Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/p0pY8Od0JvfEazAbiKJO0JlAxFg.roa
File: p0pY8Od0JvfEazAbiKJO0JlAxFg.roa (raw, json)
Hash identifier: oFixOfQ8DZ7xTyIBht0RmE0rocdMflkufAJtik1zfDE=
Subject key identifier: A7:4A:58:F0:E7:74:26:F7:C4:6B:30:1B:88:A2:4E:D0:99:40:C4:58
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 018DC7539E43B61B97405708AA06152FFB99
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/p0pY8Od0JvfEazAbiKJO0JlAxFg.roa
Signing time: Tue 20 Feb 2024 16:22:42 +0000
ROA not before: Tue 20 Feb 2024 16:22:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30889
IP address blocks: 45.145.124.0/22 maxlen: 24
79.98.96.0/21 maxlen: 24
185.15.128.0/22 maxlen: 24
185.95.120.0/22 maxlen: 24
185.149.8.0/22 maxlen: 24
185.172.16.0/22 maxlen: 24
185.196.248.0/22 maxlen: 24
193.27.194.0/23 maxlen: 24
194.177.32.0/19 maxlen: 24
195.214.240.0/21 maxlen: 24
2a01:6d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:53:9e:43:b6:1b:97:40:57:08:aa:06:15:2f:fb:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Feb 20 16:22:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a74a58f0e77426f7c46b301b88a24ed09940c458
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:49:7d:23:59:2b:2f:1b:bc:df:24:b5:e5:2c:
6f:03:3a:fa:6e:66:3c:a1:8b:3c:33:23:9c:94:f4:
be:11:6a:33:cf:55:b9:50:7c:69:92:7c:a7:4b:aa:
9f:8c:ff:43:6d:45:b3:57:4a:8e:78:9b:6e:d0:d9:
a6:80:b4:b6:90:ce:8f:28:ad:b2:bb:a2:d6:74:4a:
d4:8c:c9:1a:fd:46:92:03:2a:31:5e:1f:20:ef:f3:
56:28:d9:b4:bd:9c:d2:dd:c4:21:f1:dc:a4:cc:1b:
f1:54:28:35:c5:83:07:08:7b:95:63:40:ee:b8:90:
36:cc:35:d6:9d:1d:81:c9:44:9f:89:68:19:69:c1:
f3:65:a0:05:9f:2f:b4:b3:ef:1a:12:3e:06:b7:b4:
58:46:d8:e1:c7:d0:f4:ce:84:7c:d6:b7:23:13:ce:
02:a6:e7:f5:63:b6:3c:15:20:15:f9:a4:dd:1d:54:
2e:1c:8e:26:38:69:e5:bf:2c:09:66:98:26:6e:5c:
d0:b1:ab:d0:f1:be:97:c0:b4:94:19:85:27:fe:ba:
53:2a:a5:93:da:dc:a9:4b:fe:11:47:b6:fc:a0:d9:
e4:48:87:14:2e:3a:31:91:56:78:34:77:8a:e4:cc:
cf:20:c0:80:c5:81:36:ee:75:fa:65:9d:8e:78:69:
93:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:4A:58:F0:E7:74:26:F7:C4:6B:30:1B:88:A2:4E:D0:99:40:C4:58
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/p0pY8Od0JvfEazAbiKJO0JlAxFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.124.0/22
79.98.96.0/21
185.15.128.0/22
185.95.120.0/22
185.149.8.0/22
185.172.16.0/22
185.196.248.0/22
