Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/_yNzTIjilXTlC5M7e6jW-gNlh8M.roa
File: _yNzTIjilXTlC5M7e6jW-gNlh8M.roa (raw, json)
Hash identifier: EfyknfqRXmW6PM4OFVtDskFgNLaDFbVAD+wv4RsQLn0=
Subject key identifier: FF:23:73:4C:88:E2:95:74:E5:0B:93:3B:7B:A8:D6:FA:03:65:87:C3
Certificate issuer: /CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Certificate serial: 018CF3B083794022F09993934BEC1FFB3150
Authority key identifier: 09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/_yNzTIjilXTlC5M7e6jW-gNlh8M.roa
Signing time: Wed 10 Jan 2024 14:04:40 +0000
ROA not before: Wed 10 Jan 2024 14:04:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.254.133.0/24 maxlen: 24
185.254.134.0/24 maxlen: 24
185.254.135.0/24 maxlen: 24
185.40.185.0/24 maxlen: 24
185.40.186.0/24 maxlen: 24
185.40.184.0/24 maxlen: 24
185.40.187.0/24 maxlen: 24
185.254.132.0/24 maxlen: 24
185.121.28.0/24 maxlen: 24
185.121.29.0/24 maxlen: 24
185.121.30.0/24 maxlen: 24
185.121.31.0/24 maxlen: 24
185.118.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:b0:83:79:40:22:f0:99:93:93:4b:ec:1f:fb:31:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09d1a634bbb7aefad87d121a5fe545648738c8c5
Validity
Not Before: Jan 10 14:04:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff23734c88e29574e50b933b7ba8d6fa036587c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7f:af:ce:e5:cc:31:c8:ca:39:ac:a0:e8:40:
18:df:8e:57:12:fa:fb:2d:cc:fc:6a:bf:7b:fe:0b:
64:b7:e8:41:d8:98:0f:87:cc:12:1e:3a:fc:03:86:
d3:0c:98:04:4a:ec:3b:a4:28:c8:75:bf:fc:d5:01:
42:33:87:c1:f6:62:b3:8b:55:50:40:da:e9:74:7b:
74:91:91:b0:3f:56:97:7f:74:a6:c7:84:66:d1:bd:
98:50:a7:29:a6:34:38:26:25:34:1a:7c:bb:af:df:
b6:a1:13:d8:8d:f5:e9:ae:dc:dc:3f:da:62:6a:28:
27:3f:e6:aa:62:a9:c8:59:8a:7d:57:c6:03:e2:15:
8d:d1:91:8f:b9:ca:2d:0a:09:d6:1a:64:6a:c4:52:
4a:60:47:d3:a8:81:92:8a:c4:cb:f0:89:15:07:5b:
6f:84:25:9d:98:5d:82:0b:a5:34:ba:41:86:6c:6f:
25:23:fb:bd:66:f7:da:98:51:09:4b:2f:53:99:26:
c1:9f:6e:86:02:6b:1c:ce:b7:3c:40:f5:68:46:ae:
ee:ce:5a:f8:d7:ed:f9:da:41:21:b4:42:3f:60:f0:
94:eb:6b:fe:ac:8b:1b:04:01:bf:ed:90:85:aa:1a:
20:6f:48:77:bd:e1:cd:58:70:e7:9e:0e:bb:bf:cc:
68:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:23:73:4C:88:E2:95:74:E5:0B:93:3B:7B:A8:D6:FA:03:65:87:C3
X509v3 Authority Key Identifier:
keyid:09:D1:A6:34:BB:B7:AE:FA:D8:7D:12:1A:5F:E5:45:64:87:38:C8:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CdGmNLu3rvrYfRIaX-VFZIc4yMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/_yNzTIjilXTlC5M7e6jW-gNlh8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2640df-b5d1-4c00-b2f2-5e5b8b28059a/1/CdGmNLu3rvrYfRIaX-VFZIc4yMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.184.0/22
