Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/8b58e9-3230-4418-8f68-81224e480c03/1/Cz73YCfrTtWLbjYWSfIbFdJDwdM.roa
File: Cz73YCfrTtWLbjYWSfIbFdJDwdM.roa (raw, json)
Hash identifier: TSLJGGHPmndTqYUL6XJyE1xUAR18+YcgBHmmrKaQez4=
Subject key identifier: 0B:3E:F7:60:27:EB:4E:D5:8B:6E:36:16:49:F2:1B:15:D2:43:C1:D3
Certificate issuer: /CN=f8b3d58d993f960840f7ef2fe20c008adc971f97
Certificate serial: 018CC500FB4ED04CA0B8A42AF981349DFFB8
Authority key identifier: F8:B3:D5:8D:99:3F:96:08:40:F7:EF:2F:E2:0C:00:8A:DC:97:1F:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-LPVjZk_lghA9-8v4gwAityXH5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/8b58e9-3230-4418-8f68-81224e480c03/1/Cz73YCfrTtWLbjYWSfIbFdJDwdM.roa
Signing time: Mon 01 Jan 2024 12:30:25 +0000
ROA not before: Mon 01 Jan 2024 12:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41000
IP address blocks: 194.110.243.0/24 maxlen: 24
193.23.224.0/24 maxlen: 24
176.74.16.0/21 maxlen: 21
193.33.178.0/23 maxlen: 23
185.86.108.0/22 maxlen: 22
185.176.248.0/22 maxlen: 22
195.170.173.0/24 maxlen: 24
2a00:b980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/8b58e9-3230-4418-8f68-81224e480c03/1/1-LPVjZk_lghA9-8v4gwAityXH5c.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/8b58e9-3230-4418-8f68-81224e480c03/1/1-LPVjZk_lghA9-8v4gwAityXH5c.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-LPVjZk_lghA9-8v4gwAityXH5c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:fb:4e:d0:4c:a0:b8:a4:2a:f9:81:34:9d:ff:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8b3d58d993f960840f7ef2fe20c008adc971f97
Validity
Not Before: Jan 1 12:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b3ef76027eb4ed58b6e361649f21b15d243c1d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d8:cd:71:1b:e9:47:db:64:53:f8:80:1b:57:
b5:6f:d4:41:5d:43:c1:32:dd:c7:10:5f:57:69:f5:
b4:52:b9:07:41:1f:9c:de:5b:24:a7:e5:d3:77:d7:
88:eb:f8:ba:e2:38:57:77:04:1b:fe:e2:88:61:1a:
41:84:1e:35:1b:b7:75:17:82:17:90:f4:ed:0f:68:
d4:75:ad:95:46:70:0d:83:50:e5:39:d4:06:f4:d8:
e2:8b:96:0b:24:d5:4a:dd:4b:22:8c:70:86:ec:44:
fc:c6:10:31:bc:ce:29:70:61:2a:4b:cc:42:d2:6d:
91:99:ba:bc:bf:eb:2d:bb:65:99:61:92:b3:f8:1c:
b4:e2:d6:a5:46:3b:9d:12:60:bd:fd:b9:db:0f:c3:
ed:43:ed:55:f6:d9:e3:ec:fa:91:76:7f:0b:c1:39:
84:78:a4:2f:65:81:0c:a6:16:2a:b2:4c:0b:ec:bf:
52:52:7b:46:f6:2d:e2:a0:52:89:fd:8d:81:0b:3c:
53:4e:e6:ff:5c:b6:f3:db:1b:3b:44:c1:79:f0:f8:
e6:6f:38:46:1e:16:02:16:6d:52:a1:6f:4b:6b:23:
2e:d6:91:5c:1e:09:e5:c6:6c:63:ca:ef:8b:47:cc:
7d:af:80:70:f2:e7:92:22:0e:27:5a:7f:dc:6c:57:
1b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3E:F7:60:27:EB:4E:D5:8B:6E:36:16:49:F2:1B:15:D2:43:C1:D3
X509v3 Authority Key Identifier:
keyid:F8:B3:D5:8D:99:3F:96:08:40:F7:EF:2F:E2:0C:00:8A:DC:97:1F:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-LPVjZk_lghA9-8v4gwAityXH5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8b58e9-3230-4418-8f68-81224e480c03/1/Cz73YCfrTtWLbjYWSfIbFdJDwdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/8b58e9-3230-4418-8f68-81224e480c03/1/1-LPVjZk_lghA9-8v4gwAityXH5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.74.16.0/21
