Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/szlTn72_0B-necyALaKZqt7q1lQ.roa
File: szlTn72_0B-necyALaKZqt7q1lQ.roa (raw, json)
Hash identifier: fgXxo4cO8DSK+XNksfyiEdH7Kx8pzIbQGntatI7lXvQ=
Subject key identifier: B3:39:53:9F:BD:BF:D0:1F:A7:79:CC:80:2D:A2:99:AA:DE:EA:D6:54
Certificate issuer: /CN=088e0321271332afc77e4c8579f0e5559cc09c50
Certificate serial: 018CC3B69F4E431BD4BDACD493DA020190D6
Authority key identifier: 08:8E:03:21:27:13:32:AF:C7:7E:4C:85:79:F0:E5:55:9C:C0:9C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/szlTn72_0B-necyALaKZqt7q1lQ.roa
Signing time: Mon 01 Jan 2024 06:29:34 +0000
ROA not before: Mon 01 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207104
IP address blocks: 185.163.158.0/24 maxlen: 24
185.163.157.0/24 maxlen: 24
185.163.156.0/24 maxlen: 24
185.163.159.0/24 maxlen: 24
185.191.33.0/24 maxlen: 24
185.191.32.0/24 maxlen: 24
2a0a:400:3000::/36 maxlen: 36
2a0a:400:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/CI4DIScTMq_HfkyFefDlVZzAnFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/CI4DIScTMq_HfkyFefDlVZzAnFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 21:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:9f:4e:43:1b:d4:bd:ac:d4:93:da:02:01:90:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088e0321271332afc77e4c8579f0e5559cc09c50
Validity
Not Before: Jan 1 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b339539fbdbfd01fa779cc802da299aadeead654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5e:cc:5d:40:e9:7c:2b:ca:5a:f9:3a:1e:ac:
0b:ff:50:ed:a8:8f:58:9c:39:71:ae:f9:d6:fa:06:
d0:19:3c:35:d7:20:5a:f6:ae:9e:cc:e2:a5:34:d2:
ab:b8:0e:0f:93:84:e0:03:af:cf:0e:b2:7e:27:52:
98:88:c6:32:dd:51:79:7b:0c:07:82:31:3b:74:d8:
82:44:de:df:0d:f0:3d:e4:23:9d:fe:a6:b4:15:2d:
a3:6a:b1:63:5d:9c:32:ab:98:6f:aa:8c:f1:d0:e4:
4f:18:9a:00:08:66:74:14:f5:93:06:af:45:d5:c8:
ab:d9:98:5b:f5:86:fb:d3:c0:3a:c0:57:19:d0:e4:
36:c9:d2:3d:e9:e6:96:39:46:95:97:ae:0b:ee:bd:
72:79:79:97:da:2b:7c:e8:4c:38:89:ca:5e:35:1b:
25:3f:19:b8:1f:40:e1:ec:91:bb:71:63:e5:6d:b8:
87:19:7c:ff:89:f1:20:f3:16:96:23:3a:73:0b:41:
04:f9:89:3e:46:77:f2:81:f5:3a:fe:e2:a1:f9:fb:
85:7b:69:e4:4a:ce:6c:f1:0d:b5:63:07:09:d8:af:
14:e6:76:eb:a4:5a:b2:13:39:dc:5b:1b:a2:aa:fa:
5a:6b:3c:9e:0b:be:85:90:d2:f7:04:76:09:d0:5e:
6c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:39:53:9F:BD:BF:D0:1F:A7:79:CC:80:2D:A2:99:AA:DE:EA:D6:54
X509v3 Authority Key Identifier:
keyid:08:8E:03:21:27:13:32:AF:C7:7E:4C:85:79:F0:E5:55:9C:C0:9C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/szlTn72_0B-necyALaKZqt7q1lQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/CI4DIScTMq_HfkyFefDlVZzAnFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.156.0/22
