Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/tJBrpAOFC2pGv6UkB2tqDGsELpk.roa
File: tJBrpAOFC2pGv6UkB2tqDGsELpk.roa (raw, json)
Hash identifier: NRE0CQc+UThnaqAXZjPzTuf5yEYW0BBFc/RWKhVQLNg=
Subject key identifier: B4:90:6B:A4:03:85:0B:6A:46:BF:A5:24:07:6B:6A:0C:6B:04:2E:99
Certificate issuer: /CN=535825ce8bf544170282f720a2484141568b0e7d
Certificate serial: 018CC349639574AD9800A56C685536EB32B9
Authority key identifier: 53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/tJBrpAOFC2pGv6UkB2tqDGsELpk.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43545
IP address blocks: 185.113.217.0/24 maxlen: 24
185.113.218.0/24 maxlen: 24
185.113.216.0/24 maxlen: 24
185.113.219.0/24 maxlen: 24
77.74.104.0/21 maxlen: 21
77.74.110.0/24 maxlen: 24
212.84.64.0/21 maxlen: 24
212.84.68.0/24 maxlen: 24
212.84.72.0/21 maxlen: 24
80.84.80.0/21 maxlen: 21
212.84.80.0/21 maxlen: 24
80.84.88.0/21 maxlen: 21
80.84.89.0/24 maxlen: 24
80.84.87.0/24 maxlen: 24
212.84.88.0/21 maxlen: 24
78.40.144.0/21 maxlen: 21
78.40.144.0/24 maxlen: 24
80.84.90.0/24 maxlen: 24
80.84.91.0/24 maxlen: 24
80.84.86.0/24 maxlen: 24
78.40.146.0/24 maxlen: 24
78.40.150.0/24 maxlen: 24
212.84.95.0/24 maxlen: 24
2a02:24d0::/32 maxlen: 32
2a02:24d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:63:95:74:ad:98:00:a5:6c:68:55:36:eb:32:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535825ce8bf544170282f720a2484141568b0e7d
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4906ba403850b6a46bfa524076b6a0c6b042e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b9:a5:ed:6c:fa:ed:be:8d:8d:61:15:55:16:
dd:84:fb:7a:d1:c0:bc:b7:29:90:60:27:d1:ca:d3:
36:91:6d:f4:f0:46:97:d6:ae:5e:47:27:f3:e9:71:
01:0f:f2:dc:18:07:05:f1:58:5f:b3:a6:bf:04:b8:
b4:b0:89:8d:8d:3c:4b:ef:b4:47:16:eb:00:c3:f0:
55:08:7c:cc:9d:d3:98:a9:1b:84:8b:01:f5:65:62:
c3:5f:1e:91:04:d5:ab:ea:bc:f9:59:5b:ad:6f:f7:
8e:ab:81:c3:4c:37:5f:a5:cb:b3:e4:38:fc:85:11:
88:3d:f0:33:2f:fd:7f:30:d2:de:e3:cc:ab:4b:74:
91:4f:7a:18:0e:f0:7e:12:0e:4b:4b:df:5d:5b:17:
fa:c5:ca:96:6a:61:d1:e0:5a:7b:f2:8c:35:bd:5a:
cb:c7:f1:b3:79:39:ed:94:23:78:10:91:55:2e:18:
14:25:ea:b3:e0:35:9f:05:df:26:9f:1f:b6:06:0f:
50:34:26:b3:92:35:1b:5c:31:f0:cc:ae:93:9f:51:
fc:fb:26:09:6f:d9:ca:8d:2e:ea:b6:6f:27:52:50:
7f:4b:60:43:0b:97:3f:82:6d:03:07:4c:e3:1e:06:
ce:d9:59:98:80:86:c9:cd:01:97:61:7d:f1:98:b5:
25:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:90:6B:A4:03:85:0B:6A:46:BF:A5:24:07:6B:6A:0C:6B:04:2E:99
X509v3 Authority Key Identifier:
keyid:53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/tJBrpAOFC2pGv6UkB2tqDGsELpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.104.0/21
