Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/V2lIHOSX_UHMP4MYhy90IIkq82E.roa
File: V2lIHOSX_UHMP4MYhy90IIkq82E.roa (raw, json)
Hash identifier: slNJo+fYcENqUvWvCsT1GuH/FBOUrw1jQu9fQYBMg9E=
Subject key identifier: 57:69:48:1C:E4:97:FD:41:CC:3F:83:18:87:2F:74:20:89:2A:F3:61
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 018CC726DC9BA5E41B62C10E6D796E17312E
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/V2lIHOSX_UHMP4MYhy90IIkq82E.roa
Signing time: Mon 01 Jan 2024 22:31:02 +0000
ROA not before: Mon 01 Jan 2024 22:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1290
IP address blocks: 193.82.192.0/19 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
146.101.0.0/16 maxlen: 24
154.8.0.0/19 maxlen: 24
154.32.0.0/16 maxlen: 24
195.152.0.0/15 maxlen: 15
193.117.32.0/19 maxlen: 24
154.8.32.0/20 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:dc:9b:a5:e4:1b:62:c1:0e:6d:79:6e:17:31:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Jan 1 22:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5769481ce497fd41cc3f8318872f7420892af361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:46:9c:db:36:b2:64:33:85:f2:a3:80:99:9d:
31:31:e8:df:99:a9:3c:43:3e:c3:3e:ac:c0:93:5d:
1a:e9:f5:0a:38:94:ca:5e:33:d3:83:55:fb:56:02:
a5:4b:02:05:06:e3:2e:08:8f:24:b4:0b:72:32:c6:
81:09:97:0d:e6:ac:d8:1c:cd:f7:74:9e:8a:0d:91:
94:f1:b8:0d:c5:f9:40:1d:de:5d:5c:7d:84:29:51:
6d:60:66:d7:0f:ea:b1:d4:47:ab:b2:e2:2d:90:3e:
ab:41:f8:c1:d1:13:58:d6:6f:1b:2d:70:ff:d2:92:
6d:91:b6:e1:15:ae:2b:cc:22:7b:86:20:40:e5:59:
ea:5d:37:3b:92:97:88:fa:6e:8b:1e:66:4e:1a:12:
98:4d:e6:c8:e1:60:27:87:1f:5f:bc:58:b0:db:22:
23:47:67:60:64:fd:13:7d:15:cf:4b:51:97:5b:29:
7a:5d:75:a9:8a:fd:27:f6:b1:58:0b:d2:64:70:21:
05:da:7e:8a:71:81:da:fd:8e:dd:c5:92:1d:87:d3:
ea:41:ac:1c:00:d6:27:78:08:6e:68:67:ec:44:5b:
6c:30:54:c6:22:37:05:9b:be:0e:3d:4b:d6:07:63:
5b:8e:70:ba:27:90:b9:37:5a:99:bd:08:7d:d9:1c:
4c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:69:48:1C:E4:97:FD:41:CC:3F:83:18:87:2F:74:20:89:2A:F3:61
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/V2lIHOSX_UHMP4MYhy90IIkq82E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.8.0.0-154.8.47.255
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.152.0.0/15
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
05:dd:3e:5f:ee:ff:99:8a:39:63:b4:b2:ae:ef:72:6c:81:41:
a7:bf:6d:14:fc:c2:29:51:b9:bd:71:5e:7c:30:da:82:1e:f1:
df:b4:95:56:7f:39:57:d8:f0:d8:e4:29:ed:fd:24:f7:0e:ba:
bc:9c:78:e3:1c:de:63:ec:53:97:3e:09:0d:26:8e:e2:05:53:
91:25:61:28:a0:6d:8a:53:a2:8e:3f:7b:15:40:25:66:96:a9:
75:a7:ed:1b:ef:da:a1:0f:dd:a6:06:2d:df:61:8e:8b:a1:29:
f6:44:64:f8:0d:e6:16:62:c5:56:c2:1d:f8:39:01:7c:bb:97:
3b:99:76:7c:94:1b:9e:7c:2b:f8:dc:5c:a8:2f:e9:9c:db:d2:
35:00:cb:93:d0:d7:fb:7f:2b:21:bd:fe:58:36:b9:ba:13:95:
e5:7f:2f:67:e1:45:7a:d2:e4:f6:73:61:ab:a1:ce:bb:ac:b1:
25:b3:3c:13:de:67:f5:9b:93:41:13:b5:6d:ff:30:d4:a2:60:
cf:89:39:56:77:d6:81:46:72:88:de:1e:79:b8:7c:87:9a:40:
86:63:7a:2d:a8:7a:3a:f9:5e:64:26:f3:96:3e:cd:0e:69:10:
a5:99:68:9d:d5:10:2a:31:e0:5f:9f:47:49:8b:29:d7:82:0c:
61:a0:6f:37
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzHJtybpeQbYsEObXluFzEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjQwMTAxMjIzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzY5NDgxY2U0OTdmZDQxY2MzZjgzMTg4NzJmNzQyMDg5MmFmMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0ac2zayZDOF8qOAmZ0xMejfmak8
Qz7DPqzAk10a6fUKOJTKXjPTg1X7VgKlSwIFBuMuCI8ktAtyMsaBCZcN5qzYHM33
dJ6KDZGU8bgNxflAHd5dXH2EKVFtYGbXD+qx1EersuItkD6rQfjB0RNY1m8bLXD/
0pJtkbbhFa4rzCJ7hiBA5VnqXTc7kpeI+m6LHmZOGhKYTebI4WAnhx9fvFiw2yIj
R2dgZP0TfRXPS1GXWyl6XXWpiv0n9rFYC9JkcCEF2n6KcYHa/Y7dxZIdh9PqQawc
ANYneAhuaGfsRFtsMFTGIjcFm74OPUvWB2NbjnC6J5C5N1qZvQh92RxMVwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFdpSBzkl/1BzD+DGIcvdCCJKvNhMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvVjJsSUhPU1hfVUhNUDRNWWh5OTBJSWtxODJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwMAkmUwCwMD
A5oIAwQEmgggAwMAmiAwDAMEBcFSYAMEBcFSgAMEBcFSwAMEBcF1IAMDAcOYMA0E
AgACMAcDBQAqAhYgMA0GCSqGSIb3DQEBCwUAA4IBAQAF3T5f7v+ZijljtLKu73Js
gUGnv20U/MIpUbm9cV58MNqCHvHftJVWfzlX2PDY5Cnt/ST3Drq8nHjjHN5j7FOX
PgkNJo7iBVORJWEooG2KU6KOP3sVQCVmlql1p+0b79qhD92mBi3fYY6LoSn2RGT4
DeYWYsVWwh34OQF8u5c7mXZ8lBuefCv43FyoL+mc29I1AMuT0Nf7fyshvf5YNrm6
E5Xlfy9n4UV60uT2c2Groc67rLElszwT3mf1m5NBE7Vt/zDUomDPiTlWd9aBRnKI
3h55uHyHmkCGY3otqHo6+V5kJvOWPs0OaRClmWid1RAqMeBfn0dJiynXggxhoG83
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:16 2024 by rpki-client on console-fra.rpki-client.org