Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/g3VdNhHZ_8v9WHRAEp_3HLnc4TU.roa
File: g3VdNhHZ_8v9WHRAEp_3HLnc4TU.roa (raw, json)
Hash identifier: oafbuu+bvUp2ja6vnLne1a3NVyN490D94jiPo+s07TU=
Subject key identifier: 83:75:5D:36:11:D9:FF:CB:FD:58:74:40:12:9F:F7:1C:B9:DC:E1:35
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018CC79532AEFBC62965FA2470D25F51D11C
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/g3VdNhHZ_8v9WHRAEp_3HLnc4TU.roa
Signing time: Tue 02 Jan 2024 00:31:32 +0000
ROA not before: Tue 02 Jan 2024 00:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49074
IP address blocks: 193.242.196.0/22 maxlen: 22
109.166.32.0/22 maxlen: 22
91.228.140.0/22 maxlen: 22
194.40.204.0/22 maxlen: 22
91.234.56.0/22 maxlen: 22
151.248.64.0/24 maxlen: 24
151.248.65.0/24 maxlen: 24
151.248.66.0/24 maxlen: 24
151.248.67.0/24 maxlen: 24
151.248.95.0/24 maxlen: 24
176.113.104.0/22 maxlen: 22
2a04:2043::/32 maxlen: 32
2a04:2047::/32 maxlen: 32
2a04:2041::/32 maxlen: 32
2a04:2045::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 09:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:32:ae:fb:c6:29:65:fa:24:70:d2:5f:51:d1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jan 2 00:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83755d3611d9ffcbfd587440129ff71cb9dce135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d2:59:2c:2d:1e:7b:e4:f6:ca:47:74:ab:1a:
52:4d:f7:11:40:40:fa:ef:ff:79:05:e9:45:19:fb:
97:05:b1:ce:f8:15:13:8b:7e:49:c1:33:04:fc:69:
77:cb:93:f7:ce:3c:a5:31:af:d9:7c:27:6e:58:6e:
a5:64:29:6b:ef:f3:d8:7d:6f:11:4d:8a:8c:db:f8:
78:11:a3:8e:1c:d7:d9:08:d8:a5:8e:cd:75:eb:32:
5d:47:01:96:ae:31:f2:45:2f:bf:3a:b4:5c:f9:10:
5b:96:31:a9:58:ae:96:f9:df:e8:68:f6:27:89:6c:
56:29:83:cf:76:d7:20:78:a7:8a:d3:03:ad:09:f9:
46:be:2b:7a:04:fa:23:be:f1:ce:6e:3d:98:a0:3f:
45:e8:65:b7:af:78:0c:cc:60:cf:4a:c4:6f:cc:d5:
ef:53:d1:b2:54:1e:a3:80:f4:ec:d5:79:da:97:74:
ae:27:fb:aa:79:e0:bd:dc:aa:a7:2c:f5:b2:43:1a:
a7:1d:64:5d:18:7c:dc:05:df:eb:05:9f:4d:02:80:
c6:26:b9:e2:c0:3a:18:1e:b0:1d:f8:4d:d5:b9:d8:
9e:6f:f7:b0:78:53:0c:e7:0c:af:0a:b7:2d:3f:35:
13:7e:dd:ee:2c:20:0a:00:83:3f:c0:66:ed:76:3b:
af:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:75:5D:36:11:D9:FF:CB:FD:58:74:40:12:9F:F7:1C:B9:DC:E1:35
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/g3VdNhHZ_8v9WHRAEp_3HLnc4TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.140.0/22
91.234.56.0/22
