Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/012130-8103-4c25-93ba-9928dd3f2f82/1/p33G1puFFXo_Q5DFZ5EjFv88etM.roa
File: p33G1puFFXo_Q5DFZ5EjFv88etM.roa (raw, json)
Hash identifier: /rPXFU52V3NOrjuKB0KTGCXrUYZgRpTKyn10wvWzH/0=
Subject key identifier: A7:7D:C6:D6:9B:85:15:7A:3F:43:90:C5:67:91:23:16:FF:3C:7A:D3
Certificate issuer: /CN=80d608a14118b1a8dcddebbb40f96ecd48f85c71
Certificate serial: 018CC6B8EABDC76A79810AEEC8C389F1DB29
Authority key identifier: 80:D6:08:A1:41:18:B1:A8:DC:DD:EB:BB:40:F9:6E:CD:48:F8:5C:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gNYIoUEYsajc3eu7QPluzUj4XHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/012130-8103-4c25-93ba-9928dd3f2f82/1/p33G1puFFXo_Q5DFZ5EjFv88etM.roa
Signing time: Mon 01 Jan 2024 20:30:56 +0000
ROA not before: Mon 01 Jan 2024 20:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138971
IP address blocks: 185.228.94.0/24 maxlen: 24
185.228.95.0/24 maxlen: 24
185.228.92.0/22 maxlen: 22
185.228.92.0/24 maxlen: 24
185.228.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/012130-8103-4c25-93ba-9928dd3f2f82/1/gNYIoUEYsajc3eu7QPluzUj4XHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/012130-8103-4c25-93ba-9928dd3f2f82/1/gNYIoUEYsajc3eu7QPluzUj4XHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gNYIoUEYsajc3eu7QPluzUj4XHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ea:bd:c7:6a:79:81:0a:ee:c8:c3:89:f1:db:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80d608a14118b1a8dcddebbb40f96ecd48f85c71
Validity
Not Before: Jan 1 20:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a77dc6d69b85157a3f4390c567912316ff3c7ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:96:21:d8:f6:e6:eb:7d:80:99:3b:c5:9b:eb:
84:46:b0:5c:94:a6:6f:49:b4:de:66:73:0d:39:fc:
a7:bc:51:23:f4:b5:ca:55:87:3a:f0:91:98:15:2a:
83:3f:7c:5d:1f:c5:5a:03:bf:e7:eb:7f:00:aa:82:
be:62:ec:8d:cf:5c:2a:39:3a:f3:f1:4e:14:97:a0:
cd:14:b3:24:c0:01:cd:59:bd:3e:49:dc:f0:2c:a8:
dd:bf:21:b2:54:dd:2c:47:27:51:73:57:c2:0c:17:
44:f0:65:3a:30:c7:8d:d4:f1:5a:7f:93:83:a9:a1:
6e:2e:2d:f6:e4:0c:66:ca:dc:c5:63:3a:1a:cb:62:
9f:e3:ab:76:4c:f0:3b:74:d2:c0:b9:f7:22:7f:84:
04:4e:2a:86:6e:26:fa:6a:13:a5:17:63:27:45:7b:
60:b3:5b:31:7b:78:de:e4:6b:62:ec:1f:60:51:f4:
97:00:dc:82:e6:ce:3b:9b:41:0b:34:b0:fe:e2:9b:
b3:9e:88:78:c9:44:44:b2:e3:3c:35:11:77:5b:15:
0a:23:37:73:04:f3:5e:c8:e5:5f:f0:66:5d:2f:65:
9b:22:98:37:a6:b1:33:11:32:07:32:6a:0d:96:e9:
61:e1:c5:04:57:99:0a:f8:a8:99:7a:15:06:fb:3f:
bf:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:7D:C6:D6:9B:85:15:7A:3F:43:90:C5:67:91:23:16:FF:3C:7A:D3
X509v3 Authority Key Identifier:
