Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/PbD8JG0mh6qv5SKQA83yjFoyASo.roa
File: PbD8JG0mh6qv5SKQA83yjFoyASo.roa (raw, json)
Hash identifier: wqccLrTbrb8K9TJym2Ym5+9N9827H1PbvZcc2GqrwRk=
Subject key identifier: 3D:B0:FC:24:6D:26:87:AA:AF:E5:22:90:03:CD:F2:8C:5A:32:01:2A
Certificate issuer: /CN=17c203e3f365923a843d3220317a1c68cf74de0f
Certificate serial: 018CC64B5DA9D710404C1DA028AE66E5B848
Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/PbD8JG0mh6qv5SKQA83yjFoyASo.roa
Signing time: Mon 01 Jan 2024 18:31:16 +0000
ROA not before: Mon 01 Jan 2024 18:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12993
IP address blocks: 37.203.39.0/24 maxlen: 24
185.34.24.0/22 maxlen: 22
185.34.24.0/23 maxlen: 23
178.16.16.0/20 maxlen: 20
193.108.185.0/24 maxlen: 24
37.203.32.0/21 maxlen: 21
37.203.32.0/23 maxlen: 23
185.219.156.0/22 maxlen: 22
89.111.0.0/18 maxlen: 18
193.108.144.0/22 maxlen: 24
193.108.144.0/23 maxlen: 23
89.111.38.0/24 maxlen: 24
194.9.175.0/24 maxlen: 24
185.34.26.0/23 maxlen: 23
81.94.224.0/20 maxlen: 20
81.94.229.0/24 maxlen: 24
2a00:17c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5d:a9:d7:10:40:4c:1d:a0:28:ae:66:e5:b8:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f
Validity
Not Before: Jan 1 18:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3db0fc246d2687aaafe5229003cdf28c5a32012a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:68:b3:a8:2b:a5:09:8a:c7:aa:f4:36:fc:a3:
90:d9:1c:07:44:ea:df:06:15:90:a1:f9:8d:c6:d7:
5d:5f:19:f2:ce:87:b0:4f:69:da:22:45:91:96:78:
9e:86:f9:2d:35:f5:f9:c7:3e:b1:9d:a0:d4:b1:20:
82:c4:3c:2b:5e:28:f4:1e:d2:ae:7d:f8:58:b5:52:
31:f5:b9:25:cc:0f:66:e5:82:5c:49:9e:bd:44:8c:
ce:ff:91:00:a0:66:48:39:41:c6:3d:67:ec:49:6a:
83:9c:31:85:26:87:e7:ab:c2:3f:1d:36:65:c5:c6:
75:00:c8:64:29:7e:01:cb:c5:ec:b9:ec:54:2d:17:
ac:fd:07:a7:e5:31:6b:34:15:ab:ed:b8:c3:8e:65:
27:de:b4:98:92:8a:a5:bb:f3:c0:a8:7f:d1:de:c3:
dc:8d:78:1b:81:00:00:1e:75:a4:7a:85:e7:5d:8e:
df:9f:5e:32:d6:de:05:4d:98:42:f4:b5:18:67:47:
c6:eb:92:a4:6d:f7:fb:62:9a:ad:ab:74:9f:81:6b:
d1:6a:15:71:4c:b9:ec:f4:3c:39:b6:fc:14:06:fb:
99:3c:11:13:2f:0a:10:03:aa:1b:66:43:29:12:a1:
cc:cd:7e:68:4a:6c:b0:ce:c2:f7:47:4b:80:6c:7d:
e5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B0:FC:24:6D:26:87:AA:AF:E5:22:90:03:CD:F2:8C:5A:32:01:2A
X509v3 Authority Key Identifier:
keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/PbD8JG0mh6qv5SKQA83yjFoyASo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.32.0/21
81.94.224.0/20
89.111.0.0/18
178.16.16.0/20
185.34.24.0/22
185.219.156.0/22
