Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/Ks8clxg-RXVS_zd_aKMqyuELNOM.roa
File: Ks8clxg-RXVS_zd_aKMqyuELNOM.roa (raw, json)
Hash identifier: OnXzvUTnsDni/LolniTFL7/PeHJa9x9iT1GF59uXrCo=
Subject key identifier: 2A:CF:1C:97:18:3E:45:75:52:FF:37:7F:68:A3:2A:CA:E1:0B:34:E3
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 018CC2DB581FC906A44A3CA8C55152AED0E3
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/Ks8clxg-RXVS_zd_aKMqyuELNOM.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3170
IP address blocks: 83.97.16.0/22 maxlen: 24
195.144.8.0/24 maxlen: 24
91.240.224.0/24 maxlen: 24
185.17.196.0/22 maxlen: 24
195.74.52.0/22 maxlen: 24
185.175.90.0/24 maxlen: 24
195.191.218.0/23 maxlen: 24
193.35.56.0/22 maxlen: 24
193.105.188.0/24 maxlen: 24
194.69.165.0/24 maxlen: 24
2a03:ee40::/32 maxlen: 32
2a11:2641::/32 maxlen: 32
2a10:4740::/29 maxlen: 48
2a07:240::/29 maxlen: 48
2a11:2640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.mft
rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:58:1f:c9:06:a4:4a:3c:a8:c5:51:52:ae:d0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2acf1c97183e457552ff377f68a32acae10b34e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:db:57:e2:98:3c:4e:a7:e1:e9:84:19:31:5d:
8d:a2:1b:6b:10:ef:ec:13:78:ac:3e:65:48:0e:c7:
c2:95:57:3d:1f:e4:b2:a6:eb:fb:f0:e8:97:3e:e7:
5e:42:d4:b4:d4:ce:35:c0:f3:4a:8b:26:bd:9b:29:
38:5c:8e:40:cf:00:7d:b9:45:27:8f:07:aa:ab:6c:
2c:30:83:10:aa:3a:eb:3c:22:9b:af:2c:fa:92:b6:
5c:f3:85:52:42:25:be:eb:27:9b:a2:3d:6f:9d:fc:
a0:2c:1c:77:29:f1:87:60:6b:31:d8:bb:ab:8d:8c:
a7:8e:d2:df:66:5a:52:83:63:41:af:8b:d4:86:c1:
d2:e5:1a:c1:c6:99:63:de:22:8e:16:48:26:e7:ca:
ce:c9:f7:cb:6a:4a:63:88:a5:24:d8:68:23:f4:92:
8a:71:05:87:f4:07:fc:fe:c5:cc:db:06:b1:7c:03:
47:36:a7:d5:2e:62:8d:9e:57:6e:1e:ff:de:34:9e:
be:bd:ea:c3:b2:6c:8b:88:a8:50:a3:59:3d:cd:5e:
9c:b4:c5:a9:45:84:01:55:8c:ee:e3:55:d3:e6:fb:
cd:8e:53:95:e0:3e:f6:b8:a5:54:bb:51:41:a5:43:
1b:f8:95:46:96:b3:fa:9e:a8:cd:83:d3:0f:44:2f:
0b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CF:1C:97:18:3E:45:75:52:FF:37:7F:68:A3:2A:CA:E1:0B:34:E3
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/Ks8clxg-RXVS_zd_aKMqyuELNOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.16.0/22
91.240.224.0/24
185.17.196.0/22
185.175.90.0/24
193.35.56.0/22
193.105.188.0/24
194.69.165.0/24
195.74.52.0/22
