Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/cc9aiJN4LxW3d4wCJ3F0bzi_4X0.roa
File: cc9aiJN4LxW3d4wCJ3F0bzi_4X0.roa (raw, json)
Hash identifier: X1Qo2+KTYfP/hhRxZ2fR5XdljJuWEszqpo7VS2RYI6o=
Subject key identifier: 71:CF:5A:88:93:78:2F:15:B7:77:8C:02:27:71:74:6F:38:BF:E1:7D
Certificate issuer: /CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Certificate serial: 018D82BF0EB1F9DFFF442557EC156F77B8BF
Authority key identifier: 1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/cc9aiJN4LxW3d4wCJ3F0bzi_4X0.roa
Signing time: Wed 07 Feb 2024 08:46:15 +0000
ROA not before: Wed 07 Feb 2024 08:46:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41952
IP address blocks: 185.228.206.0/24 maxlen: 24
193.32.192.0/22 maxlen: 22
193.32.192.0/24 maxlen: 24
193.32.193.0/24 maxlen: 24
193.32.194.0/24 maxlen: 24
193.32.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:82:bf:0e:b1:f9:df:ff:44:25:57:ec:15:6f:77:b8:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1acb6376a1648d49d55e4d7b01371367b0dc2af9
Validity
Not Before: Feb 7 08:46:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71cf5a8893782f15b7778c022771746f38bfe17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:35:e6:4c:5b:bf:ed:d8:48:35:04:78:2c:e6:
f5:6a:99:37:23:9e:a8:24:70:93:89:0f:3e:9d:d0:
28:68:72:c3:a5:e3:ac:e2:ac:fa:47:e8:cb:50:40:
ac:b1:60:96:3c:6e:c8:c6:3c:5b:46:55:a4:dd:b5:
d7:04:30:fc:2a:ea:3a:80:50:ce:ed:11:d0:95:53:
b7:06:3f:2d:2d:89:78:81:26:a7:a7:ea:97:11:a0:
a9:db:97:55:ba:97:63:68:36:d2:ea:48:1a:34:8e:
56:fe:59:fb:63:fc:90:40:7a:60:1b:0e:a6:90:8d:
fa:44:2c:dc:ae:85:4f:9c:f9:3c:aa:c9:86:ef:50:
f7:4b:6d:07:91:d5:62:e7:db:44:5e:e6:61:e3:f6:
dd:fd:38:c0:3f:87:5a:85:fa:d9:e2:02:70:90:79:
bb:14:ab:98:54:87:06:de:f4:d0:00:8c:fa:2e:9f:
8c:c3:19:d8:b0:a0:db:83:7e:15:d3:e9:73:5f:d1:
2e:03:a1:71:e6:01:12:92:3b:53:57:76:f2:a7:b1:
13:05:8a:30:4b:28:66:96:9f:30:8a:bd:9c:2c:a9:
d0:bb:ae:48:94:79:72:9c:7c:f0:f8:10:c6:77:16:
92:fe:75:94:5d:66:bd:82:b2:39:9c:25:9b:df:3c:
b9:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:CF:5A:88:93:78:2F:15:B7:77:8C:02:27:71:74:6F:38:BF:E1:7D
X509v3 Authority Key Identifier:
keyid:1A:CB:63:76:A1:64:8D:49:D5:5E:4D:7B:01:37:13:67:B0:DC:2A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GstjdqFkjUnVXk17ATcTZ7DcKvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/cc9aiJN4LxW3d4wCJ3F0bzi_4X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/7247b0-4989-43ea-9350-7a936751db1b/1/GstjdqFkjUnVXk17ATcTZ7DcKvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.206.0/24
