Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/32bcDF8fDCexj2IYsj-jNTvXLhU.roa
File: 32bcDF8fDCexj2IYsj-jNTvXLhU.roa (raw, json)
Hash identifier: 1I7jwTSmixgE8DSr+s2xlbhE/EZD3amyvWyeNHTZzyw=
Subject key identifier: DF:66:DC:0C:5F:1F:0C:27:B1:8F:62:18:B2:3F:A3:35:3B:D7:2E:15
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018CCA29D71C310213E4B500CF78464A2D92
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/32bcDF8fDCexj2IYsj-jNTvXLhU.roa
Signing time: Tue 02 Jan 2024 12:33:08 +0000
ROA not before: Tue 02 Jan 2024 12:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 185.112.56.0/23 maxlen: 24
185.95.102.0/23 maxlen: 24
185.95.100.0/23 maxlen: 24
193.221.215.0/24 maxlen: 24
185.81.174.0/23 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.173.0/24 maxlen: 24
185.81.186.0/23 maxlen: 24
185.81.184.0/23 maxlen: 24
185.97.1.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
185.68.245.0/24 maxlen: 24
185.96.83.0/24 maxlen: 24
185.96.80.0/24 maxlen: 24
185.185.147.0/24 maxlen: 24
185.79.51.0/24 maxlen: 24
185.79.79.0/24 maxlen: 24
185.89.108.0/22 maxlen: 24
185.104.151.0/24 maxlen: 24
89.19.57.0/24 maxlen: 24
89.19.58.0/24 maxlen: 24
89.19.59.0/24 maxlen: 24
185.175.225.0/24 maxlen: 24
185.175.224.0/24 maxlen: 24
213.170.223.0/24 maxlen: 24
185.81.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d7:1c:31:02:13:e4:b5:00:cf:78:46:4a:2d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 2 12:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df66dc0c5f1f0c27b18f6218b23fa3353bd72e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:1d:64:ab:1c:a7:b4:6c:58:dd:84:21:2e:3b:
95:18:81:6b:2f:7f:e7:a6:a5:86:79:18:21:de:5c:
86:89:37:4a:f2:91:12:ef:04:4f:06:71:70:06:15:
14:0e:83:d2:5b:68:c9:4b:37:93:bf:00:3b:b0:23:
66:98:fb:59:32:68:c3:4f:2d:b1:86:2d:f1:7b:48:
33:a5:62:75:de:4a:96:cb:25:a8:ac:98:ee:2e:e3:
fd:d7:0d:e4:3c:72:bc:d4:c3:63:72:04:68:c3:cf:
17:75:8c:69:e0:d9:5c:1e:70:cf:49:12:f2:93:7c:
d5:58:7f:d1:f6:e7:ec:05:33:e7:eb:f8:f8:bb:f3:
59:52:cf:b1:f7:93:c2:9a:7a:da:30:aa:0b:87:1b:
94:59:1e:43:b8:ee:f6:ca:97:6c:30:33:08:a9:32:
c2:16:4e:73:af:5a:43:cd:5a:e2:a1:5b:bd:55:e0:
08:e9:63:40:0f:85:f2:74:70:17:1d:c6:b9:88:ea:
f5:5d:3b:e3:28:54:2a:c3:c1:f9:57:ee:24:ac:e1:
49:d9:5c:b7:89:77:21:3d:b1:81:b3:f0:2e:ec:f4:
be:2f:b1:ea:62:0f:d2:cb:0c:86:f7:58:9f:a4:e7:
ea:05:b2:b4:7e:5e:4c:24:dc:a2:5b:eb:23:35:82:
a5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:66:DC:0C:5F:1F:0C:27:B1:8F:62:18:B2:3F:A3:35:3B:D7:2E:15
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/32bcDF8fDCexj2IYsj-jNTvXLhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.57.0-89.19.59.255