195.144.8.0/24
195.191.218.0/23
IPv6:
2a03:ee40::/32
2a07:240::/29
2a10:4740::/29
2a11:2640::/31
Signature Algorithm: sha256WithRSAEncryption
b8:f9:32:5e:d5:2a:a5:32:4a:2b:d0:75:e4:4f:72:1a:73:64:
ff:c3:6e:ed:7a:77:53:2c:cf:6b:b6:a0:f7:f8:a6:a4:7d:99:
76:a1:b4:9a:f1:f7:d9:55:39:c5:b3:e2:d4:16:c3:ca:e7:fd:
8f:40:23:e7:4f:a4:d5:a6:52:e7:fb:98:39:e7:ee:ee:d3:9e:
76:be:40:07:37:2a:df:c2:12:75:83:c9:c4:d5:18:6c:5e:50:
ee:65:b5:87:63:2a:4f:b6:31:59:4f:2d:e2:fc:0c:6c:2d:83:
65:75:f9:46:05:d2:58:8a:52:52:ac:56:e8:59:44:3e:bc:a2:
f2:70:49:3f:e6:26:89:20:09:77:f5:57:92:4b:c0:37:33:c1:
d3:54:af:01:40:fd:69:92:a3:4f:88:49:27:a0:08:85:b6:7a:
09:dd:c8:ce:43:46:57:e4:d6:62:05:e1:0e:93:ed:ec:78:94:
f4:67:e0:db:62:a2:00:38:0c:7d:e5:ba:78:15:72:1c:ef:43:
3e:da:7b:19:a0:89:c9:20:b9:b1:76:f0:dd:38:f8:f7:f5:db:
81:14:0d:35:19:24:90:ab:65:fd:74:7d:f4:99:79:52:4e:92:
07:81:c7:b0:53:af:0c:90:a4:d5:d1:a3:fa:58:db:72:3b:36:
fd:8d:df:9d
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYzC21gfyQakSjyoxVFSrtDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWNmMWM5NzE4M2U0NTc1NTJmZjM3N2Y2OGEzMmFjYWUxMGIzNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNtX4pg8Tqfh6YQZMV2NohtrEO/s
E3isPmVIDsfClVc9H+Sypuv78OiXPudeQtS01M41wPNKiya9myk4XI5AzwB9uUUn
jweqq2wsMIMQqjrrPCKbryz6krZc84VSQiW+6yeboj1vnfygLBx3KfGHYGsx2Lur
jYynjtLfZlpSg2NBr4vUhsHS5RrBxplj3iKOFkgm58rOyffLakpjiKUk2Ggj9JKK
cQWH9Af8/sXM2waxfANHNqfVLmKNnlduHv/eNJ6+verDsmyLiKhQo1k9zV6ctMWp
RYQBVYzu41XT5vvNjlOV4D72uKVUu1FBpUMb+JVGlrP6nqjNg9MPRC8LpQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFCrPHJcYPkV1Uv83f2ijKsrhCzTjMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvS3M4Y2x4Zy1SWFZTX3pkX2FLTXF5dUVMTk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBCBAIAATA8AwQCU2EQAwQA
W/DgAwQCuRHEAwQAua9aAwQCwSM4AwQAwWm8AwQAwkWlAwQCw0o0AwQAw5AIAwQB
w7/aMCIEAgACMBwDBQAqA+5AAwUDKgcCQAMFAyoQR0ADBQEqESZAMA0GCSqGSIb3
DQEBCwUAA4IBAQC4+TJe1SqlMkor0HXkT3Iac2T/w27tendTLM9rtqD3+KakfZl2
obSa8ffZVTnFs+LUFsPK5/2PQCPnT6TVplLn+5g55+7u0552vkAHNyrfwhJ1g8nE
1RhsXlDuZbWHYypPtjFZTy3i/AxsLYNldflGBdJYilJSrFboWUQ+vKLycEk/5iaJ
IAl39VeSS8A3M8HTVK8BQP1pkqNPiEknoAiFtnoJ3cjOQ0ZX5NZiBeEOk+3seJT0
Z+DbYqIAOAx95bp4FXIc70M+2nsZoInJILmxdvDdOPj39duBFA01GSSQq2X9dH30
mXlSTpIHgcewU68MkKTV0aP6WNtyOzb9jd+d
-----END CERTIFICATE-----
Generated at Mon May 6 21:31:02 2024 by rpki-client on console-ams.rpki-client.org