193.32.192.0/22
Signature Algorithm: sha256WithRSAEncryption
14:82:85:b3:ac:2e:d5:66:db:e8:90:a8:9e:32:0c:7e:11:bc:
46:80:77:6e:91:f7:d1:7e:b2:33:80:e4:66:17:11:05:59:a0:
12:39:96:b9:95:81:91:4c:23:24:5c:08:84:64:b7:f3:13:01:
48:0c:06:8d:3d:67:f5:28:8d:25:45:fa:d6:55:40:0f:38:ea:
f2:7a:34:55:86:2e:a8:fb:b5:d6:e6:db:74:fd:e4:c6:b8:ae:
12:db:a0:4d:e7:3c:90:aa:90:5e:1e:d9:2b:74:51:e3:34:9d:
59:2e:53:d5:b7:ca:a7:38:d3:95:e4:c7:fd:75:23:e8:69:f6:
97:d1:b0:c3:8b:69:a4:16:2e:8e:56:da:e8:79:59:79:11:ee:
14:24:bb:22:9a:92:4c:7c:f4:49:3b:6e:ac:31:57:dd:51:4c:
ce:4f:79:34:18:ea:34:71:23:d0:95:6e:ab:7f:a2:2e:9a:a2:
ff:8c:37:ca:91:ee:2a:1a:4c:f3:81:0a:05:b8:24:33:33:6a:
3b:6f:77:ac:b7:4e:19:94:b4:ed:92:91:dc:dd:37:39:68:24:
a4:1b:b1:f8:4e:23:ef:8c:ec:26:1e:04:5a:59:a6:bd:be:7c:
04:23:24:da:41:a2:95:72:ed:09:c0:fd:e2:ee:8d:a3:69:d8:
cb:ac:6c:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2Cvw6x+d//RCVX7BVvd7i/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2I2Mzc2YTE2NDhkNDlkNTVlNGQ3YjAxMzcxMzY3YjBk
YzJhZjkwHhcNMjQwMjA3MDg0NjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWNmNWE4ODkzNzgyZjE1Yjc3NzhjMDIyNzcxNzQ2ZjM4YmZlMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzXmTFu/7dhINQR4LOb1apk3I56o
JHCTiQ8+ndAoaHLDpeOs4qz6R+jLUECssWCWPG7IxjxbRlWk3bXXBDD8Kuo6gFDO
7RHQlVO3Bj8tLYl4gSanp+qXEaCp25dVupdjaDbS6kgaNI5W/ln7Y/yQQHpgGw6m
kI36RCzcroVPnPk8qsmG71D3S20HkdVi59tEXuZh4/bd/TjAP4dahfrZ4gJwkHm7
FKuYVIcG3vTQAIz6Lp+MwxnYsKDbg34V0+lzX9EuA6Fx5gESkjtTV3byp7ETBYow
Syhmlp8wir2cLKnQu65IlHlynHzw+BDGdxaS/nWUXWa9grI5nCWb3zy5lwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHHPWoiTeC8Vt3eMAidxdG84v+F9MB8GA1UdIwQY
MBaAFBrLY3ahZI1J1V5NewE3E2ew3Cr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAt
N2E5MzY3NTFkYjFiLzEvY2M5YWlKTjRMeFczZDR3Q0ozRjBiemlfNFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83MjQ3YjAtNDk4OS00M2VhLTkzNTAtN2E5MzY3NTFkYjFi
LzEvR3N0amRxRmtqVW5WWGsxN0FUY1RaN0RjS3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueTOAwQC
wSDAMA0GCSqGSIb3DQEBCwUAA4IBAQAUgoWzrC7VZtvokKieMgx+EbxGgHdukffR
frIzgORmFxEFWaASOZa5lYGRTCMkXAiEZLfzEwFIDAaNPWf1KI0lRfrWVUAPOOry
ejRVhi6o+7XW5tt0/eTGuK4S26BN5zyQqpBeHtkrdFHjNJ1ZLlPVt8qnONOV5Mf9
dSPoafaX0bDDi2mkFi6OVtroeVl5Ee4UJLsimpJMfPRJO26sMVfdUUzOT3k0GOo0
cSPQlW6rf6IumqL/jDfKke4qGkzzgQoFuCQzM2o7b3est04ZlLTtkpHc3Tc5aCSk
G7H4TiPvjOwmHgRaWaa9vnwEIyTaQaKVcu0JwP3i7o2jadjLrGzc
-----END CERTIFICATE-----
Generated at Mon May 6 15:40:41 2024 by rpki-client on console-fra.rpki-client.org