Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/I6YAuD4fAVdA5rZN-1LBkGp0iSI.roa
File: I6YAuD4fAVdA5rZN-1LBkGp0iSI.roa (raw, json)
Hash identifier: a/+/Y9yBFr40UiMC+1PpRHR6ujSHqAsTMlxLU7VahXg=
Subject key identifier: 23:A6:00:B8:3E:1F:01:57:40:E6:B6:4D:FB:52:C1:90:6A:74:89:22
Certificate issuer: /CN=c2fca944458606b1017e26c3ca17430f7ff924b3
Certificate serial: 018CC94CCA454F90744CE245113B0D8D04B8
Authority key identifier: C2:FC:A9:44:45:86:06:B1:01:7E:26:C3:CA:17:43:0F:7F:F9:24:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/I6YAuD4fAVdA5rZN-1LBkGp0iSI.roa
Signing time: Tue 02 Jan 2024 08:31:42 +0000
ROA not before: Tue 02 Jan 2024 08:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2107
IP address blocks: 178.172.0.0/17 maxlen: 17
163.159.128.0/17 maxlen: 17
193.2.0.0/16 maxlen: 16
92.244.64.0/19 maxlen: 19
95.87.128.0/18 maxlen: 18
149.62.64.0/18 maxlen: 18
153.5.0.0/16 maxlen: 16
88.200.0.0/17 maxlen: 17
212.235.128.0/17 maxlen: 17
185.13.52.0/22 maxlen: 22
141.255.192.0/18 maxlen: 18
109.127.192.0/18 maxlen: 18
194.249.0.0/16 maxlen: 16
2001:1470::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/wvypREWGBrEBfibDyhdDD3_5JLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/wvypREWGBrEBfibDyhdDD3_5JLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 11:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:ca:45:4f:90:74:4c:e2:45:11:3b:0d:8d:04:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2fca944458606b1017e26c3ca17430f7ff924b3
Validity
Not Before: Jan 2 08:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23a600b83e1f015740e6b64dfb52c1906a748922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:63:d0:4c:7b:54:1f:77:8f:5d:0e:cc:ad:27:
4f:3f:b7:50:20:40:0a:da:8b:c3:e0:d7:52:49:25:
b0:a2:99:52:ec:60:27:d0:08:6a:ae:b4:99:c8:10:
40:32:d0:7f:f3:b5:62:7b:ad:b8:f5:54:53:96:a4:
95:27:15:7c:33:7b:24:c1:a5:18:f6:3a:1a:9b:a9:
9c:ef:c2:c0:35:6b:27:ea:4c:95:78:19:b6:71:42:
1e:7e:5b:24:af:5b:f2:1d:88:e8:94:c3:fb:7b:57:
60:e3:e8:3d:71:44:4f:74:60:7a:58:d6:28:11:92:
6a:04:e4:c4:44:3e:99:96:2a:a2:7b:ee:20:1f:f6:
ff:23:f2:d7:9b:d3:0c:fa:2b:70:5d:c5:40:33:47:
7e:d7:b3:f7:0f:cd:2b:78:83:c3:76:5f:0d:9f:b1:
1d:c3:ef:52:e0:a6:4a:5e:69:5f:49:5b:b6:41:88:
20:fd:7f:bf:cf:dd:ba:8a:26:40:14:64:d9:12:f7:
f0:80:f7:6e:2b:18:cb:c0:ac:5e:ab:34:4e:70:37:
ee:1e:f5:58:d6:ab:63:31:7b:46:07:21:a6:8e:0b:
b9:b7:62:6e:1e:dc:5f:89:9e:8d:69:fc:34:dd:f9:
34:16:57:67:62:19:ef:c6:af:69:68:a1:a1:0d:9e:
ee:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A6:00:B8:3E:1F:01:57:40:E6:B6:4D:FB:52:C1:90:6A:74:89:22
X509v3 Authority Key Identifier:
keyid:C2:FC:A9:44:45:86:06:B1:01:7E:26:C3:CA:17:43:0F:7F:F9:24:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wvypREWGBrEBfibDyhdDD3_5JLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/I6YAuD4fAVdA5rZN-1LBkGp0iSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/90033c-5b03-4709-b6d3-a865e189ed8a/1/wvypREWGBrEBfibDyhdDD3_5JLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.200.0.0/17
