Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/cgIQiY9NdqbWObd8wZZffUaBL7k.roa
File: cgIQiY9NdqbWObd8wZZffUaBL7k.roa (raw, json)
Hash identifier: /tVs8zgiwYWLvnt0Fj6NWbCxyqlcF3crmr8qUi81occ=
Subject key identifier: 72:02:10:89:8F:4D:76:A6:D6:39:B7:7C:C1:96:5F:7D:46:81:2F:B9
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 018CC493083AC3A22EC84ABB5783BA3D7ECA
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/cgIQiY9NdqbWObd8wZZffUaBL7k.roa
Signing time: Mon 01 Jan 2024 10:30:19 +0000
ROA not before: Mon 01 Jan 2024 10:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2470
IP address blocks: 195.83.188.0/24 maxlen: 24
195.98.232.0/24 maxlen: 24
195.98.231.0/24 maxlen: 24
193.51.113.0/24 maxlen: 24
193.51.115.0/24 maxlen: 24
195.220.149.0/24 maxlen: 24
195.220.151.0/24 maxlen: 24
195.220.150.0/24 maxlen: 24
193.50.206.0/24 maxlen: 24
194.167.103.0/24 maxlen: 24
194.167.142.0/24 maxlen: 24
193.51.11.0/24 maxlen: 24
194.199.70.0/24 maxlen: 24
194.199.69.0/24 maxlen: 24
194.199.71.0/24 maxlen: 24
194.199.66.0/24 maxlen: 24
194.199.68.0/24 maxlen: 24
194.199.67.0/24 maxlen: 24
194.199.73.0/24 maxlen: 24
194.199.72.0/24 maxlen: 24
194.199.78.0/24 maxlen: 24
2001:660:8018::/48 maxlen: 48
2001:660:801a::/48 maxlen: 48
2001:661:8000::/35 maxlen: 48
2001:660:8019::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:08:3a:c3:a2:2e:c8:4a:bb:57:83:ba:3d:7e:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Jan 1 10:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=720210898f4d76a6d639b77cc1965f7d46812fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:29:20:9e:bc:04:39:64:bc:2d:37:74:75:7f:
1b:5a:8f:77:3e:9a:a1:ef:84:b4:b9:12:7a:8c:10:
ab:3a:06:08:81:df:05:cd:d7:2b:26:10:53:74:38:
0c:a4:7d:0c:d3:8d:39:89:70:0a:a3:72:65:dd:3f:
4a:ff:04:8b:7f:ca:b7:62:a8:84:b3:60:84:af:fd:
b1:24:a5:fc:a6:26:f6:fa:ee:21:6a:16:a4:a1:d9:
ad:84:5f:ba:f6:f1:cf:d8:ec:a0:04:3b:8f:96:8f:
b0:6b:eb:66:f7:ba:68:6c:09:56:7b:14:be:d0:a1:
cd:2c:63:7c:c2:9f:68:27:a1:ff:37:43:12:92:db:
e9:ba:91:74:92:88:23:2d:74:4e:20:8e:d6:35:a8:
7e:64:88:a1:94:bd:db:df:a4:df:c5:4a:35:53:51:
d4:f9:82:54:45:d7:cf:fd:7b:99:53:2d:50:dc:60:
45:2c:4f:3d:6b:d5:32:bc:b2:a0:c9:be:3a:1b:8d:
f6:b7:4b:80:a9:50:9c:25:d8:10:1e:de:a4:5c:81:
cc:a1:98:af:93:fb:aa:eb:6a:2b:99:8d:76:18:2e:
26:de:50:4e:bd:9a:30:a9:20:a4:fd:f6:2e:4a:e5:
23:7c:e2:a5:3f:c1:e4:ba:96:89:53:66:63:a5:ec:
88:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:02:10:89:8F:4D:76:A6:D6:39:B7:7C:C1:96:5F:7D:46:81:2F:B9
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/cgIQiY9NdqbWObd8wZZffUaBL7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.50.206.0/24
