Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/e_j55-yoitdKq6E3FVM_X-gJCPY.roa
File: e_j55-yoitdKq6E3FVM_X-gJCPY.roa (raw, json)
Hash identifier: FCd5P+Bl0yvDD7DxqT7RA/Oo6U4QvaNGCrceKIroHaQ=
Subject key identifier: 7B:F8:F9:E7:EC:A8:8A:D7:4A:AB:A1:37:15:53:3F:5F:E8:09:08:F6
Certificate issuer: /CN=aba81f07a493a3e643752e66bd8146f5771adf88
Certificate serial: 018CC500F53AE18F502FCB2AF784EFEDB5CA
Authority key identifier: AB:A8:1F:07:A4:93:A3:E6:43:75:2E:66:BD:81:46:F5:77:1A:DF:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/e_j55-yoitdKq6E3FVM_X-gJCPY.roa
Signing time: Mon 01 Jan 2024 12:30:23 +0000
ROA not before: Mon 01 Jan 2024 12:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6663
IP address blocks: 185.63.4.0/22 maxlen: 24
93.114.100.0/22 maxlen: 24
85.204.32.0/22 maxlen: 24
5.154.239.0/24 maxlen: 24
89.238.192.0/18 maxlen: 24
81.24.16.0/20 maxlen: 24
93.113.104.0/22 maxlen: 24
85.204.100.0/22 maxlen: 24
2a02:2720::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/q6gfB6STo-ZDdS5mvYFG9Xca34g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/q6gfB6STo-ZDdS5mvYFG9Xca34g.mft
rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 18:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f5:3a:e1:8f:50:2f:cb:2a:f7:84:ef:ed:b5:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aba81f07a493a3e643752e66bd8146f5771adf88
Validity
Not Before: Jan 1 12:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bf8f9e7eca88ad74aaba13715533f5fe80908f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:86:4c:86:ee:24:be:c6:8d:22:52:0e:2a:c8:
09:66:fb:4b:96:94:60:14:5a:9b:71:a1:b0:91:3d:
e0:6c:88:61:ce:cc:34:97:06:3f:50:9d:1d:10:20:
14:65:2f:3d:31:99:f8:55:11:64:41:b1:1a:93:69:
64:9a:92:54:cb:e8:40:70:8a:2b:55:19:c8:63:0d:
9d:8a:39:28:50:f8:b5:bc:79:8b:08:97:a1:d4:d3:
ae:11:6a:bf:c4:bf:91:e2:ac:0b:3d:48:74:72:22:
fd:80:7f:b5:46:68:b3:fb:5a:28:e8:96:18:02:b9:
1b:8b:a1:f7:bc:bc:dd:cd:04:dd:f7:f2:14:29:1d:
81:ad:1e:82:58:e8:38:af:46:b8:07:d8:00:76:03:
8e:ea:eb:9a:d9:21:ce:31:53:f1:87:1f:06:e3:f5:
55:5c:38:f8:a5:1b:ff:08:db:f2:f2:7f:37:35:de:
e0:09:e1:29:ce:2f:2a:75:bf:68:1d:67:b4:fe:fb:
f8:79:a3:47:f7:29:af:55:d7:a9:05:c6:6f:37:6a:
1c:5d:c4:3a:66:59:b5:0e:d6:d5:5e:ae:7f:54:dd:
59:13:69:dd:62:3d:bc:6c:ce:24:52:7c:8d:2e:33:
92:7e:92:fd:c3:0d:4d:14:ba:98:c1:97:94:0e:a3:
ab:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F8:F9:E7:EC:A8:8A:D7:4A:AB:A1:37:15:53:3F:5F:E8:09:08:F6
X509v3 Authority Key Identifier:
keyid:AB:A8:1F:07:A4:93:A3:E6:43:75:2E:66:BD:81:46:F5:77:1A:DF:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/e_j55-yoitdKq6E3FVM_X-gJCPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/q6gfB6STo-ZDdS5mvYFG9Xca34g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.239.0/24
