Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/9ZqlnMSe8TWnwoR-ID7ss5CYAgM.roa
File: 9ZqlnMSe8TWnwoR-ID7ss5CYAgM.roa (raw, json)
Hash identifier: mtgU9Uk+XiUKI78j8R2gyoaiGwgMtIjto9yMfusdOhs=
Subject key identifier: F5:9A:A5:9C:C4:9E:F1:35:A7:C2:84:7E:20:3E:EC:B3:90:98:02:03
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 018CC42533979AAFC1EF8B83A0877C878A8E
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/9ZqlnMSe8TWnwoR-ID7ss5CYAgM.roa
Signing time: Mon 01 Jan 2024 08:30:21 +0000
ROA not before: Mon 01 Jan 2024 08:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56910
IP address blocks: 185.36.232.0/22 maxlen: 24
185.4.236.0/22 maxlen: 24
31.177.56.0/21 maxlen: 24
185.109.16.0/22 maxlen: 24
185.106.36.0/22 maxlen: 24
91.220.184.0/24 maxlen: 24
86.106.173.0/24 maxlen: 24
188.214.127.0/24 maxlen: 24
2a04:3e00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:33:97:9a:af:c1:ef:8b:83:a0:87:7c:87:8a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jan 1 08:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f59aa59cc49ef135a7c2847e203eecb390980203
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c9:c6:da:1c:fe:ea:b6:25:69:9d:04:d1:27:
60:19:a4:46:91:9d:84:0e:4f:d5:26:97:b6:a8:bf:
2d:4c:46:fc:b2:58:c4:31:ee:00:50:ef:67:ad:07:
ea:95:79:55:06:81:1c:a9:94:41:b1:9b:bd:d9:05:
31:14:0d:04:db:d9:37:8a:89:7e:fc:15:54:d7:41:
a2:b6:a9:6a:9c:0b:2a:6d:3a:fd:8d:58:b8:0c:28:
81:0c:d4:4c:bb:2b:58:89:a1:ea:73:55:e6:03:0f:
75:9e:ca:f6:13:fd:5c:3e:75:f2:32:34:48:da:ec:
a7:68:09:0a:b0:b7:08:70:0a:d2:88:de:37:a0:1d:
12:dc:ba:28:c3:d7:b6:36:6f:be:d5:36:e3:6e:1a:
8a:81:a0:d2:41:47:49:43:fb:25:da:4a:24:9f:98:
fd:25:1f:c4:e9:e4:ab:86:16:c4:b4:b1:3d:21:51:
2d:e1:51:ed:79:59:21:f7:ba:b0:c8:0d:48:49:61:
c9:10:29:fb:eb:df:47:06:9e:d8:74:e1:56:3f:95:
fa:01:5f:e9:6b:74:b8:50:0d:5b:b8:85:3e:b0:7f:
d8:16:2d:23:1f:9a:3a:17:3a:51:fa:8d:de:12:20:
4b:72:0b:27:b6:27:ad:2f:89:df:62:99:b5:98:e6:
a4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9A:A5:9C:C4:9E:F1:35:A7:C2:84:7E:20:3E:EC:B3:90:98:02:03
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/9ZqlnMSe8TWnwoR-ID7ss5CYAgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.56.0/21
86.106.173.0/24
91.220.184.0/24
185.4.236.0/22
185.36.232.0/22
185.106.36.0/22
185.109.16.0/22
188.214.127.0/24
IPv6:
2a04:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
99:af:71:3d:eb:eb:12:d4:0e:16:2c:3e:06:b6:04:6d:51:2c:
76:3e:23:fd:22:5b:c0:e7:67:d6:de:f1:da:83:5c:0f:2f:c2:
40:8e:a1:09:d1:66:3d:03:7c:0b:b7:63:a6:bb:f0:73:21:73:
bd:89:af:92:da:88:83:41:3d:cc:d0:c9:6f:80:1e:3d:cd:a1:
89:7f:fe:9b:d0:b3:ed:ad:ec:16:8e:c7:7c:d8:24:95:9d:46:
02:43:47:b7:ed:98:75:ee:aa:6d:27:9e:96:fc:8a:bb:08:1b:
8e:8e:c2:81:f3:44:8b:0b:20:31:58:45:78:52:29:05:de:d1:
c1:6b:4c:8b:d0:51:cc:48:a0:9e:c7:3b:a5:ed:8b:34:a7:85:
03:c6:a6:9b:ce:4c:36:59:20:e5:cd:82:a0:70:67:c3:cb:81:
5f:68:c5:36:71:6f:4d:88:33:47:70:e6:a1:e9:41:7a:5a:68:
0d:ed:9b:21:51:b4:45:00:fe:40:9d:5b:8b:7b:1f:76:4d:95:
b5:3e:0b:52:04:ce:40:99:f8:a3:57:2d:b6:60:40:1f:21:6c:
8f:4c:16:61:04:b3:0a:ba:76:2a:ef:3e:8e:bf:a8:52:1c:21:
8b:48:40:ec:56:fe:d6:57:7f:00:93:83:77:2f:12:02:4a:e1:
88:37:1a:f6
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzEJTOXmq/B74uDoId8h4qOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjQwMTAxMDgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTlhYTU5Y2M0OWVmMTM1YTdjMjg0N2UyMDNlZWNiMzkwOTgwMjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8nG2hz+6rYlaZ0E0SdgGaRGkZ2E
Dk/VJpe2qL8tTEb8sljEMe4AUO9nrQfqlXlVBoEcqZRBsZu92QUxFA0E29k3iol+
/BVU10GitqlqnAsqbTr9jVi4DCiBDNRMuytYiaHqc1XmAw91nsr2E/1cPnXyMjRI
2uynaAkKsLcIcArSiN43oB0S3Loow9e2Nm++1TbjbhqKgaDSQUdJQ/sl2kokn5j9
JR/E6eSrhhbEtLE9IVEt4VHteVkh97qwyA1ISWHJECn7699HBp7YdOFWP5X6AV/p
a3S4UA1buIU+sH/YFi0jH5o6FzpR+o3eEiBLcgsntietL4nfYpm1mOakpwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFPWapZzEnvE1p8KEfiA+7LOQmAIDMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvOVpxbG5NU2U4VFdud29SLUlEN3NzNUNZQWdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDH7E4AwQA
VmqtAwQAW9y4AwQCuQTsAwQCuSToAwQCuWokAwQCuW0QAwQAvNZ/MA0EAgACMAcD
BQMqBD4AMA0GCSqGSIb3DQEBCwUAA4IBAQCZr3E96+sS1A4WLD4GtgRtUSx2PiP9
IlvA52fW3vHag1wPL8JAjqEJ0WY9A3wLt2Omu/BzIXO9ia+S2oiDQT3M0MlvgB49
zaGJf/6b0LPtrewWjsd82CSVnUYCQ0e37Zh17qptJ56W/Iq7CBuOjsKB80SLCyAx
WEV4UikF3tHBa0yL0FHMSKCexzul7Ys0p4UDxqabzkw2WSDlzYKgcGfDy4FfaMU2
cW9NiDNHcOah6UF6WmgN7ZshUbRFAP5AnVuLex92TZW1PgtSBM5AmfijVy22YEAf
IWyPTBZhBLMKunYq7z6Ov6hSHCGLSEDsVv7WV38Ak4N3LxICSuGINxr2
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:45:42 2024 by rpki-client on console-fra.rpki-client.org