193.108.144.0/22
193.108.185.0/24
194.9.175.0/24
IPv6:
2a00:17c0::/32
Signature Algorithm: sha256WithRSAEncryption
05:97:0c:4a:b9:8d:fc:9d:74:d0:29:67:1c:06:00:84:12:94:
b3:5c:21:9b:58:2e:9f:af:48:b3:37:09:cd:12:ac:7b:f2:91:
ae:48:5e:2b:42:d0:cb:3d:a2:a4:9d:9e:35:ad:a6:58:60:c4:
70:0c:e7:52:d7:4b:cd:c4:e6:35:4e:16:15:a3:4f:2b:6a:42:
7a:d0:51:09:8b:56:72:1f:2e:7a:79:b1:aa:7c:97:8e:57:fa:
8d:37:2e:ac:03:cb:04:5e:8e:c7:fb:9f:a0:6f:b1:49:66:bf:
10:38:b4:38:18:20:c1:5b:7c:18:6b:24:67:b3:b1:8a:aa:b4:
1d:f3:f9:18:75:99:e0:15:6c:d6:38:b8:0b:71:b9:7c:f9:a8:
29:45:f5:d3:7a:14:85:da:f5:1b:24:84:09:53:18:3c:69:00:
6f:44:8d:4d:2c:8d:8f:c4:87:ee:32:28:ec:1e:c5:9c:4e:eb:
da:31:9e:16:12:76:70:d5:ff:32:ab:fa:52:c2:1d:14:e6:0a:
01:c0:3a:29:d4:9d:35:98:02:f2:f6:5c:d7:0c:87:14:05:fe:
e2:76:1c:b7:69:38:55:53:a4:cb:e6:ab:ef:e8:58:6d:2c:8a:
09:67:bd:8f:27:1f:a3:65:28:c8:9a:0f:c6:6a:de:b1:80:b3:
58:9d:d8:b7
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzGS12p1xBATB2gKK5m5bhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YzIwM2UzZjM2NTkyM2E4NDNkMzIyMDMxN2ExYzY4Y2Y3
NGRlMGYwHhcNMjQwMTAxMTgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGIwZmMyNDZkMjY4N2FhYWZlNTIyOTAwM2NkZjI4YzVhMzIwMTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2izqCulCYrHqvQ2/KOQ2RwHROrf
BhWQofmNxtddXxnyzoewT2naIkWRlniehvktNfX5xz6xnaDUsSCCxDwrXij0HtKu
ffhYtVIx9bklzA9m5YJcSZ69RIzO/5EAoGZIOUHGPWfsSWqDnDGFJofnq8I/HTZl
xcZ1AMhkKX4By8XsuexULRes/Qen5TFrNBWr7bjDjmUn3rSYkoqlu/PAqH/R3sPc
jXgbgQAAHnWkeoXnXY7fn14y1t4FTZhC9LUYZ0fG65Kkbff7Ypqtq3SfgWvRahVx
TLns9Dw5tvwUBvuZPBETLwoQA6obZkMpEqHMzX5oSmywzsL3R0uAbH3lVwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFD2w/CRtJoeqr+UikAPN8oxaMgEqMB8GA1UdIwQY
MBaAFBfCA+PzZZI6hD0yIDF6HGjPdN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMt
YWM2N2EzNmU0YWFiLzEvUGJEOEpHMG1oNnF2NVNLUUE4M3lqRm95QVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMtYWM2N2EzNmU0YWFi
LzEvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQDJcsgAwQE
UV7gAwQGWW8AAwQEshAQAwQCuSIYAwQCuducAwQCwWyQAwQAwWy5AwQAwgmvMA0E
AgACMAcDBQAqABfAMA0GCSqGSIb3DQEBCwUAA4IBAQAFlwxKuY38nXTQKWccBgCE
EpSzXCGbWC6fr0izNwnNEqx78pGuSF4rQtDLPaKknZ41raZYYMRwDOdS10vNxOY1
ThYVo08rakJ60FEJi1ZyHy56ebGqfJeOV/qNNy6sA8sEXo7H+5+gb7FJZr8QOLQ4
GCDBW3wYayRns7GKqrQd8/kYdZngFWzWOLgLcbl8+agpRfXTehSF2vUbJIQJUxg8
aQBvRI1NLI2PxIfuMijsHsWcTuvaMZ4WEnZw1f8yq/pSwh0U5goBwDop1J01mALy
9lzXDIcUBf7idhy3aThVU6TL5qvv6FhtLIoJZ72PJx+jZSjImg/Gat6xgLNYndi3
-----END CERTIFICATE-----
Generated at Wed May 29 01:22:12 2024 by rpki-client on console-fra.rpki-client.org