Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/cMdj0P88JQ_n0sb97lOA61ny7JY.roa
File: cMdj0P88JQ_n0sb97lOA61ny7JY.roa (raw, json)
Hash identifier: ozBMQKtipt9ETXeR2bLNBJ5Byygr7vHSkCp4wVTZw/Q=
Subject key identifier: 70:C7:63:D0:FF:3C:25:0F:E7:D2:C6:FD:EE:53:80:EB:59:F2:EC:96
Certificate issuer: /CN=ac8a69ecb787cce9892dc65480463fb088b613df
Certificate serial: 018CCA293D08B94E9C5AF4E181297F54ED15
Authority key identifier: AC:8A:69:EC:B7:87:CC:E9:89:2D:C6:54:80:46:3F:B0:88:B6:13:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIpp7LeHzOmJLcZUgEY_sIi2E98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/cMdj0P88JQ_n0sb97lOA61ny7JY.roa
Signing time: Tue 02 Jan 2024 12:32:29 +0000
ROA not before: Tue 02 Jan 2024 12:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44946
IP address blocks: 93.94.135.0/24 maxlen: 24
194.187.64.0/22 maxlen: 24
195.49.152.0/22 maxlen: 24
185.59.200.0/22 maxlen: 24
93.94.128.0/21 maxlen: 24
2a02:158::/32 maxlen: 64
2a02:158:aa00::/39 maxlen: 39
2a02:158:fffe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/rIpp7LeHzOmJLcZUgEY_sIi2E98.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/rIpp7LeHzOmJLcZUgEY_sIi2E98.mft
rsync://rpki.ripe.net/repository/DEFAULT/rIpp7LeHzOmJLcZUgEY_sIi2E98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:3d:08:b9:4e:9c:5a:f4:e1:81:29:7f:54:ed:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a69ecb787cce9892dc65480463fb088b613df
Validity
Not Before: Jan 2 12:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70c763d0ff3c250fe7d2c6fdee5380eb59f2ec96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d3:f1:a0:4d:76:7b:6c:83:b1:1b:a7:2d:71:
83:50:72:da:8b:fa:df:ce:a1:79:9d:ac:ea:d4:60:
c8:d5:d7:61:74:32:fe:42:be:0a:17:d5:c6:57:c0:
38:d2:ad:28:0c:3f:8a:27:f6:1a:c4:87:41:b0:55:
8c:11:45:dd:59:f8:4f:38:10:d0:71:a3:c1:0a:32:
67:70:31:e8:fb:98:11:0d:37:a9:13:72:73:ad:6c:
ff:64:57:a8:33:11:13:2a:e4:bc:2c:d9:03:47:ab:
4c:d0:a7:6f:22:d0:c4:08:c3:f9:e6:8d:57:b3:b7:
a6:8e:36:d1:db:5f:33:1c:73:4b:ff:42:30:72:90:
17:35:f0:df:d9:4a:65:9c:3c:2d:29:87:cc:be:b9:
6a:6c:4f:5d:b7:cd:98:2e:4e:0e:5f:50:d4:a3:0c:
ae:36:2a:6a:05:9b:8d:29:fd:55:ff:6f:84:90:af:
f4:ed:0c:05:42:c1:04:99:6c:f2:11:dd:76:26:85:
7e:44:85:54:c5:55:6f:98:0b:be:2f:74:e8:d9:0b:
08:10:eb:e7:03:95:4b:26:67:56:7b:b0:1d:bc:3f:
60:2f:d4:8d:bd:4c:94:e3:01:87:f4:81:5a:55:d5:
73:ae:72:7c:f3:8b:b0:e5:2f:4b:5e:ca:ef:36:f3:
5b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C7:63:D0:FF:3C:25:0F:E7:D2:C6:FD:EE:53:80:EB:59:F2:EC:96
X509v3 Authority Key Identifier:
keyid:AC:8A:69:EC:B7:87:CC:E9:89:2D:C6:54:80:46:3F:B0:88:B6:13:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIpp7LeHzOmJLcZUgEY_sIi2E98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/cMdj0P88JQ_n0sb97lOA61ny7JY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/rIpp7LeHzOmJLcZUgEY_sIi2E98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.128.0/21
