Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/u3sHSE5KETHgDwcWxyDJbZ_M4bg.roa
File: u3sHSE5KETHgDwcWxyDJbZ_M4bg.roa (raw, json)
Hash identifier: HU102uYMpnCLmNOcHFOhegIC22tjAiQPXNjzjCEpFeE=
Subject key identifier: BB:7B:07:48:4E:4A:11:31:E0:0F:07:16:C7:20:C9:6D:9F:CC:E1:B8
Certificate issuer: /CN=702f4e00943700c0897de7adbcfced5d10bf2e01
Certificate serial: 018CC6B92B558378690F727238721774AF64
Authority key identifier: 70:2F:4E:00:94:37:00:C0:89:7D:E7:AD:BC:FC:ED:5D:10:BF:2E:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cC9OAJQ3AMCJfeetvPztXRC_LgE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/u3sHSE5KETHgDwcWxyDJbZ_M4bg.roa
Signing time: Mon 01 Jan 2024 20:31:13 +0000
ROA not before: Mon 01 Jan 2024 20:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13045
IP address blocks: 185.93.136.0/22 maxlen: 22
89.182.0.0/15 maxlen: 16
212.59.32.0/19 maxlen: 19
193.254.18.0/24 maxlen: 24
81.14.128.0/17 maxlen: 17
2a02:560::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/cC9OAJQ3AMCJfeetvPztXRC_LgE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/cC9OAJQ3AMCJfeetvPztXRC_LgE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cC9OAJQ3AMCJfeetvPztXRC_LgE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 22:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:2b:55:83:78:69:0f:72:72:38:72:17:74:af:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=702f4e00943700c0897de7adbcfced5d10bf2e01
Validity
Not Before: Jan 1 20:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb7b07484e4a1131e00f0716c720c96d9fcce1b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3c:59:74:f5:73:40:5f:71:ba:73:f0:34:07:
4b:42:97:17:9e:a9:d4:1a:17:a2:be:a9:5d:87:a1:
27:91:d0:03:94:70:fa:04:db:6d:03:44:71:40:62:
28:8c:d7:dd:f3:de:61:6b:8f:ea:e6:4a:e6:4d:bd:
56:a0:04:35:ef:39:66:52:34:35:9d:f6:4e:8c:b9:
80:9b:0b:ba:a2:0b:20:be:73:52:15:2b:54:45:ba:
56:6f:7e:38:00:20:29:71:de:55:f5:e0:05:43:ee:
ab:26:4f:11:ff:ff:82:e7:00:cf:b3:c9:c1:f8:cb:
c0:d8:76:1e:56:13:90:33:aa:dd:41:ae:4d:a9:b1:
22:86:1c:9e:3f:38:7a:bb:5c:98:fb:fb:15:35:48:
c6:08:97:e2:c8:66:6b:7e:3c:e4:6b:66:bb:7e:aa:
8f:e6:d1:7b:14:df:8e:de:4e:2e:98:31:3a:b3:2b:
98:53:9f:d4:fc:a6:21:c2:66:e5:59:75:bd:32:0d:
7b:90:ca:54:fc:87:40:86:0e:8f:83:f5:23:78:7a:
dd:3d:a3:86:9f:58:db:28:9c:03:80:32:88:a5:ad:
49:45:f0:2b:df:3c:5e:ff:da:2e:c0:07:1c:12:40:
23:1e:41:fd:73:96:5d:46:85:e8:6d:6d:63:c4:5c:
f5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7B:07:48:4E:4A:11:31:E0:0F:07:16:C7:20:C9:6D:9F:CC:E1:B8
X509v3 Authority Key Identifier:
keyid:70:2F:4E:00:94:37:00:C0:89:7D:E7:AD:BC:FC:ED:5D:10:BF:2E:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cC9OAJQ3AMCJfeetvPztXRC_LgE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/u3sHSE5KETHgDwcWxyDJbZ_M4bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/bcb6eb-e262-4d69-80fb-59b0fc913d36/1/cC9OAJQ3AMCJfeetvPztXRC_LgE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.14.128.0/17
