Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/tAOU5FJpvXMrEJZ20LWy3cwOMgU.roa
File: tAOU5FJpvXMrEJZ20LWy3cwOMgU.roa (raw, json)
Hash identifier: C8eawnSxOB9exaVY219CP+3wN1SbC4Mdovd8Wt4cvtw=
Subject key identifier: B4:03:94:E4:52:69:BD:73:2B:10:96:76:D0:B5:B2:DD:CC:0E:32:05
Certificate issuer: /CN=d79da465615c60094370833892da84c886e1c4ef
Certificate serial: 01931AC52CABDBA98F1276B5E3601B7A5298
Authority key identifier: D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/tAOU5FJpvXMrEJZ20LWy3cwOMgU.roa
Signing time: Mon 11 Nov 2024 10:29:09 +0000
ROA not before: Mon 11 Nov 2024 10:29:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.186.0/24 maxlen: 24
185.1.231.0/24 maxlen: 24
185.188.82.0/24 maxlen: 24
185.188.83.0/24 maxlen: 24
217.29.64.0/21 maxlen: 21
217.29.66.0/23 maxlen: 23
2001:7f8:b:100::/64 maxlen: 64
2001:7f8:b:101::/64 maxlen: 64
2001:7f8:101:7::/64 maxlen: 64
2001:7f8:101:13::/64 maxlen: 64
2001:7f8:101:14::/64 maxlen: 64
2001:7f8:101:16::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:c5:2c:ab:db:a9:8f:12:76:b5:e3:60:1b:7a:52:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79da465615c60094370833892da84c886e1c4ef
Validity
Not Before: Nov 11 10:29:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b40394e45269bd732b109676d0b5b2ddcc0e3205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:1a:b2:6c:7f:3c:97:c3:67:81:01:10:6e:
c8:f7:ac:5c:5f:99:17:cf:7a:78:95:25:82:5d:e8:
a2:ef:a0:00:ff:4e:85:cd:a8:be:49:4d:d0:40:e9:
ee:00:c2:7f:9f:35:0c:83:d6:7d:b6:64:c8:6c:dc:
b2:5b:4f:35:93:ee:f5:56:be:63:a7:f2:a4:d0:e1:
64:42:09:60:da:d3:21:1e:2c:26:f0:40:51:b8:0f:
8c:4c:f1:13:3e:6d:f1:d4:dd:d2:e4:ce:24:e8:99:
f0:11:ec:6b:3f:00:dc:a3:57:7c:3f:f4:81:0a:75:
4f:e2:8b:9d:a8:50:a2:8d:d8:cb:ab:09:39:d7:3f:
00:5b:97:32:1e:d9:ca:39:75:be:76:1f:4a:69:7a:
c1:41:e9:dc:57:74:7c:86:3a:0c:03:58:fd:af:79:
25:b7:b9:37:c8:44:bf:bd:51:92:f4:d8:f1:89:7e:
c4:f4:17:e3:16:12:00:1d:91:8b:2c:02:f4:b3:57:
cb:65:13:4b:99:28:2e:6d:39:81:42:30:65:21:6d:
50:14:47:c0:70:30:b0:be:46:32:5c:aa:55:cd:71:
90:79:13:86:1e:de:e4:74:94:02:83:ac:80:07:b3:
ef:b8:f3:a2:f9:bb:cb:d9:d0:e8:a9:a8:02:44:66:
04:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:03:94:E4:52:69:BD:73:2B:10:96:76:D0:B5:B2:DD:CC:0E:32:05
X509v3 Authority Key Identifier:
keyid:D7:9D:A4:65:61:5C:60:09:43:70:83:38:92:DA:84:C8:86:E1:C4:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/152kZWFcYAlDcIM4ktqEyIbhxO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/tAOU5FJpvXMrEJZ20LWy3cwOMgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/d79c98-c27d-45b3-86d9-dad3bb13c0a2/1/152kZWFcYAlDcIM4ktqEyIbhxO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.186.0/24
185.1.231.0/24
185.188.82.0/23
