0:48:13::/64 maxlen: 64
2a00:11c0:63:350::1000/128 maxlen: 128
2a00:11c0:82:359::1000/128 maxlen: 128
2a00:11c0:aa1::/48 maxlen: 48
2a00:11c0:1010::/48 maxlen: 48
2a00:11c0:11c0::/48 maxlen: 128
2a05:8900:aa1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ef:3c:e8:b0:02:ef:54:eb:ae:52:65:f3:44:42:aa:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jul 26 13:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=543b20c9ccc7da471d4685502b8f51cebe0bf1f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:85:c7:6b:59:21:5f:33:f4:5a:e0:6f:7f:1d:
7f:e0:34:8a:7e:de:61:fc:72:7b:cd:6b:53:00:f5:
78:1b:9c:a5:6a:77:23:5b:4e:e7:28:5a:c1:02:53:
80:2a:8c:b6:64:94:f3:e2:3b:78:ed:7a:4e:dd:cf:
cd:ef:f1:ac:eb:40:75:c3:d8:23:e1:ff:70:67:a9:
ef:fe:8a:89:50:db:56:aa:89:87:c5:55:f4:86:62:
e6:d1:d9:6c:95:55:7d:aa:86:62:0d:e6:fb:f5:59:
7f:3b:3c:9e:3e:ca:f7:c1:ce:14:bd:a3:19:6d:65:
9f:69:dc:02:e1:cb:4a:08:4a:2b:c2:8f:e7:c6:9f:
e2:23:d8:82:a5:b0:29:1c:0c:30:11:71:c1:39:ad:
34:5a:78:a2:49:63:0a:0a:09:5e:94:ab:36:35:8c:
d4:f4:5f:37:44:5b:7b:c0:0c:a1:23:e6:e4:94:fb:
3d:54:31:35:0e:85:7b:2b:3a:b0:83:10:fe:97:cf:
ee:30:e4:c7:cf:62:bc:8a:00:a6:f8:d2:94:ec:31:
32:37:1c:35:a4:3f:b3:0f:68:e8:67:63:91:0c:96:
43:9b:c0:cf:da:0a:2e:65:fc:3a:44:27:44:ac:f8:
3c:c9:cf:ac:db:78:af:9d:02:02:55:fc:b7:05:52:
f5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:3B:20:C9:CC:C7:DA:47:1D:46:85:50:2B:8F:51:CE:BE:0B:F1:F5
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/VDsgyczH2kcdRoVQK49Rzr4L8fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.214.232/29
144.208.243.0/24
185.81.206.64-185.81.206.191
185.81.208.0/24
188.172.219.64/32
188.172.235.188/32
188.172.248.0/24
213.227.160.0/24
213.227.168.222/32
213.227.191.0/24
217.146.18.0/24
217.146.22.170/32
217.146.26.216/32
IPv6:
2a00:11c0:5:613:0:0:0:1000/128
2a00:11c0:d:0:0:0:0:1a/128
2a00:11c0:e:ffff:1:0:0:1000/128
2a00:11c0:48:13::/64
2a00:11c0:63:350:0:0:0:1000/128
2a00:11c0:82:359:0:0:0:1000/128
2a00:11c0:aa1::/48
2a00:11c0:1010::/48
2a00:11c0:11c0::/48
2a05:8900:aa1::/48
Signature Algorithm: sha256WithRSAEncryption
4d:d5:d6:8a:d3:6d:4d:30:d9:c2:96:d4:6b:92:8e:f5:b8:00:
4f:69:9e:79:b2:4a:bd:cb:de:42:c4:b0:5a:06:3b:05:1c:5f:
c2:0a:e3:df:f2:b0:2a:9a:cf:c1:ff:5d:f7:2d:69:43:6a:c6:
9b:e9:6c:b1:19:75:af:02:6d:9d:86:e8:57:8a:9f:ff:c0:1d:
7b:8e:cf:81:9e:ba:ef:e6:d3:67:cc:45:f7:eb:6b:1a:00:ed:
7f:a7:a6:e5:c8:4a:7b:3c:cd:3b:2b:ac:a3:76:49:06:2f:1b:
e4:92:3b:51:95:4d:93:7e:49:16:08:6b:77:a1:c1:99:c4:6a:
bd:27:98:7c:71:c1:16:e6:a4:ed:53:6a:58:c3:29:ff:96:51:
4c:b8:48:14:a8:26:c0:93:b2:9d:28:28:c0:cc:a0:23:d4:8b:
3a:26:ed:26:5e:9f:71:a6:66:ef:9f:63:28:f3:ba:72:63:3b:
00:c4:06:03:19:46:28:45:58:ba:51:2d:20:45:80:c5:98:12:
ed:07:58:e3:c8:8f:76:4a:43:f8:e1:ad:de:13:d2:82:04:9e:
79:4d:75:98:df:81:29:ec:b7:93:7c:65:76:74:89:97:f8:46:
38:d6:6a:42:d9:51:5b:c7:61:ac:ec:a3:f2:6f:92:47:cd:b7:
f6:c3:79:9e
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZDvPOiwAu9U665SZfNEQqpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwNzI2MTMzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDNiMjBjOWNjYzdkYTQ3MWQ0Njg1NTAyYjhmNTFjZWJlMGJmMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYXHa1khXzP0WuBvfx1/4DSKft5h
/HJ7zWtTAPV4G5ylancjW07nKFrBAlOAKoy2ZJTz4jt47XpO3c/N7/Gs60B1w9gj
4f9wZ6nv/oqJUNtWqomHxVX0hmLm0dlslVV9qoZiDeb79Vl/OzyePsr3wc4UvaMZ
bWWfadwC4ctKCEorwo/nxp/iI9iCpbApHAwwEXHBOa00WniiSWMKCglelKs2NYzU
9F83RFt7wAyhI+bklPs9VDE1DoV7KzqwgxD+l8/uMOTHz2K8igCm+NKU7DEyNxw1
pD+zD2joZ2ORDJZDm8DP2gouZfw6RCdErPg8yc+s23ivnQICVfy3BVL1awIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFFQ7IMnMx9pHHUaFUCuPUc6+C/H1MB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvVkRzZ3ljekgya2NkUm9WUUs0OVJ6cjRMOGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MGQEAgABMF4DBQOQ
0NboAwQAkNDzMA4DBQa5Uc5AAwUGuVHOgAMEALlR0AMFALys20ADBQC8rOu8AwQA
vKz4AwQA1eOgAwUA1eOo3gMEANXjvwMEANmSEgMFANmSFqoDBQDZkhrYMIGVBAIA
AjCBjgMRACoAEcAABQYTAAAAAAAAEAADEQAqABHAAA0AAAAAAAAAAAAaAxEAKgAR
wAAO//8AAQAAAAAQAAMJACoAEcAASAATAxEAKgARwABjA1AAAAAAAAAQAAMRACoA
EcAAggNZAAAAAAAAEAADBwAqABHACqEDBwAqABHAEBADBwAqABHAEcADBwAqBYkA
CqEwDQYJKoZIhvcNAQELBQADggEBAE3V1orTbU0w2cKW1GuSjvW4AE9pnnmySr3L
3kLEsFoGOwUcX8IK49/ysCqaz8H/XfctaUNqxpvpbLEZda8CbZ2G6FeKn//AHXuO
z4Geuu/m02fMRffraxoA7X+npuXISns8zTsrrKN2SQYvG+SSO1GVTZN+SRYIa3eh
wZnEar0nmHxxwRbmpO1TaljDKf+WUUy4SBSoJsCTsp0oKMDMoCPUizom7SZen3Gm
Zu+fYyjzunJjOwDEBgMZRihFWLpRLSBFgMWYEu0HWOPIj3ZKQ/jhrd4T0oIEnnlN
dZjfgSnst5N8ZXZ0iZf4RjjWakLZUVvHYazso/JvkkfNt/bDeZ4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:38 2024 by rpki-client on console-fra.rpki-client.org