89.182.0.0/15
185.93.136.0/22
193.254.18.0/24
212.59.32.0/19
IPv6:
2a02:560::/32
Signature Algorithm: sha256WithRSAEncryption
82:3a:46:99:4c:2c:37:1d:00:92:60:de:21:c3:09:ac:c0:7f:
5b:99:b7:79:3c:9e:cc:e9:58:df:16:b4:2f:37:73:1d:05:4b:
f0:df:96:b6:7a:e8:ea:44:88:97:27:14:ad:a8:06:7a:6d:fb:
cf:ed:0e:51:b8:6d:61:42:88:73:12:3c:5f:77:47:ea:ff:d0:
9b:d4:4b:16:24:da:2e:d0:a4:a7:64:11:30:00:54:8d:e0:e9:
57:bd:d0:5b:b2:72:57:cd:30:f2:0b:60:f3:41:23:3b:31:8c:
45:f1:2a:40:2d:83:9c:53:35:48:03:0f:9e:a2:f9:d1:a3:cd:
7a:93:94:a2:bc:72:30:9e:37:ca:b5:00:05:45:0e:a7:e7:f0:
ca:04:de:cd:a6:57:1c:a5:a8:53:97:88:3b:98:d8:1e:42:90:
76:87:d7:9c:25:24:0c:92:43:e5:e6:b8:9c:98:95:80:0f:ad:
65:25:ab:ee:ab:6f:bb:cf:11:dc:b8:ed:c6:5b:b9:e7:8c:b1:
50:55:df:63:db:f5:cf:7b:95:d5:ca:58:33:c1:e8:b0:a6:a4:
b0:69:6b:3f:e3:de:b5:36:5f:93:af:b4:61:d4:f4:db:76:1c:
5b:82:a0:ef:f9:96:2c:db:c7:c2:d5:76:32:5c:d2:24:37:e0:
3b:a2:2f:fa
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzGuStVg3hpD3JyOHIXdK9kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMmY0ZTAwOTQzNzAwYzA4OTdkZTdhZGJjZmNlZDVkMTBi
ZjJlMDEwHhcNMjQwMTAxMjAzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjdiMDc0ODRlNGExMTMxZTAwZjA3MTZjNzIwYzk2ZDlmY2NlMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjxZdPVzQF9xunPwNAdLQpcXnqnU
Gheivqldh6EnkdADlHD6BNttA0RxQGIojNfd895ha4/q5krmTb1WoAQ17zlmUjQ1
nfZOjLmAmwu6ogsgvnNSFStURbpWb344ACApcd5V9eAFQ+6rJk8R//+C5wDPs8nB
+MvA2HYeVhOQM6rdQa5NqbEihhyePzh6u1yY+/sVNUjGCJfiyGZrfjzka2a7fqqP
5tF7FN+O3k4umDE6syuYU5/U/KYhwmblWXW9Mg17kMpU/IdAhg6Pg/UjeHrdPaOG
n1jbKJwDgDKIpa1JRfAr3zxe/9ouwAccEkAjHkH9c5ZdRoXobW1jxFz13QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLt7B0hOShEx4A8HFscgyW2fzOG4MB8GA1UdIwQY
MBaAFHAvTgCUNwDAiX3nrbz87V0Qvy4BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0M5T0FKUTNBTUNKZmVldHZQenRYUkNfTGdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9iY2I2ZWItZTI2Mi00ZDY5LTgwZmIt
NTliMGZjOTEzZDM2LzEvdTNzSFNFNUtFVEhnRHdjV3h5REpiWl9NNGJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9iY2I2ZWItZTI2Mi00ZDY5LTgwZmItNTliMGZjOTEzZDM2
LzEvY0M5T0FKUTNBTUNKZmVldHZQenRYUkNfTGdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQHUQ6AAwMB
WbYDBAK5XYgDBADB/hIDBAXUOyAwDQQCAAIwBwMFACoCBWAwDQYJKoZIhvcNAQEL
BQADggEBAII6RplMLDcdAJJg3iHDCazAf1uZt3k8nszpWN8WtC83cx0FS/DflrZ6
6OpEiJcnFK2oBnpt+8/tDlG4bWFCiHMSPF93R+r/0JvUSxYk2i7QpKdkETAAVI3g
6Ve90FuyclfNMPILYPNBIzsxjEXxKkAtg5xTNUgDD56i+dGjzXqTlKK8cjCeN8q1
AAVFDqfn8MoE3s2mVxylqFOXiDuY2B5CkHaH15wlJAySQ+XmuJyYlYAPrWUlq+6r
b7vPEdy47cZbueeMsVBV32Pb9c97ldXKWDPB6LCmpLBpaz/j3rU2X5OvtGHU9Nt2
HFuCoO/5lizbx8LVdjJc0iQ34DuiL/o=
-----END CERTIFICATE-----
Generated at Fri Jun 28 08:12:54 2024 by rpki-client on console-ams.rpki-client.org