Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/02IM5ZWFw_eQw_ikjaJiug9K8sg.roa
File: 02IM5ZWFw_eQw_ikjaJiug9K8sg.roa (raw, json)
Hash identifier: 7QzOYGIMwbDPj+OV+EHIXZHH+/RcHTPCasH4ubJJvkY=
Subject key identifier: D3:62:0C:E5:95:85:C3:F7:90:C3:F8:A4:8D:A2:62:BA:0F:4A:F2:C8
Certificate issuer: /CN=4eef6aae6fba5c61a61739afcab55a62266e89ee
Certificate serial: 018DC652A06751C015E50A670ACDFEEE162C
Authority key identifier: 4E:EF:6A:AE:6F:BA:5C:61:A6:17:39:AF:CA:B5:5A:62:26:6E:89:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/02IM5ZWFw_eQw_ikjaJiug9K8sg.roa
Signing time: Tue 20 Feb 2024 11:42:00 +0000
ROA not before: Tue 20 Feb 2024 11:42:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206873
IP address blocks: 185.173.176.0/24 maxlen: 24
185.173.177.0/24 maxlen: 24
185.173.178.0/24 maxlen: 24
185.173.179.0/24 maxlen: 24
194.150.215.0/24 maxlen: 24
194.150.234.0/24 maxlen: 24
194.150.235.0/24 maxlen: 24
2a0b:6900::/48 maxlen: 48
2a0b:6900:1::/48 maxlen: 48
2a0b:6900:2::/48 maxlen: 48
2a0b:6900:3::/48 maxlen: 48
2a0b:6900:4::/48 maxlen: 48
2a0b:6900:5::/48 maxlen: 48
2a0b:6900:7::/48 maxlen: 48
2a0b:6900:8::/48 maxlen: 48
2a0b:6900:9::/48 maxlen: 48
2a0b:6900:10::/48 maxlen: 48
2a0b:6900:daf::/48 maxlen: 48
2a0b:6900:185d::/48 maxlen: 48
2a0b:6903::/48 maxlen: 48
2a0b:6903:fdb::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:52:a0:67:51:c0:15:e5:0a:67:0a:cd:fe:ee:16:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eef6aae6fba5c61a61739afcab55a62266e89ee
Validity
Not Before: Feb 20 11:42:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3620ce59585c3f790c3f8a48da262ba0f4af2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1f:19:d2:2a:d6:e7:6f:70:2e:80:54:c2:91:
49:0b:4a:a3:2c:2e:84:67:54:f6:56:1a:f6:3c:69:
80:c3:a2:3c:c8:e1:74:20:91:d7:15:99:98:7a:75:
46:bb:b3:31:63:1e:82:28:3e:dc:84:b1:8f:75:83:
8b:97:9e:b3:76:9d:8b:b6:6b:b1:4f:4e:ca:6f:8b:
af:76:73:84:98:89:01:53:c7:fd:85:d9:11:c2:82:
bb:07:81:39:22:12:96:eb:0d:78:a0:82:3c:84:06:
cf:56:13:06:8b:c3:48:97:86:20:e5:f1:c2:c4:9e:
c0:ce:d7:ea:ab:ce:18:82:7d:b9:cf:cb:0e:fc:77:
15:1f:64:90:3a:95:2b:50:ab:ea:df:ff:c3:16:fd:
67:8a:65:c2:7a:93:1f:c9:63:98:72:8a:cc:a1:ae:
57:7a:21:ab:17:43:8e:4d:cd:17:b5:b8:0d:19:f5:
30:5f:a0:5c:24:0d:b5:9d:13:3e:ea:ee:c1:e2:51:
0a:20:62:8e:00:4a:0f:a2:54:54:39:fa:59:3a:9a:
f4:43:2c:15:f4:70:ef:06:12:a5:ad:87:4e:79:c3:
58:59:e0:97:2d:f0:03:c5:cc:d4:59:e9:94:f9:6e:
72:a0:44:a0:ca:95:76:7c:04:c8:6a:3a:c0:8e:ad:
3b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:62:0C:E5:95:85:C3:F7:90:C3:F8:A4:8D:A2:62:BA:0F:4A:F2:C8
X509v3 Authority Key Identifier:
keyid:4E:EF:6A:AE:6F:BA:5C:61:A6:17:39:AF:CA:B5:5A:62:26:6E:89:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/02IM5ZWFw_eQw_ikjaJiug9K8sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.176.0/22
194.150.215.0/24
194.150.234.0/23
IPv6:
2a0b:6900::-2a0b:6900:5:ffff:ffff:ffff:ffff:ffff
