Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/l32PRgP9_zO_YCFI4FNMAqWQyCU.roa
File: l32PRgP9_zO_YCFI4FNMAqWQyCU.roa (raw, json)
Hash identifier: prTqnFdQP9NtTUsdBKn/TyXSa7Yh7GwPP02Z+FX5Am4=
Subject key identifier: 97:7D:8F:46:03:FD:FF:33:BF:60:21:48:E0:53:4C:02:A5:90:C8:25
Certificate issuer: /CN=31fa64addcb0f86580c388912341cc47c39c4aed
Certificate serial: 018CC8014E107672D00A9E0BAA5CFFF0457B
Authority key identifier: 31:FA:64:AD:DC:B0:F8:65:80:C3:88:91:23:41:CC:47:C3:9C:4A:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/l32PRgP9_zO_YCFI4FNMAqWQyCU.roa
Signing time: Tue 02 Jan 2024 02:29:37 +0000
ROA not before: Tue 02 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202334
IP address blocks: 185.85.255.0/24 maxlen: 24
185.243.138.0/24 maxlen: 24
185.243.137.0/24 maxlen: 24
185.243.139.0/24 maxlen: 24
185.243.136.0/24 maxlen: 24
2a0c:fd80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:4e:10:76:72:d0:0a:9e:0b:aa:5c:ff:f0:45:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31fa64addcb0f86580c388912341cc47c39c4aed
Validity
Not Before: Jan 2 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=977d8f4603fdff33bf602148e0534c02a590c825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:97:b1:67:7f:9a:3a:d9:85:16:c5:f7:ce:3c:
93:4a:48:31:5f:31:f3:15:3b:90:31:c6:bc:e2:d7:
ec:d3:7e:39:0b:f3:7f:b0:7e:6a:28:f4:02:07:46:
b1:ff:41:56:43:fe:c7:07:bb:67:18:90:6a:58:49:
e1:d1:74:ce:ce:b0:bf:1e:2c:11:36:27:72:2d:cc:
10:0f:61:45:7e:52:6b:87:d8:2a:39:04:d8:8d:91:
b2:e6:60:68:2a:89:d3:65:bb:49:40:9a:60:cd:9e:
74:c2:ad:67:c9:39:8e:72:f1:ee:d4:4f:b5:06:47:
a7:5f:b7:19:3f:68:91:15:67:26:27:c9:42:af:9c:
83:a9:db:53:28:55:ea:0e:15:51:24:c9:f5:6f:1d:
b9:e1:ab:4f:22:29:71:79:55:e0:a3:9a:c4:38:40:
14:a8:99:f6:e9:95:dd:a5:13:86:79:9c:02:e7:8d:
6e:4c:de:2d:66:d4:ad:32:f2:a4:1c:ce:a2:6d:a7:
77:60:ea:ba:01:28:3b:ef:56:35:ae:fb:44:6e:00:
cf:b4:1c:02:33:40:53:51:98:a4:df:d7:5a:b1:2e:
b7:80:4a:58:c4:11:0e:f1:bc:23:dc:f2:a3:1f:d9:
ef:eb:83:8f:2d:d7:d0:12:6f:aa:a9:d7:e7:e8:19:
fa:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:7D:8F:46:03:FD:FF:33:BF:60:21:48:E0:53:4C:02:A5:90:C8:25
X509v3 Authority Key Identifier:
keyid:31:FA:64:AD:DC:B0:F8:65:80:C3:88:91:23:41:CC:47:C3:9C:4A:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/l32PRgP9_zO_YCFI4FNMAqWQyCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6afa3c-c069-4604-9df8-7b3f82ee2587/1/Mfpkrdyw-GWAw4iRI0HMR8OcSu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.255.0/24
185.243.136.0/22
IPv6:
2a0c:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
