Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/1-zC7v80110rBER5Cii50IaSmJW8.roa
File: 1-zC7v80110rBER5Cii50IaSmJW8.roa (raw, json)
Hash identifier: WsZnVANWOEctJ2RfLWsLE7KSWdfcrMz6qh9+GxQWsAw=
Subject key identifier: FB:30:BB:BF:CD:35:D7:4A:C1:11:1E:42:8A:2E:74:21:A4:A6:25:6F
Certificate issuer: /CN=774d215caedb050d6f6fe8426d5058afe29aa896
Certificate serial: 018CC794C52A22F46BF8A8F039AA01B7D906
Authority key identifier: 77:4D:21:5C:AE:DB:05:0D:6F:6F:E8:42:6D:50:58:AF:E2:9A:A8:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/1-zC7v80110rBER5Cii50IaSmJW8.roa
Signing time: Tue 02 Jan 2024 00:31:04 +0000
ROA not before: Tue 02 Jan 2024 00:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47264
IP address blocks: 185.66.112.0/24 maxlen: 24
185.66.113.0/24 maxlen: 24
185.66.115.0/24 maxlen: 24
185.66.114.0/24 maxlen: 24
93.191.32.0/21 maxlen: 23
178.248.105.0/24 maxlen: 24
178.248.104.0/21 maxlen: 23
2a02:400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/d00hXK7bBQ1vb-hCbVBYr-KaqJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/d00hXK7bBQ1vb-hCbVBYr-KaqJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:c5:2a:22:f4:6b:f8:a8:f0:39:aa:01:b7:d9:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=774d215caedb050d6f6fe8426d5058afe29aa896
Validity
Not Before: Jan 2 00:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb30bbbfcd35d74ac1111e428a2e7421a4a6256f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b0:6d:1b:36:27:81:61:01:81:96:c8:fc:03:
23:b0:a3:aa:c0:cd:55:94:5b:66:12:5a:d4:6b:be:
a7:ad:d3:cc:7e:86:8b:35:bb:34:02:26:c0:53:9d:
51:5d:34:ce:cc:24:d1:f5:39:65:e7:9c:ed:33:60:
c6:fa:68:71:6a:a1:e7:f8:7a:50:39:f8:a3:68:07:
5c:7f:49:df:74:8c:ec:a1:ac:64:cc:7b:66:f1:18:
30:0b:40:dd:57:12:53:b3:bb:3f:f0:70:f3:56:64:
f3:e0:11:91:08:f7:37:9c:c7:94:98:34:d4:ed:ac:
cf:ff:d3:3b:24:dd:44:55:ed:e2:e0:43:6a:8b:80:
18:47:74:2d:a7:12:79:ff:42:b8:a8:b4:a0:e8:3b:
cb:93:0c:3f:26:71:64:95:d0:65:ee:16:f5:d6:0a:
5a:b0:fd:0b:dd:46:7f:92:a5:e9:c8:f8:6a:c0:34:
8c:56:a5:01:99:f0:32:53:a7:03:e8:9b:cd:a1:bb:
a7:16:4e:fb:3b:dd:73:f6:0c:21:b7:71:e9:4b:c8:
ca:88:ed:66:b0:bf:d3:83:23:fd:cd:c5:10:32:2e:
a3:72:1b:a0:31:e3:0c:d9:f4:f6:63:37:4e:08:7c:
8f:ad:67:ec:51:68:83:8a:bf:3b:81:ea:5c:83:4b:
6c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:30:BB:BF:CD:35:D7:4A:C1:11:1E:42:8A:2E:74:21:A4:A6:25:6F
X509v3 Authority Key Identifier:
keyid:77:4D:21:5C:AE:DB:05:0D:6F:6F:E8:42:6D:50:58:AF:E2:9A:A8:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/1-zC7v80110rBER5Cii50IaSmJW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/d00hXK7bBQ1vb-hCbVBYr-KaqJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.32.0/21