81.24.16.0/20
85.204.32.0/22
85.204.100.0/22
89.238.192.0/18
93.113.104.0/22
93.114.100.0/22
185.63.4.0/22
IPv6:
2a02:2720::/32
Signature Algorithm: sha256WithRSAEncryption
5b:5a:8e:16:02:11:37:21:bd:19:93:c5:33:cd:1b:8c:1e:b0:
3f:a8:55:2d:84:13:b8:8a:94:8e:89:c5:f4:3a:77:6a:de:7c:
a8:18:cd:58:12:ec:3c:ee:ca:d3:17:66:f6:23:e0:38:1f:30:
1a:e3:7b:d7:e4:1a:30:24:dc:db:cc:71:ce:af:27:2c:68:d6:
74:5c:ea:a1:f0:7c:16:cb:3d:ab:61:c0:81:42:b1:3c:85:e9:
01:86:2f:55:ca:7a:b3:97:9e:a4:a3:51:70:6f:84:85:79:a2:
ef:c1:94:13:38:74:5e:59:f1:94:6d:2f:d2:99:3d:e0:0d:3e:
f1:0c:84:e4:5b:3b:e6:1a:68:96:6b:84:e0:69:5c:e4:24:7b:
0b:27:c4:2f:ae:1b:83:8b:f6:4c:31:5d:9f:a7:ed:6a:d3:26:
9c:fb:e5:09:cf:a7:65:ad:35:ca:99:9e:04:ab:ff:12:71:dc:
8b:1a:00:f0:04:36:9a:3c:ad:36:a6:d3:e3:ec:0e:8a:79:4a:
f4:f3:9a:a2:d7:52:d0:8d:b1:50:1f:1d:07:14:fd:1f:3c:89:
ca:71:69:25:e9:79:ce:68:82:55:25:32:00:b5:2d:c3:70:a6:
8d:2d:5c:68:41:b0:6f:17:c6:57:6e:3c:5b:49:b4:62:2e:1c:
ca:bf:3f:a7
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzFAPU64Y9QL8sq94Tv7bXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTgxZjA3YTQ5M2EzZTY0Mzc1MmU2NmJkODE0NmY1Nzcx
YWRmODgwHhcNMjQwMTAxMTIzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmY4ZjllN2VjYTg4YWQ3NGFhYmExMzcxNTUzM2Y1ZmU4MDkwOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4ZMhu4kvsaNIlIOKsgJZvtLlpRg
FFqbcaGwkT3gbIhhzsw0lwY/UJ0dECAUZS89MZn4VRFkQbEak2lkmpJUy+hAcIor
VRnIYw2dijkoUPi1vHmLCJeh1NOuEWq/xL+R4qwLPUh0ciL9gH+1Rmiz+1oo6JYY
Arkbi6H3vLzdzQTd9/IUKR2BrR6CWOg4r0a4B9gAdgOO6uua2SHOMVPxhx8G4/VV
XDj4pRv/CNvy8n83Nd7gCeEpzi8qdb9oHWe0/vv4eaNH9ymvVdepBcZvN2ocXcQ6
Zlm1DtbVXq5/VN1ZE2ndYj28bM4kUnyNLjOSfpL9ww1NFLqYwZeUDqOrVQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHv4+efsqIrXSquhNxVTP1/oCQj2MB8GA1UdIwQY
MBaAFKuoHwekk6PmQ3UuZr2BRvV3Gt+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZnZkI2U1RvLVpEZFM1bXZZRkc5WGNhMzRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC84NGUyY2UtMWVhYy00ZTEyLWFjNTgt
NTFjM2NjY2U3MmRmLzEvZV9qNTUteW9pdGRLcTZFM0ZWTV9YLWdKQ1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC84NGUyY2UtMWVhYy00ZTEyLWFjNTgtNTFjM2NjY2U3MmRm
LzEvcTZnZkI2U1RvLVpEZFM1bXZZRkc5WGNhMzRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQABZrvAwQE
URgQAwQCVcwgAwQCVcxkAwQGWe7AAwQCXXFoAwQCXXJkAwQCuT8EMA0EAgACMAcD
BQAqAicgMA0GCSqGSIb3DQEBCwUAA4IBAQBbWo4WAhE3Ib0Zk8UzzRuMHrA/qFUt
hBO4ipSOicX0Ondq3nyoGM1YEuw87srTF2b2I+A4HzAa43vX5BowJNzbzHHOrycs
aNZ0XOqh8HwWyz2rYcCBQrE8hekBhi9Vynqzl56ko1Fwb4SFeaLvwZQTOHReWfGU
bS/SmT3gDT7xDITkWzvmGmiWa4TgaVzkJHsLJ8QvrhuDi/ZMMV2fp+1q0yac++UJ
z6dlrTXKmZ4Eq/8ScdyLGgDwBDaaPK02ptPj7A6KeUr085qi11LQjbFQHx0HFP0f
PInKcWkl6XnOaIJVJTIAtS3DcKaNLVxoQbBvF8ZXbjxbSbRiLhzKvz+n
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:37:56 2024 by rpki-client on console-fra.rpki-client.org