Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/iD2dgmVcfiJzy8fwxls0Bie2aQk.roa
File: iD2dgmVcfiJzy8fwxls0Bie2aQk.roa (raw, json)
Hash identifier: i7ro14c3XBmgZYCyOPkLrymzp+3Kq6qMGEI1OewfEE0=
Subject key identifier: 88:3D:9D:82:65:5C:7E:22:73:CB:C7:F0:C6:5B:34:06:27:B6:69:09
Certificate issuer: /CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Certificate serial: 019056B062A10FB4D9FF9C448A8802DA6CBC
Authority key identifier: 3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/iD2dgmVcfiJzy8fwxls0Bie2aQk.roa
Signing time: Wed 26 Jun 2024 22:35:18 +0000
ROA not before: Wed 26 Jun 2024 22:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134433
IP address blocks: 185.71.228.0/22 maxlen: 24
185.71.228.0/24 maxlen: 24
185.71.229.0/24 maxlen: 24
185.71.230.0/24 maxlen: 24
185.71.231.0/24 maxlen: 24
185.125.84.0/22 maxlen: 24
185.125.84.0/24 maxlen: 24
185.125.85.0/24 maxlen: 24
185.125.86.0/24 maxlen: 24
185.125.87.0/24 maxlen: 24
193.0.180.0/22 maxlen: 24
193.0.180.0/24 maxlen: 24
193.0.181.0/24 maxlen: 24
193.0.182.0/24 maxlen: 24
193.0.183.0/24 maxlen: 24
2a05:3340::/29 maxlen: 64
2a05:3340::/42 maxlen: 42
2a05:3340:140::/42 maxlen: 48
2a05:3343:4::/48 maxlen: 48
2a05:3343:5::/48 maxlen: 48
2a05:3343:6::/48 maxlen: 48
2a05:3343:7::/48 maxlen: 48
2a05:3343:a::/48 maxlen: 48
2a05:3343:b::/48 maxlen: 48
2a05:3343:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.mft
rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:56:b0:62:a1:0f:b4:d9:ff:9c:44:8a:88:02:da:6c:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e24c7ecfa37d2487152fb9bbbab50be79de2619
Validity
Not Before: Jun 26 22:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=883d9d82655c7e2273cbc7f0c65b340627b66909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8b:f9:6d:ce:45:75:97:d6:4a:71:63:7e:7e:
33:00:56:68:3c:e3:50:1a:2b:ed:8a:4c:c4:d3:2a:
22:eb:ac:e5:84:b6:41:20:28:69:f2:29:3e:ef:f5:
aa:b2:6a:8a:31:3e:04:53:fd:fe:b2:60:ff:13:d1:
a3:41:c8:7b:34:19:f7:f0:46:6c:e3:d0:23:21:2b:
63:89:d9:fa:b0:ba:c0:96:5a:ea:98:66:29:ad:97:
1a:c1:db:61:c5:53:50:ad:a6:54:46:30:99:a1:06:
f9:44:a9:dd:65:b5:23:70:50:fe:96:54:fe:a8:cf:
21:5a:fa:62:4e:18:e0:3c:9a:62:d1:dc:5a:bd:3d:
1e:2d:b7:b5:7e:56:3d:bd:ae:20:00:67:3a:e0:bc:
f2:69:64:0c:62:1b:f3:6c:24:1d:95:97:36:5b:0c:
e0:4c:b0:a5:0c:8b:c3:6b:6a:92:70:18:2d:89:5e:
82:2c:c2:68:4f:ef:d9:0d:7b:10:76:5b:ce:39:4d:
87:34:a4:74:a1:82:b0:9a:2c:b7:67:fa:17:ac:0b:
b0:15:f9:af:de:cc:92:3d:fa:5c:e8:c7:91:cc:13:
ef:07:58:e8:92:d4:99:5f:bf:5b:8f:29:0e:3a:50:
7f:9b:9e:3a:93:93:48:4a:87:44:37:1d:50:2d:fc:
45:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3D:9D:82:65:5C:7E:22:73:CB:C7:F0:C6:5B:34:06:27:B6:69:09
X509v3 Authority Key Identifier:
