Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/abPWT50cPtyTBZgNrGBKOQBTw5k.roa
File: abPWT50cPtyTBZgNrGBKOQBTw5k.roa (raw, json)
Hash identifier: bYTH3Y6QfSw5EXSJPRDeQbLKzXq6AtnlrDUdcicOF/A=
Subject key identifier: 69:B3:D6:4F:9D:1C:3E:DC:93:05:98:0D:AC:60:4A:39:00:53:C3:99
Certificate issuer: /CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Certificate serial: 018CC26D3457C796FFD1DC7C6A6B4DBCA372
Authority key identifier: 1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/abPWT50cPtyTBZgNrGBKOQBTw5k.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33932
IP address blocks: 217.150.212.0/24 maxlen: 24
217.150.213.0/24 maxlen: 24
217.150.211.0/24 maxlen: 24
217.150.209.0/24 maxlen: 24
217.150.208.0/20 maxlen: 24
217.150.210.0/24 maxlen: 24
217.150.208.0/24 maxlen: 24
217.150.214.0/24 maxlen: 24
217.150.223.0/24 maxlen: 24
185.228.172.0/24 maxlen: 24
185.228.175.0/24 maxlen: 24
185.228.173.0/24 maxlen: 24
185.228.174.0/24 maxlen: 24
2a0d:2e00:1000::/36 maxlen: 36
2a0d:2e00:2000::/36 maxlen: 36
2a0d:2e00:3000::/36 maxlen: 36
2a0d:2e00:4000::/36 maxlen: 36
2a0d:2e00:1000::/48 maxlen: 48
2a0d:2e00:2000::/48 maxlen: 48
2a0d:2e00:3000::/48 maxlen: 48
2a0d:2e00:4000::/48 maxlen: 48
2a0d:2e00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 10:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:34:57:c7:96:ff:d1:dc:7c:6a:6b:4d:bc:a3:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8626749cbf84bcf42ebb2985b86dee830e5c14
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69b3d64f9d1c3edc9305980dac604a390053c399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a4:60:f5:46:d0:a7:ce:dd:89:07:3c:5c:25:
9f:76:0b:80:fb:54:07:60:b2:4a:65:87:55:9a:3a:
e1:6d:49:53:34:96:8e:0d:1a:24:74:6c:1a:c5:11:
98:3a:55:9a:e2:e3:92:04:bd:87:c7:46:79:d7:75:
68:df:e5:03:26:bd:a3:a3:a0:c2:93:67:d5:2e:97:
53:6e:11:c3:66:91:17:94:a3:5a:2e:52:a6:83:3d:
8f:10:78:22:51:d2:48:6b:fc:df:d7:83:42:df:f4:
5e:94:65:2f:f6:a9:eb:ed:10:28:2e:79:33:cc:ab:
a8:92:68:1d:a2:45:d9:4e:77:c4:2a:1c:0b:e9:03:
6c:47:5d:51:3c:20:4a:e4:b5:70:c3:35:02:a5:ee:
4a:01:2d:98:c7:1c:dd:a8:28:28:89:d3:e9:4d:b0:
d3:62:f6:6b:9d:0d:8f:66:e1:5a:a9:1f:bc:05:69:
04:03:48:68:3a:af:55:29:2d:ff:2f:cb:c8:81:cf:
9f:93:6e:b0:d2:88:f4:1a:10:41:bf:5b:ef:7b:c4:
05:27:6b:d8:d2:58:38:3e:3f:b6:f3:1b:5e:f2:2b:
ce:5c:4c:0a:c2:14:c8:03:cc:7f:b4:80:90:80:3d:
91:ea:95:01:28:e5:4c:7f:58:9b:58:3e:85:5c:4a:
0f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:B3:D6:4F:9D:1C:3E:DC:93:05:98:0D:AC:60:4A:39:00:53:C3:99
X509v3 Authority Key Identifier:
