Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/a4QL92OGPhimSFpYHtg0rxlj-pI.roa
File: a4QL92OGPhimSFpYHtg0rxlj-pI.roa (raw, json)
Hash identifier: nRQSl4vV2LLOZ8026LdUGztHj+V12kMh2NUvQ8pAbuo=
Subject key identifier: 6B:84:0B:F7:63:86:3E:18:A6:48:5A:58:1E:D8:34:AF:19:63:FA:92
Certificate issuer: /CN=dad7a0b00102a28416e3093b5765a0b27755ccf3
Certificate serial: 018CC26D82139E45A550B5D06B725009DFBA
Authority key identifier: DA:D7:A0:B0:01:02:A2:84:16:E3:09:3B:57:65:A0:B2:77:55:CC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2tegsAECooQW4wk7V2WgsndVzPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/a4QL92OGPhimSFpYHtg0rxlj-pI.roa
Signing time: Mon 01 Jan 2024 00:30:05 +0000
ROA not before: Mon 01 Jan 2024 00:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198477
IP address blocks: 185.55.31.0/24 maxlen: 24
37.99.192.0/21 maxlen: 21
185.55.30.0/24 maxlen: 24
37.99.192.0/24 maxlen: 24
185.55.29.0/24 maxlen: 24
185.55.28.0/22 maxlen: 22
185.55.28.0/24 maxlen: 24
37.99.196.0/24 maxlen: 24
37.99.195.0/24 maxlen: 24
37.99.194.0/24 maxlen: 24
37.99.193.0/24 maxlen: 24
37.99.199.0/24 maxlen: 24
37.99.198.0/24 maxlen: 24
37.99.197.0/24 maxlen: 24
2a02:5440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/2tegsAECooQW4wk7V2WgsndVzPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/2tegsAECooQW4wk7V2WgsndVzPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2tegsAECooQW4wk7V2WgsndVzPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:82:13:9e:45:a5:50:b5:d0:6b:72:50:09:df:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dad7a0b00102a28416e3093b5765a0b27755ccf3
Validity
Not Before: Jan 1 00:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b840bf763863e18a6485a581ed834af1963fa92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c9:19:34:31:50:c2:1c:0f:c3:ec:db:b5:85:
94:d6:31:f9:a8:15:d5:8f:bc:1d:b5:f2:b3:7b:10:
66:93:3e:ca:9d:a8:26:7a:93:de:75:b5:21:30:f2:
13:4c:a3:13:81:27:2e:ba:c3:c9:7d:20:53:d0:97:
c1:c0:ef:c4:f2:25:1f:74:f8:44:1a:55:8a:81:b2:
b8:dc:d8:b8:d1:9d:05:31:3f:37:98:76:e9:b1:b9:
32:46:25:34:5f:c0:0f:d7:59:7e:f8:4c:c1:5d:cd:
f2:7f:7a:1c:8f:32:80:0f:15:5d:ce:83:6a:03:b9:
95:7f:67:e4:1a:49:f0:f6:0d:3b:61:fe:91:3f:63:
2c:c8:22:2b:26:1f:5b:f1:2f:40:d5:fe:1a:fb:8a:
22:d5:3c:0d:60:70:e0:55:68:79:7d:d9:45:60:b2:
2a:f6:42:25:43:5b:9a:84:e1:2a:11:b6:11:4a:b9:
c0:ec:3c:49:41:1a:4c:63:95:b9:33:db:a4:0c:ae:
b9:6e:98:b1:59:4e:5c:f8:8b:71:db:7a:7c:1c:c3:
cc:16:67:24:5c:c3:f1:70:86:e6:c8:31:83:98:f6:
a6:82:f9:24:0d:82:30:0e:87:4f:8a:00:1e:c6:52:
9d:a0:25:09:6d:22:87:1c:ec:5a:0b:87:61:fb:80:
dc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:84:0B:F7:63:86:3E:18:A6:48:5A:58:1E:D8:34:AF:19:63:FA:92
X509v3 Authority Key Identifier:
keyid:DA:D7:A0:B0:01:02:A2:84:16:E3:09:3B:57:65:A0:B2:77:55:CC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2tegsAECooQW4wk7V2WgsndVzPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/a4QL92OGPhimSFpYHtg0rxlj-pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e2cb16-9c16-40b1-ac8c-959dc21e9293/1/2tegsAECooQW4wk7V2WgsndVzPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.192.0/21
185.55.28.0/22
IPv6:
2a02:5440::/32
Signature Algorithm: sha256WithRSAEncryption
0e:a9:c9:a2:26:6b:38:45:99:cc:b0:d2:88:0d:cf:38:61:8a:
08:b0:9e:bf:65:4e:8f:30:7f:4b:55:04:57:0e:c5:c3:15:93:
51:87:85:93:c3:f8:b4:b0:13:8e:1b:21:74:d8:91:95:4f:79:
99:a5:d4:bb:5b:13:27:d1:0d:45:47:b1:33:35:f6:da:87:91:
9e:d3:c6:a3:90:94:5a:ea:e7:ef:80:ec:fd:7d:e5:95:64:c8:
55:90:5e:ad:c9:76:15:7b:a8:df:7b:80:48:61:82:7c:1b:06:
8b:04:86:6d:7a:49:ac:be:51:d5:82:49:45:d6:26:21:8e:48:
e9:f8:3e:8a:d7:85:90:77:79:ff:0c:f9:b4:6b:7c:da:f9:aa:
2f:02:cf:31:6a:7f:bb:8a:44:39:a5:d8:34:b1:6d:82:50:07:
c0:4e:3f:e6:4a:7b:33:62:69:19:cc:c2:cd:9b:bb:b4:34:ab:
55:6e:88:b0:1e:77:78:47:5f:4a:79:af:ac:22:20:32:a1:6c:
10:50:30:07:ba:cb:a4:af:a3:65:44:06:7c:cc:82:52:50:ac:
0a:e3:c1:32:55:7b:e9:80:e9:dc:dd:a9:0f:7d:fd:8f:9b:93:
ff:a0:17:4e:93:8c:7c:36:7e:e6:01:1b:5b:27:d6:13:00:a4:
67:5f:66:a2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbYITnkWlULXQa3JQCd+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZDdhMGIwMDEwMmEyODQxNmUzMDkzYjU3NjVhMGIyNzc1
NWNjZjMwHhcNMjQwMTAxMDAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yjg0MGJmNzYzODYzZTE4YTY0ODVhNTgxZWQ4MzRhZjE5NjNmYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsckZNDFQwhwPw+zbtYWU1jH5qBXV
j7wdtfKzexBmkz7KnagmepPedbUhMPITTKMTgScuusPJfSBT0JfBwO/E8iUfdPhE
GlWKgbK43Ni40Z0FMT83mHbpsbkyRiU0X8AP11l++EzBXc3yf3ocjzKADxVdzoNq
A7mVf2fkGknw9g07Yf6RP2MsyCIrJh9b8S9A1f4a+4oi1TwNYHDgVWh5fdlFYLIq
9kIlQ1uahOEqEbYRSrnA7DxJQRpMY5W5M9ukDK65bpixWU5c+Itx23p8HMPMFmck
XMPxcIbmyDGDmPamgvkkDYIwDodPigAexlKdoCUJbSKHHOxaC4dh+4DcnwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGuEC/djhj4YpkhaWB7YNK8ZY/qSMB8GA1UdIwQY
MBaAFNrXoLABAqKEFuMJO1dloLJ3VczzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnRlZ3NBRUNvb1FXNHdrN1YyV2dzbmRWelBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMmNiMTYtOWMxNi00MGIxLWFjOGMt
OTU5ZGMyMWU5MjkzLzEvYTRRTDkyT0dQaGltU0ZwWUh0ZzByeGxqLXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMmNiMTYtOWMxNi00MGIxLWFjOGMtOTU5ZGMyMWU5Mjkz
LzEvMnRlZ3NBRUNvb1FXNHdrN1YyV2dzbmRWelBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJWPAAwQC
uTccMA0EAgACMAcDBQAqAlRAMA0GCSqGSIb3DQEBCwUAA4IBAQAOqcmiJms4RZnM
sNKIDc84YYoIsJ6/ZU6PMH9LVQRXDsXDFZNRh4WTw/i0sBOOGyF02JGVT3mZpdS7
WxMn0Q1FR7EzNfbah5Ge08ajkJRa6ufvgOz9feWVZMhVkF6tyXYVe6jfe4BIYYJ8
GwaLBIZtekmsvlHVgklF1iYhjkjp+D6K14WQd3n/DPm0a3za+aovAs8xan+7ikQ5
pdg0sW2CUAfATj/mSnszYmkZzMLNm7u0NKtVboiwHnd4R19Kea+sIiAyoWwQUDAH
usukr6NlRAZ8zIJSUKwK48EyVXvpgOnc3akPff2Pm5P/oBdOk4x8Nn7mARtbJ9YT
AKRnX2ai
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:16 2024 by rpki-client on console-fra.rpki-client.org