Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/lk5kitdayoFfmhDHe2uVyUh_hA8.roa
File: lk5kitdayoFfmhDHe2uVyUh_hA8.roa (raw, json)
Hash identifier: VdP75ix8vX156zPNljlPPv/HOIWCn8E2qpKt6I/+WiE=
Subject key identifier: 96:4E:64:8A:D7:5A:CA:81:5F:9A:10:C7:7B:6B:95:C9:48:7F:84:0F
Certificate issuer: /CN=229a038176c796ea4f2769f6be3cace1a3597634
Certificate serial: 019294A6CB439C80B86B31FCC0BEC763B138
Authority key identifier: 22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/lk5kitdayoFfmhDHe2uVyUh_hA8.roa
Signing time: Wed 16 Oct 2024 09:26:51 +0000
ROA not before: Wed 16 Oct 2024 09:26:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34722
IP address blocks: 94.125.208.0/21 maxlen: 21
94.125.208.0/24 maxlen: 24
94.125.209.0/24 maxlen: 24
94.125.210.0/24 maxlen: 24
94.125.211.0/24 maxlen: 24
94.125.212.0/24 maxlen: 24
94.125.213.0/24 maxlen: 24
94.125.214.0/24 maxlen: 24
94.125.215.0/24 maxlen: 24
185.160.16.0/22 maxlen: 22
185.160.16.0/24 maxlen: 24
185.160.17.0/24 maxlen: 24
185.160.18.0/24 maxlen: 24
185.160.19.0/24 maxlen: 24
194.30.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:a6:cb:43:9c:80:b8:6b:31:fc:c0:be:c7:63:b1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=229a038176c796ea4f2769f6be3cace1a3597634
Validity
Not Before: Oct 16 09:26:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=964e648ad75aca815f9a10c77b6b95c9487f840f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6d:aa:2a:3d:7b:14:a4:ce:c5:2c:9a:94:c7:
d6:88:4b:37:66:c1:0e:cc:ee:8e:14:c9:95:ce:f7:
c0:67:5f:94:53:c7:b2:7b:9c:63:de:f3:e3:59:b6:
99:bd:89:e2:6f:01:88:3e:40:9c:dc:8e:76:9d:c3:
2c:33:3b:3b:7d:6f:6e:b8:7c:37:11:98:e3:8f:99:
39:4d:c6:3b:ff:df:56:d8:41:6f:ff:05:99:e2:4f:
b4:f0:5b:11:b5:b8:6e:33:9a:03:b4:23:b0:c4:df:
98:5a:bb:29:73:ca:27:00:b9:43:c9:48:e1:4c:03:
72:a5:a0:3a:03:e0:9f:d4:02:3c:45:c5:e1:02:34:
09:ed:6e:1d:41:5a:d1:db:ce:21:85:2c:64:83:08:
ee:93:b3:d9:0f:f6:62:2f:df:80:4f:0f:88:6b:89:
74:ea:3c:47:16:87:fc:d0:49:e8:50:db:67:1d:29:
74:a5:07:a8:cc:79:a6:4a:e5:ef:6a:0c:20:e9:9a:
98:4b:b4:07:7d:fc:ee:80:e7:5b:d8:a9:38:92:91:
97:1c:95:d1:01:b2:6f:81:0e:86:80:b9:05:4d:bc:
e0:b1:40:9c:ea:22:3d:f3:bd:8f:9e:45:cb:89:c2:
b6:be:eb:d0:cf:ce:e8:34:80:5a:b0:65:83:90:08:
89:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:4E:64:8A:D7:5A:CA:81:5F:9A:10:C7:7B:6B:95:C9:48:7F:84:0F
X509v3 Authority Key Identifier:
keyid:22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/lk5kitdayoFfmhDHe2uVyUh_hA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.208.0/21