185.86.108.0/22
185.176.248.0/22
193.23.224.0/24
193.33.178.0/23
194.110.243.0/24
195.170.173.0/24
IPv6:
2a00:b980::/29
Signature Algorithm: sha256WithRSAEncryption
05:0f:3d:56:bf:8e:16:ad:3c:6b:01:27:99:11:75:10:78:d9:
c4:0b:78:47:0f:68:a4:53:69:2d:3c:8c:c9:64:af:26:4b:a9:
16:a2:28:ff:53:fc:2d:52:a2:d3:96:d1:10:c2:53:37:a8:17:
b8:eb:6f:9f:c7:1a:4e:da:23:4f:40:af:60:dc:51:e2:18:db:
93:e2:dd:d9:bc:51:7b:23:7d:e5:36:5d:c3:d4:ff:98:c8:80:
61:13:5b:4c:d2:65:43:3c:85:e9:19:6d:e5:c6:ec:1d:18:b3:
94:61:4c:d1:25:fc:5d:e2:32:4e:9d:ac:11:27:05:5a:8b:11:
cf:75:3a:07:a3:c5:9b:fe:ea:b1:78:86:1c:60:9a:45:d4:ee:
93:48:89:22:99:a3:c4:45:f7:f9:52:a4:1f:45:42:99:ff:d6:
cc:d8:1a:c1:28:fa:5e:fc:35:15:c4:d4:dc:18:87:cf:d5:f0:
1d:f8:95:74:11:06:02:53:aa:e4:17:e8:88:7d:a6:41:d4:03:
76:93:94:11:b0:6f:3b:42:43:05:68:10:25:39:fe:b2:4e:42:
a9:18:36:ff:75:7e:d0:11:67:48:a6:28:f9:94:0d:ab:45:37:
30:d0:e0:9a:0c:01:13:86:21:a1:e7:03:68:28:33:84:d2:24:
62:e8:40:ba
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzFAPtO0EyguKQq+YE0nf+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YjNkNThkOTkzZjk2MDg0MGY3ZWYyZmUyMGMwMDhhZGM5
NzFmOTcwHhcNMjQwMTAxMTIzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNlZjc2MDI3ZWI0ZWQ1OGI2ZTM2MTY0OWYyMWIxNWQyNDNjMWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49jNcRvpR9tkU/iAG1e1b9RBXUPB
Mt3HEF9XafW0UrkHQR+c3lskp+XTd9eI6/i64jhXdwQb/uKIYRpBhB41G7d1F4IX
kPTtD2jUda2VRnANg1DlOdQG9Njii5YLJNVK3UsijHCG7ET8xhAxvM4pcGEqS8xC
0m2Rmbq8v+stu2WZYZKz+By04talRjudEmC9/bnbD8PtQ+1V9tnj7PqRdn8LwTmE
eKQvZYEMphYqskwL7L9SUntG9i3ioFKJ/Y2BCzxTTub/XLbz2xs7RMF58PjmbzhG
HhYCFm1SoW9LayMu1pFcHgnlxmxjyu+LR8x9r4Bw8ueSIg4nWn/cbFcbFQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAs+92An607Vi242FknyGxXSQ8HTMB8GA1UdIwQY
MBaAFPiz1Y2ZP5YIQPfvL+IMAIrclx+XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1MUFZqWmtfbGdoQTktOHY0Z3dBaXR5WEg1Yy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIvOGI1OGU5LTMyMzAtNDQxOC04ZjY4
LTgxMjI0ZTQ4MGMwMy8xL0N6NzNZQ2ZyVHRXTGJqWVdTZkliRmRKRHdkTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTIvOGI1OGU5LTMyMzAtNDQxOC04ZjY4LTgxMjI0ZTQ4MGMw
My8xLzEtTFBWalprX2xnaEE5LTh2NGd3QWl0eVhINWMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwUgYIKwYBBQUHAQcBAf8EQzBBMDAEAgABMCoDBAOwShAD
BAK5VmwDBAK5sPgDBADBF+ADBAHBIbIDBADCbvMDBADDqq0wDQQCAAIwBwMFAyoA
uYAwDQYJKoZIhvcNAQELBQADggEBAAUPPVa/jhatPGsBJ5kRdRB42cQLeEcPaKRT
aS08jMlkryZLqRaiKP9T/C1SotOW0RDCUzeoF7jrb5/HGk7aI09Ar2DcUeIY25Pi
3dm8UXsjfeU2XcPU/5jIgGETW0zSZUM8hekZbeXG7B0Ys5RhTNEl/F3iMk6drBEn
BVqLEc91OgejxZv+6rF4hhxgmkXU7pNIiSKZo8RF9/lSpB9FQpn/1szYGsEo+l78
NRXE1NwYh8/V8B34lXQRBgJTquQX6Ih9pkHUA3aTlBGwbztCQwVoECU5/rJOQqkY
Nv91ftARZ0imKPmUDatFNzDQ4JoMAROGIaHnA2goM4TSJGLoQLo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:22:36 2024 by rpki-client on console-ams.rpki-client.org