Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/tDXffFxEX2tQiPfmMnSV4uRJe7A.roa
File: tDXffFxEX2tQiPfmMnSV4uRJe7A.roa (raw, json)
Hash identifier: 0TvqhBCoyG9/9H+2n1lQQo9Q4zQ09U8X4VvRNAxxsTk=
Subject key identifier: B4:35:DF:7C:5C:44:5F:6B:50:88:F7:E6:32:74:95:E2:E4:49:7B:B0
Certificate issuer: /CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Certificate serial: 0192438A97088AF38796067B6CA7AE6A37A6
Authority key identifier: 32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/tDXffFxEX2tQiPfmMnSV4uRJe7A.roa
Signing time: Mon 30 Sep 2024 15:26:49 +0000
ROA not before: Mon 30 Sep 2024 15:26:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212538
IP address blocks: 185.34.128.0/24 maxlen: 24
185.180.28.0/24 maxlen: 24
185.180.29.0/24 maxlen: 24
185.180.30.0/24 maxlen: 24
185.180.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:43:8a:97:08:8a:f3:87:96:06:7b:6c:a7:ae:6a:37:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32ed67002dc7307e8563b6e4934ccd5723a44f3e
Validity
Not Before: Sep 30 15:26:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b435df7c5c445f6b5088f7e6327495e2e4497bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:05:04:f8:25:d5:fb:c6:6b:7c:28:50:b0:a2:
63:b7:9c:c7:4f:2b:be:d7:8b:25:bb:69:4f:78:58:
82:24:da:33:2e:8c:c5:e7:9d:16:5c:7c:f0:17:c0:
3e:55:73:05:f1:aa:c4:e3:a2:78:82:fa:de:57:8b:
c3:8f:0e:83:6b:b8:63:25:3a:78:39:d1:b1:26:87:
18:11:34:63:b2:d0:08:51:ba:b9:b0:bf:00:15:7a:
82:38:95:ff:2f:41:54:0f:bf:b2:f9:3b:8a:30:08:
02:2c:b9:13:01:72:0b:1b:df:ed:5a:de:9e:85:7f:
1d:c0:d3:49:1c:d8:25:5b:20:2a:f2:b5:42:d2:1b:
20:c5:d5:c9:72:44:c7:a5:00:80:a6:44:ac:98:a9:
e1:30:b4:18:78:74:f7:ed:70:8d:03:e7:37:77:73:
d5:41:9a:a4:63:3b:27:22:c1:88:aa:f6:98:cd:c1:
12:6a:b1:bc:04:6b:15:6f:cf:ce:d0:c8:a6:5c:24:
2b:47:b7:67:5c:04:be:86:f4:29:75:d7:93:22:5e:
91:b0:e9:6c:4e:01:a4:c4:72:7a:92:dd:88:5e:9b:
86:02:f0:fa:db:fd:f8:f1:59:2d:33:b4:d2:29:3e:
35:8f:07:35:f2:bc:d2:6b:f7:2e:3a:17:00:26:0d:
e2:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:35:DF:7C:5C:44:5F:6B:50:88:F7:E6:32:74:95:E2:E4:49:7B:B0
X509v3 Authority Key Identifier:
keyid:32:ED:67:00:2D:C7:30:7E:85:63:B6:E4:93:4C:CD:57:23:A4:4F:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/tDXffFxEX2tQiPfmMnSV4uRJe7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7916cd-4d2f-4f52-aeac-f1e9bc41d92f/1/Mu1nAC3HMH6FY7bkk0zNVyOkTz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.128.0/24
185.180.28.0/22