keyid:80:D6:08:A1:41:18:B1:A8:DC:DD:EB:BB:40:F9:6E:CD:48:F8:5C:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gNYIoUEYsajc3eu7QPluzUj4XHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/012130-8103-4c25-93ba-9928dd3f2f82/1/p33G1puFFXo_Q5DFZ5EjFv88etM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/012130-8103-4c25-93ba-9928dd3f2f82/1/gNYIoUEYsajc3eu7QPluzUj4XHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.92.0/22
Signature Algorithm: sha256WithRSAEncryption
af:42:9a:ff:f7:25:96:52:eb:17:eb:7d:41:44:76:56:33:fd:
47:f3:47:ec:3c:4f:87:aa:73:5d:97:89:18:d5:95:ca:dc:75:
f8:18:fa:bc:c2:c9:56:bc:d3:6e:84:f1:a4:68:cd:24:00:95:
b3:43:ce:d9:d3:d2:42:94:8f:88:d8:a2:44:6d:64:ac:cc:13:
4c:49:07:b9:4b:1a:fe:9b:e8:36:df:55:3d:51:df:c8:fa:87:
9b:c8:c4:4d:30:4f:8c:fe:9a:ee:ca:e1:0d:52:f0:be:c5:4a:
b8:59:e9:19:ca:7f:6e:02:e4:0a:06:df:d7:98:c7:12:3f:8c:
6a:2d:40:d4:17:cf:29:c0:0b:1d:e8:a8:d1:31:f3:e3:7e:0a:
f8:c6:b7:b6:56:cb:4e:60:ae:3b:4d:47:01:16:b4:d7:c1:71:
40:97:9b:d2:41:01:75:a9:12:e2:7a:d0:82:bc:51:62:0b:3f:
ce:b1:70:e1:1d:06:3b:a2:7e:cd:cc:b6:be:1c:b9:44:59:fd:
e9:19:1c:b5:90:aa:c7:80:58:94:20:bb:17:65:05:4e:81:19:
dc:58:9e:00:a7:3c:90:79:b6:3c:30:55:42:10:ae:3d:d7:a2:
fd:78:65:ff:39:63:ff:29:f5:a8:4b:b6:b7:ef:26:7a:76:b1:
de:49:d0:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuOq9x2p5gQruyMOJ8dspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZDYwOGExNDExOGIxYThkY2RkZWJiYjQwZjk2ZWNkNDhm
ODVjNzEwHhcNMjQwMTAxMjAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzdkYzZkNjliODUxNTdhM2Y0MzkwYzU2NzkxMjMxNmZmM2M3YWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZYh2Pbm632AmTvFm+uERrBclKZv
SbTeZnMNOfynvFEj9LXKVYc68JGYFSqDP3xdH8VaA7/n638AqoK+YuyNz1wqOTrz
8U4Ul6DNFLMkwAHNWb0+SdzwLKjdvyGyVN0sRydRc1fCDBdE8GU6MMeN1PFaf5OD
qaFuLi325AxmytzFYzoay2Kf46t2TPA7dNLAufcif4QETiqGbib6ahOlF2MnRXtg
s1sxe3je5Gti7B9gUfSXANyC5s47m0ELNLD+4puznoh4yUREsuM8NRF3WxUKIzdz
BPNeyOVf8GZdL2WbIpg3prEzETIHMmoNlulh4cUEV5kK+KiZehUG+z+/dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKd9xtabhRV6P0OQxWeRIxb/PHrTMB8GA1UdIwQY
MBaAFIDWCKFBGLGo3N3ru0D5bs1I+FxxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ05ZSW9VRVlzYWpjM2V1N1FQbHV6VWo0WEhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8wMTIxMzAtODEwMy00YzI1LTkzYmEt
OTkyOGRkM2YyZjgyLzEvcDMzRzFwdUZGWG9fUTVERlo1RWpGdjg4ZXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8wMTIxMzAtODEwMy00YzI1LTkzYmEtOTkyOGRkM2YyZjgy
LzEvZ05ZSW9VRVlzYWpjM2V1N1FQbHV6VWo0WEhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueRcMA0G
CSqGSIb3DQEBCwUAA4IBAQCvQpr/9yWWUusX631BRHZWM/1H80fsPE+HqnNdl4kY
1ZXK3HX4GPq8wslWvNNuhPGkaM0kAJWzQ87Z09JClI+I2KJEbWSszBNMSQe5Sxr+
m+g231U9Ud/I+oebyMRNME+M/pruyuENUvC+xUq4WekZyn9uAuQKBt/XmMcSP4xq
LUDUF88pwAsd6KjRMfPjfgr4xre2VstOYK47TUcBFrTXwXFAl5vSQQF1qRLietCC
vFFiCz/OsXDhHQY7on7NzLa+HLlEWf3pGRy1kKrHgFiUILsXZQVOgRncWJ4ApzyQ
ebY8MFVCEK4916L9eGX/OWP/KfWoS7a37yZ6drHeSdAz
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:01 2024 by rpki-client on console-fra.rpki-client.org