Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/35yM5Wgna9OgZARuial53JkN0bw.roa
File: 35yM5Wgna9OgZARuial53JkN0bw.roa (raw, json)
Hash identifier: 3jVazTN2YTpFqgoA+D5I1QZ64wOnOwwgxR+CGFmxLhk=
Subject key identifier: DF:9C:8C:E5:68:27:6B:D3:A0:64:04:6E:89:A9:79:DC:99:0D:D1:BC
Certificate issuer: /CN=045c5f3bb81191720c0ddf8b3cf34d91dab4e1d3
Certificate serial: 018CC9BC42679B7E1968CFA33BC7B3E1735F
Authority key identifier: 04:5C:5F:3B:B8:11:91:72:0C:0D:DF:8B:3C:F3:4D:91:DA:B4:E1:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BFxfO7gRkXIMDd-LPPNNkdq04dM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/35yM5Wgna9OgZARuial53JkN0bw.roa
Signing time: Tue 02 Jan 2024 10:33:27 +0000
ROA not before: Tue 02 Jan 2024 10:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25184
IP address blocks: 78.109.192.0/20 maxlen: 24
79.175.128.0/18 maxlen: 24
31.47.32.0/19 maxlen: 24
81.90.144.0/20 maxlen: 24
80.75.0.0/20 maxlen: 24
217.11.16.0/20 maxlen: 24
185.3.124.0/22 maxlen: 24
31.14.112.0/20 maxlen: 24
86.104.32.0/20 maxlen: 24
93.113.224.0/20 maxlen: 24
46.102.128.0/20 maxlen: 24
2a03:4680::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/BFxfO7gRkXIMDd-LPPNNkdq04dM.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/BFxfO7gRkXIMDd-LPPNNkdq04dM.mft
rsync://rpki.ripe.net/repository/DEFAULT/BFxfO7gRkXIMDd-LPPNNkdq04dM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:42:67:9b:7e:19:68:cf:a3:3b:c7:b3:e1:73:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=045c5f3bb81191720c0ddf8b3cf34d91dab4e1d3
Validity
Not Before: Jan 2 10:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df9c8ce568276bd3a064046e89a979dc990dd1bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a8:09:30:70:c7:f1:d5:29:b6:74:c4:ec:9b:
ef:8f:51:d8:62:87:e0:9a:05:ad:31:9b:93:1e:74:
d4:8b:9a:98:04:d2:ff:6b:bd:3b:72:a1:f2:b9:1d:
f8:69:d9:90:c3:70:bb:ef:1c:21:53:6b:50:9b:23:
82:6f:6c:51:9c:19:b4:a8:6d:92:92:f2:8c:e6:56:
77:77:a4:ea:24:f1:ae:e0:02:a9:91:fd:5f:a3:75:
f1:37:bc:6b:f5:67:1e:01:3b:44:77:0b:f7:1d:a8:
6a:d9:bb:53:b4:ff:8a:ce:bb:91:64:0d:35:f4:f9:
71:98:7a:2d:6e:10:6f:d5:2b:55:a3:2c:d4:a3:ac:
c3:6b:52:ba:7c:71:13:0b:27:04:dc:82:7c:e4:31:
07:97:45:a9:75:d1:e1:51:02:3c:02:eb:b3:9b:f4:
a1:19:3f:8e:b7:02:c1:a8:73:93:ee:c4:3b:5e:5b:
cd:2f:cf:a8:c6:6a:4d:a9:d4:da:74:91:12:6b:32:
05:30:d6:32:f0:02:6c:07:cc:84:5c:cc:94:81:37:
d5:42:a0:65:b5:97:c2:55:e3:2b:fa:60:fe:8e:ca:
0e:32:1b:74:13:61:e9:c9:e7:a7:c0:da:94:ab:a5:
d0:38:2b:9f:28:d9:ce:b2:0c:1d:bb:f4:aa:2c:64:
94:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9C:8C:E5:68:27:6B:D3:A0:64:04:6E:89:A9:79:DC:99:0D:D1:BC
X509v3 Authority Key Identifier:
keyid:04:5C:5F:3B:B8:11:91:72:0C:0D:DF:8B:3C:F3:4D:91:DA:B4:E1:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BFxfO7gRkXIMDd-LPPNNkdq04dM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/35yM5Wgna9OgZARuial53JkN0bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6eabcd-a8fc-43ea-8b7c-fbb80853c1be/1/BFxfO7gRkXIMDd-LPPNNkdq04dM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.112.0/20
