Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ICE6DVdNu8Q7LcI7xL3DpfqdFno.roa
File: ICE6DVdNu8Q7LcI7xL3DpfqdFno.roa (raw, json)
Hash identifier: 5eqc2XzRV6liJ0sM6NX3VkWKxGft3luHVfceBHkGdmk=
Subject key identifier: 20:21:3A:0D:57:4D:BB:C4:3B:2D:C2:3B:C4:BD:C3:A5:FA:9D:16:7A
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DAC857CDB5401D805AA51F7A05E2B9
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ICE6DVdNu8Q7LcI7xL3DpfqdFno.roa
Signing time: Mon 01 Jan 2024 02:29:27 +0000
ROA not before: Mon 01 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199380
IP address blocks: 89.37.80.0/22 maxlen: 24
89.32.194.0/23 maxlen: 24
89.42.236.0/23 maxlen: 24
185.16.120.0/22 maxlen: 24
188.208.24.0/22 maxlen: 24
188.247.168.0/22 maxlen: 24
188.239.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c8:57:cd:b5:40:1d:80:5a:a5:1f:7a:05:e2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20213a0d574dbbc43b2dc23bc4bdc3a5fa9d167a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:47:c3:21:f4:c6:f4:32:8a:4a:a0:17:39:de:
6b:4b:4a:7e:2a:89:71:eb:65:89:dd:34:4b:f8:6e:
4a:6a:55:5e:08:ff:60:59:02:8f:82:0d:96:37:31:
e9:92:4c:91:a1:b2:96:6a:b8:d6:02:71:84:54:70:
58:cb:bc:fd:a3:4f:ba:b3:87:2e:79:83:ba:eb:58:
38:c6:0f:ab:9b:40:60:36:63:b5:26:6d:d9:c4:d9:
35:ca:62:33:7d:75:db:05:50:51:8b:3f:58:b8:1b:
7f:82:d5:20:3d:ea:fa:b5:af:87:d1:ec:3a:26:27:
fb:3f:b1:14:57:96:1e:e3:6c:1b:c0:cd:cb:2f:af:
9f:4a:77:d4:4d:ce:ed:11:03:9e:dd:7b:07:e9:8d:
52:a0:4e:b7:90:d7:d4:32:97:e8:37:ac:62:ea:64:
b7:7d:79:70:44:05:dc:52:0c:a9:5a:dc:59:57:d4:
22:46:3a:e2:af:d4:38:9e:d1:43:f0:c5:40:a7:5a:
87:d2:ac:9f:e8:00:cc:36:89:44:ff:50:1d:a4:19:
04:7b:97:32:6d:01:35:6b:ac:09:5a:05:be:9a:24:
4d:f6:2d:74:2d:a1:b4:33:54:00:2d:88:40:5b:ae:
e2:17:ac:aa:b9:51:23:c6:03:28:2a:b2:c6:2c:40:
0c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:21:3A:0D:57:4D:BB:C4:3B:2D:C2:3B:C4:BD:C3:A5:FA:9D:16:7A
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/ICE6DVdNu8Q7LcI7xL3DpfqdFno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.194.0/23
89.37.80.0/22
89.42.236.0/23
185.16.120.0/22
188.208.24.0/22
188.239.184.0/22
188.247.168.0/22
Signature Algorithm: sha256WithRSAEncryption
81:b8:77:31:45:7e:fd:b8:21:da:89:c9:94:aa:fb:e8:9b:90:
f4:36:ec:da:cb:7f:3d:a4:0c:ea:7f:a3:f9:9f:ef:51:30:5a:
be:cb:c2:a6:a5:07:ec:45:74:ea:85:1e:16:75:ca:92:9d:34:
58:02:cf:b1:ab:e5:a9:3c:c7:89:17:2e:3c:97:6f:fe:1f:ff:
b2:39:d8:78:61:90:bc:d9:cd:e7:dd:62:2b:e4:ad:56:7f:76:
46:41:fc:9c:ad:e4:19:ed:bd:60:7d:58:00:68:19:8a:93:e8:
18:d8:62:19:1b:49:be:bf:9a:d1:c6:5c:d6:d1:5e:e7:e2:74:
41:b0:70:80:41:a4:ea:92:5d:65:37:99:3b:29:28:41:9b:4c:
a3:91:a4:4b:4a:ba:2f:23:18:c8:3e:40:73:5e:7e:e7:d2:b5:
fd:83:c8:d4:1a:77:52:c4:db:ca:22:95:74:46:aa:8a:7f:28:
62:5f:5f:cb:76:9c:26:d9:b7:bf:de:03:97:ea:eb:7a:be:05:
18:4f:7a:83:21:ff:38:a5:3e:47:ae:48:bf:d8:b1:cf:5f:be:
8a:a9:ce:a7:cb:a7:51:31:34:a4:26:74:d4:13:c8:ce:e8:34:
2d:01:ba:8d:c3:39:c0:a1:b2:ab:6d:7b:81:9a:b2:14:c3:28:
c3:3c:ce:8c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzC2shXzbVAHYBapR96BeK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDIxM2EwZDU3NGRiYmM0M2IyZGMyM2JjNGJkYzNhNWZhOWQxNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUfDIfTG9DKKSqAXOd5rS0p+Kolx
62WJ3TRL+G5KalVeCP9gWQKPgg2WNzHpkkyRobKWarjWAnGEVHBYy7z9o0+6s4cu
eYO661g4xg+rm0BgNmO1Jm3ZxNk1ymIzfXXbBVBRiz9YuBt/gtUgPer6ta+H0ew6
Jif7P7EUV5Ye42wbwM3LL6+fSnfUTc7tEQOe3XsH6Y1SoE63kNfUMpfoN6xi6mS3
fXlwRAXcUgypWtxZV9QiRjrir9Q4ntFD8MVAp1qH0qyf6ADMNolE/1AdpBkEe5cy
bQE1a6wJWgW+miRN9i10LaG0M1QALYhAW67iF6yquVEjxgMoKrLGLEAM5QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCAhOg1XTbvEOy3CO8S9w6X6nRZ6MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvSUNFNkRWZE51OFE3TGNJN3hMM0RwZnFkRm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBWSDCAwQC
WSVQAwQBWSrsAwQCuRB4AwQCvNAYAwQCvO+4AwQCvPeoMA0GCSqGSIb3DQEBCwUA
A4IBAQCBuHcxRX79uCHaicmUqvvom5D0Nuzay389pAzqf6P5n+9RMFq+y8KmpQfs
RXTqhR4WdcqSnTRYAs+xq+WpPMeJFy48l2/+H/+yOdh4YZC82c3n3WIr5K1Wf3ZG
QfycreQZ7b1gfVgAaBmKk+gY2GIZG0m+v5rRxlzW0V7n4nRBsHCAQaTqkl1lN5k7
KShBm0yjkaRLSrovIxjIPkBzXn7n0rX9g8jUGndSxNvKIpV0RqqKfyhiX1/Ldpwm
2be/3gOX6ut6vgUYT3qDIf84pT5Hrki/2LHPX76Kqc6ny6dRMTSkJnTUE8jO6DQt
AbqNwznAobKrbXuBmrIUwyjDPM6M
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:34 2024 by rpki-client on console-fra.rpki-client.org