185.191.32.0/23
IPv6:
2a0a:400:2000::/35
Signature Algorithm: sha256WithRSAEncryption
7c:28:ef:42:f2:83:ca:8f:e2:ba:42:14:e7:da:87:06:58:ac:
04:3f:33:82:7a:68:f0:d9:d3:fa:82:fe:a2:64:5c:65:98:f2:
09:54:c0:ed:fc:c8:b6:8d:d4:00:11:78:5c:66:73:29:90:08:
00:1b:7d:b9:df:bc:50:5b:2f:f3:2b:63:3a:bf:ef:01:2f:15:
80:6b:d9:d0:a9:ca:fe:ee:6c:00:cd:0d:f9:14:ec:ca:f7:1c:
2c:de:bb:07:77:7f:dd:0a:57:a3:b6:ba:f0:14:3f:80:2e:b3:
15:1d:ce:a3:31:fb:d3:18:0f:0b:8e:e2:63:05:13:19:03:ad:
31:ea:a1:d0:f3:a0:2a:08:e4:fc:3f:bc:65:71:be:14:97:85:
c0:dd:e4:46:13:5b:b0:a5:a9:ce:fa:c8:ae:19:17:50:40:03:
1b:4c:38:5f:0f:67:92:85:2c:89:ff:66:b8:82:7c:fc:69:6c:
08:91:d3:70:76:90:47:85:c3:c5:56:80:75:b8:12:3d:45:0d:
2f:99:9a:de:96:43:d4:73:b8:57:31:36:1e:f9:3f:58:c0:a3:
97:6b:51:4d:c4:2f:9f:ac:13:9b:85:83:1b:dd:53:eb:27:b0:
e4:72:8f:5a:49:d2:e7:46:62:df:ce:c0:7c:44:9b:62:6b:d1:
b1:39:50:62
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzDtp9OQxvUvazUk9oCAZDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OGUwMzIxMjcxMzMyYWZjNzdlNGM4NTc5ZjBlNTU1OWNj
MDljNTAwHhcNMjQwMTAxMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzM5NTM5ZmJkYmZkMDFmYTc3OWNjODAyZGEyOTlhYWRlZWFkNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlV7MXUDpfCvKWvk6HqwL/1DtqI9Y
nDlxrvnW+gbQGTw11yBa9q6ezOKlNNKruA4Pk4TgA6/PDrJ+J1KYiMYy3VF5ewwH
gjE7dNiCRN7fDfA95COd/qa0FS2jarFjXZwyq5hvqozx0ORPGJoACGZ0FPWTBq9F
1cir2Zhb9Yb708A6wFcZ0OQ2ydI96eaWOUaVl64L7r1yeXmX2it86Ew4icpeNRsl
Pxm4H0Dh7JG7cWPlbbiHGXz/ifEg8xaWIzpzC0EE+Yk+RnfygfU6/uKh+fuFe2nk
Ss5s8Q21YwcJ2K8U5nbrpFqyEzncWxuiqvpaazyeC76FkNL3BHYJ0F5sXwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLM5U5+9v9Afp3nMgC2imare6tZUMB8GA1UdIwQY
MBaAFAiOAyEnEzKvx35MhXnw5VWcwJxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0k0RElTY1RNcV9IZmt5RmVmRGxWWnpBbkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9hMmE1MmMtMTM2YS00M2E4LTk2N2Mt
ZjZkOTY2Y2E0ZjA3LzEvc3psVG43Ml8wQi1uZWN5QUxhS1pxdDdxMWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9hMmE1MmMtMTM2YS00M2E4LTk2N2MtZjZkOTY2Y2E0ZjA3
LzEvQ0k0RElTY1RNcV9IZmt5RmVmRGxWWnpBbkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuaOcAwQB
ub8gMA4EAgACMAgDBgUqCgQAIDANBgkqhkiG9w0BAQsFAAOCAQEAfCjvQvKDyo/i
ukIU59qHBlisBD8zgnpo8NnT+oL+omRcZZjyCVTA7fzIto3UABF4XGZzKZAIABt9
ud+8UFsv8ytjOr/vAS8VgGvZ0KnK/u5sAM0N+RTsyvccLN67B3d/3QpXo7a68BQ/
gC6zFR3OozH70xgPC47iYwUTGQOtMeqh0POgKgjk/D+8ZXG+FJeFwN3kRhNbsKWp
zvrIrhkXUEADG0w4Xw9nkoUsif9muIJ8/GlsCJHTcHaQR4XDxVaAdbgSPUUNL5ma
3pZD1HO4VzE2Hvk/WMCjl2tRTcQvn6wTm4WDG91T6yew5HKPWknS50Zi387AfESb
YmvRsTlQYg==
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:15:05 2024 by rpki-client on console-fra.rpki-client.org