Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/T-VwgfCFsOqwNHjogsxkrV1jrXw.roa
File: T-VwgfCFsOqwNHjogsxkrV1jrXw.roa (raw, json)
Hash identifier: 83l2dPEp7sFomn+QskN4VtssMmmsLm8I9s0ouxtXOHQ=
Subject key identifier: 4F:E5:70:81:F0:85:B0:EA:B0:34:78:E8:82:CC:64:AD:5D:63:AD:7C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018E3827A253FA7E80EA6C054058DB496CF5
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/T-VwgfCFsOqwNHjogsxkrV1jrXw.roa
Signing time: Wed 13 Mar 2024 14:11:45 +0000
ROA not before: Wed 13 Mar 2024 14:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213005
IP address blocks: 81.21.228.0/22 maxlen: 24
85.115.192.0/22 maxlen: 24
88.135.64.0/22 maxlen: 24
92.60.34.0/24 maxlen: 24
93.92.228.0/22 maxlen: 24
95.214.144.0/22 maxlen: 24
185.106.124.0/22 maxlen: 24
185.179.228.0/22 maxlen: 22
185.189.64.0/22 maxlen: 24
185.211.180.0/22 maxlen: 22
185.223.220.0/22 maxlen: 22
185.227.128.0/22 maxlen: 22
185.245.34.0/23 maxlen: 23
193.26.152.0/22 maxlen: 24
193.35.88.0/22 maxlen: 24
194.38.56.0/22 maxlen: 24
212.80.208.0/22 maxlen: 24
212.115.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:38:27:a2:53:fa:7e:80:ea:6c:05:40:58:db:49:6c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 13 14:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fe57081f085b0eab03478e882cc64ad5d63ad7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2e:f9:96:6b:35:ef:5a:24:7b:42:31:22:b4:
41:1f:e9:d9:bd:fa:2d:67:81:7c:96:8a:42:5f:cf:
7e:76:46:ef:da:53:19:b2:ea:a6:b6:48:a4:f3:e1:
78:d2:75:89:48:c6:6a:28:0d:89:21:74:83:f3:ff:
10:07:68:c5:9c:5d:fb:e2:e1:9d:77:fc:52:7c:85:
be:a8:2f:0a:4b:00:f0:f8:cd:a2:37:46:08:ef:d8:
bc:1a:ec:2f:18:3d:fb:55:b7:fb:42:3a:83:40:be:
50:9b:82:37:c1:e4:8d:ef:49:fd:b9:c5:b9:4e:fe:
a4:29:66:4d:af:65:2b:03:cf:7a:02:cd:42:23:df:
b7:eb:d0:a9:11:4f:93:2a:31:32:ac:d6:35:f9:4b:
27:95:5b:4c:bb:4d:90:ef:6b:35:31:39:e7:db:b1:
97:7c:da:3e:4c:d7:38:70:df:49:fe:1f:56:8a:6d:
86:00:59:9d:f4:25:55:c7:13:23:84:48:81:db:8a:
24:4e:e6:77:1b:2c:cd:5d:e0:f4:75:61:8a:4c:c5:
b9:50:53:2f:3c:0e:2c:35:e8:2d:bb:36:c1:43:8d:
60:64:20:a4:4a:2c:9b:7e:95:90:43:2d:75:6e:25:
2e:f8:9c:3c:f9:2a:69:c8:25:2a:5c:ca:22:29:b9:
de:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E5:70:81:F0:85:B0:EA:B0:34:78:E8:82:CC:64:AD:5D:63:AD:7C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/T-VwgfCFsOqwNHjogsxkrV1jrXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.228.0/22
85.115.192.0/22
88.135.64.0/22
92.60.34.0/24
93.92.228.0/22
95.214.144.0/22
185.106.124.0/22
