Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/I3UetXcMtZ9x8LmqtnS-WCUd2Co.roa
File: I3UetXcMtZ9x8LmqtnS-WCUd2Co.roa (raw, json)
Hash identifier: tKhV7Ttrdl6BC47KsZm/L6gcuuFl8wYJJkZxmaEDajU=
Subject key identifier: 23:75:1E:B5:77:0C:B5:9F:71:F0:B9:AA:B6:74:BE:58:25:1D:D8:2A
Certificate issuer: /CN=ff29e70af2f7e18cbc19f97cca8fd6c05099741d
Certificate serial: 018CC26D6C8C486285994255DFBE373F974F
Authority key identifier: FF:29:E7:0A:F2:F7:E1:8C:BC:19:F9:7C:CA:8F:D6:C0:50:99:74:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/I3UetXcMtZ9x8LmqtnS-WCUd2Co.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13178
IP address blocks: 185.61.192.0/24 maxlen: 24
185.61.195.0/24 maxlen: 24
91.204.20.0/24 maxlen: 24
91.204.21.0/24 maxlen: 24
185.58.124.0/22 maxlen: 22
93.88.128.0/20 maxlen: 20
185.175.72.0/22 maxlen: 22
185.59.192.0/22 maxlen: 22
185.55.40.0/22 maxlen: 22
185.58.152.0/22 maxlen: 22
91.205.44.0/22 maxlen: 22
93.187.120.0/21 maxlen: 21
2a0b:d700::/29 maxlen: 29
2a04:ed40::/29 maxlen: 29
2a04:e080::/29 maxlen: 29
2a03:6c0::/32 maxlen: 32
2a00:8040::/32 maxlen: 32
2a02:6160::/32 maxlen: 32
2a03:ed80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6c:8c:48:62:85:99:42:55:df:be:37:3f:97:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff29e70af2f7e18cbc19f97cca8fd6c05099741d
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23751eb5770cb59f71f0b9aab674be58251dd82a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c5:17:44:9f:f0:28:a7:db:c9:7d:2f:05:42:
7b:c1:ff:b9:3e:11:e5:aa:9d:0b:59:3b:a6:ee:16:
0c:ee:bb:cf:56:48:8a:a0:50:f4:bc:ff:75:9c:5c:
8d:68:2b:00:a9:d7:12:13:56:a9:a4:51:d7:d7:66:
b4:f2:5e:c9:ed:f3:4a:93:68:bb:f3:68:2b:82:cb:
e9:27:fd:17:31:0c:c9:be:df:64:d3:f4:10:ad:c8:
37:29:b9:c9:04:8d:f4:92:3e:a0:d0:da:d9:55:71:
95:5e:49:69:70:a4:3a:2e:d3:5c:e7:48:15:25:d8:
91:85:a1:48:5a:c7:db:29:7e:19:d2:fd:01:cf:db:
7f:24:51:63:34:e8:35:d6:71:c5:7e:c3:07:69:04:
5d:da:f0:6a:23:eb:5e:a8:56:f4:15:c9:f1:bd:91:
be:d4:11:c1:33:43:ef:e0:d4:5e:63:22:ee:5a:45:
b5:fd:de:b1:0c:4c:c2:c6:0e:1f:38:5c:f1:ad:26:
85:d0:76:ff:ae:e9:f3:ca:e2:0a:4f:bc:55:cb:e6:
c4:a1:28:2b:95:e4:36:77:28:95:2e:98:4a:71:14:
a6:5d:bd:1c:01:cd:d9:03:4b:4b:9f:4a:6f:7a:3b:
89:49:6a:cb:39:6f:29:49:f9:71:a7:1d:29:e8:92:
4c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:75:1E:B5:77:0C:B5:9F:71:F0:B9:AA:B6:74:BE:58:25:1D:D8:2A
X509v3 Authority Key Identifier:
keyid:FF:29:E7:0A:F2:F7:E1:8C:BC:19:F9:7C:CA:8F:D6:C0:50:99:74:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/I3UetXcMtZ9x8LmqtnS-WCUd2Co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/ec2d89-44dd-4bab-ae7a-cf20e5b67fc8/1/_ynnCvL34Yy8Gfl8yo_WwFCZdB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.20.0/23
91.205.44.0/22
93.88.128.0/20
93.187.120.0/21
185.55.40.0/22
185.58.124.0/22
185.58.152.0/22
185.59.192.0/22
185.61.192.0/24
185.61.195.0/24
