Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/IWjKCUW2yIl1ZwYVlwFWoUAXkVU.roa
File: IWjKCUW2yIl1ZwYVlwFWoUAXkVU.roa (raw, json)
Hash identifier: FdNk8HLw1WBc0krbacsmTE8Q81DXiuEyDhQ0ckKHFys=
Subject key identifier: 21:68:CA:09:45:B6:C8:89:75:67:06:15:97:01:56:A1:40:17:91:55
Certificate issuer: /CN=3ec9fb0d13552aad04f3aaaeb58d4dd4e7cf40f0
Certificate serial: 0191CC272384AFDAB466DCC13F93B01CF36B
Authority key identifier: 3E:C9:FB:0D:13:55:2A:AD:04:F3:AA:AE:B5:8D:4D:D4:E7:CF:40:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Psn7DRNVKq0E86qutY1N1OfPQPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/IWjKCUW2yIl1ZwYVlwFWoUAXkVU.roa
Signing time: Sat 07 Sep 2024 11:03:22 +0000
ROA not before: Sat 07 Sep 2024 11:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62166
IP address blocks: 185.83.172.0/22 maxlen: 22
185.83.172.0/23 maxlen: 23
185.83.174.0/23 maxlen: 23
185.208.44.0/22 maxlen: 22
185.208.44.0/23 maxlen: 23
185.208.46.0/23 maxlen: 23
185.240.68.0/22 maxlen: 22
185.240.68.0/23 maxlen: 23
185.240.70.0/23 maxlen: 23
193.58.36.0/22 maxlen: 22
193.58.36.0/23 maxlen: 23
193.58.38.0/23 maxlen: 23
2a05:9d40::/29 maxlen: 29
2a05:9d40:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/Psn7DRNVKq0E86qutY1N1OfPQPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/Psn7DRNVKq0E86qutY1N1OfPQPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Psn7DRNVKq0E86qutY1N1OfPQPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cc:27:23:84:af:da:b4:66:dc:c1:3f:93:b0:1c:f3:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec9fb0d13552aad04f3aaaeb58d4dd4e7cf40f0
Validity
Not Before: Sep 7 11:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2168ca0945b6c88975670615970156a140179155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:57:b9:b5:00:d6:c2:fe:e8:cd:90:63:70:e8:
78:85:da:32:52:17:4e:53:ae:7a:f4:61:ea:9c:d5:
0e:5e:e9:cb:24:a7:63:3a:0e:de:db:04:45:78:d7:
4a:f1:a2:06:76:48:11:44:b8:69:1a:87:09:3a:06:
0c:54:54:1b:15:af:ad:d7:ef:3b:43:ae:76:f0:d4:
ba:fb:3a:95:36:54:02:a6:01:ee:05:9f:fa:a5:99:
f9:df:3b:7e:1e:6d:29:8d:3a:07:d0:e3:a7:95:cf:
4e:40:94:8b:37:c5:16:69:10:33:0e:a0:34:10:a1:
77:9c:58:42:17:f2:68:17:5a:f6:15:f7:74:08:a3:
db:80:9e:c1:5d:75:93:49:81:9b:50:92:a6:f1:06:
4c:87:ee:a5:75:e6:cd:27:9b:af:f5:d0:4e:ab:57:
45:cc:18:8e:14:89:8c:bc:b6:8a:c0:ac:25:40:1c:
d2:55:66:24:42:70:50:e7:5f:d1:78:d2:db:69:ad:
bb:e2:28:f7:34:e8:d2:f9:35:27:59:30:b0:b4:96:
5e:8e:15:72:29:f1:a9:64:4a:d6:72:aa:bc:93:58:
53:88:2a:84:57:17:ff:15:56:af:11:4d:60:eb:60:
27:29:fc:5a:cb:98:32:05:32:0c:c9:59:ea:c9:50:
97:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:68:CA:09:45:B6:C8:89:75:67:06:15:97:01:56:A1:40:17:91:55
X509v3 Authority Key Identifier:
keyid:3E:C9:FB:0D:13:55:2A:AD:04:F3:AA:AE:B5:8D:4D:D4:E7:CF:40:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Psn7DRNVKq0E86qutY1N1OfPQPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/IWjKCUW2yIl1ZwYVlwFWoUAXkVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/Psn7DRNVKq0E86qutY1N1OfPQPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.172.0/22
185.208.44.0/22
185.240.68.0/22
193.58.36.0/22
IPv6:
2a05:9d40::/29
Signature Algorithm: sha256WithRSAEncryption
22:31:d6:c2:94:71:ac:bd:18:4c:93:ac:db:71:1e:32:bc:3a:
17:44:2e:02:11:af:c9:07:f2:c4:20:96:14:1d:7f:67:e1:2f:
b9:24:a7:64:a9:2c:bc:a2:b8:3d:3e:32:ec:0a:82:79:b3:6c:
41:51:0d:9b:f9:f9:11:47:30:19:ca:35:8b:63:85:21:6f:ec:
5d:71:bf:0a:9d:a3:91:02:23:80:f1:8e:10:32:9f:d1:ee:db:
43:f5:fe:ab:03:4a:9f:85:e3:07:33:a6:eb:6c:f6:03:d5:15:
f1:67:ef:a8:01:f7:ba:4e:53:24:9d:5d:8b:85:d9:69:89:b6:
2d:fd:9c:19:4e:5f:5a:bc:57:ba:07:df:f3:11:77:32:0e:ad:
13:00:ca:c3:bf:90:d9:55:a8:07:b0:e6:f4:03:7a:85:e1:7a:
d4:49:51:1e:7e:0d:4f:29:31:36:2b:46:24:23:e3:5a:86:17:
5d:ed:26:06:0b:29:f4:8e:79:af:bc:9d:be:77:76:12:25:1f:
fa:ac:c0:9d:2d:52:34:41:83:7b:fd:2e:bf:93:11:cc:c3:e0:
7d:1f:70:52:6f:71:2b:6f:bb:0e:6a:04:b3:f6:bb:12:0b:15:
58:b8:dd:47:a3:c7:a3:7a:bd:1f:8f:f0:02:09:72:6f:d4:42:
10:a4:f2:bb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZHMJyOEr9q0ZtzBP5OwHPNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzlmYjBkMTM1NTJhYWQwNGYzYWFhZWI1OGQ0ZGQ0ZTdj
ZjQwZjAwHhcNMjQwOTA3MTEwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTY4Y2EwOTQ1YjZjODg5NzU2NzA2MTU5NzAxNTZhMTQwMTc5MTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVe5tQDWwv7ozZBjcOh4hdoyUhdO
U6569GHqnNUOXunLJKdjOg7e2wRFeNdK8aIGdkgRRLhpGocJOgYMVFQbFa+t1+87
Q6528NS6+zqVNlQCpgHuBZ/6pZn53zt+Hm0pjToH0OOnlc9OQJSLN8UWaRAzDqA0
EKF3nFhCF/JoF1r2Ffd0CKPbgJ7BXXWTSYGbUJKm8QZMh+6ldebNJ5uv9dBOq1dF
zBiOFImMvLaKwKwlQBzSVWYkQnBQ51/ReNLbaa274ij3NOjS+TUnWTCwtJZejhVy
KfGpZErWcqq8k1hTiCqEVxf/FVavEU1g62AnKfxay5gyBTIMyVnqyVCX3QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCFoyglFtsiJdWcGFZcBVqFAF5FVMB8GA1UdIwQY
MBaAFD7J+w0TVSqtBPOqrrWNTdTnz0DwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNuN0RSTlZLcTBFODZxdXRZMU4xT2ZQUVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82Y2NhYjMtNDc5Yi00ZGE4LWFlOTgt
MmNiNmUzZmRmOWNkLzEvSVdqS0NVVzJ5SWwxWndZVmx3RldvVUFYa1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82Y2NhYjMtNDc5Yi00ZGE4LWFlOTgtMmNiNmUzZmRmOWNk
LzEvUHNuN0RSTlZLcTBFODZxdXRZMU4xT2ZQUVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuVOsAwQC
udAsAwQCufBEAwQCwTokMA0EAgACMAcDBQMqBZ1AMA0GCSqGSIb3DQEBCwUAA4IB
AQAiMdbClHGsvRhMk6zbcR4yvDoXRC4CEa/JB/LEIJYUHX9n4S+5JKdkqSy8org9
PjLsCoJ5s2xBUQ2b+fkRRzAZyjWLY4Uhb+xdcb8KnaORAiOA8Y4QMp/R7ttD9f6r
A0qfheMHM6brbPYD1RXxZ++oAfe6TlMknV2LhdlpibYt/ZwZTl9avFe6B9/zEXcy
Dq0TAMrDv5DZVagHsOb0A3qF4XrUSVEefg1PKTE2K0YkI+Nahhdd7SYGCyn0jnmv
vJ2+d3YSJR/6rMCdLVI0QYN7/S6/kxHMw+B9H3BSb3Erb7sOagSz9rsSCxVYuN1H
o8ejer0fj/ACCXJv1EIQpPK7
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:17:47 2024 by rpki-client on console-fra.rpki-client.org