Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/deb903-26da-47a8-9b05-38a385f35e3b/1/16KdKx2B0fRYwgQ5U2VlXvCdfYk.roa
File: 16KdKx2B0fRYwgQ5U2VlXvCdfYk.roa (raw, json)
Hash identifier: BoAHyKlQ8KYj2SRo+EuCyXnWAz7MnswUiwDZ/MDm71w=
Subject key identifier: D7:A2:9D:2B:1D:81:D1:F4:58:C2:04:39:53:65:65:5E:F0:9D:7D:89
Certificate issuer: /CN=de1139218c52e8fe7f7c314b6639e7f87e5679c8
Certificate serial: 018CC424D03A8B8CF58C6A7ED1090721E285
Authority key identifier: DE:11:39:21:8C:52:E8:FE:7F:7C:31:4B:66:39:E7:F8:7E:56:79:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3hE5IYxS6P5_fDFLZjnn-H5Wecg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/deb903-26da-47a8-9b05-38a385f35e3b/1/16KdKx2B0fRYwgQ5U2VlXvCdfYk.roa
Signing time: Mon 01 Jan 2024 08:29:56 +0000
ROA not before: Mon 01 Jan 2024 08:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201293
IP address blocks: 185.79.188.0/22 maxlen: 22
185.79.189.0/24 maxlen: 24
185.79.191.0/24 maxlen: 24
185.79.188.0/24 maxlen: 24
185.79.190.0/23 maxlen: 23
185.79.190.0/24 maxlen: 24
2a03:5da0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/deb903-26da-47a8-9b05-38a385f35e3b/1/3hE5IYxS6P5_fDFLZjnn-H5Wecg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/deb903-26da-47a8-9b05-38a385f35e3b/1/3hE5IYxS6P5_fDFLZjnn-H5Wecg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3hE5IYxS6P5_fDFLZjnn-H5Wecg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:d0:3a:8b:8c:f5:8c:6a:7e:d1:09:07:21:e2:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de1139218c52e8fe7f7c314b6639e7f87e5679c8
Validity
Not Before: Jan 1 08:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7a29d2b1d81d1f458c204395365655ef09d7d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2a:cd:f0:ef:d6:fe:80:12:c5:dc:39:9c:5e:
de:48:1c:4a:54:ef:4f:60:fe:dc:2e:c1:ec:af:61:
7d:ed:75:09:c4:59:b9:1d:6a:2a:e0:59:ba:cf:8f:
13:ce:3a:1a:71:c5:19:4a:a3:7a:69:1f:3a:78:08:
06:ce:c4:82:a6:06:92:d0:a6:ef:97:07:9d:0e:d7:
10:87:85:1b:54:93:33:42:72:63:94:23:59:68:22:
8f:e4:cf:04:63:39:f5:74:64:3c:f3:49:23:26:fa:
b5:45:f0:b8:a2:87:34:06:18:83:87:45:90:21:43:
d8:2f:b2:4a:ef:2c:49:85:78:45:98:2c:fc:6a:d6:
3d:e2:77:6b:3f:27:c6:da:4c:df:f1:5a:22:f8:ae:
0e:51:4d:99:0f:71:23:62:bb:4e:f8:83:2d:fb:e5:
e7:51:8f:fc:ed:14:25:7a:cc:4a:f0:6e:bd:72:c6:
07:67:a3:ab:2c:24:a4:ba:7c:80:17:5f:b5:46:ed:
42:c9:b1:fc:7d:8e:f4:4e:d4:cc:21:a8:fd:62:b9:
ae:ba:74:9e:5b:85:59:92:79:1f:6b:41:17:11:5a:
ca:8e:ff:79:01:07:8d:e1:4b:29:f4:f7:3f:fe:31:
bf:8b:0c:1b:c1:47:b2:72:62:98:6b:b1:54:e2:cd:
a7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A2:9D:2B:1D:81:D1:F4:58:C2:04:39:53:65:65:5E:F0:9D:7D:89
X509v3 Authority Key Identifier:
keyid:DE:11:39:21:8C:52:E8:FE:7F:7C:31:4B:66:39:E7:F8:7E:56:79:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3hE5IYxS6P5_fDFLZjnn-H5Wecg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deb903-26da-47a8-9b05-38a385f35e3b/1/16KdKx2B0fRYwgQ5U2VlXvCdfYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deb903-26da-47a8-9b05-38a385f35e3b/1/3hE5IYxS6P5_fDFLZjnn-H5Wecg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.188.0/22
IPv6:
2a03:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
21:45:05:b6:62:eb:50:62:c6:c3:dc:bd:95:0f:72:4a:6a:0c:
6e:8b:85:f3:a6:74:18:3c:85:b2:12:3c:07:c2:5c:34:15:11:
0c:98:c5:bd:6f:d4:12:2e:7e:9b:05:d7:2b:1b:bd:f6:7d:3c:
f5:78:47:d6:f9:27:a8:f6:8a:2e:ab:5f:7d:b7:30:7e:61:44:
36:9f:61:f7:08:9b:7e:29:ae:f2:00:21:c9:80:41:a3:39:8b:
8f:3e:5e:25:67:f3:83:5d:75:d5:5a:0e:68:8e:48:42:4f:42:
a0:aa:e7:7c:b9:18:e5:8d:f0:f3:d3:b5:39:f8:96:a6:59:3f:
d4:60:2b:4a:06:5b:e3:58:c2:6d:50:be:08:20:be:cd:11:8f:
4e:9f:58:35:d4:46:3c:10:10:41:f7:83:27:d4:97:e6:f7:28:
ea:f6:3c:67:a5:a9:5a:39:37:c0:49:43:14:c8:dd:23:f3:cc:
58:d0:94:22:12:e9:51:e0:07:b4:6c:fa:20:c3:36:14:25:2a:
65:99:86:bd:bc:20:a1:6a:b7:63:56:8d:14:1c:54:63:e4:0c:
e4:36:dc:76:d9:1e:16:76:14:c1:f2:4f:bc:f5:45:84:d5:98:
6f:02:4b:e4:60:15:a6:f1:31:12:a6:06:19:9a:d2:e9:78:f1:
98:6d:3b:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJNA6i4z1jGp+0QkHIeKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMTEzOTIxOGM1MmU4ZmU3ZjdjMzE0YjY2MzllN2Y4N2U1
Njc5YzgwHhcNMjQwMTAxMDgyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2EyOWQyYjFkODFkMWY0NThjMjA0Mzk1MzY1NjU1ZWYwOWQ3ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyrN8O/W/oASxdw5nF7eSBxKVO9P
YP7cLsHsr2F97XUJxFm5HWoq4Fm6z48TzjoaccUZSqN6aR86eAgGzsSCpgaS0Kbv
lwedDtcQh4UbVJMzQnJjlCNZaCKP5M8EYzn1dGQ880kjJvq1RfC4ooc0BhiDh0WQ
IUPYL7JK7yxJhXhFmCz8atY94ndrPyfG2kzf8Voi+K4OUU2ZD3EjYrtO+IMt++Xn
UY/87RQlesxK8G69csYHZ6OrLCSkunyAF1+1Ru1CybH8fY70TtTMIaj9YrmuunSe
W4VZknkfa0EXEVrKjv95AQeN4Usp9Pc//jG/iwwbwUeycmKYa7FU4s2nAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNeinSsdgdH0WMIEOVNlZV7wnX2JMB8GA1UdIwQY
MBaAFN4ROSGMUuj+f3wxS2Y55/h+VnnIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2hFNUlZeFM2UDVfZkRGTFpqbm4tSDVXZWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZWI5MDMtMjZkYS00N2E4LTliMDUt
MzhhMzg1ZjM1ZTNiLzEvMTZLZEt4MkIwZlJZd2dRNVUyVmxYdkNkZllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9kZWI5MDMtMjZkYS00N2E4LTliMDUtMzhhMzg1ZjM1ZTNi
LzEvM2hFNUlZeFM2UDVfZkRGTFpqbm4tSDVXZWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU+8MA0E
AgACMAcDBQAqA12gMA0GCSqGSIb3DQEBCwUAA4IBAQAhRQW2YutQYsbD3L2VD3JK
agxui4XzpnQYPIWyEjwHwlw0FREMmMW9b9QSLn6bBdcrG732fTz1eEfW+Seo9oou
q199tzB+YUQ2n2H3CJt+Ka7yACHJgEGjOYuPPl4lZ/ODXXXVWg5ojkhCT0Kgqud8
uRjljfDz07U5+JamWT/UYCtKBlvjWMJtUL4IIL7NEY9On1g11EY8EBBB94Mn1Jfm
9yjq9jxnpalaOTfASUMUyN0j88xY0JQiEulR4Ae0bPogwzYUJSplmYa9vCChardj
Vo0UHFRj5AzkNtx22R4WdhTB8k+89UWE1ZhvAkvkYBWm8TESpgYZmtLpePGYbTu7
-----END CERTIFICATE-----
Generated at Sat Dec 28 03:00:49 2024 by rpki-client on console-ams.rpki-client.org