185.160.16.0/22
194.30.162.0/24
Signature Algorithm: sha256WithRSAEncryption
16:77:48:af:e9:b5:e5:c9:16:62:be:4e:57:5f:bd:f9:b4:97:
fe:f8:64:2b:d4:e2:90:b0:92:db:28:52:4c:a6:c6:b3:72:29:
88:da:1d:1d:45:01:df:63:bc:df:53:ef:c3:3b:97:c5:ce:d7:
d8:79:d0:e6:b8:89:7b:70:69:d4:b4:36:f4:6a:a0:47:fa:a3:
90:36:a7:63:64:6d:1d:da:ae:6c:3f:6e:6e:96:89:c2:bb:30:
3d:1b:f3:83:c9:7b:5b:37:89:89:ce:7b:d4:3c:22:a4:83:e1:
bf:b0:f7:52:cb:84:8e:c7:b8:b1:31:b1:cf:1a:33:8c:35:6d:
5d:38:bd:94:6c:53:2c:26:92:35:0d:c8:ae:5f:58:cb:11:86:
cd:7c:49:5e:0a:48:ab:57:22:9d:63:e9:c4:72:a8:15:21:f8:
95:95:d8:6e:21:46:e8:b3:16:f7:86:05:b8:f4:d6:99:d9:d7:
d6:77:6d:66:99:4c:c0:25:07:1c:a0:86:fa:17:26:5b:ea:fd:
3f:d2:5d:bb:40:19:b4:6e:ae:cd:f1:c3:e3:e8:e4:e1:d0:bd:
62:0c:90:11:d1:fd:53:70:43:50:78:d6:5c:98:56:bc:ce:f7:
d0:94:4b:9c:35:f0:2c:08:30:bc:e3:a3:08:2d:8a:8d:b4:bd:
36:3e:05:78
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKUpstDnIC4azH8wL7HY7E4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOWEwMzgxNzZjNzk2ZWE0ZjI3NjlmNmJlM2NhY2UxYTM1
OTc2MzQwHhcNMjQxMDE2MDkyNjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjRlNjQ4YWQ3NWFjYTgxNWY5YTEwYzc3YjZiOTVjOTQ4N2Y4NDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW2qKj17FKTOxSyalMfWiEs3ZsEO
zO6OFMmVzvfAZ1+UU8eye5xj3vPjWbaZvYnibwGIPkCc3I52ncMsMzs7fW9uuHw3
EZjjj5k5TcY7/99W2EFv/wWZ4k+08FsRtbhuM5oDtCOwxN+YWrspc8onALlDyUjh
TANypaA6A+Cf1AI8RcXhAjQJ7W4dQVrR284hhSxkgwjuk7PZD/ZiL9+ATw+Ia4l0
6jxHFof80EnoUNtnHSl0pQeozHmmSuXvagwg6ZqYS7QHffzugOdb2Kk4kpGXHJXR
AbJvgQ6GgLkFTbzgsUCc6iI9872PnkXLicK2vuvQz87oNIBasGWDkAiJHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJZOZIrXWsqBX5oQx3trlclIf4QPMB8GA1UdIwQY
MBaAFCKaA4F2x5bqTydp9r48rOGjWXY0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQt
ZGMyMzAxZmJiYjdjLzEvbGs1a2l0ZGF5b0ZmbWhESGUydVZ5VWhfaEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQtZGMyMzAxZmJiYjdj
LzEvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXn3QAwQC
uaAQAwQAwh6iMA0GCSqGSIb3DQEBCwUAA4IBAQAWd0iv6bXlyRZivk5XX735tJf+
+GQr1OKQsJLbKFJMpsazcimI2h0dRQHfY7zfU+/DO5fFztfYedDmuIl7cGnUtDb0
aqBH+qOQNqdjZG0d2q5sP25ulonCuzA9G/ODyXtbN4mJznvUPCKkg+G/sPdSy4SO
x7ixMbHPGjOMNW1dOL2UbFMsJpI1DciuX1jLEYbNfEleCkirVyKdY+nEcqgVIfiV
ldhuIUbosxb3hgW49NaZ2dfWd21mmUzAJQccoIb6FyZb6v0/0l27QBm0bq7N8cPj
6OTh0L1iDJAR0f1TcENQeNZcmFa8zvfQlEucNfAsCDC846MILYqNtL02PgV4
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:53:08 2024 by rpki-client on console-fra.rpki-client.org