178.248.104.0/21
185.66.112.0/22
IPv6:
2a02:400::/32
Signature Algorithm: sha256WithRSAEncryption
3b:ee:20:26:d3:18:07:ee:b7:3f:53:07:c2:88:49:78:f6:86:
90:cf:90:10:28:37:54:f4:2a:91:38:7c:ef:f0:41:49:1e:ec:
da:18:15:85:58:81:72:fe:db:6d:77:4d:ed:62:a6:56:9b:f5:
55:5e:65:f8:de:e2:e7:c9:9f:4b:84:5c:68:8d:8c:d7:d4:f0:
1d:ef:44:75:b2:c9:a1:44:1b:14:64:27:27:04:12:9e:73:68:
a1:bd:6f:40:90:fd:ce:70:1c:0f:d0:d2:3e:28:2a:04:e4:e5:
c7:26:d2:a6:e9:f4:ad:94:56:1e:33:6f:25:6a:0b:df:c7:f3:
1d:05:21:02:2f:d8:9e:e6:63:f7:e9:b1:df:de:af:df:11:ef:
5c:c0:1a:97:00:f6:38:ab:12:03:ea:40:2f:72:17:55:d7:59:
22:b7:5b:e0:9a:a1:6d:17:81:df:51:8f:2b:27:d4:e9:5f:d9:
f5:17:49:59:d6:69:ad:10:e4:ab:d3:9a:bc:86:28:58:46:62:
7a:04:cb:b5:f1:1c:40:77:71:da:05:d2:45:da:61:67:cb:e2:
50:11:ad:7c:cb:88:55:20:61:7b:9b:33:d0:a2:82:47:16:e6:
f0:e4:c8:04:86:fe:df:17:5b:bf:54:36:5f:64:2a:18:78:e6:
7d:17:77:22
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzHlMUqIvRr+KjwOaoBt9kGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NGQyMTVjYWVkYjA1MGQ2ZjZmZTg0MjZkNTA1OGFmZTI5
YWE4OTYwHhcNMjQwMTAyMDAzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjMwYmJiZmNkMzVkNzRhYzExMTFlNDI4YTJlNzQyMWE0YTYyNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrBtGzYngWEBgZbI/AMjsKOqwM1V
lFtmElrUa76nrdPMfoaLNbs0AibAU51RXTTOzCTR9Tll55ztM2DG+mhxaqHn+HpQ
OfijaAdcf0nfdIzsoaxkzHtm8RgwC0DdVxJTs7s/8HDzVmTz4BGRCPc3nMeUmDTU
7azP/9M7JN1EVe3i4ENqi4AYR3QtpxJ5/0K4qLSg6DvLkww/JnFkldBl7hb11gpa
sP0L3UZ/kqXpyPhqwDSMVqUBmfAyU6cD6JvNobunFk77O91z9gwht3HpS8jKiO1m
sL/TgyP9zcUQMi6jchugMeMM2fT2YzdOCHyPrWfsUWiDir87gepcg0tsrQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPswu7/NNddKwREeQooudCGkpiVvMB8GA1UdIwQY
MBaAFHdNIVyu2wUNb2/oQm1QWK/imqiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDAwaFhLN2JCUTF2Yi1oQ2JWQllyLUthcUpZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85YjM0NTMtYWU3OS00ZjNjLWJjNzIt
NWQ4ZmU5YWNlZjgzLzEvMS16Qzd2ODAxMTByQkVSNUNpaTUwSWFTbUpXOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTUvOWIzNDUzLWFlNzktNGYzYy1iYzcyLTVkOGZlOWFjZWY4
My8xL2QwMGhYSzdiQlExdmItaENiVkJZci1LYXFKWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA12/IAME
A7L4aAMEArlCcDANBAIAAjAHAwUAKgIEADANBgkqhkiG9w0BAQsFAAOCAQEAO+4g
JtMYB+63P1MHwohJePaGkM+QECg3VPQqkTh87/BBSR7s2hgVhViBcv7bbXdN7WKm
Vpv1VV5l+N7i58mfS4RcaI2M19TwHe9EdbLJoUQbFGQnJwQSnnNoob1vQJD9znAc
D9DSPigqBOTlxybSpun0rZRWHjNvJWoL38fzHQUhAi/YnuZj9+mx396v3xHvXMAa
lwD2OKsSA+pAL3IXVddZIrdb4JqhbReB31GPKyfU6V/Z9RdJWdZprRDkq9OavIYo
WEZiegTLtfEcQHdx2gXSRdphZ8viUBGtfMuIVSBhe5sz0KKCRxbm8OTIBIb+3xdb
v1Q2X2QqGHjmfRd3Ig==
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:57:22 2024 by rpki-client on console-fra.rpki-client.org