2a0b:6900:7::-2a0b:6900:9:ffff:ffff:ffff:ffff:ffff
2a0b:6900:10::/48
2a0b:6900:daf::/48
2a0b:6900:185d::/48
2a0b:6903::/48
2a0b:6903:fdb::/48
Signature Algorithm: sha256WithRSAEncryption
65:de:b3:3e:5d:59:3a:46:dc:45:63:cc:69:8b:99:f4:6d:c1:
b5:8a:84:1e:7f:ae:25:58:a9:79:7b:17:b2:7c:8c:e1:03:15:
ad:a8:24:32:6f:1e:af:7d:15:3a:60:ce:ee:ed:9c:2c:76:6e:
99:9e:e1:d1:43:75:e1:f8:6c:18:ce:8e:7b:7b:81:ae:1c:2f:
8f:02:a2:5f:03:a5:e9:63:6e:56:7e:da:9e:1a:cf:84:7c:71:
33:ba:c6:0c:b6:ac:93:08:34:87:9e:cb:4e:b0:15:16:9e:a6:
42:36:0c:0c:39:43:77:23:0c:2d:23:37:78:93:c3:22:d4:c1:
1c:db:1a:05:4f:b3:6a:10:ac:8b:3e:66:26:65:7d:32:aa:45:
af:d5:ff:45:ac:9f:1f:97:b4:0b:bc:f0:13:88:ad:78:64:0b:
2c:f8:de:25:55:dc:7d:06:de:e9:45:c9:05:d7:f5:4b:23:b0:
08:5b:57:66:ba:bc:a8:fd:4e:3f:c6:24:33:08:88:c2:cb:df:
08:8a:f3:d5:ac:da:80:57:cf:97:56:24:24:52:15:d3:f3:04:
90:1d:78:ba:31:ca:7a:f9:10:93:5e:86:f5:12:cd:b8:80:89:
b7:16:b8:f1:c0:f2:30:85:4c:59:2b:ac:f4:8c:cb:aa:a0:7b:
f0:a0:5f:eb
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY3GUqBnUcAV5QpnCs3+7hYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWY2YWFlNmZiYTVjNjFhNjE3MzlhZmNhYjU1YTYyMjY2
ZTg5ZWUwHhcNMjQwMjIwMTE0MjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzYyMGNlNTk1ODVjM2Y3OTBjM2Y4YTQ4ZGEyNjJiYTBmNGFmMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB8Z0irW529wLoBUwpFJC0qjLC6E
Z1T2Vhr2PGmAw6I8yOF0IJHXFZmYenVGu7MxYx6CKD7chLGPdYOLl56zdp2Ltmux
T07Kb4uvdnOEmIkBU8f9hdkRwoK7B4E5IhKW6w14oII8hAbPVhMGi8NIl4Yg5fHC
xJ7Aztfqq84Ygn25z8sO/HcVH2SQOpUrUKvq3//DFv1nimXCepMfyWOYcorMoa5X
eiGrF0OOTc0XtbgNGfUwX6BcJA21nRM+6u7B4lEKIGKOAEoPolRUOfpZOpr0QywV
9HDvBhKlrYdOecNYWeCXLfADxczUWemU+W5yoESgypV2fATIajrAjq07pwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFNNiDOWVhcP3kMP4pI2iYroPSvLIMB8GA1UdIwQY
MBaAFE7vaq5vulxhphc5r8q1WmImbonuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHU5cXJtLTZYR0dtRnptdnlyVmFZaVp1aWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iOGU1YzQtMzhlYi00NDVmLWIwMzYt
YzM3NzkwZTZkNDgyLzEvMDJJTTVaV0Z3X2VRd19pa2phSml1ZzlLOHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iOGU1YzQtMzhlYi00NDVmLWIwMzYtYzM3NzkwZTZkNDgy
LzEvVHU5cXJtLTZYR0dtRnptdnlyVmFZaVp1aWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwGAQCAAEwEgMEArmtsAME
AMKW1wMEAcKW6jBYBAIAAjBSMA8DBAAqC2kDBwEqC2kAAAQwEgMHACoLaQAABwMH
ASoLaQAACAMHACoLaQAAEAMHACoLaQANrwMHACoLaQAYXQMHACoLaQMAAAMHACoL
aQMP2zANBgkqhkiG9w0BAQsFAAOCAQEAZd6zPl1ZOkbcRWPMaYuZ9G3BtYqEHn+u
JVipeXsXsnyM4QMVragkMm8er30VOmDO7u2cLHZumZ7h0UN14fhsGM6Oe3uBrhwv
jwKiXwOl6WNuVn7anhrPhHxxM7rGDLaskwg0h57LTrAVFp6mQjYMDDlDdyMMLSM3
eJPDItTBHNsaBU+zahCsiz5mJmV9MqpFr9X/RayfH5e0C7zwE4iteGQLLPjeJVXc
fQbe6UXJBdf1SyOwCFtXZrq8qP1OP8YkMwiIwsvfCIrz1azagFfPl1YkJFIV0/ME
kB14ujHKevkQk16G9RLNuICJtxa48cDyMIVMWSus9IzLqqB78KBf6w==
-----END CERTIFICATE-----
Generated at Mon May 20 18:00:11 2024 by rpki-client on console-ams.rpki-client.org