Signature Algorithm: sha256WithRSAEncryption
15:1d:9c:5e:7f:33:7c:4a:7c:50:de:8e:16:37:86:23:80:ec:
19:96:5b:4e:73:28:ac:e4:fc:b2:19:20:f7:cd:33:68:4c:89:
45:00:34:7a:01:ea:68:f6:d8:8f:0c:90:1a:b9:b0:ce:a4:8d:
5c:21:84:2e:66:ff:52:ad:62:38:e9:9f:17:89:e7:8e:ad:f2:
04:4e:d3:79:04:b2:31:a1:d2:bc:03:5b:bd:96:65:33:d8:57:
1d:3a:e9:d6:0e:4a:f4:98:fd:c2:8e:5d:1c:d8:63:84:72:2a:
01:40:af:72:dc:99:b0:3e:7b:20:1b:ac:52:8c:00:42:41:1a:
61:f4:0a:bb:c8:1c:cd:ed:f5:91:a8:77:ce:54:6e:2b:7e:ab:
11:08:b7:62:9c:26:a9:ab:0f:bb:48:c7:57:ff:45:48:ce:0d:
61:35:64:0c:bf:ae:ba:3f:4b:bb:64:e0:1d:fa:29:9c:ee:d5:
f8:a8:7f:b3:8b:54:ce:37:a8:31:44:86:00:d9:64:af:8d:26:
e3:47:92:16:7c:04:5c:1d:c2:25:bc:20:59:99:db:19:c6:67:
07:85:18:c8:fe:61:d4:2a:d9:4e:7c:ff:a5:d5:88:61:b6:7d:
ac:bb:75:cf:32:fe:f5:98:91:f4:77:46:a3:1e:4e:33:79:4e:
71:bb:b0:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJDipcIivOHlgZ7bKeuajemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZWQ2NzAwMmRjNzMwN2U4NTYzYjZlNDkzNGNjZDU3MjNh
NDRmM2UwHhcNMjQwOTMwMTUyNjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDM1ZGY3YzVjNDQ1ZjZiNTA4OGY3ZTYzMjc0OTVlMmU0NDk3YmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAUE+CXV+8ZrfChQsKJjt5zHTyu+
14slu2lPeFiCJNozLozF550WXHzwF8A+VXMF8arE46J4gvreV4vDjw6Da7hjJTp4
OdGxJocYETRjstAIUbq5sL8AFXqCOJX/L0FUD7+y+TuKMAgCLLkTAXILG9/tWt6e
hX8dwNNJHNglWyAq8rVC0hsgxdXJckTHpQCApkSsmKnhMLQYeHT37XCNA+c3d3PV
QZqkYzsnIsGIqvaYzcESarG8BGsVb8/O0MimXCQrR7dnXAS+hvQpddeTIl6RsOls
TgGkxHJ6kt2IXpuGAvD62/348VktM7TSKT41jwc18rzSa/cuOhcAJg3iHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLQ133xcRF9rUIj35jJ0leLkSXuwMB8GA1UdIwQY
MBaAFDLtZwAtxzB+hWO25JNMzVcjpE8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMt
ZjFlOWJjNDFkOTJmLzEvdERYZmZGeEVYMnRRaVBmbU1uU1Y0dVJKZTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OTE2Y2QtNGQyZi00ZjUyLWFlYWMtZjFlOWJjNDFkOTJm
LzEvTXUxbkFDM0hNSDZGWTdia2swek5WeU9rVHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSKAAwQC
ubQcMA0GCSqGSIb3DQEBCwUAA4IBAQAVHZxefzN8SnxQ3o4WN4YjgOwZlltOcyis
5PyyGSD3zTNoTIlFADR6Aepo9tiPDJAaubDOpI1cIYQuZv9SrWI46Z8XieeOrfIE
TtN5BLIxodK8A1u9lmUz2FcdOunWDkr0mP3Cjl0c2GOEcioBQK9y3JmwPnsgG6xS
jABCQRph9Aq7yBzN7fWRqHfOVG4rfqsRCLdinCapqw+7SMdX/0VIzg1hNWQMv666
P0u7ZOAd+imc7tX4qH+zi1TON6gxRIYA2WSvjSbjR5IWfARcHcIlvCBZmdsZxmcH
hRjI/mHUKtlOfP+l1Yhhtn2su3XPMv71mJH0d0ajHk4zeU5xu7DW
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:36:07 2024 by rpki-client on console-fra.rpki-client.org