185.118.118.0/24
185.121.28.0/22
185.254.132.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:bb:ab:7b:a8:ac:97:ba:ac:7d:d7:5c:00:c2:d6:c8:6d:54:
64:47:13:b2:e6:59:1b:9d:34:d0:5c:5d:17:14:7e:f8:59:46:
91:6b:54:2a:f8:d7:57:09:85:5f:50:d1:a3:28:72:4a:a3:a6:
c5:ac:9c:9d:c6:98:98:72:83:c9:43:cd:1a:a4:d1:be:a8:83:
47:51:41:5f:eb:8e:1d:90:12:27:1c:56:7b:aa:3a:aa:89:62:
d2:0c:fe:94:4c:ae:66:05:0e:1e:0f:11:e9:00:6d:3f:b8:76:
6a:d4:0f:cc:a0:d5:2f:73:e9:cb:95:dc:aa:57:e6:a8:ed:c3:
34:05:a2:87:ff:05:9c:a5:7d:4c:11:c1:40:80:16:dc:7b:cd:
bd:12:a2:21:aa:86:51:72:e4:c2:be:3d:07:80:2a:c5:24:65:
d7:ab:53:34:22:68:fb:6d:0e:b2:a3:a9:6c:36:8e:d1:a3:0d:
1d:95:d1:4e:ff:3a:d5:a5:ab:9b:e7:6c:34:d9:3f:5e:0e:ec:
3c:59:0e:6b:12:a8:99:6d:7b:fa:29:61:d5:77:11:5e:69:7d:
91:41:28:3e:52:85:75:83:6b:67:4d:32:d3:94:7e:ee:cb:05:
28:d9:fc:73:80:7e:58:15:61:0b:bc:04:cb:54:7c:be:46:6d:
b7:7a:31:41
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzzsIN5QCLwmZOTS+wf+zFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZDFhNjM0YmJiN2FlZmFkODdkMTIxYTVmZTU0NTY0ODcz
OGM4YzUwHhcNMjQwMTEwMTQwNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjIzNzM0Yzg4ZTI5NTc0ZTUwYjkzM2I3YmE4ZDZmYTAzNjU4N2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3+vzuXMMcjKOayg6EAY345XEvr7
Lcz8ar97/gtkt+hB2JgPh8wSHjr8A4bTDJgESuw7pCjIdb/81QFCM4fB9mKzi1VQ
QNrpdHt0kZGwP1aXf3Smx4Rm0b2YUKcppjQ4JiU0Gny7r9+2oRPYjfXprtzcP9pi
aignP+aqYqnIWYp9V8YD4hWN0ZGPucotCgnWGmRqxFJKYEfTqIGSisTL8IkVB1tv
hCWdmF2CC6U0ukGGbG8lI/u9ZvfamFEJSy9TmSbBn26GAmsczrc8QPVoRq7uzlr4
1+352kEhtEI/YPCU62v+rIsbBAG/7ZCFqhogb0h3veHNWHDnng67v8xolQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP8jc0yI4pV05QuTO3uo1voDZYfDMB8GA1UdIwQY
MBaAFAnRpjS7t6762H0SGl/lRWSHOMjFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjIt
NWU1YjhiMjgwNTlhLzEvX3lOelRJamlsWFRsQzVNN2U2alctZ05saDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yNjQwZGYtYjVkMS00YzAwLWIyZjItNWU1YjhiMjgwNTlh
LzEvQ2RHbU5MdTNydnJZZlJJYVgtVkZaSWM0eU1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuSi4AwQA
uXZ2AwQCuXkcAwQCuf6EMA0GCSqGSIb3DQEBCwUAA4IBAQCxu6t7qKyXuqx911wA
wtbIbVRkRxOy5lkbnTTQXF0XFH74WUaRa1Qq+NdXCYVfUNGjKHJKo6bFrJydxpiY
coPJQ80apNG+qINHUUFf644dkBInHFZ7qjqqiWLSDP6UTK5mBQ4eDxHpAG0/uHZq
1A/MoNUvc+nLldyqV+ao7cM0BaKH/wWcpX1MEcFAgBbce829EqIhqoZRcuTCvj0H
gCrFJGXXq1M0Imj7bQ6yo6lsNo7Row0dldFO/zrVpaub52w02T9eDuw8WQ5rEqiZ
bXv6KWHVdxFeaX2RQSg+UoV1g2tnTTLTlH7uywUo2fxzgH5YFWELvATLVHy+Rm23
ejFB
-----END CERTIFICATE-----
Generated at Wed May 15 18:26:00 2024 by rpki-client on console-fra.rpki-client.org