185.68.245.0/24
185.79.51.0/24
185.79.79.0/24
185.81.172.0/22
185.81.184.0/22
185.89.108.0/22
185.95.100.0/22
185.96.80.0/24
185.96.83.0/24
185.97.1.0/24
185.97.3.0/24
185.104.151.0/24
185.112.56.0/23
185.175.224.0/23
185.185.147.0/24
193.221.215.0/24
213.170.223.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:98:a1:7e:17:fc:b8:fd:2d:ee:f4:ca:10:b7:3a:82:87:44:
78:e0:64:40:3e:d9:7c:f3:b0:4d:5f:f3:f1:5d:ae:26:78:af:
2f:95:32:4b:ac:0f:4e:3d:c0:cb:ec:cb:78:80:a5:ae:37:ea:
a7:6f:52:7b:0b:30:4d:73:c7:f7:9a:26:55:f5:c4:30:93:46:
dd:f6:5b:43:0c:75:01:88:46:5f:cf:45:bf:71:85:b4:c4:a5:
24:54:6e:10:f1:8f:65:cc:6a:86:9f:90:6b:24:e9:02:20:d4:
56:e6:07:63:e6:94:ca:0e:c2:03:23:e3:57:9a:a1:f0:46:fd:
a6:fb:5c:28:d6:d6:c3:db:9c:25:1d:c0:53:4b:33:ab:44:f9:
28:f2:22:45:5d:58:36:13:d2:b1:cb:dd:49:7b:0b:41:3e:80:
eb:ec:29:2d:e5:3d:99:a2:74:6c:99:d9:f2:17:d6:79:12:25:
8b:90:ab:83:ad:6b:4d:b2:2f:fa:10:1f:2d:a9:36:0e:e5:9a:
1f:43:17:a8:25:c8:28:3e:12:84:b9:40:1a:b1:e3:b0:4b:9b:
77:58:5c:45:18:0b:a2:c0:94:7a:ba:d2:5c:39:a3:8a:f9:5b:
af:bd:9a:fa:75:89:66:53:1b:5c:24:68:f4:1a:a1:0b:82:20:
51:b2:b5:66
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYzKKdccMQIT5LUAz3hGSi2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwMTAyMTIzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjY2ZGMwYzVmMWYwYzI3YjE4ZjYyMThiMjNmYTMzNTNiZDcyZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApx1kqxyntGxY3YQhLjuVGIFrL3/n
pqWGeRgh3lyGiTdK8pES7wRPBnFwBhUUDoPSW2jJSzeTvwA7sCNmmPtZMmjDTy2x
hi3xe0gzpWJ13kqWyyWorJjuLuP91w3kPHK81MNjcgRow88XdYxp4NlcHnDPSRLy
k3zVWH/R9ufsBTPn6/j4u/NZUs+x95PCmnraMKoLhxuUWR5DuO72ypdsMDMIqTLC
Fk5zr1pDzVrioVu9VeAI6WNAD4XydHAXHca5iOr1XTvjKFQqw8H5V+4krOFJ2Vy3
iXchPbGBs/Au7PS+L7HqYg/SywyG91ifpOfqBbK0fl5MJNyiW+sjNYKlMQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFN9m3AxfHwwnsY9iGLI/ozU71y4VMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvMzJiY0RGOGZEQ2V4ajJJWXNqLWpOVHZYTGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdDAMAwQAWRM5
AwQCWRM4AwQAuUT1AwQAuU8zAwQAuU9PAwQCuVGsAwQCuVG4AwQCuVlsAwQCuV9k
AwQAuWBQAwQAuWBTAwQAuWEBAwQAuWEDAwQAuWiXAwQBuXA4AwQBua/gAwQAubmT
AwQAwd3XAwQA1arfMA0GCSqGSIb3DQEBCwUAA4IBAQBPmKF+F/y4/S3u9MoQtzqC
h0R44GRAPtl887BNX/PxXa4meK8vlTJLrA9OPcDL7Mt4gKWuN+qnb1J7CzBNc8f3
miZV9cQwk0bd9ltDDHUBiEZfz0W/cYW0xKUkVG4Q8Y9lzGqGn5BrJOkCINRW5gdj
5pTKDsIDI+NXmqHwRv2m+1wo1tbD25wlHcBTSzOrRPko8iJFXVg2E9Kxy91JewtB
PoDr7Ckt5T2ZonRsmdnyF9Z5EiWLkKuDrWtNsi/6EB8tqTYO5ZofQxeoJcgoPhKE
uUAaseOwS5t3WFxFGAuiwJR6utJcOaOK+VuvvZr6dYlmUxtcJGj0GqELgiBRsrVm
-----END CERTIFICATE-----
Generated at Fri May 10 20:26:21 2024 by rpki-client on console-fra.rpki-client.org