78.40.144.0/21
80.84.80.0/20
185.113.216.0/22
212.84.64.0/19
IPv6:
2a02:24d0::/32
Signature Algorithm: sha256WithRSAEncryption
58:bc:82:3f:cc:53:81:84:ea:6e:30:2d:83:65:b5:9a:6e:90:
24:74:aa:33:be:19:64:7d:c9:93:4b:17:51:af:7e:51:a1:01:
94:a2:4d:be:9f:9e:a2:c3:dc:4d:89:7c:24:03:c4:c7:d4:34:
0d:92:d8:d2:0b:67:40:e7:9d:d4:26:22:17:8f:86:9f:d7:a1:
55:48:60:0b:dd:b8:ac:2f:d9:7a:a6:9c:4d:ba:cf:1e:8d:cb:
5d:14:b2:16:04:92:4d:d2:9c:cd:0c:66:60:26:0a:c8:b7:91:
ed:dc:6a:fd:70:2a:ee:5d:fb:fb:46:60:b7:80:f8:07:7a:4e:
d8:51:1a:99:6d:04:31:32:6d:98:d3:17:fc:de:d4:c4:f4:da:
fd:0a:2d:0f:c2:9e:64:a4:58:17:8b:e9:68:3e:02:cc:46:c3:
a5:b4:3f:2d:dc:f0:cc:00:12:21:86:35:a1:78:b0:33:0d:51:
b3:56:2a:6d:69:a4:8c:6b:38:21:63:74:0d:1d:6f:7b:f8:79:
e6:0d:46:46:da:cd:4d:89:df:15:5f:a7:35:62:16:2e:66:a3:
3d:f3:be:f7:18:67:7a:75:62:6a:a8:9d:5f:e3:93:b7:6a:56:
92:cd:a8:47:f4:96:8c:28:6f:c0:54:71:17:d5:2f:1d:36:87:
dd:7a:8c:c2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDSWOVdK2YAKVsaFU26zK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTgyNWNlOGJmNTQ0MTcwMjgyZjcyMGEyNDg0MTQxNTY4
YjBlN2QwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDkwNmJhNDAzODUwYjZhNDZiZmE1MjQwNzZiNmEwYzZiMDQyZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrml7Wz67b6NjWEVVRbdhPt60cC8
tymQYCfRytM2kW308EaX1q5eRyfz6XEBD/LcGAcF8Vhfs6a/BLi0sImNjTxL77RH
FusAw/BVCHzMndOYqRuEiwH1ZWLDXx6RBNWr6rz5WVutb/eOq4HDTDdfpcuz5Dj8
hRGIPfAzL/1/MNLe48yrS3SRT3oYDvB+Eg5LS99dWxf6xcqWamHR4Fp78ow1vVrL
x/GzeTntlCN4EJFVLhgUJeqz4DWfBd8mnx+2Bg9QNCazkjUbXDHwzK6Tn1H8+yYJ
b9nKjS7qtm8nUlB/S2BDC5c/gm0DB0zjHgbO2VmYgIbJzQGXYX3xmLUlmwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLSQa6QDhQtqRr+lJAdragxrBC6ZMB8GA1UdIwQY
MBaAFFNYJc6L9UQXAoL3IKJIQUFWiw59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUt
NTE0NmFiN2VhMDE1LzEvdEpCcnBBT0ZDMnBHdjZVa0IydHFER3NFTHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUtNTE0NmFiN2VhMDE1
LzEvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTUpoAwQD
TiiQAwQEUFRQAwQCuXHYAwQF1FRAMA0EAgACMAcDBQAqAiTQMA0GCSqGSIb3DQEB
CwUAA4IBAQBYvII/zFOBhOpuMC2DZbWabpAkdKozvhlkfcmTSxdRr35RoQGUok2+
n56iw9xNiXwkA8TH1DQNktjSC2dA553UJiIXj4af16FVSGAL3bisL9l6ppxNus8e
jctdFLIWBJJN0pzNDGZgJgrIt5Ht3Gr9cCruXfv7RmC3gPgHek7YURqZbQQxMm2Y
0xf83tTE9Nr9Ci0Pwp5kpFgXi+loPgLMRsOltD8t3PDMABIhhjWheLAzDVGzVipt
aaSMazghY3QNHW97+HnmDUZG2s1Nid8VX6c1YhYuZqM98773GGd6dWJqqJ1f45O3
alaSzahH9JaMKG/AVHEX1S8dNofdeozC
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:36 2024 by rpki-client on console-ams.rpki-client.org