185.179.228.0/22
185.189.64.0/22
185.211.180.0/22
185.223.220.0/22
185.227.128.0/22
185.245.34.0/23
193.26.152.0/22
193.35.88.0/22
194.38.56.0/22
212.80.208.0/22
212.115.44.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:9a:7c:db:4e:35:e1:62:a4:68:84:4e:26:98:75:bb:03:16:
c1:1d:f7:79:b0:79:e7:9d:55:e9:42:ac:f0:f5:55:5b:2c:fd:
cc:a4:00:5c:f9:9f:7a:fe:ad:f9:0d:c3:ad:1c:eb:bc:88:29:
7b:d6:fe:b8:d4:5f:0d:09:2c:0e:6c:26:ba:0b:32:9a:a7:34:
e1:3d:44:8d:9a:6a:18:59:05:45:c6:a9:a3:32:bf:7a:5e:9e:
2e:5d:32:bd:f8:51:29:3e:ea:7c:45:66:e9:92:5f:22:f5:f4:
52:20:72:30:96:6a:40:ab:f2:6b:3f:c0:22:cb:c4:4b:b3:e3:
ba:3f:26:a0:a0:e7:e8:25:37:7c:7b:90:0e:76:e6:15:7d:36:
77:15:07:d9:dd:79:11:ff:17:9c:2a:15:68:e6:c1:c2:e6:8c:
71:e5:12:f9:06:9c:fa:26:a7:84:2b:b5:7c:9a:c1:60:09:bc:
a2:ef:47:b4:eb:b6:f7:1a:e8:21:5a:e4:5a:1d:52:d1:43:1e:
db:97:10:aa:cd:28:87:08:80:c4:b8:1b:98:b7:4c:7a:3b:20:
8f:52:62:00:f7:30:5c:4e:14:59:5d:42:61:16:80:4e:5a:05:
1d:3a:b6:59:2b:17:d2:1e:d2:c6:79:80:0f:cd:8b:30:be:9a:
26:1f:10:a7
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY44J6JT+n6A6mwFQFjbSWz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMzEzMTQxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmU1NzA4MWYwODViMGVhYjAzNDc4ZTg4MmNjNjRhZDVkNjNhZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy75lms171oke0IxIrRBH+nZvfot
Z4F8lopCX89+dkbv2lMZsuqmtkik8+F40nWJSMZqKA2JIXSD8/8QB2jFnF374uGd
d/xSfIW+qC8KSwDw+M2iN0YI79i8GuwvGD37Vbf7QjqDQL5Qm4I3weSN70n9ucW5
Tv6kKWZNr2UrA896As1CI9+369CpEU+TKjEyrNY1+UsnlVtMu02Q72s1MTnn27GX
fNo+TNc4cN9J/h9Wim2GAFmd9CVVxxMjhEiB24okTuZ3GyzNXeD0dWGKTMW5UFMv
PA4sNegtuzbBQ41gZCCkSiybfpWQQy11biUu+Jw8+SppyCUqXMoiKbneFwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFE/lcIHwhbDqsDR46ILMZK1dY618MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVC1Wd2dmQ0ZzT3F3Tkhqb2dzeGtyVjFqclh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAlEV5AME
AlVzwAMEAliHQAMEAFw8IgMEAl1c5AMEAl/WkAMEArlqfAMEArmz5AMEArm9QAME
ArnTtAMEArnf3AMEArnjgAMEAbn1IgMEAsEamAMEAsEjWAMEAsImOAMEAtRQ0AME
AtRzLDANBgkqhkiG9w0BAQsFAAOCAQEAbpp820414WKkaIROJph1uwMWwR33ebB5
551V6UKs8PVVWyz9zKQAXPmfev6t+Q3DrRzrvIgpe9b+uNRfDQksDmwmugsymqc0
4T1EjZpqGFkFRcapozK/el6eLl0yvfhRKT7qfEVm6ZJfIvX0UiByMJZqQKvyaz/A
IsvES7Pjuj8moKDn6CU3fHuQDnbmFX02dxUH2d15Ef8XnCoVaObBwuaMceUS+Qac
+ianhCu1fJrBYAm8ou9HtOu29xroIVrkWh1S0UMe25cQqs0ohwiAxLgbmLdMejsg
j1JiAPcwXE4UWV1CYRaATloFHTq2WSsX0h7SxnmAD82LML6aJh8Qpw==
-----END CERTIFICATE-----
Generated at Sat May 4 12:53:08 2024 by rpki-client on console-ams.rpki-client.org