Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/827332-0a02-423f-b07f-05290becdc61/1/iL1kz8eBsawmH8XZexUkH5cJ3QU.roa
File: iL1kz8eBsawmH8XZexUkH5cJ3QU.roa (raw, json)
Hash identifier: jHiU7QymBGA/tnxnQpVY0zvcP5x2CO+Vz8Xyf6fbd0s=
Subject key identifier: 88:BD:64:CF:C7:81:B1:AC:26:1F:C5:D9:7B:15:24:1F:97:09:DD:05
Certificate issuer: /CN=6e6bcd1ee0415312babada96a5b4c7351bbca6bf
Certificate serial: 018CC7276BF99AC5679AAA601D260CCC88C1
Authority key identifier: 6E:6B:CD:1E:E0:41:53:12:BA:BA:DA:96:A5:B4:C7:35:1B:BC:A6:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bmvNHuBBUxK6utqWpbTHNRu8pr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/827332-0a02-423f-b07f-05290becdc61/1/iL1kz8eBsawmH8XZexUkH5cJ3QU.roa
Signing time: Mon 01 Jan 2024 22:31:38 +0000
ROA not before: Mon 01 Jan 2024 22:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60924
IP address blocks: 185.177.186.0/24 maxlen: 24
185.177.184.0/22 maxlen: 24
185.177.184.0/24 maxlen: 24
185.177.185.0/24 maxlen: 24
185.177.187.0/24 maxlen: 24
185.23.197.0/24 maxlen: 24
185.23.198.0/24 maxlen: 24
185.23.196.0/22 maxlen: 24
185.23.196.0/24 maxlen: 24
185.23.199.0/24 maxlen: 24
146.71.94.0/23 maxlen: 24
146.71.94.0/24 maxlen: 24
146.71.95.0/24 maxlen: 24
185.92.128.0/22 maxlen: 24
185.92.128.0/24 maxlen: 24
185.92.131.0/24 maxlen: 24
185.92.129.0/24 maxlen: 24
185.92.130.0/24 maxlen: 24
2a0a:4380::/29 maxlen: 64
2a04:2600::/29 maxlen: 64
2a05:f1c0::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/827332-0a02-423f-b07f-05290becdc61/1/bmvNHuBBUxK6utqWpbTHNRu8pr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/827332-0a02-423f-b07f-05290becdc61/1/bmvNHuBBUxK6utqWpbTHNRu8pr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bmvNHuBBUxK6utqWpbTHNRu8pr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:6b:f9:9a:c5:67:9a:aa:60:1d:26:0c:cc:88:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6bcd1ee0415312babada96a5b4c7351bbca6bf
Validity
Not Before: Jan 1 22:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88bd64cfc781b1ac261fc5d97b15241f9709dd05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e4:2d:82:b4:17:63:7b:17:92:c0:62:00:e0:
b0:e8:05:d6:61:28:81:0d:0a:3a:bd:15:3c:55:fe:
d3:0b:47:2d:98:2f:54:d6:ac:f0:2a:52:8f:3d:24:
60:4d:b3:ed:99:f7:94:c1:f1:4d:41:f3:3c:ef:85:
42:d4:c1:0b:f4:f9:ad:46:a2:02:5c:65:83:5d:24:
4d:21:0f:18:fa:b0:ef:10:ad:0e:38:a2:6f:c9:39:
07:89:67:68:fc:88:26:3a:1a:fb:7f:20:cd:f9:26:
95:26:aa:29:4a:95:47:a6:34:bf:8d:a6:e6:47:a7:
79:64:db:4d:f5:4c:a5:8f:a3:90:b1:f6:75:c7:85:
f2:97:74:aa:f3:60:a6:d6:0b:dd:bb:fc:91:d3:cb:
d1:41:7f:29:ed:d4:cf:e3:f9:2d:2d:6d:d5:a9:ca:
d8:45:f3:c8:28:33:15:8d:11:0d:2d:3a:93:54:8b:
4d:c4:47:4a:64:af:e9:0e:76:a3:5c:e3:db:3f:7d:
00:0c:13:10:bd:3a:47:22:c8:22:db:f8:22:0f:54:
ba:86:36:64:44:b3:6b:4d:30:6a:f9:d0:8d:3d:9a:
7e:1e:3b:fa:c1:24:36:8b:4c:43:8b:89:8d:46:b2:
60:65:95:a4:dc:c2:a0:af:a1:32:7f:2e:60:29:79:
9a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:BD:64:CF:C7:81:B1:AC:26:1F:C5:D9:7B:15:24:1F:97:09:DD:05
X509v3 Authority Key Identifier:
keyid:6E:6B:CD:1E:E0:41:53:12:BA:BA:DA:96:A5:B4:C7:35:1B:BC:A6:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bmvNHuBBUxK6utqWpbTHNRu8pr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/827332-0a02-423f-b07f-05290becdc61/1/iL1kz8eBsawmH8XZexUkH5cJ3QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/827332-0a02-423f-b07f-05290becdc61/1/bmvNHuBBUxK6utqWpbTHNRu8pr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.71.94.0/23
185.23.196.0/22
185.92.128.0/22
185.177.184.0/22
IPv6:
2a04:2600::/29
2a05:f1c0::/29
2a0a:4380::/29
Signature Algorithm: sha256WithRSAEncryption
7a:ab:a7:6d:bf:f4:2c:37:6b:6b:99:1f:4f:37:08:0d:36:66:
f8:cc:31:63:85:7d:53:6d:18:6d:c2:af:1d:2f:a0:c9:3b:93:
80:b1:fc:bf:21:bc:66:99:a6:d5:c1:cd:c3:bf:fd:98:b1:38:
ea:f6:dd:06:32:ec:58:64:07:2e:f0:2b:58:26:10:b0:a2:32:
a0:ae:d9:9a:18:80:11:ac:37:c8:6a:a1:9c:bd:5e:81:57:a7:
3e:a0:9f:6f:91:95:b4:65:d0:fc:4d:a2:5f:bb:c8:83:46:bc:
f2:ae:37:a9:08:57:8a:e2:d0:ad:6e:68:7b:63:15:d9:99:5c:
cd:a9:0a:55:5a:0c:3b:38:65:fa:41:d1:64:8f:0d:59:7f:bc:
bd:10:93:c5:0f:7d:8a:46:a3:b5:17:07:f0:3f:2b:2c:87:a9:
6c:d3:84:c3:30:95:db:a2:a3:9c:55:92:4a:ae:99:73:26:a6:
b5:52:ff:a2:16:9e:15:e3:71:16:63:5f:e2:38:12:12:d5:95:
65:d4:2d:8a:93:5a:28:83:7e:bd:e0:98:87:62:c9:f3:d3:a6:
b7:a3:00:a5:63:b1:a4:60:e3:5c:f7:f9:0b:81:4e:d4:42:e8:
58:3f:a1:49:c6:d7:13:c0:8a:e4:1f:fa:b5:a2:99:a3:78:c7:
c4:65:88:b7
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzHJ2v5msVnmqpgHSYMzIjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmJjZDFlZTA0MTUzMTJiYWJhZGE5NmE1YjRjNzM1MWJi
Y2E2YmYwHhcNMjQwMTAxMjIzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGJkNjRjZmM3ODFiMWFjMjYxZmM1ZDk3YjE1MjQxZjk3MDlkZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuQtgrQXY3sXksBiAOCw6AXWYSiB
DQo6vRU8Vf7TC0ctmC9U1qzwKlKPPSRgTbPtmfeUwfFNQfM874VC1MEL9PmtRqIC
XGWDXSRNIQ8Y+rDvEK0OOKJvyTkHiWdo/IgmOhr7fyDN+SaVJqopSpVHpjS/jabm
R6d5ZNtN9Uylj6OQsfZ1x4Xyl3Sq82Cm1gvdu/yR08vRQX8p7dTP4/ktLW3VqcrY
RfPIKDMVjRENLTqTVItNxEdKZK/pDnajXOPbP30ADBMQvTpHIsgi2/giD1S6hjZk
RLNrTTBq+dCNPZp+Hjv6wSQ2i0xDi4mNRrJgZZWk3MKgr6Eyfy5gKXmaaQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIi9ZM/HgbGsJh/F2XsVJB+XCd0FMB8GA1UdIwQY
MBaAFG5rzR7gQVMSurralqW0xzUbvKa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm12Tkh1QkJVeEs2dXRxV3BiVEhOUnU4cHI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy84MjczMzItMGEwMi00MjNmLWIwN2Yt
MDUyOTBiZWNkYzYxLzEvaUwxa3o4ZUJzYXdtSDhYWmV4VWtINWNKM1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy84MjczMzItMGEwMi00MjNmLWIwN2YtMDUyOTBiZWNkYzYx
LzEvYm12Tkh1QkJVeEs2dXRxV3BiVEhOUnU4cHI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQBkkdeAwQC
uRfEAwQCuVyAAwQCubG4MBsEAgACMBUDBQMqBCYAAwUDKgXxwAMFAyoKQ4AwDQYJ
KoZIhvcNAQELBQADggEBAHqrp22/9Cw3a2uZH083CA02ZvjMMWOFfVNtGG3Crx0v
oMk7k4Cx/L8hvGaZptXBzcO//ZixOOr23QYy7FhkBy7wK1gmELCiMqCu2ZoYgBGs
N8hqoZy9XoFXpz6gn2+RlbRl0PxNol+7yINGvPKuN6kIV4ri0K1uaHtjFdmZXM2p
ClVaDDs4ZfpB0WSPDVl/vL0Qk8UPfYpGo7UXB/A/KyyHqWzThMMwlduio5xVkkqu
mXMmprVS/6IWnhXjcRZjX+I4EhLVlWXULYqTWiiDfr3gmIdiyfPTprejAKVjsaRg
41z3+QuBTtRC6Fg/oUnG1xPAiuQf+rWimaN4x8RliLc=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:58:47 2024 by rpki-client on console-fra.rpki-client.org