193.27.194.0/23
194.177.32.0/19
195.214.240.0/21
IPv6:
2a01:6d8::/32
Signature Algorithm: sha256WithRSAEncryption
19:7d:63:5c:e0:a6:3f:2a:0f:72:a5:68:40:98:c9:f1:de:62:
a9:9b:42:b8:70:16:ea:9a:ad:13:f0:4b:f7:4d:5f:22:63:0c:
00:d7:d1:d8:4a:e4:8d:07:b1:c1:b9:14:31:40:5f:7c:ea:0d:
aa:2a:65:0d:70:a9:30:3b:b4:f9:fe:6b:ad:e3:c8:3f:f8:62:
c1:a9:4d:62:c8:2c:ea:6e:14:51:30:b5:b3:89:d3:9f:a8:08:
bf:93:19:d9:c7:65:2d:45:cd:7f:ab:5a:2e:ea:39:48:95:c6:
0e:94:c2:21:11:b6:88:0a:67:49:4a:51:b6:ff:a8:11:69:bf:
15:04:eb:bb:37:89:18:1c:c9:d2:20:57:70:f7:4a:32:6c:8f:
13:89:57:43:74:9d:48:cd:12:08:0a:bc:d3:13:3a:a9:a2:a7:
9b:45:99:af:cb:08:a4:09:62:05:54:44:a9:75:b6:b4:e8:54:
66:36:67:09:cb:44:36:18:9e:f5:d1:7c:1c:db:72:e1:83:82:
33:f1:55:fd:79:f3:d4:a6:09:9c:5f:a8:33:98:e6:a8:58:95:
73:78:c0:17:56:8f:c7:46:c7:65:6b:bb:da:27:d6:6f:3c:f4:
f3:56:91:5d:15:ad:e0:69:38:a5:3e:d9:5c:b7:87:4e:0e:85:
27:1f:c7:b2
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY3HU55DthuXQFcIqgYVL/uZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQwMjIwMTYyMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzRhNThmMGU3NzQyNmY3YzQ2YjMwMWI4OGEyNGVkMDk5NDBjNDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEl9I1krLxu83yS15SxvAzr6bmY8
oYs8MyOclPS+EWozz1W5UHxpknynS6qfjP9DbUWzV0qOeJtu0NmmgLS2kM6PKK2y
u6LWdErUjMka/UaSAyoxXh8g7/NWKNm0vZzS3cQh8dykzBvxVCg1xYMHCHuVY0Du
uJA2zDXWnR2ByUSfiWgZacHzZaAFny+0s+8aEj4Gt7RYRtjhx9D0zoR81rcjE84C
puf1Y7Y8FSAV+aTdHVQuHI4mOGnlvywJZpgmblzQsavQ8b6XwLSUGYUn/rpTKqWT
2typS/4RR7b8oNnkSIcULjoxkVZ4NHeK5MzPIMCAxYE27nX6ZZ2OeGmTDwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFKdKWPDndCb3xGswG4iiTtCZQMRYMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvcDBwWThPZDBKdmZFYXpBYmlLSk8wSmxBeEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCLZF8AwQD
T2JgAwQCuQ+AAwQCuV94AwQCuZUIAwQCuawQAwQCucT4AwQBwRvCAwQFwrEgAwQD
w9bwMA0EAgACMAcDBQAqAQbYMA0GCSqGSIb3DQEBCwUAA4IBAQAZfWNc4KY/Kg9y
pWhAmMnx3mKpm0K4cBbqmq0T8Ev3TV8iYwwA19HYSuSNB7HBuRQxQF986g2qKmUN
cKkwO7T5/mut48g/+GLBqU1iyCzqbhRRMLWzidOfqAi/kxnZx2UtRc1/q1ou6jlI
lcYOlMIhEbaICmdJSlG2/6gRab8VBOu7N4kYHMnSIFdw90oybI8TiVdDdJ1IzRII
CrzTEzqpoqebRZmvywikCWIFVESpdba06FRmNmcJy0Q2GJ710Xwc23Lhg4Iz8VX9
efPUpgmcX6gzmOaoWJVzeMAXVo/HRsdla7vaJ9ZvPPTzVpFdFa3gaTilPtlct4dO
DoUnH8ey
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:51:46 2024 by rpki-client on console-fra.rpki-client.org