Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/IDpMKX9A814Gm6WDibW9qOARM18.roa
File: IDpMKX9A814Gm6WDibW9qOARM18.roa (raw, json)
Hash identifier: v95q+RG3nzIq77DAnE760gzgQGZnd1mpBiO7UKcovlA=
Subject key identifier: 20:3A:4C:29:7F:40:F3:5E:06:9B:A5:83:89:B5:BD:A8:E0:11:33:5F
Certificate issuer: /CN=c45c98430885628971307c59b5cf241682102378
Certificate serial: 018CC50092A904F0CBFA4A8AC67A7BAAAC1A
Authority key identifier: C4:5C:98:43:08:85:62:89:71:30:7C:59:B5:CF:24:16:82:10:23:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/IDpMKX9A814Gm6WDibW9qOARM18.roa
Signing time: Mon 01 Jan 2024 12:29:58 +0000
ROA not before: Mon 01 Jan 2024 12:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8774
IP address blocks: 195.135.213.0/24 maxlen: 24
195.135.212.0/24 maxlen: 24
195.135.215.0/24 maxlen: 24
195.135.214.0/24 maxlen: 24
109.237.4.0/22 maxlen: 22
109.237.0.0/22 maxlen: 22
109.237.8.0/22 maxlen: 22
109.237.12.0/22 maxlen: 22
185.113.211.0/24 maxlen: 24
185.113.208.0/23 maxlen: 23
185.113.210.0/24 maxlen: 24
2a05:3740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.mft
rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:92:a9:04:f0:cb:fa:4a:8a:c6:7a:7b:aa:ac:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c98430885628971307c59b5cf241682102378
Validity
Not Before: Jan 1 12:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=203a4c297f40f35e069ba58389b5bda8e011335f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5c:00:6e:18:ce:88:d7:09:6c:55:d6:c5:fc:
02:7e:14:5e:c5:aa:65:65:c5:a0:83:50:73:3b:88:
bf:7f:3e:af:7b:f8:c5:27:f7:8f:c9:fa:b4:d2:13:
7a:e4:7c:3a:70:19:74:fe:9f:09:ad:ce:4d:c6:50:
15:9c:99:f6:96:18:42:6c:b5:fc:9c:55:22:5a:a8:
ee:8c:d2:8b:ef:1c:df:57:3d:1d:05:98:7c:3d:5b:
a5:6f:e7:f8:b0:91:59:8c:19:64:37:b8:ba:7e:47:
70:f5:28:f9:ae:9e:cf:57:cc:ba:51:21:c0:2e:00:
b0:ce:08:d1:31:49:63:46:e7:62:23:82:11:ae:c5:
23:9c:fb:f1:84:fc:2a:0a:33:f6:72:60:41:ff:9d:
e2:77:52:36:69:34:df:dc:2a:77:86:7b:e9:72:43:
73:3d:17:33:f9:8c:5b:08:f5:29:56:3b:bf:bb:8f:
2e:af:71:6e:9f:de:63:1e:5f:8a:c3:20:4b:1b:2a:
c2:0d:be:1e:47:cc:d5:bf:d5:26:2f:18:dc:29:5f:
68:f4:4d:74:04:40:bb:71:58:69:78:c5:e0:89:8a:
45:eb:df:8b:60:4f:c8:32:d9:5f:79:a8:39:91:0b:
2b:7e:be:62:cb:02:e5:a6:48:cc:48:01:dd:d2:cd:
cd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:3A:4C:29:7F:40:F3:5E:06:9B:A5:83:89:B5:BD:A8:E0:11:33:5F
X509v3 Authority Key Identifier:
keyid:C4:5C:98:43:08:85:62:89:71:30:7C:59:B5:CF:24:16:82:10:23:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/IDpMKX9A814Gm6WDibW9qOARM18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.0.0/20
185.113.208.0/22
195.135.212.0/22
