Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/698f5e-58c2-4a43-9c6a-155c72c1a723/1/AZ0wmyajhm1zWW4B8OrKuGmteRc.roa
File: AZ0wmyajhm1zWW4B8OrKuGmteRc.roa (raw, json)
Hash identifier: rwb3zrXMvBTFIXBIvBuaE5VFahe44cPCHTI9+UuPx+k=
Subject key identifier: 01:9D:30:9B:26:A3:86:6D:73:59:6E:01:F0:EA:CA:B8:69:AD:79:17
Certificate issuer: /CN=527ad19786dd54b35a4b96ad3fbc5793278e4474
Certificate serial: 018CC4255A0101501F94FA66E8689386FA2C
Authority key identifier: 52:7A:D1:97:86:DD:54:B3:5A:4B:96:AD:3F:BC:57:93:27:8E:44:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UnrRl4bdVLNaS5atP7xXkyeORHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/698f5e-58c2-4a43-9c6a-155c72c1a723/1/AZ0wmyajhm1zWW4B8OrKuGmteRc.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59816
IP address blocks: 185.251.224.0/22 maxlen: 22
185.251.226.0/24 maxlen: 24
185.251.225.0/24 maxlen: 24
194.147.121.0/24 maxlen: 24
194.147.123.0/24 maxlen: 24
194.147.122.0/24 maxlen: 24
194.147.120.0/24 maxlen: 24
194.147.120.0/22 maxlen: 22
185.251.227.0/24 maxlen: 24
185.70.134.0/24 maxlen: 24
185.70.133.0/24 maxlen: 24
185.70.135.0/24 maxlen: 24
185.70.132.0/22 maxlen: 22
185.70.132.0/24 maxlen: 24
185.241.38.0/24 maxlen: 24
185.241.37.0/24 maxlen: 24
185.241.36.0/22 maxlen: 22
185.241.36.0/24 maxlen: 24
185.241.39.0/24 maxlen: 24
185.254.91.0/24 maxlen: 24
185.254.90.0/24 maxlen: 24
185.254.89.0/24 maxlen: 24
185.254.88.0/24 maxlen: 24
185.254.88.0/22 maxlen: 22
2a05:2a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/698f5e-58c2-4a43-9c6a-155c72c1a723/1/UnrRl4bdVLNaS5atP7xXkyeORHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/698f5e-58c2-4a43-9c6a-155c72c1a723/1/UnrRl4bdVLNaS5atP7xXkyeORHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/UnrRl4bdVLNaS5atP7xXkyeORHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5a:01:01:50:1f:94:fa:66:e8:68:93:86:fa:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=527ad19786dd54b35a4b96ad3fbc5793278e4474
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=019d309b26a3866d73596e01f0eacab869ad7917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:aa:80:0e:fe:eb:82:98:60:16:fe:32:0a:f1:
30:20:25:5e:61:ab:46:d7:fd:de:24:89:21:18:c8:
16:1c:33:b8:3e:93:8a:42:f0:3d:53:9c:5f:98:8f:
02:18:3c:9e:45:e7:ec:d6:53:d4:6f:de:aa:8f:c6:
6c:43:8a:01:4c:f7:a9:44:8b:67:aa:28:7e:07:29:
3d:7f:2a:79:dc:c0:46:2f:3f:46:4b:b5:6f:48:79:
68:e8:83:68:20:7f:a0:3d:81:61:28:0f:e5:62:2b:
b3:4e:75:c9:ea:8d:bd:8f:60:77:83:78:bc:3a:af:
7e:1a:06:bc:c8:4a:ac:81:47:6b:82:8d:25:f1:0d:
90:09:77:4f:54:2a:48:62:f4:a5:bc:c0:c2:2a:6d:
cb:4a:0b:45:cc:f3:c3:29:01:02:49:3e:16:54:46:
d2:95:86:18:de:42:fe:ea:a5:73:89:5c:fe:21:9d:
62:25:23:a5:ce:a0:2f:8a:9e:53:ca:eb:a4:ff:1a:
85:45:6a:24:b6:35:c8:19:ab:36:1f:33:8a:f5:b1:
89:73:48:3b:54:4d:1d:ce:a6:e3:b9:3c:06:be:0d:
16:4c:97:29:4d:2b:a5:31:27:ce:3d:62:de:a6:ee:
c3:10:c8:c9:fb:ea:a8:5d:95:67:dc:29:60:9b:03:
53:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9D:30:9B:26:A3:86:6D:73:59:6E:01:F0:EA:CA:B8:69:AD:79:17
X509v3 Authority Key Identifier:
