Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sCJ3S49zdB6ZyHi8GYwt_Q-YehM.roa
File: sCJ3S49zdB6ZyHi8GYwt_Q-YehM.roa (raw, json)
Hash identifier: /72g8lKoa88Bd1nZfvFgJARHDlWzhDNlhoup2v6hTGk=
Subject key identifier: B0:22:77:4B:8F:73:74:1E:99:C8:78:BC:19:8C:2D:FD:0F:98:7A:13
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 018CC649C9CBC87D138A32728F709B044094
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sCJ3S49zdB6ZyHi8GYwt_Q-YehM.roa
Signing time: Mon 01 Jan 2024 18:29:33 +0000
ROA not before: Mon 01 Jan 2024 18:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60860
IP address blocks: 109.72.122.0/24 maxlen: 24
185.30.200.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
185.30.202.0/24 maxlen: 24
93.185.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:c9:cb:c8:7d:13:8a:32:72:8f:70:9b:04:40:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 18:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b022774b8f73741e99c878bc198c2dfd0f987a13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:57:99:92:57:e5:93:4a:02:1e:df:65:44:db:
b3:46:d2:eb:bb:5f:ed:58:64:5a:bf:87:87:45:33:
f9:38:d8:3e:82:ff:b5:92:1e:04:ba:3a:84:e4:3b:
4d:9c:30:b2:a2:ae:57:4d:86:a3:22:20:e5:ec:34:
e1:d3:02:2b:a0:5a:f4:13:5b:51:48:81:4e:f0:e6:
7e:5f:c2:5a:f5:d2:4a:bd:5e:4f:84:39:86:ac:34:
7a:47:cd:d3:9c:a8:40:88:65:1c:d2:c9:db:99:ac:
09:95:aa:82:5e:80:2e:0f:1a:b9:83:77:12:c9:3a:
8c:30:e9:36:f6:b0:e0:67:11:2c:4a:44:c9:b0:49:
87:53:b0:a2:d5:5a:9d:6f:06:0f:90:24:56:0e:43:
8c:17:1e:c0:24:47:6a:1f:42:fe:f3:21:b0:43:3d:
f6:04:87:4e:ec:ab:75:25:70:03:2e:cc:9f:d4:4c:
89:94:44:c1:b1:c7:4d:57:a5:48:d7:89:2d:f3:79:
1a:bd:01:8d:f7:06:b9:55:79:42:ab:b2:c6:0a:4b:
3b:fa:85:e0:8d:03:46:ab:7e:0e:4b:9e:c7:22:c3:
26:6a:f2:20:51:5c:6b:ec:99:10:80:1a:8e:bd:c7:
46:f8:43:6c:da:f6:59:e9:fd:e1:3e:59:46:5c:7a:
8f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:22:77:4B:8F:73:74:1E:99:C8:78:BC:19:8C:2D:FD:0F:98:7A:13
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/sCJ3S49zdB6ZyHi8GYwt_Q-YehM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.214.0/24
109.72.122.0/24
185.30.200.0/22
Signature Algorithm: sha256WithRSAEncryption
88:ef:6f:6f:75:93:74:76:8b:77:20:8e:e7:fe:c8:3e:c2:12:
9d:5b:46:2b:6a:a4:2f:65:d8:53:cb:df:00:2b:6e:c9:4f:1b:
77:e2:1e:0d:0c:71:c4:4b:23:d9:4f:bf:ae:57:e8:27:a8:01:
54:bf:18:2d:ea:0a:11:46:e0:8d:fe:ee:9a:1c:91:b3:6d:c0:
e1:e7:76:60:4b:c2:cb:21:8e:0c:13:10:18:bd:03:df:a1:47:
85:45:db:23:fa:85:63:82:a1:f3:0d:aa:ff:3c:7e:1d:f1:0b:
4a:d2:4e:1b:ae:27:0a:6e:0b:00:f0:8a:bd:4d:ef:57:12:93:
5d:4e:a0:5c:56:5f:01:fd:1b:32:60:07:c3:22:7e:a6:35:2d:
6d:d7:9a:86:dc:9e:27:8b:53:80:d6:9f:81:84:f5:6e:1c:8f:
4c:9d:4a:65:ae:b3:ac:83:c8:da:c6:be:4f:29:d8:8e:c5:45:
8c:3a:5e:29:d4:29:7d:06:4e:7f:8e:86:d2:18:9f:42:3d:5a:
42:37:23:2a:75:74:61:1e:2e:c5:24:06:b3:73:75:65:4d:a2:
d2:77:a6:a9:a4:70:dc:cf:67:d4:3c:31:74:37:a8:5b:26:f4:
53:34:b9:b0:d2:9f:ac:e4:15:f0:d1:b6:1d:e8:c6:0c:4b:bc:
f5:36:0c:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGScnLyH0TijJyj3CbBECUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjQwMTAxMTgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDIyNzc0YjhmNzM3NDFlOTljODc4YmMxOThjMmRmZDBmOTg3YTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArleZklflk0oCHt9lRNuzRtLru1/t
WGRav4eHRTP5ONg+gv+1kh4EujqE5DtNnDCyoq5XTYajIiDl7DTh0wIroFr0E1tR
SIFO8OZ+X8Ja9dJKvV5PhDmGrDR6R83TnKhAiGUc0snbmawJlaqCXoAuDxq5g3cS
yTqMMOk29rDgZxEsSkTJsEmHU7Ci1VqdbwYPkCRWDkOMFx7AJEdqH0L+8yGwQz32
BIdO7Kt1JXADLsyf1EyJlETBscdNV6VI14kt83kavQGN9wa5VXlCq7LGCks7+oXg
jQNGq34OS57HIsMmavIgUVxr7JkQgBqOvcdG+ENs2vZZ6f3hPllGXHqPXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLAid0uPc3Qemch4vBmMLf0PmHoTMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvc0NKM1M0OXpkQjZaeUhpOEdZd3RfUS1ZZWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXbnWAwQA
bUh6AwQCuR7IMA0GCSqGSIb3DQEBCwUAA4IBAQCI729vdZN0dot3II7n/sg+whKd
W0YraqQvZdhTy98AK27JTxt34h4NDHHESyPZT7+uV+gnqAFUvxgt6goRRuCN/u6a
HJGzbcDh53ZgS8LLIY4MExAYvQPfoUeFRdsj+oVjgqHzDar/PH4d8QtK0k4bricK
bgsA8Iq9Te9XEpNdTqBcVl8B/RsyYAfDIn6mNS1t15qG3J4ni1OA1p+BhPVuHI9M
nUplrrOsg8jaxr5PKdiOxUWMOl4p1Cl9Bk5/jobSGJ9CPVpCNyMqdXRhHi7FJAaz
c3VlTaLSd6appHDcz2fUPDF0N6hbJvRTNLmw0p+s5BXw0bYd6MYMS7z1NgwF
-----END CERTIFICATE-----
Generated at Mon May 6 16:19:42 2024 by rpki-client on console-fra.rpki-client.org