keyid:3E:24:C7:EC:FA:37:D2:48:71:52:FB:9B:BB:AB:50:BE:79:DE:26:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiTH7Po30khxUvubu6tQvnneJhk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/iD2dgmVcfiJzy8fwxls0Bie2aQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/39a5fc-d26e-4d53-91e3-493d774aa1ff/1/PiTH7Po30khxUvubu6tQvnneJhk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.228.0/22
185.125.84.0/22
193.0.180.0/22
IPv6:
2a05:3340::/29
Signature Algorithm: sha256WithRSAEncryption
51:5a:ea:1a:89:a4:ae:89:34:9a:88:30:10:18:bb:40:d2:c4:
dd:8d:66:df:0b:1e:83:df:fa:6f:b4:d3:7c:cd:88:3d:7a:2f:
3a:c1:25:42:c9:24:0a:60:3a:9a:f8:1d:19:2b:59:54:77:1d:
d8:b0:a1:ca:89:24:dd:14:a1:9b:ce:1d:25:16:d8:70:34:39:
b7:4e:57:4f:d7:3e:4f:52:52:ad:99:9f:4f:f0:03:59:25:14:
32:84:62:09:9f:e5:f7:27:65:9c:71:ad:08:5d:32:86:db:9b:
c7:de:26:c0:f6:ba:01:3f:a7:88:29:4c:bf:93:53:42:f3:ae:
fa:d7:fd:bd:ac:12:99:ed:9d:b7:6a:48:80:e2:a4:04:17:dc:
e7:78:c4:94:2e:7c:97:d2:5a:52:e0:f4:43:61:75:5e:12:e2:
78:1d:80:6d:2c:ff:a2:0f:4e:65:81:1b:19:2f:75:7e:7f:bc:
26:58:b7:62:b2:37:38:8c:c6:18:1a:71:b0:b3:5a:05:aa:fe:
ae:6b:13:bb:9d:31:0e:1e:9e:2b:7a:9f:79:e6:cb:97:2b:d1:
96:85:77:34:6f:e2:93:b7:56:01:71:5a:ef:41:0a:1f:f4:4b:
fa:67:2e:62:d3:e7:44:c3:07:da:39:a9:df:ee:32:84:12:7d:
7f:59:fa:c9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZBWsGKhD7TZ/5xEiogC2my8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMjRjN2VjZmEzN2QyNDg3MTUyZmI5YmJiYWI1MGJlNzlk
ZTI2MTkwHhcNMjQwNjI2MjIzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODNkOWQ4MjY1NWM3ZTIyNzNjYmM3ZjBjNjViMzQwNjI3YjY2OTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxov5bc5FdZfWSnFjfn4zAFZoPONQ
GivtikzE0yoi66zlhLZBIChp8ik+7/WqsmqKMT4EU/3+smD/E9GjQch7NBn38EZs
49AjIStjidn6sLrAllrqmGYprZcawdthxVNQraZURjCZoQb5RKndZbUjcFD+llT+
qM8hWvpiThjgPJpi0dxavT0eLbe1flY9va4gAGc64LzyaWQMYhvzbCQdlZc2Wwzg
TLClDIvDa2qScBgtiV6CLMJoT+/ZDXsQdlvOOU2HNKR0oYKwmiy3Z/oXrAuwFfmv
3sySPfpc6MeRzBPvB1joktSZX79bjykOOlB/m546k5NISodENx1QLfxF5wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIg9nYJlXH4ic8vH8MZbNAYntmkJMB8GA1UdIwQY
MBaAFD4kx+z6N9JIcVL7m7urUL553iYZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMt
NDkzZDc3NGFhMWZmLzEvaUQyZGdtVmNmaUp6eThmd3hsczBCaWUyYVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zOWE1ZmMtZDI2ZS00ZDUzLTkxZTMtNDkzZDc3NGFhMWZm
LzEvUGlUSDdQbzMwa2h4VXZ1YnU2dFF2bm5lSmhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUfkAwQC
uX1UAwQCwQC0MA0EAgACMAcDBQMqBTNAMA0GCSqGSIb3DQEBCwUAA4IBAQBRWuoa
iaSuiTSaiDAQGLtA0sTdjWbfCx6D3/pvtNN8zYg9ei86wSVCySQKYDqa+B0ZK1lU
dx3YsKHKiSTdFKGbzh0lFthwNDm3TldP1z5PUlKtmZ9P8ANZJRQyhGIJn+X3J2Wc
ca0IXTKG25vH3ibA9roBP6eIKUy/k1NC86761/29rBKZ7Z23akiA4qQEF9zneMSU
LnyX0lpS4PRDYXVeEuJ4HYBtLP+iD05lgRsZL3V+f7wmWLdisjc4jMYYGnGws1oF
qv6uaxO7nTEOHp4rep955suXK9GWhXc0b+KTt1YBcVrvQQof9Ev6Zy5i0+dEwwfa
Oanf7jKEEn1/WfrJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:29:07 2024 by rpki-client on console-ams.rpki-client.org