7b:90:59:9f:ca:7f:f9:8e:fc:cc:4c:96:1f:64:39:ba:9e:8c:
03:fb:ce:32:41:cf:10:3b:88:bc:df:78:ea:5f:ea:93:d2:f4:
5b:ce:72:be:e6:a2:6a:ad:1a:2b:78:ea:d3:4e:10:e0:7f:f9:
a7:f1:39:56:39:30:06:11:78:33:c5:f5:a5:46:dd:5d:4c:31:
eb:0a:97:2b:82:62:42:f3:06:bc:50:f2:30:69:fb:39:bc:1e:
98:83:1b:31:37:d9:09:09:df:60:01:27:1c:d2:47:ed:a1:5a:
38:90:26:dd:bf:dd:46:38:55:05:2c:9e:45:d6:19:88:9b:6e:
fc:d8:37:c5:ce:4d:17:c8:8d:1a:d6:6b:16:1c:c1:bd:ff:d2:
f4:c3:e8:b9:96:05:26:6b:90:73:68:f7:b5:38:01:36:bb:61:
37:d8:3b:e0:36:25:02:a0:3c:0d:10:8a:e6:4d:ae:d8:5e:69:
56:a4:9c:fe:5d:3e:1b:a7:95:77:44:2c:7c:51:d5:6e:c9:ed:
30:44:30:2f:c1:f8:64:52:dd:59:a7:f2:ab:44:c2:cc:01:2b:
df:99:a5:bd:7d:f9:10:7a:40:7e:f0:c3:c8:cb:96:5c:19:50:
51:2c:63:93:76:36:d3:4f:1c:2e:d1:79:2a:86:94:ae:77:fe:
30:05:e8:0a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAU4QdnLQCp4Lqlz/8EV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZmE2NGFkZGNiMGY4NjU4MGMzODg5MTIzNDFjYzQ3YzM5
YzRhZWQwHhcNMjQwMTAyMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzdkOGY0NjAzZmRmZjMzYmY2MDIxNDhlMDUzNGMwMmE1OTBjODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZexZ3+aOtmFFsX3zjyTSkgxXzHz
FTuQMca84tfs0345C/N/sH5qKPQCB0ax/0FWQ/7HB7tnGJBqWEnh0XTOzrC/HiwR
NidyLcwQD2FFflJrh9gqOQTYjZGy5mBoKonTZbtJQJpgzZ50wq1nyTmOcvHu1E+1
BkenX7cZP2iRFWcmJ8lCr5yDqdtTKFXqDhVRJMn1bx254atPIilxeVXgo5rEOEAU
qJn26ZXdpROGeZwC541uTN4tZtStMvKkHM6ibad3YOq6ASg771Y1rvtEbgDPtBwC
M0BTUZik39dasS63gEpYxBEO8bwj3PKjH9nv64OPLdfQEm+qqdfn6Bn6ewIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJd9j0YD/f8zv2AhSOBTTAKlkMglMB8GA1UdIwQY
MBaAFDH6ZK3csPhlgMOIkSNBzEfDnErtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWZwa3JkeXctR1dBdzRpUkkwSE1SOE9jU3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YWZhM2MtYzA2OS00NjA0LTlkZjgt
N2IzZjgyZWUyNTg3LzEvbDMyUFJnUDlfek9fWUNGSTRGTk1BcVdReUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YWZhM2MtYzA2OS00NjA0LTlkZjgtN2IzZjgyZWUyNTg3
LzEvTWZwa3JkeXctR1dBdzRpUkkwSE1SOE9jU3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuVX/AwQC
ufOIMA0EAgACMAcDBQMqDP2AMA0GCSqGSIb3DQEBCwUAA4IBAQB7kFmfyn/5jvzM
TJYfZDm6nowD+84yQc8QO4i833jqX+qT0vRbznK+5qJqrRoreOrTThDgf/mn8TlW
OTAGEXgzxfWlRt1dTDHrCpcrgmJC8wa8UPIwafs5vB6YgxsxN9kJCd9gAScc0kft
oVo4kCbdv91GOFUFLJ5F1hmIm2782DfFzk0XyI0a1msWHMG9/9L0w+i5lgUma5Bz
aPe1OAE2u2E32DvgNiUCoDwNEIrmTa7YXmlWpJz+XT4bp5V3RCx8UdVuye0wRDAv
wfhkUt1Zp/KrRMLMASvfmaW9ffkQekB+8MPIy5ZcGVBRLGOTdjbTTxwu0XkqhpSu
d/4wBegK
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:14:54 2024 by rpki-client on console-fra.rpki-client.org