keyid:1D:86:26:74:9C:BF:84:BC:F4:2E:BB:29:85:B8:6D:EE:83:0E:5C:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYYmdJy_hLz0Lrsphbht7oMOXBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/abPWT50cPtyTBZgNrGBKOQBTw5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/951c8e-4a86-4c8e-9986-0bfbad4849cd/1/HYYmdJy_hLz0Lrsphbht7oMOXBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.172.0/22
217.150.208.0/20
IPv6:
2a0d:2e00::/29
Signature Algorithm: sha256WithRSAEncryption
82:d7:6e:95:f0:44:3d:c4:49:f9:9a:71:b1:b2:f4:b8:f4:e4:
50:58:46:3e:67:65:a6:1d:82:e4:15:a5:5c:40:2a:aa:11:90:
5c:a9:bd:2e:5c:34:e3:9f:d9:1d:6a:09:ea:bd:e7:ad:2c:15:
e7:16:f5:0b:d2:7e:02:29:dd:1a:cf:b0:5f:65:af:4d:20:d1:
e4:6c:a3:71:c5:20:3b:09:6b:71:c2:66:7d:8f:92:1d:20:69:
31:65:85:87:5b:04:02:ef:98:84:77:4e:9f:6e:03:ad:d5:92:
1e:a4:eb:82:0d:ad:bc:40:8a:73:5e:1f:de:21:6b:b1:65:35:
19:ef:79:72:07:6d:69:ee:e6:0d:13:db:3a:ee:5a:45:e8:ec:
c2:f8:a6:dc:8a:03:80:59:bf:58:40:29:4b:4e:be:c9:37:5a:
fc:af:1d:e1:68:10:b3:0e:67:8b:6c:69:5f:4d:22:e5:27:bc:
f5:3c:83:59:1a:92:7b:4b:bb:63:76:b1:73:c2:52:97:b6:aa:
a6:b3:db:99:fd:88:52:57:96:36:6c:d5:65:9a:31:34:7e:9f:
ce:9d:29:4e:93:0a:a6:73:4d:15:eb:c3:df:d8:8b:fb:ab:98:
45:ce:d6:13:49:05:87:d5:85:ae:ec:0d:84:07:f3:60:00:68:
1b:c2:5e:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbTRXx5b/0dx8amtNvKNyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkODYyNjc0OWNiZjg0YmNmNDJlYmIyOTg1Yjg2ZGVlODMw
ZTVjMTQwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWIzZDY0ZjlkMWMzZWRjOTMwNTk4MGRhYzYwNGEzOTAwNTNjMzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqRg9UbQp87diQc8XCWfdguA+1QH
YLJKZYdVmjrhbUlTNJaODRokdGwaxRGYOlWa4uOSBL2Hx0Z513Vo3+UDJr2jo6DC
k2fVLpdTbhHDZpEXlKNaLlKmgz2PEHgiUdJIa/zf14NC3/RelGUv9qnr7RAoLnkz
zKuokmgdokXZTnfEKhwL6QNsR11RPCBK5LVwwzUCpe5KAS2YxxzdqCgoidPpTbDT
YvZrnQ2PZuFaqR+8BWkEA0hoOq9VKS3/L8vIgc+fk26w0oj0GhBBv1vve8QFJ2vY
0lg4Pj+28xte8ivOXEwKwhTIA8x/tICQgD2R6pUBKOVMf1ibWD6FXEoP3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGmz1k+dHD7ckwWYDaxgSjkAU8OZMB8GA1UdIwQY
MBaAFB2GJnScv4S89C67KYW4be6DDlwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYt
MGJmYmFkNDg0OWNkLzEvYWJQV1Q1MGNQdHlUQlpnTnJHQktPUUJUdzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85NTFjOGUtNGE4Ni00YzhlLTk5ODYtMGJmYmFkNDg0OWNk
LzEvSFlZbWRKeV9oTHowTHJzcGhiaHQ3b01PWEJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCueSsAwQE
2ZbQMA0EAgACMAcDBQMqDS4AMA0GCSqGSIb3DQEBCwUAA4IBAQCC126V8EQ9xEn5
mnGxsvS49ORQWEY+Z2WmHYLkFaVcQCqqEZBcqb0uXDTjn9kdagnqveetLBXnFvUL
0n4CKd0az7BfZa9NINHkbKNxxSA7CWtxwmZ9j5IdIGkxZYWHWwQC75iEd06fbgOt
1ZIepOuCDa28QIpzXh/eIWuxZTUZ73lyB21p7uYNE9s67lpF6OzC+KbcigOAWb9Y
QClLTr7JN1r8rx3haBCzDmeLbGlfTSLlJ7z1PINZGpJ7S7tjdrFzwlKXtqqms9uZ
/YhSV5Y2bNVlmjE0fp/OnSlOkwqmc00V68Pf2Iv7q5hFztYTSQWH1YWu7A2EB/Ng
AGgbwl5U
-----END CERTIFICATE-----
Generated at Sat May 18 13:56:17 2024 by rpki-client on console-fra.rpki-client.org