109.166.32.0/22
151.248.64.0/22
151.248.95.0/24
176.113.104.0/22
193.242.196.0/22
194.40.204.0/22
IPv6:
2a04:2041::/32
2a04:2043::/32
2a04:2045::/32
2a04:2047::/32
Signature Algorithm: sha256WithRSAEncryption
8f:26:71:2d:44:a7:48:99:1c:04:30:f5:2a:45:4b:b2:76:fc:
24:da:af:f4:78:55:90:ed:21:23:3b:32:eb:5c:cd:a9:59:ea:
22:d3:75:85:93:69:bb:57:a9:44:ef:dd:70:b2:2e:85:70:f1:
90:47:35:42:56:ca:c2:c9:1f:4c:44:87:21:a8:37:29:98:31:
4c:8e:d6:73:00:0b:20:e1:b6:70:98:14:c3:b6:48:b2:5e:38:
8a:f9:4e:d0:2a:e3:b4:c3:54:7c:80:06:9f:65:7d:e9:ff:b0:
88:72:f0:d8:d0:38:0a:de:b2:d4:6d:40:2d:42:b6:fb:11:60:
eb:74:26:30:c0:db:4b:87:2a:ed:ee:30:39:96:aa:9d:0e:93:
0b:25:c0:af:57:6b:d5:af:ca:16:1c:9c:f4:a1:3f:80:b5:77:
3f:d1:09:1b:6e:95:14:5f:d0:c7:0b:78:9e:06:79:b0:8c:77:
46:3a:72:95:2a:9c:7e:e0:f0:6d:d9:7d:ad:30:45:1e:c7:01:
40:b7:9f:36:07:91:34:f5:2f:f6:0d:2e:3b:ed:85:a3:4d:66:
5c:b0:90:05:d8:46:74:92:cc:8b:bd:77:be:77:f6:02:42:21:
2e:96:62:e3:25:ed:e0:51:e9:7f:d8:e8:40:7f:2d:39:61:d3:
05:0b:52:aa
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzHlTKu+8YpZfokcNJfUdEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzc1NWQzNjExZDlmZmNiZmQ1ODc0NDAxMjlmZjcxY2I5ZGNlMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitJZLC0ee+T2ykd0qxpSTfcRQED6
7/95BelFGfuXBbHO+BUTi35JwTME/Gl3y5P3zjylMa/ZfCduWG6lZClr7/PYfW8R
TYqM2/h4EaOOHNfZCNiljs116zJdRwGWrjHyRS+/OrRc+RBbljGpWK6W+d/oaPYn
iWxWKYPPdtcgeKeK0wOtCflGvit6BPojvvHObj2YoD9F6GW3r3gMzGDPSsRvzNXv
U9GyVB6jgPTs1Xnal3SuJ/uqeeC93KqnLPWyQxqnHWRdGHzcBd/rBZ9NAoDGJrni
wDoYHrAd+E3Vudieb/eweFMM5wyvCrctPzUTft3uLCAKAIM/wGbtdjuvRQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFIN1XTYR2f/L/Vh0QBKf9xy53OE1MB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvZzNWZE5oSFpfOHY5V0hSQUVwXzNITG5jNFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA2BAIAATAwAwQCW+SMAwQC
W+o4AwQCbaYgAwQCl/hAAwQAl/hfAwQCsHFoAwQCwfLEAwQCwijMMCIEAgACMBwD
BQAqBCBBAwUAKgQgQwMFACoEIEUDBQAqBCBHMA0GCSqGSIb3DQEBCwUAA4IBAQCP
JnEtRKdImRwEMPUqRUuydvwk2q/0eFWQ7SEjOzLrXM2pWeoi03WFk2m7V6lE791w
si6FcPGQRzVCVsrCyR9MRIchqDcpmDFMjtZzAAsg4bZwmBTDtkiyXjiK+U7QKuO0
w1R8gAafZX3p/7CIcvDY0DgK3rLUbUAtQrb7EWDrdCYwwNtLhyrt7jA5lqqdDpML
JcCvV2vVr8oWHJz0oT+AtXc/0QkbbpUUX9DHC3ieBnmwjHdGOnKVKpx+4PBt2X2t
MEUexwFAt582B5E09S/2DS477YWjTWZcsJAF2EZ0ksyLvXe+d/YCQiEulmLjJe3g
Uel/2OhAfy05YdMFC1Kq
-----END CERTIFICATE-----
Generated at Wed May 15 18:28:05 2024 by rpki-client on console-fra.rpki-client.org