185.59.200.0/22
194.187.64.0/22
195.49.152.0/22
IPv6:
2a02:158::/32
Signature Algorithm: sha256WithRSAEncryption
3e:ab:ee:4c:8b:70:92:fd:20:5c:2a:29:85:c8:fd:a0:50:27:
96:e2:f9:50:b8:f3:a1:54:6c:a3:d0:2c:6d:5a:7e:6f:7d:21:
e0:bb:e4:61:a3:81:3f:08:a0:33:c3:76:fa:e4:fa:75:12:a7:
39:ff:bb:de:75:14:9d:c0:0a:76:79:2b:65:3d:36:12:6e:2f:
4b:bc:2d:06:40:02:ba:04:20:9b:0e:a0:1f:41:da:03:10:5e:
e7:0c:79:7d:f5:f1:db:59:e6:c6:09:b6:4f:56:55:43:5e:65:
56:54:cf:aa:0e:a3:72:2b:af:df:b7:b7:fd:05:83:30:6b:72:
2b:70:60:2e:35:94:45:b8:e7:f9:74:54:ea:c4:45:e7:f1:0d:
18:df:65:d3:86:c7:2c:c5:64:09:7e:ff:49:75:18:47:9c:61:
6c:b2:00:b4:9f:60:d2:58:ac:5b:99:36:e5:34:26:73:f7:ff:
f3:af:3d:22:1c:4c:80:17:71:0b:e9:58:97:f4:97:a3:af:cf:
66:4e:7a:6a:21:e9:e6:98:82:ef:88:81:65:44:2f:3c:53:42:
36:2f:d1:4f:fe:1e:64:32:9b:f9:48:fd:74:b6:41:51:0a:2a:
ae:fb:7e:ec:73:79:04:49:a2:71:85:62:34:98:0f:b8:07:cb:
6c:27:9b:dd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzKKT0IuU6cWvThgSl/VO0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOGE2OWVjYjc4N2NjZTk4OTJkYzY1NDgwNDYzZmIwODhi
NjEzZGYwHhcNMjQwMTAyMTIzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM3NjNkMGZmM2MyNTBmZTdkMmM2ZmRlZTUzODBlYjU5ZjJlYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdPxoE12e2yDsRunLXGDUHLai/rf
zqF5nazq1GDI1ddhdDL+Qr4KF9XGV8A40q0oDD+KJ/YaxIdBsFWMEUXdWfhPOBDQ
caPBCjJncDHo+5gRDTepE3JzrWz/ZFeoMxETKuS8LNkDR6tM0KdvItDECMP55o1X
s7emjjbR218zHHNL/0IwcpAXNfDf2UplnDwtKYfMvrlqbE9dt82YLk4OX1DUowyu
NipqBZuNKf1V/2+EkK/07QwFQsEEmWzyEd12JoV+RIVUxVVvmAu+L3To2QsIEOvn
A5VLJmdWe7AdvD9gL9SNvUyU4wGH9IFaVdVzrnJ884uw5S9LXsrvNvNb+wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHDHY9D/PCUP59LG/e5TgOtZ8uyWMB8GA1UdIwQY
MBaAFKyKaey3h8zpiS3GVIBGP7CIthPfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcklwcDdMZUh6T21KTGNaVWdFWV9zSWkyRTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi84N2RhZGYtMjlkOS00OWQzLThhYzYt
NGNjNDBmZmQ3OTZkLzEvY01kajBQODhKUV9uMHNiOTdsT0E2MW55N0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi84N2RhZGYtMjlkOS00OWQzLThhYzYtNGNjNDBmZmQ3OTZk
LzEvcklwcDdMZUh6T21KTGNaVWdFWV9zSWkyRTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDXV6AAwQC
uTvIAwQCwrtAAwQCwzGYMA0EAgACMAcDBQAqAgFYMA0GCSqGSIb3DQEBCwUAA4IB
AQA+q+5Mi3CS/SBcKimFyP2gUCeW4vlQuPOhVGyj0CxtWn5vfSHgu+Rho4E/CKAz
w3b65Pp1Eqc5/7vedRSdwAp2eStlPTYSbi9LvC0GQAK6BCCbDqAfQdoDEF7nDHl9
9fHbWebGCbZPVlVDXmVWVM+qDqNyK6/ft7f9BYMwa3IrcGAuNZRFuOf5dFTqxEXn
8Q0Y32XThscsxWQJfv9JdRhHnGFssgC0n2DSWKxbmTblNCZz9//zrz0iHEyAF3EL
6ViX9Jejr89mTnpqIenmmILviIFlRC88U0I2L9FP/h5kMpv5SP10tkFRCiqu+37s
c3kESaJxhWI0mA+4B8tsJ5vd
-----END CERTIFICATE-----
Generated at Sat Jun 8 11:06:56 2024 by rpki-client on console-ams.rpki-client.org