185.175.72.0/22
IPv6:
2a00:8040::/32
2a02:6160::/32
2a03:6c0::/32
2a03:ed80::/32
2a04:e080::/29
2a04:ed40::/29
2a0b:d700::/29
Signature Algorithm: sha256WithRSAEncryption
82:b7:08:7b:ef:0e:e8:31:24:9c:42:73:f7:e4:90:37:3a:61:
db:6e:7b:c9:0a:74:40:a8:0d:4d:65:4f:34:26:2c:54:ef:cf:
84:f8:f9:b8:80:7e:4b:cc:89:69:95:44:8b:1e:83:c9:c5:d8:
79:5f:15:02:1c:cf:96:03:c1:4e:14:1e:f4:61:48:ed:eb:05:
24:12:e3:3b:1a:19:a4:85:fd:cf:e3:71:e8:c2:28:ba:b4:53:
76:03:03:b2:2b:43:58:28:7c:a4:e8:61:84:1f:82:2d:42:05:
e6:b6:72:5e:99:63:ff:71:5f:df:60:d0:a0:ab:10:77:28:eb:
ff:20:43:94:f5:fc:f0:62:71:99:8b:8f:c1:a1:ae:e5:fa:f6:
d4:c8:3c:0a:b4:2d:d8:4e:7e:d5:39:d0:60:d4:85:a3:f6:d6:
6b:7a:55:2b:ee:d0:4d:24:de:9d:fb:8c:86:86:4f:91:9c:a9:
cf:89:b7:f6:47:00:61:e6:e9:74:5c:f6:33:dd:bc:fe:88:34:
c4:bc:f4:9e:26:a9:87:c1:b6:f0:04:39:c4:0d:71:da:b0:54:
fb:e6:49:93:05:32:6e:a5:8d:e7:b4:56:61:b4:9d:55:e4:ba:
6c:d7:82:21:02:d5:2c:b3:53:31:48:cc:a5:51:b4:fd:51:fc:
b1:6e:e6:73
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYzCbWyMSGKFmUJV3743P5dPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjllNzBhZjJmN2UxOGNiYzE5Zjk3Y2NhOGZkNmMwNTA5
OTc0MWQwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzc1MWViNTc3MGNiNTlmNzFmMGI5YWFiNjc0YmU1ODI1MWRkODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMUXRJ/wKKfbyX0vBUJ7wf+5PhHl
qp0LWTum7hYM7rvPVkiKoFD0vP91nFyNaCsAqdcSE1appFHX12a08l7J7fNKk2i7
82grgsvpJ/0XMQzJvt9k0/QQrcg3KbnJBI30kj6g0NrZVXGVXklpcKQ6LtNc50gV
JdiRhaFIWsfbKX4Z0v0Bz9t/JFFjNOg11nHFfsMHaQRd2vBqI+teqFb0FcnxvZG+
1BHBM0Pv4NReYyLuWkW1/d6xDEzCxg4fOFzxrSaF0Hb/runzyuIKT7xVy+bEoSgr
leQ2dyiVLphKcRSmXb0cAc3ZA0tLn0pvejuJSWrLOW8pSflxpx0p6JJMCQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFCN1HrV3DLWfcfC5qrZ0vlglHdgqMB8GA1UdIwQY
MBaAFP8p5wry9+GMvBn5fMqP1sBQmXQdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lubkN2TDM0WXk4R2ZsOHlvX1d3RkNaZEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lYzJkODktNDRkZC00YmFiLWFlN2Et
Y2YyMGU1YjY3ZmM4LzEvSTNVZXRYY010Wjl4OExtcXRuUy1XQ1VkMkNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lYzJkODktNDRkZC00YmFiLWFlN2EtY2YyMGU1YjY3ZmM4
LzEvX3lubkN2TDM0WXk4R2ZsOHlvX1d3RkNaZEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzBIBAIAATBCAwQBW8wU
AwQCW80sAwQEXViAAwQDXbt4AwQCuTcoAwQCuTp8AwQCuTqYAwQCuTvAAwQAuT3A
AwQAuT3DAwQCua9IMDcEAgACMDEDBQAqAIBAAwUAKgJhYAMFACoDBsADBQAqA+2A
AwUDKgTggAMFAyoE7UADBQMqC9cAMA0GCSqGSIb3DQEBCwUAA4IBAQCCtwh77w7o
MSScQnP35JA3OmHbbnvJCnRAqA1NZU80JixU78+E+Pm4gH5LzIlplUSLHoPJxdh5
XxUCHM+WA8FOFB70YUjt6wUkEuM7Ghmkhf3P43Howii6tFN2AwOyK0NYKHyk6GGE
H4ItQgXmtnJemWP/cV/fYNCgqxB3KOv/IEOU9fzwYnGZi4/Boa7l+vbUyDwKtC3Y
Tn7VOdBg1IWj9tZrelUr7tBNJN6d+4yGhk+RnKnPibf2RwBh5ul0XPYz3bz+iDTE
vPSeJqmHwbbwBDnEDXHasFT75kmTBTJupY3ntFZhtJ1V5Lps14IhAtUss1MxSMyl
UbT9UfyxbuZz
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:42:14 2024 by rpki-client on console-fra.rpki-client.org