Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/lI8q2nE0XuDOc50G9NlebCUou4c.roa
File: lI8q2nE0XuDOc50G9NlebCUou4c.roa (raw, json)
Hash identifier: L4KUtCiaPJmAf7AjLCZkafs6zARdLaqTc4IFU/d4CKE=
Subject key identifier: 94:8F:2A:DA:71:34:5E:E0:CE:73:9D:06:F4:D9:5E:6C:25:28:BB:87
Certificate issuer: /CN=a768bbec5a9e11bfbdaed84aa8d3aacda29889f9
Certificate serial: 018CC3B6FD6F35BD7622B77A86E69C6DF6F8
Authority key identifier: A7:68:BB:EC:5A:9E:11:BF:BD:AE:D8:4A:A8:D3:AA:CD:A2:98:89:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2i77FqeEb-9rthKqNOqzaKYifk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/lI8q2nE0XuDOc50G9NlebCUou4c.roa
Signing time: Mon 01 Jan 2024 06:29:58 +0000
ROA not before: Mon 01 Jan 2024 06:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197731
IP address blocks: 185.119.28.0/22 maxlen: 22
185.119.28.0/24 maxlen: 24
185.119.29.0/24 maxlen: 24
185.119.30.0/24 maxlen: 24
185.119.31.0/24 maxlen: 24
31.3.105.0/24 maxlen: 24
31.3.104.0/21 maxlen: 21
31.3.104.0/24 maxlen: 24
31.3.106.0/24 maxlen: 24
31.3.107.0/24 maxlen: 24
31.3.108.0/24 maxlen: 24
31.3.109.0/24 maxlen: 24
31.3.110.0/24 maxlen: 24
31.3.111.0/24 maxlen: 24
2a03:7900::/32 maxlen: 32
2a03:7900:500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
rsync://rpki.ripe.net/repository/DEFAULT/p2i77FqeEb-9rthKqNOqzaKYifk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:fd:6f:35:bd:76:22:b7:7a:86:e6:9c:6d:f6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a768bbec5a9e11bfbdaed84aa8d3aacda29889f9
Validity
Not Before: Jan 1 06:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=948f2ada71345ee0ce739d06f4d95e6c2528bb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e4:b0:85:fd:c8:d0:e7:5d:9d:36:f1:69:9f:
7e:90:e4:20:dc:38:e6:16:e2:9b:2f:96:c8:04:44:
62:cc:86:62:e1:67:b6:37:b1:10:f1:a6:cd:a2:4a:
b0:81:27:13:cd:24:eb:70:71:f3:9e:27:e3:28:54:
90:11:5a:cd:a6:2b:d3:3b:82:c3:1c:13:66:de:ec:
fc:cd:bb:81:5f:1a:ca:65:78:c6:62:5a:b5:a2:a2:
62:bf:3e:00:94:50:e8:58:8c:83:56:e3:75:f1:9f:
d7:41:52:82:e3:ad:32:b8:57:f6:04:13:6a:46:14:
de:2d:1e:37:ca:bc:ce:8f:12:d6:7b:c8:c8:62:e5:
03:52:00:8c:92:1a:39:4b:03:7c:bd:08:82:67:9f:
74:9d:e1:9f:29:04:0e:16:80:55:e0:c3:91:c0:af:
4a:69:3b:0e:c5:d7:46:c2:35:be:9c:44:09:1c:63:
83:46:92:25:42:19:43:8c:c3:69:7f:bb:81:d1:fd:
40:e1:c9:24:6d:80:85:74:55:45:69:7b:66:bc:44:
c2:bd:68:49:fc:6f:93:35:fc:f2:56:75:08:1d:ce:
13:29:dc:4a:9f:8d:fc:ce:77:fa:c4:84:74:ec:fb:
f0:5f:1e:a6:ee:33:03:e3:af:0b:65:02:a3:bc:d3:
33:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8F:2A:DA:71:34:5E:E0:CE:73:9D:06:F4:D9:5E:6C:25:28:BB:87
X509v3 Authority Key Identifier:
keyid:A7:68:BB:EC:5A:9E:11:BF:BD:AE:D8:4A:A8:D3:AA:CD:A2:98:89:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2i77FqeEb-9rthKqNOqzaKYifk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/lI8q2nE0XuDOc50G9NlebCUou4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.104.0/21
185.119.28.0/22
IPv6:
2a03:7900::/32
Signature Algorithm: sha256WithRSAEncryption
84:d3:17:78:b3:5d:61:98:1d:3e:66:d6:4f:58:24:8b:50:94:
54:2b:61:62:c7:67:e2:ca:0c:76:19:aa:b5:34:42:b3:a7:da:
0d:57:22:15:62:94:21:ea:98:05:fd:7f:d9:f1:51:1a:fd:2b:
36:e7:5c:92:2a:e1:c7:4e:7c:c2:83:e2:db:2a:37:89:77:50:
df:eb:9f:38:41:29:f9:ab:3a:b7:d4:15:5d:41:df:be:7b:29:
bf:5a:2a:24:b4:ce:11:d8:41:ef:60:47:fc:e5:39:2f:b2:23:
cf:7b:52:21:a1:91:63:75:57:f9:12:c1:df:f6:c8:ef:35:ad:
ad:fc:36:88:21:cc:e3:95:d1:85:d3:b0:22:54:5c:95:d9:6b:
ac:8c:76:45:94:a9:94:71:a1:0a:2b:61:66:12:7a:a2:42:ee:
1d:3c:b4:0e:e8:47:54:95:ed:bb:68:9d:36:ed:6e:20:47:c2:
2e:d1:c7:ba:58:94:67:4f:bf:57:16:78:b9:6e:c5:c6:ac:84:
e4:03:13:2d:b1:5e:95:39:eb:88:d6:80:32:fc:96:92:91:4e:
cc:cf:d0:c6:0a:f4:f6:70:c1:83:9d:8c:52:24:54:9b:05:16:
72:6d:e0:c1:be:23:6d:6a:c3:de:a4:66:6b:24:9f:24:78:85:
c9:9a:91:5f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtv1vNb12Ird6huacbfb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NjhiYmVjNWE5ZTExYmZiZGFlZDg0YWE4ZDNhYWNkYTI5
ODg5ZjkwHhcNMjQwMTAxMDYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDhmMmFkYTcxMzQ1ZWUwY2U3MzlkMDZmNGQ5NWU2YzI1MjhiYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+Swhf3I0OddnTbxaZ9+kOQg3Djm
FuKbL5bIBERizIZi4We2N7EQ8abNokqwgScTzSTrcHHznifjKFSQEVrNpivTO4LD
HBNm3uz8zbuBXxrKZXjGYlq1oqJivz4AlFDoWIyDVuN18Z/XQVKC460yuFf2BBNq
RhTeLR43yrzOjxLWe8jIYuUDUgCMkho5SwN8vQiCZ590neGfKQQOFoBV4MORwK9K
aTsOxddGwjW+nEQJHGODRpIlQhlDjMNpf7uB0f1A4ckkbYCFdFVFaXtmvETCvWhJ
/G+TNfzyVnUIHc4TKdxKn438znf6xIR07PvwXx6m7jMD468LZQKjvNMz2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJSPKtpxNF7gznOdBvTZXmwlKLuHMB8GA1UdIwQY
MBaAFKdou+xanhG/va7YSqjTqs2imIn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJpNzdGcWVFYi05cnRoS3FOT3F6YUtZaWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9lYWMxZjQtYWNlMS00Y2UxLWExODEt
Y2ZjYWJiMTlmOTg5LzEvbEk4cTJuRTBYdURPYzUwRzlObGViQ1VvdTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9lYWMxZjQtYWNlMS00Y2UxLWExODEtY2ZjYWJiMTlmOTg5
LzEvcDJpNzdGcWVFYi05cnRoS3FOT3F6YUtZaWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHwNoAwQC
uXccMA0EAgACMAcDBQAqA3kAMA0GCSqGSIb3DQEBCwUAA4IBAQCE0xd4s11hmB0+
ZtZPWCSLUJRUK2Fix2fiygx2Gaq1NEKzp9oNVyIVYpQh6pgF/X/Z8VEa/Ss251yS
KuHHTnzCg+LbKjeJd1Df6584QSn5qzq31BVdQd++eym/WioktM4R2EHvYEf85Tkv
siPPe1IhoZFjdVf5EsHf9sjvNa2t/DaIIczjldGF07AiVFyV2WusjHZFlKmUcaEK
K2FmEnqiQu4dPLQO6EdUle27aJ027W4gR8Iu0ce6WJRnT79XFni5bsXGrITkAxMt
sV6VOeuI1oAy/JaSkU7Mz9DGCvT2cMGDnYxSJFSbBRZybeDBviNtasPepGZrJJ8k
eIXJmpFf
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:14 2024 by rpki-client on console-fra.rpki-client.org