Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/mVzXia9bjj0ACLY35dzcVaLuqTg.roa
File: mVzXia9bjj0ACLY35dzcVaLuqTg.roa (raw, json)
Hash identifier: fCoz/XGx2BvwEm6cI0K3dbsUZWbtAoztU4LgXEwa06E=
Subject key identifier: 99:5C:D7:89:AF:5B:8E:3D:00:08:B6:37:E5:DC:DC:55:A2:EE:A9:38
Certificate issuer: /CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Certificate serial: 018CC2DAF947223DD1D556FC428C077E84CE
Authority key identifier: 09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/mVzXia9bjj0ACLY35dzcVaLuqTg.roa
Signing time: Mon 01 Jan 2024 02:29:39 +0000
ROA not before: Mon 01 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204139
IP address blocks: 185.129.22.0/23 maxlen: 23
185.129.20.0/23 maxlen: 23
185.122.124.0/23 maxlen: 23
185.122.128.0/23 maxlen: 23
185.122.126.0/23 maxlen: 23
185.127.44.0/23 maxlen: 23
185.127.46.0/23 maxlen: 23
185.123.240.0/23 maxlen: 23
185.123.242.0/23 maxlen: 23
185.123.248.0/22 maxlen: 22
185.123.252.0/22 maxlen: 22
185.132.10.0/23 maxlen: 23
185.132.8.0/23 maxlen: 23
185.128.178.0/23 maxlen: 23
185.128.176.0/23 maxlen: 23
185.116.174.0/24 maxlen: 24
185.128.134.0/23 maxlen: 23
185.110.2.0/24 maxlen: 24
185.110.3.0/24 maxlen: 24
185.110.0.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f9:47:22:3d:d1:d5:56:fc:42:8c:07:7e:84:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Validity
Not Before: Jan 1 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=995cd789af5b8e3d0008b637e5dcdc55a2eea938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8f:ed:a9:4d:d0:6d:d2:54:bd:b6:b9:71:2e:
b5:d4:47:75:79:e1:63:0a:97:72:99:e3:37:38:3f:
e0:13:38:bf:46:9d:98:91:c4:2a:9f:28:1a:b1:6c:
dd:68:e8:0e:ee:62:59:4a:ef:91:85:ec:51:10:20:
22:32:ec:51:fb:d3:c0:89:27:ff:42:95:90:85:27:
82:c9:d6:1e:2f:d1:d1:f3:a4:a4:ef:1b:31:f3:50:
80:f1:03:f2:44:ad:f1:23:23:b0:30:f6:dc:71:49:
e6:4a:c2:c6:db:cb:b3:e6:9f:a2:bd:61:0b:53:da:
10:1b:f9:69:d0:8f:0c:91:3c:ec:14:53:54:3b:db:
5a:57:48:b8:8c:ab:9a:1b:0c:76:55:38:e2:3a:23:
1a:4a:a9:dc:0c:c4:97:21:84:06:36:f2:50:78:dc:
7b:e7:04:5b:9b:f3:43:25:a5:d4:1c:da:1b:17:9b:
cf:e8:38:a9:ee:7b:01:13:92:a4:4d:ef:67:1a:10:
9b:cf:51:d4:5f:c7:c6:ca:d9:54:f6:e8:6d:49:31:
b0:1a:40:20:99:1d:ee:8e:c8:f7:75:6c:7c:cf:fa:
2a:48:4b:0a:a3:ef:0e:0e:c5:dc:9b:8c:aa:97:92:
f2:61:52:fd:8e:78:c5:3f:44:3f:7e:03:2a:3a:f6:
48:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:5C:D7:89:AF:5B:8E:3D:00:08:B6:37:E5:DC:DC:55:A2:EE:A9:38
X509v3 Authority Key Identifier:
keyid:09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/mVzXia9bjj0ACLY35dzcVaLuqTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.0.0/22
185.116.174.0/24