217.29.64.0/21
IPv6:
2001:7f8:b:100::/63
2001:7f8:101:7::/64
2001:7f8:101:13::-2001:7f8:101:14:ffff:ffff:ffff:ffff
2001:7f8:101:16::/64
Signature Algorithm: sha256WithRSAEncryption
ba:f9:82:61:49:ce:a1:3d:5b:f6:3b:e6:e9:bd:50:21:f8:ad:
8e:00:fa:83:d1:bc:f6:89:a6:d6:39:21:88:01:81:32:c9:d7:
1c:7c:e6:0e:60:f2:53:74:ef:12:74:05:66:4b:89:ab:ae:ad:
60:94:b1:5a:2f:4c:3e:c3:e1:15:50:bd:8e:86:4a:4c:61:99:
32:34:d3:be:9a:1f:73:17:44:5f:95:90:a7:ce:e9:3d:cc:12:
ef:f8:51:e6:0d:45:0e:4e:7e:68:59:b0:22:34:1b:c9:85:df:
5d:75:0c:f4:30:f2:54:aa:0f:0a:ec:85:a6:24:5f:7c:e0:f5:
c3:e3:56:26:12:16:05:28:60:39:d9:ba:d9:aa:fb:38:1c:2b:
17:90:0a:7f:a6:40:03:23:68:4a:56:5c:91:3e:8f:36:8b:96:
58:c9:70:86:76:6c:c9:a8:b3:2a:f0:bf:cd:ab:48:0d:3f:33:
11:96:84:1c:a3:a1:44:92:8b:87:6c:49:b7:03:30:42:38:a2:
a0:9f:3e:0d:c1:5f:fe:f7:43:fb:d8:63:1a:d5:b6:eb:05:a7:
8c:44:4b:80:ec:ba:d5:8b:a0:cb:02:3b:ea:b1:8f:43:42:03:
d1:ab:36:99:50:b2:0b:1f:a7:2e:77:89:18:06:cc:2e:fc:59:
43:d8:30:d4
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZMaxSyr26mPEna142AbelKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OWRhNDY1NjE1YzYwMDk0MzcwODMzODkyZGE4NGM4ODZl
MWM0ZWYwHhcNMjQxMTExMTAyOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDAzOTRlNDUyNjliZDczMmIxMDk2NzZkMGI1YjJkZGNjMGUzMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAsasmx/PJfDZ4EBEG7I96xcX5kX
z3p4lSWCXeii76AA/06Fzai+SU3QQOnuAMJ/nzUMg9Z9tmTIbNyyW081k+71Vr5j
p/Kk0OFkQglg2tMhHiwm8EBRuA+MTPETPm3x1N3S5M4k6JnwEexrPwDco1d8P/SB
CnVP4oudqFCijdjLqwk51z8AW5cyHtnKOXW+dh9KaXrBQencV3R8hjoMA1j9r3kl
t7k3yES/vVGS9NjxiX7E9BfjFhIAHZGLLAL0s1fLZRNLmSgubTmBQjBlIW1QFEfA
cDCwvkYyXKpVzXGQeROGHt7kdJQCg6yAB7PvuPOi+bvL2dDoqagCRGYEIwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFLQDlORSab1zKxCWdtC1st3MDjIFMB8GA1UdIwQY
MBaAFNedpGVhXGAJQ3CDOJLahMiG4cTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDkt
ZGFkM2JiMTNjMGEyLzEvdEFPVTVGSnB2WE1yRUpaMjBMV3kzY3dPTWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9kNzljOTgtYzI3ZC00NWIzLTg2ZDktZGFkM2JiMTNjMGEy
LzEvMTUya1pXRmNZQWxEY0lNNGt0cUV5SWJoeE84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTAeBAIAATAYAwQAuQG6AwQA
uQHnAwQBubxSAwQD2R1AMD8EAgACMDkDCQEgAQf4AAsBAAMJACABB/gBAQAHMBYD
CQAgAQf4AQEAEwMJACABB/gBAQAUAwkAIAEH+AEBABYwDQYJKoZIhvcNAQELBQAD
ggEBALr5gmFJzqE9W/Y75um9UCH4rY4A+oPRvPaJptY5IYgBgTLJ1xx85g5g8lN0
7xJ0BWZLiauurWCUsVovTD7D4RVQvY6GSkxhmTI0076aH3MXRF+VkKfO6T3MEu/4
UeYNRQ5OfmhZsCI0G8mF3111DPQw8lSqDwrshaYkX3zg9cPjViYSFgUoYDnZutmq
+zgcKxeQCn+mQAMjaEpWXJE+jzaLlljJcIZ2bMmosyrwv82rSA0/MxGWhByjoUSS
i4dsSbcDMEI4oqCfPg3BX/73Q/vYYxrVtusFp4xES4DsutWLoMsCO+qxj0NCA9Gr
NplQsgsfpy53iRgGzC78WUPYMNQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:51:38 2024 by rpki-client on console-fra.rpki-client.org