193.51.11.0/24
193.51.113.0/24
193.51.115.0/24
194.167.103.0/24
194.167.142.0/24
194.199.66.0-194.199.73.255
194.199.78.0/24
195.83.188.0/24
195.98.231.0-195.98.232.255
195.220.149.0-195.220.151.255
IPv6:
2001:660:8018::-2001:660:801a:ffff:ffff:ffff:ffff:ffff
2001:661:8000::/35
Signature Algorithm: sha256WithRSAEncryption
25:92:5d:4f:a5:0a:b3:f4:36:e5:d6:b2:67:33:a8:a2:fb:60:
14:4c:1c:f0:0d:a8:5c:05:42:46:16:f1:de:a3:b0:1e:49:0e:
2b:c3:b0:61:eb:ca:23:2d:72:04:ac:e0:f1:c0:35:86:53:db:
88:d8:10:a3:18:55:79:f4:2e:54:d9:cb:f2:a1:20:33:18:f6:
b3:71:77:86:a2:33:0c:9a:df:99:35:16:86:3f:d3:bd:54:c7:
1a:77:1f:f7:5b:9c:3b:7b:b1:53:17:6d:eb:f6:dd:95:d4:9c:
9d:ab:a3:22:01:ed:53:91:cf:e0:83:0d:e6:d6:6e:42:b7:b2:
b8:23:c9:f7:d4:cf:9a:0a:09:92:37:0a:12:e2:ae:df:95:c8:
80:be:1e:53:f6:9a:d9:45:30:51:16:24:b2:7a:bf:91:f0:e9:
4e:3f:a1:86:7d:8e:35:5d:8a:0d:27:97:29:ef:13:5f:bd:30:
d4:1d:cb:ba:0d:10:0f:6c:58:6a:54:fd:2d:10:e0:27:94:18:
61:a3:92:1c:1f:4c:98:1d:45:ba:0b:50:a0:80:a5:86:08:14:
b9:14:ce:fd:88:30:4b:d6:4e:59:cb:14:9d:8a:27:a7:45:b0:
d6:0a:3e:8f:9f:50:2e:42:f7:0c:92:44:70:1d:90:4f:48:34:
ab:35:2f:ea
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYzEkwg6w6IuyEq7V4O6PX7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjQwMTAxMTAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjAyMTA4OThmNGQ3NmE2ZDYzOWI3N2NjMTk2NWY3ZDQ2ODEyZmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCkgnrwEOWS8LTd0dX8bWo93Ppqh
74S0uRJ6jBCrOgYIgd8FzdcrJhBTdDgMpH0M0405iXAKo3Jl3T9K/wSLf8q3YqiE
s2CEr/2xJKX8pib2+u4hahakodmthF+69vHP2OygBDuPlo+wa+tm97pobAlWexS+
0KHNLGN8wp9oJ6H/N0MSktvpupF0kogjLXROII7WNah+ZIihlL3b36TfxUo1U1HU
+YJURdfP/XuZUy1Q3GBFLE89a9UyvLKgyb46G432t0uAqVCcJdgQHt6kXIHMoZiv
k/uq62ormY12GC4m3lBOvZowqSCk/fYuSuUjfOKlP8HkupaJU2ZjpeyIuQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFHICEImPTXam1jm3fMGWX31GgS+5MB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvY2dJUWlZOU5kcWJXT2JkOHdaWmZmVWFCTDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBgBAIAATBaAwQAwTLO
AwQAwTMLAwQAwTNxAwQAwTNzAwQAwqdnAwQAwqeOMAwDBAHCx0IDBAHCx0gDBADC
x04DBADDU7wwDAMEAMNi5wMEAMNi6DAMAwQAw9yVAwQDw9yQMCIEAgACMBwwEgMH
AyABBmCAGAMHACABBmCAGgMGBSABBmGAMA0GCSqGSIb3DQEBCwUAA4IBAQAlkl1P
pQqz9Dbl1rJnM6ii+2AUTBzwDahcBUJGFvHeo7AeSQ4rw7Bh68ojLXIErODxwDWG
U9uI2BCjGFV59C5U2cvyoSAzGPazcXeGojMMmt+ZNRaGP9O9VMcadx/3W5w7e7FT
F23r9t2V1Jydq6MiAe1Tkc/ggw3m1m5Ct7K4I8n31M+aCgmSNwoS4q7flciAvh5T
9prZRTBRFiSyer+R8OlOP6GGfY41XYoNJ5cp7xNfvTDUHcu6DRAPbFhqVP0tEOAn
lBhho5IcH0yYHUW6C1CggKWGCBS5FM79iDBL1k5ZyxSdiienRbDWCj6Pn1AuQvcM
kkRwHZBPSDSrNS/q
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:16 2024 by rpki-client on console-fra.rpki-client.org