keyid:52:7A:D1:97:86:DD:54:B3:5A:4B:96:AD:3F:BC:57:93:27:8E:44:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UnrRl4bdVLNaS5atP7xXkyeORHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/698f5e-58c2-4a43-9c6a-155c72c1a723/1/AZ0wmyajhm1zWW4B8OrKuGmteRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/698f5e-58c2-4a43-9c6a-155c72c1a723/1/UnrRl4bdVLNaS5atP7xXkyeORHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.132.0/22
185.241.36.0/22
185.251.224.0/22
185.254.88.0/22
194.147.120.0/22
IPv6:
2a05:2a00::/29
Signature Algorithm: sha256WithRSAEncryption
28:fd:2d:5e:1b:4b:9f:57:9f:da:ab:12:81:48:40:46:6b:3d:
10:c6:7f:5f:2e:6b:cc:7d:b2:c0:2c:93:34:52:30:c5:81:0a:
d9:47:d2:02:d4:b2:f9:d9:88:f9:86:14:f8:d6:69:5f:70:91:
b1:a6:bd:f8:db:b3:77:76:e4:1b:7a:87:f4:42:f1:35:3c:99:
70:4a:73:60:74:06:95:4b:30:33:88:28:0f:98:8c:dd:9b:08:
f9:f7:2e:2c:31:9f:ac:42:0d:b9:93:94:e1:ca:fc:42:d8:2c:
ef:26:9e:dd:20:07:cb:83:4e:2a:2e:39:10:92:19:27:a6:d8:
25:b0:73:f4:82:34:9c:a9:ff:c1:8f:ec:3d:1b:d5:98:c2:6b:
3e:af:79:37:4a:7d:08:95:8a:8f:33:df:99:6d:d2:1d:98:3b:
b0:2a:20:e1:2a:c7:7d:4f:23:3f:cf:80:bf:af:af:e3:3d:9c:
fb:4d:55:e3:96:99:db:1a:34:f5:93:4e:47:9d:71:c8:6a:07:
8f:cc:a0:85:c8:b5:dc:d7:a9:a5:e1:0a:50:e0:20:ec:28:df:
cb:2e:a8:6c:91:6c:b5:4c:2e:75:0e:ef:60:1b:ae:f9:2d:3b:
81:91:eb:86:74:64:df:c3:ca:be:75:72:6a:db:fe:08:04:0a:
21:23:d5:1c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEJVoBAVAflPpm6GiThvosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyN2FkMTk3ODZkZDU0YjM1YTRiOTZhZDNmYmM1NzkzMjc4
ZTQ0NzQwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTlkMzA5YjI2YTM4NjZkNzM1OTZlMDFmMGVhY2FiODY5YWQ3OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6aqADv7rgphgFv4yCvEwICVeYatG
1/3eJIkhGMgWHDO4PpOKQvA9U5xfmI8CGDyeRefs1lPUb96qj8ZsQ4oBTPepRItn
qih+Byk9fyp53MBGLz9GS7VvSHlo6INoIH+gPYFhKA/lYiuzTnXJ6o29j2B3g3i8
Oq9+Gga8yEqsgUdrgo0l8Q2QCXdPVCpIYvSlvMDCKm3LSgtFzPPDKQECST4WVEbS
lYYY3kL+6qVziVz+IZ1iJSOlzqAvip5Tyuuk/xqFRWoktjXIGas2HzOK9bGJc0g7
VE0dzqbjuTwGvg0WTJcpTSulMSfOPWLepu7DEMjJ++qoXZVn3ClgmwNTewIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAGdMJsmo4Ztc1luAfDqyrhprXkXMB8GA1UdIwQY
MBaAFFJ60ZeG3VSzWkuWrT+8V5MnjkR0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW5yUmw0YmRWTE5hUzVhdFA3eFhreWVPUkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82OThmNWUtNThjMi00YTQzLTljNmEt
MTU1YzcyYzFhNzIzLzEvQVowd215YWpobTF6V1c0QjhPckt1R210ZVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82OThmNWUtNThjMi00YTQzLTljNmEtMTU1YzcyYzFhNzIz
LzEvVW5yUmw0YmRWTE5hUzVhdFA3eFhreWVPUkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuUaEAwQC
ufEkAwQCufvgAwQCuf5YAwQCwpN4MA0EAgACMAcDBQMqBSoAMA0GCSqGSIb3DQEB
CwUAA4IBAQAo/S1eG0ufV5/aqxKBSEBGaz0Qxn9fLmvMfbLALJM0UjDFgQrZR9IC
1LL52Yj5hhT41mlfcJGxpr3427N3duQbeof0QvE1PJlwSnNgdAaVSzAziCgPmIzd
mwj59y4sMZ+sQg25k5ThyvxC2CzvJp7dIAfLg04qLjkQkhknptglsHP0gjScqf/B
j+w9G9WYwms+r3k3Sn0IlYqPM9+ZbdIdmDuwKiDhKsd9TyM/z4C/r6/jPZz7TVXj
lpnbGjT1k05HnXHIagePzKCFyLXc16ml4QpQ4CDsKN/LLqhskWy1TC51Du9gG675
LTuBkeuGdGTfw8q+dXJq2/4IBAohI9Uc
-----END CERTIFICATE-----
Generated at Mon Nov 25 14:07:49 2024 by rpki-client on console-ams.rpki-client.org