185.122.124.0-185.122.129.255
185.123.240.0/22
185.123.248.0/21
185.127.44.0/22
185.128.134.0/23
185.128.176.0/22
185.129.20.0/22
185.132.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:c2:34:eb:94:c2:a5:09:97:0c:65:21:7b:0b:eb:85:10:ff:
88:9f:b4:0f:79:7d:75:bd:ad:fd:87:44:72:43:7f:8e:ac:39:
38:12:4e:94:83:9b:08:e0:f4:31:60:59:7f:be:eb:bb:2a:2a:
14:35:4f:2e:41:36:b8:a2:48:30:b0:58:c3:58:90:f2:f6:83:
27:60:a0:b6:1f:52:9e:ff:9f:86:4a:e0:90:e9:20:ee:f1:85:
3b:a0:7a:39:31:2c:29:b3:41:10:a5:03:e3:a6:f5:d8:21:6d:
70:5a:98:83:d4:56:e8:49:ac:33:76:bf:98:32:d2:34:d3:4d:
b9:97:51:f3:39:20:f1:42:e4:84:96:81:20:80:01:8f:59:63:
09:70:2b:6f:1e:74:ae:8a:da:20:78:7a:28:66:75:73:02:6b:
1b:73:df:69:f1:45:b4:39:2c:2a:8d:f5:ec:7f:46:b7:4b:61:
2d:b7:31:51:99:40:59:5e:dd:b3:dc:07:95:ca:3f:30:13:70:
01:35:89:24:82:c6:f0:e4:27:ce:c9:e5:10:b3:81:53:a3:a0:
f1:b7:4a:13:90:56:90:c3:30:d2:24:c2:a3:83:0c:aa:f4:5d:
60:9a:37:92:9d:64:30:ce:f7:68:aa:ef:2a:cd:69:17:2f:59:
c8:4d:2c:05
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYzC2vlHIj3R1Vb8QowHfoTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTJhZjA4Y2Y2ZTEyZTIzMDRmYjNiZGVjNjRjZmJjZWRh
YTg1MjIwHhcNMjQwMTAxMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTVjZDc4OWFmNWI4ZTNkMDAwOGI2MzdlNWRjZGM1NWEyZWVhOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo/tqU3QbdJUvba5cS611Ed1eeFj
CpdymeM3OD/gEzi/Rp2YkcQqnygasWzdaOgO7mJZSu+RhexRECAiMuxR+9PAiSf/
QpWQhSeCydYeL9HR86Sk7xsx81CA8QPyRK3xIyOwMPbccUnmSsLG28uz5p+ivWEL
U9oQG/lp0I8MkTzsFFNUO9taV0i4jKuaGwx2VTjiOiMaSqncDMSXIYQGNvJQeNx7
5wRbm/NDJaXUHNobF5vP6Dip7nsBE5KkTe9nGhCbz1HUX8fGytlU9uhtSTGwGkAg
mR3ujsj3dWx8z/oqSEsKo+8ODsXcm4yql5LyYVL9jnjFP0Q/fgMqOvZItwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJlc14mvW449AAi2N+Xc3FWi7qk4MB8GA1UdIwQY
MBaAFAnirwjPbhLiME+zvexkz7ztqoUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWIt
NzBhMWFmNTFkZmJlLzEvbVZ6WGlhOWJqajBBQ0xZMzVkemNWYUx1cVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWItNzBhMWFmNTFkZmJl
LzEvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCuW4AAwQA
uXSuMAwDBAK5enwDBAG5eoADBAK5e/ADBAO5e/gDBAK5fywDBAG5gIYDBAK5gLAD
BAK5gRQDBAK5hAgwDQYJKoZIhvcNAQELBQADggEBAErCNOuUwqUJlwxlIXsL64UQ
/4iftA95fXW9rf2HRHJDf46sOTgSTpSDmwjg9DFgWX++67sqKhQ1Ty5BNriiSDCw
WMNYkPL2gydgoLYfUp7/n4ZK4JDpIO7xhTugejkxLCmzQRClA+Om9dghbXBamIPU
VuhJrDN2v5gy0jTTTbmXUfM5IPFC5ISWgSCAAY9ZYwlwK28edK6K2iB4eihmdXMC
axtz32nxRbQ5LCqN9ex/RrdLYS23MVGZQFle3bPcB5XKPzATcAE1iSSCxvDkJ87J
5RCzgVOjoPG3ShOQVpDDMNIkwqODDKr0XWCaN5KdZDDO92iq7yrNaRcvWchNLAU=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:24:24 2024 by rpki-client on console-ams.rpki-client.org