Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/w9gWt24fmgtrNgZQxmn1FzQo0QE.roa
File: w9gWt24fmgtrNgZQxmn1FzQo0QE.roa (raw, json)
Hash identifier: lGP/XwTpuc4xP4UhrYuZwkvNf99yNLIkcHvxJlybtIA=
Subject key identifier: C3:D8:16:B7:6E:1F:9A:0B:6B:36:06:50:C6:69:F5:17:34:28:D1:01
Certificate issuer: /CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Certificate serial: 018CC5014FE43FD61DD11D084BE862DD7CB6
Authority key identifier: A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/w9gWt24fmgtrNgZQxmn1FzQo0QE.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48846
IP address blocks: 85.8.180.0/23 maxlen: 24
188.210.216.0/22 maxlen: 24
93.191.136.0/21 maxlen: 24
87.253.224.0/21 maxlen: 24
185.190.108.0/22 maxlen: 24
185.76.212.0/22 maxlen: 24
2a05:5c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4f:e4:3f:d6:1d:d1:1d:08:4b:e8:62:dd:7c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a820f4345c0ee4d9d7fc6d69befbf455bec98742
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3d816b76e1f9a0b6b360650c669f5173428d101
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e9:14:b2:2f:b7:f1:aa:81:3f:3d:b7:b6:71:
89:bf:de:da:9a:db:46:3f:50:09:40:bf:2b:70:53:
d5:78:d4:a1:45:7a:6f:6e:64:70:e7:d9:0a:ba:4d:
31:f5:ac:60:6c:08:9e:c6:b9:62:0e:55:0f:bd:f6:
8c:38:17:c6:1f:57:35:ac:39:8d:02:f8:4a:78:77:
ad:0e:bc:d2:e1:99:a6:55:1c:09:c7:e3:60:92:b5:
47:e2:46:96:2e:5c:ab:df:cb:1c:d9:f4:d6:07:83:
2d:20:4c:77:a0:8d:5d:3d:bc:1c:24:14:49:e5:6a:
99:a5:a9:94:bd:55:f8:6a:16:99:c0:ab:df:13:d8:
b6:9c:76:0b:69:02:ce:a2:d8:4f:fc:3e:70:07:21:
a4:84:11:4f:9d:5f:5b:02:eb:e2:29:65:6c:03:db:
ac:2f:d4:77:02:2a:26:a2:ac:f2:f4:34:ec:20:28:
29:0d:dc:81:66:01:1b:56:56:65:41:25:df:e2:00:
8d:f3:92:ac:f0:53:41:9a:b5:a8:f0:05:01:c7:af:
13:b4:b7:03:d5:97:dc:e4:cb:ab:14:6e:99:2c:f6:
71:8b:7c:7a:e7:24:32:54:38:1e:4e:c0:f0:eb:5f:
42:f7:48:b1:88:8a:a9:b1:50:ca:76:f5:83:73:be:
6e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:D8:16:B7:6E:1F:9A:0B:6B:36:06:50:C6:69:F5:17:34:28:D1:01
X509v3 Authority Key Identifier:
keyid:A8:20:F4:34:5C:0E:E4:D9:D7:FC:6D:69:BE:FB:F4:55:BE:C9:87:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/w9gWt24fmgtrNgZQxmn1FzQo0QE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/25a179-2158-410a-9aaf-54079e732b0d/1/qCD0NFwO5NnX_G1pvvv0Vb7Jh0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.180.0/23
87.253.224.0/21
93.191.136.0/21
185.76.212.0/22
185.190.108.0/22
188.210.216.0/22
IPv6:
2a05:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
6b:53:cf:f2:a2:12:93:19:ce:ef:85:98:44:62:1b:7d:da:46:
9e:87:c1:64:47:8a:35:66:c4:55:0f:a2:5a:16:79:ec:9c:86:
85:07:5a:bb:b3:bb:0c:65:20:94:6d:f8:a1:df:c0:e4:2c:78:
58:13:3b:9d:37:c4:32:29:d0:c3:0f:4d:1d:9d:dc:71:5b:97:
fb:07:4a:25:14:53:54:c7:12:09:42:78:7a:12:ea:ae:01:2c:
7b:02:e4:b0:2b:21:2b:2d:6a:79:76:bf:02:7e:1d:d5:c4:a9:
31:bd:10:89:63:c5:d5:f8:5c:5b:81:a7:c0:f8:f4:13:d1:89:
60:f4:7f:8a:8c:60:f8:e4:63:30:29:72:6c:0f:e9:2a:0b:12:
f2:8e:f7:00:2f:b0:b3:d8:33:d4:d4:9d:99:d2:39:ab:39:6a:
59:d4:5f:3f:6f:67:d1:84:21:36:10:19:ad:20:09:94:7a:d4:
bf:0f:ea:43:09:bc:5f:ba:ed:d5:e9:cd:45:fb:cc:ac:be:9e:
0d:00:35:2e:56:b4:75:e8:59:76:51:e7:2d:5b:9e:9b:62:e1:
6d:9f:6c:40:e5:7f:fb:65:4d:25:66:6a:65:cf:cb:13:5f:a2:
c2:62:a6:13:cb:a4:81:15:6d:b7:b9:9c:d2:1b:b5:69:dc:99:
e8:26:63:2c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzFAU/kP9Yd0R0IS+hi3Xy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjBmNDM0NWMwZWU0ZDlkN2ZjNmQ2OWJlZmJmNDU1YmVj
OTg3NDIwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Q4MTZiNzZlMWY5YTBiNmIzNjA2NTBjNjY5ZjUxNzM0MjhkMTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgukUsi+38aqBPz23tnGJv97amttG
P1AJQL8rcFPVeNShRXpvbmRw59kKuk0x9axgbAiexrliDlUPvfaMOBfGH1c1rDmN
AvhKeHetDrzS4ZmmVRwJx+NgkrVH4kaWLlyr38sc2fTWB4MtIEx3oI1dPbwcJBRJ
5WqZpamUvVX4ahaZwKvfE9i2nHYLaQLOothP/D5wByGkhBFPnV9bAuviKWVsA9us
L9R3Aiomoqzy9DTsICgpDdyBZgEbVlZlQSXf4gCN85Ks8FNBmrWo8AUBx68TtLcD
1Zfc5MurFG6ZLPZxi3x65yQyVDgeTsDw619C90ixiIqpsVDKdvWDc75u+QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMPYFrduH5oLazYGUMZp9Rc0KNEBMB8GA1UdIwQY
MBaAFKgg9DRcDuTZ1/xtab779FW+yYdCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYt
NTQwNzllNzMyYjBkLzEvdzlnV3QyNGZtZ3RyTmdaUXhtbjFGelFvMFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNWExNzktMjE1OC00MTBhLTlhYWYtNTQwNzllNzMyYjBk
LzEvcUNEME5Gd081Tm5YX0cxcHZ2djBWYjdKaDBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBVQi0AwQD
V/3gAwQDXb+IAwQCuUzUAwQCub5sAwQCvNLYMA0EAgACMAcDBQMqBVyAMA0GCSqG
SIb3DQEBCwUAA4IBAQBrU8/yohKTGc7vhZhEYht92kaeh8FkR4o1ZsRVD6JaFnns
nIaFB1q7s7sMZSCUbfih38DkLHhYEzudN8QyKdDDD00dndxxW5f7B0olFFNUxxIJ
Qnh6EuquASx7AuSwKyErLWp5dr8Cfh3VxKkxvRCJY8XV+FxbgafA+PQT0Ylg9H+K
jGD45GMwKXJsD+kqCxLyjvcAL7Cz2DPU1J2Z0jmrOWpZ1F8/b2fRhCE2EBmtIAmU
etS/D+pDCbxfuu3V6c1F+8ysvp4NADUuVrR16Fl2UectW56bYuFtn2xA5X/7ZU0l
Zmplz8sTX6LCYqYTy6SBFW23uZzSG7Vp3JnoJmMs
-----END CERTIFICATE-----
Generated at Sun Jun 2 23:29:58 2024 by rpki-client on console-ams.rpki-client.org