31.47.32.0/19
46.102.128.0/20
78.109.192.0/20
79.175.128.0/18
80.75.0.0/20
81.90.144.0/20
86.104.32.0/20
93.113.224.0/20
185.3.124.0/22
217.11.16.0/20
IPv6:
2a03:4680::/29
Signature Algorithm: sha256WithRSAEncryption
9c:15:ec:08:98:46:e9:f4:3d:59:08:f4:d6:1a:04:08:1d:9e:
68:02:63:45:29:75:2e:6c:cf:a4:1a:47:19:75:10:34:8f:c1:
2b:5d:15:f7:af:7d:61:7a:a9:df:90:0f:84:aa:49:b0:ee:a4:
ba:01:bc:8d:b2:a2:aa:36:d0:cb:63:05:f9:01:58:f6:89:49:
74:0c:77:88:17:66:fb:cb:44:dd:f9:b2:06:af:35:49:ae:3a:
7f:02:5a:df:39:86:f7:0f:da:60:d0:5b:f6:02:63:e0:5b:b5:
4f:c7:50:8c:db:e0:26:f9:df:5f:99:ec:2e:1e:37:49:4e:61:
52:ed:9d:c4:f1:6e:9a:5a:22:07:77:25:28:48:ae:f8:8e:99:
dd:b8:39:f6:55:62:78:9d:f5:61:8d:82:ea:a8:6d:c7:e2:9b:
c1:d9:ca:05:99:36:78:c6:c0:fb:56:02:86:e0:00:1a:82:47:
e6:3a:11:82:0a:dd:5a:fb:a1:90:92:a4:ad:13:8e:fe:c3:94:
d2:b5:fc:0b:7e:f4:57:23:21:89:f6:ec:f3:25:60:83:f3:5e:
2c:c4:62:ac:62:b8:d8:24:73:35:19:53:00:52:d9:a5:00:cd:
e5:8a:e3:25:4d:da:15:33:9c:e9:ae:a6:ee:69:85:73:90:51:
64:8d:fa:75
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzJvEJnm34ZaM+jO8ez4XNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NWM1ZjNiYjgxMTkxNzIwYzBkZGY4YjNjZjM0ZDkxZGFi
NGUxZDMwHhcNMjQwMTAyMTAzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjljOGNlNTY4Mjc2YmQzYTA2NDA0NmU4OWE5NzlkYzk5MGRkMWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6gJMHDH8dUptnTE7Jvvj1HYYofg
mgWtMZuTHnTUi5qYBNL/a707cqHyuR34admQw3C77xwhU2tQmyOCb2xRnBm0qG2S
kvKM5lZ3d6TqJPGu4AKpkf1fo3XxN7xr9WceATtEdwv3Hahq2btTtP+KzruRZA01
9PlxmHotbhBv1StVoyzUo6zDa1K6fHETCycE3IJ85DEHl0WpddHhUQI8Auuzm/Sh
GT+OtwLBqHOT7sQ7XlvNL8+oxmpNqdTadJESazIFMNYy8AJsB8yEXMyUgTfVQqBl
tZfCVeMr+mD+jsoOMht0E2HpyeenwNqUq6XQOCufKNnOsgwdu/SqLGSU8QIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFN+cjOVoJ2vToGQEbompedyZDdG8MB8GA1UdIwQY
MBaAFARcXzu4EZFyDA3fizzzTZHatOHTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkZ4Zk83Z1JrWElNRGQtTFBQTk5rZHEwNGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy82ZWFiY2QtYThmYy00M2VhLThiN2Mt
ZmJiODA4NTNjMWJlLzEvMzV5TTVXZ25hOU9nWkFSdWlhbDUzSmtOMGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy82ZWFiY2QtYThmYy00M2VhLThiN2MtZmJiODA4NTNjMWJl
LzEvQkZ4Zk83Z1JrWElNRGQtTFBQTk5rZHEwNGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQEHw5wAwQF
Hy8gAwQELmaAAwQETm3AAwQGT6+AAwQEUEsAAwQEUVqQAwQEVmggAwQEXXHgAwQC
uQN8AwQE2QsQMA0EAgACMAcDBQMqA0aAMA0GCSqGSIb3DQEBCwUAA4IBAQCcFewI
mEbp9D1ZCPTWGgQIHZ5oAmNFKXUubM+kGkcZdRA0j8ErXRX3r31heqnfkA+Eqkmw
7qS6AbyNsqKqNtDLYwX5AVj2iUl0DHeIF2b7y0Td+bIGrzVJrjp/AlrfOYb3D9pg
0Fv2AmPgW7VPx1CM2+Am+d9fmewuHjdJTmFS7Z3E8W6aWiIHdyUoSK74jpnduDn2
VWJ4nfVhjYLqqG3H4pvB2coFmTZ4xsD7VgKG4AAagkfmOhGCCt1a+6GQkqStE47+
w5TStfwLfvRXIyGJ9uzzJWCD814sxGKsYrjYJHM1GVMAUtmlAM3liuMlTdoVM5zp
rqbuaYVzkFFkjfp1
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:01:38 2024 by rpki-client on console-fra.rpki-client.org