IPv6:
2a05:3740::/29
Signature Algorithm: sha256WithRSAEncryption
28:16:67:30:80:a2:af:2b:41:10:d4:9f:cf:27:e9:80:7d:27:
23:ea:a9:4e:1f:04:de:48:26:94:17:7b:01:3b:5f:96:6d:cf:
a0:7e:1d:a1:dd:eb:c3:80:a0:9a:4f:90:52:af:89:6b:90:00:
4d:7f:ea:81:b9:52:18:1b:43:ea:6a:95:d1:f5:a1:d3:47:69:
c5:3b:34:84:62:2f:d9:25:64:73:4e:79:81:32:52:5a:50:8f:
4b:e2:04:f4:90:de:9f:d7:85:d6:a9:64:28:4d:96:46:11:24:
91:4b:d2:0a:fc:f3:3a:bd:b5:a1:96:45:b4:40:3d:a0:b7:7c:
82:c9:08:07:05:63:e0:47:c4:ad:37:25:2a:c1:c8:02:8f:02:
2b:4b:f7:98:a1:16:9e:a5:42:e7:72:5b:79:64:9c:10:ab:f5:
26:15:3a:e7:e1:a8:df:bf:49:42:39:73:23:00:6f:d9:82:f9:
d5:dc:ed:68:4a:89:40:71:af:2a:27:c4:ce:63:84:44:16:f3:
5c:4b:9d:4b:12:50:f9:58:41:43:b5:b4:75:97:2a:74:3a:85:
b5:82:7c:b9:66:8f:7c:af:ce:2b:b8:ab:f9:40:91:1d:a6:ab:
3c:b1:7b:29:8c:c9:9b:a7:61:b7:5b:7c:96:0c:60:8f:e6:d5:
5c:3c:de:a4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFAJKpBPDL+kqKxnp7qqwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM5ODQzMDg4NTYyODk3MTMwN2M1OWI1Y2YyNDE2ODIx
MDIzNzgwHhcNMjQwMTAxMTIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDNhNGMyOTdmNDBmMzVlMDY5YmE1ODM4OWI1YmRhOGUwMTEzMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVwAbhjOiNcJbFXWxfwCfhRexapl
ZcWgg1BzO4i/fz6ve/jFJ/ePyfq00hN65Hw6cBl0/p8Jrc5NxlAVnJn2lhhCbLX8
nFUiWqjujNKL7xzfVz0dBZh8PVulb+f4sJFZjBlkN7i6fkdw9Sj5rp7PV8y6USHA
LgCwzgjRMUljRudiI4IRrsUjnPvxhPwqCjP2cmBB/53id1I2aTTf3Cp3hnvpckNz
PRcz+YxbCPUpVju/u48ur3Fun95jHl+KwyBLGyrCDb4eR8zVv9UmLxjcKV9o9E10
BEC7cVhpeMXgiYpF69+LYE/IMtlfeag5kQsrfr5iywLlpkjMSAHd0s3NwwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCA6TCl/QPNeBpulg4m1vajgETNfMB8GA1UdIwQY
MBaAFMRcmEMIhWKJcTB8WbXPJBaCECN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ5WVF3aUZZb2x4TUh4WnRjOGtGb0lRSTNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8zMDdjMzMtMzhhNy00ZmRhLTlhMDgt
OWFiZGNhMzlkNGY3LzEvSURwTUtYOUE4MTRHbTZXRGliVzlxT0FSTTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8zMDdjMzMtMzhhNy00ZmRhLTlhMDgtOWFiZGNhMzlkNGY3
LzEveEZ5WVF3aUZZb2x4TUh4WnRjOGtGb0lRSTNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEbe0AAwQC
uXHQAwQCw4fUMA0EAgACMAcDBQMqBTdAMA0GCSqGSIb3DQEBCwUAA4IBAQAoFmcw
gKKvK0EQ1J/PJ+mAfScj6qlOHwTeSCaUF3sBO1+Wbc+gfh2h3evDgKCaT5BSr4lr
kABNf+qBuVIYG0PqapXR9aHTR2nFOzSEYi/ZJWRzTnmBMlJaUI9L4gT0kN6f14XW
qWQoTZZGESSRS9IK/PM6vbWhlkW0QD2gt3yCyQgHBWPgR8StNyUqwcgCjwIrS/eY
oRaepULnclt5ZJwQq/UmFTrn4ajfv0lCOXMjAG/ZgvnV3O1oSolAca8qJ8TOY4RE
FvNcS51LElD5WEFDtbR1lyp0OoW1gny5Zo98r84ruKv5QJEdpqs8sXspjMmbp2G3
W3yWDGCP5tVcPN6k
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:13:55 2024 by rpki-client on console-fra.rpki-client.org