92.244.64.0/19
95.87.128.0/18
109.127.192.0/18
141.255.192.0/18
149.62.64.0/18
153.5.0.0/16
163.159.128.0/17
178.172.0.0/17
185.13.52.0/22
193.2.0.0/16
194.249.0.0/16
212.235.128.0/17
IPv6:
2001:1470::/29
Signature Algorithm: sha256WithRSAEncryption
29:6e:40:5c:07:c7:7a:dd:5a:75:0d:62:dc:ac:e3:04:78:6e:
4f:6a:61:31:5e:b8:55:aa:d4:82:5f:e6:66:fb:fb:e3:42:59:
03:8c:0c:f9:67:b6:56:eb:ef:66:c8:5c:0a:6d:1f:65:58:91:
76:a2:2f:f2:bb:a8:be:10:53:29:15:ad:92:2c:da:fa:b3:5f:
68:67:05:7d:a7:3d:19:22:64:98:73:87:34:db:c7:8b:79:40:
60:25:cf:55:b0:6c:18:e2:88:87:13:6d:db:2a:b8:40:e5:db:
b1:be:2c:da:70:34:d4:ff:98:ad:bb:8a:7a:22:81:4e:bd:8b:
40:19:cf:98:41:05:05:dd:4a:bd:08:bd:53:60:32:16:d5:10:
9d:ff:51:3e:ed:16:26:95:e2:55:76:84:24:2e:43:73:7f:47:
47:41:1f:12:8c:05:41:99:82:76:b8:80:d2:31:44:54:61:56:
43:9c:d0:e9:f3:41:fe:11:59:9a:c0:c6:25:2f:62:f2:b2:09:
91:70:f9:59:a2:f5:9f:44:1e:e2:fa:ea:d6:90:1e:48:de:7a:
a5:7c:33:f9:dc:c7:06:28:62:50:56:0b:e3:86:d7:6a:46:e4:
8a:f7:54:48:5e:46:18:06:84:69:73:26:88:3c:f5:07:3c:55:
92:1d:ff:be
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYzJTMpFT5B0TOJFETsNjQS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZmNhOTQ0NDU4NjA2YjEwMTdlMjZjM2NhMTc0MzBmN2Zm
OTI0YjMwHhcNMjQwMTAyMDgzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2E2MDBiODNlMWYwMTU3NDBlNmI2NGRmYjUyYzE5MDZhNzQ4OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWPQTHtUH3ePXQ7MrSdPP7dQIEAK
2ovD4NdSSSWwoplS7GAn0AhqrrSZyBBAMtB/87Vie6249VRTlqSVJxV8M3skwaUY
9joam6mc78LANWsn6kyVeBm2cUIeflskr1vyHYjolMP7e1dg4+g9cURPdGB6WNYo
EZJqBOTERD6Zliqie+4gH/b/I/LXm9MM+itwXcVAM0d+17P3D80reIPDdl8Nn7Ed
w+9S4KZKXmlfSVu2QYgg/X+/z926iiZAFGTZEvfwgPduKxjLwKxeqzROcDfuHvVY
1qtjMXtGByGmjgu5t2JuHtxfiZ6Nafw03fk0FldnYhnvxq9paKGhDZ7uswIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFCOmALg+HwFXQOa2TftSwZBqdIkiMB8GA1UdIwQY
MBaAFML8qURFhgaxAX4mw8oXQw9/+SSzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3Z5cFJFV0dCckVCZmliRHloZEREM181SkxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDAzM2MtNWIwMy00NzA5LWI2ZDMt
YTg2NWUxODllZDhhLzEvSTZZQXVENGZBVmRBNXJaTi0xTEJrR3AwaVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MDAzM2MtNWIwMy00NzA5LWI2ZDMtYTg2NWUxODllZDhh
LzEvd3Z5cFJFV0dCckVCZmliRHloZEREM181SkxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBRBAIAATBLAwQHWMgAAwQF
XPRAAwQGX1eAAwQGbX/AAwQGjf/AAwQGlT5AAwMAmQUDBAejn4ADBAeyrAADBAK5
DTQDAwDBAgMDAML5AwQH1OuAMA0EAgACMAcDBQMgARRwMA0GCSqGSIb3DQEBCwUA
A4IBAQApbkBcB8d63Vp1DWLcrOMEeG5PamExXrhVqtSCX+Zm+/vjQlkDjAz5Z7ZW
6+9myFwKbR9lWJF2oi/yu6i+EFMpFa2SLNr6s19oZwV9pz0ZImSYc4c028eLeUBg
Jc9VsGwY4oiHE23bKrhA5duxvizacDTU/5itu4p6IoFOvYtAGc+YQQUF3Uq9CL1T
YDIW1RCd/1E+7RYmleJVdoQkLkNzf0dHQR8SjAVBmYJ2uIDSMURUYVZDnNDp80H+
EVmawMYlL2LysgmRcPlZovWfRB7i+urWkB5I3nqlfDP53McGKGJQVgvjhtdqRuSK
91RIXkYYBoRpcyaIPPUHPFWSHf++
-----END CERTIFICATE-----
Generated at Sun Jun 16 21:47:21 2024 by rpki-client on console-ams.rpki-client.org