Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/hV2Xtv9LLOG3QrWNrdpwrY03Cc4.roa
File: hV2Xtv9LLOG3QrWNrdpwrY03Cc4.roa (raw, json)
Hash identifier: +RxEpkF+nQGW7duN2cgKkIgZEhtoJMpE6yRT42E1TpU=
Subject key identifier: 85:5D:97:B6:FF:4B:2C:E1:B7:42:B5:8D:AD:DA:70:AD:8D:37:09:CE
Certificate issuer: /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial: 018CC3B6718CFEA37EB3374CE14980D009F8
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/hV2Xtv9LLOG3QrWNrdpwrY03Cc4.roa
Signing time: Mon 01 Jan 2024 06:29:22 +0000
ROA not before: Mon 01 Jan 2024 06:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210001
IP address blocks: 185.52.116.0/24 maxlen: 24
185.52.116.0/22 maxlen: 22
93.187.32.0/21 maxlen: 21
2a00:dd00:5::/48 maxlen: 48
2a00:dd00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:71:8c:fe:a3:7e:b3:37:4c:e1:49:80:d0:09:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Validity
Not Before: Jan 1 06:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=855d97b6ff4b2ce1b742b58dadda70ad8d3709ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e0:3b:2f:6a:84:d9:4c:80:8e:32:a8:4a:e1:
19:66:aa:46:7d:7f:6f:a4:43:55:c0:81:23:a0:99:
dd:64:fd:d6:11:2c:13:a9:d3:1b:32:2b:72:28:15:
2d:cb:5b:95:ac:ae:72:a7:e5:4c:04:38:c2:48:23:
de:73:25:0c:f9:5b:06:c7:63:0a:a0:9f:5e:47:c5:
3d:a7:8a:0f:f8:c9:7a:d1:c8:7b:5c:13:05:b3:a0:
d5:8f:95:07:a1:32:28:bc:7e:21:6e:29:71:15:56:
4a:77:69:cb:aa:8e:c6:30:10:6b:a4:88:43:ab:29:
ab:fc:a4:2e:21:40:6c:a3:97:57:00:17:31:60:82:
05:20:55:7a:fc:33:75:14:31:f3:a2:61:73:06:f4:
db:89:86:8e:a8:95:16:c1:c4:53:62:1e:42:05:16:
63:c7:7b:e2:86:ca:5a:14:ad:82:2d:83:43:93:44:
bd:a1:2b:01:ab:4e:b5:fd:22:56:95:0b:1f:0b:26:
e5:4e:8b:c6:c7:fe:d4:eb:cc:d2:ec:48:66:24:07:
a2:48:0d:b2:a9:36:ea:47:0b:69:ac:60:58:96:59:
0e:59:4b:75:83:94:20:fb:e8:e6:2a:fb:68:56:8d:
80:7a:53:16:ff:80:1d:be:28:a2:1d:c9:46:e3:95:
45:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:5D:97:B6:FF:4B:2C:E1:B7:42:B5:8D:AD:DA:70:AD:8D:37:09:CE
X509v3 Authority Key Identifier:
keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/hV2Xtv9LLOG3QrWNrdpwrY03Cc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.32.0/21
185.52.116.0/22
IPv6:
2a00:dd00::/32
Signature Algorithm: sha256WithRSAEncryption
10:1b:d5:87:e9:0e:25:47:a5:88:6c:e3:10:22:96:6c:d5:e7:
8a:32:8e:2d:9f:43:31:af:2a:06:f4:33:e5:4f:05:1a:3f:fb:
e1:2f:cb:54:04:45:81:37:2b:ff:46:ab:61:da:a7:ff:e9:93:
58:dd:0b:3c:31:e0:a4:04:ed:d5:5b:8f:a4:1d:d8:16:08:a9:
59:57:64:c7:21:5d:31:3e:d9:91:e3:7e:b6:35:5c:fd:c4:3e:
cb:eb:e5:17:7b:68:54:6c:21:c9:1e:c6:d9:bd:5e:15:8a:6b:
25:18:ed:bf:85:47:cf:87:26:0e:bf:34:40:4b:20:e4:ca:18:
87:f6:77:4b:80:2f:87:ee:7c:88:8b:0a:76:a5:df:db:bc:b7:
54:ef:75:4b:f3:c6:75:ab:7e:31:55:c0:7a:2a:fc:ba:ed:b6:
7e:3c:10:c1:8e:6c:1b:8f:d5:50:c2:d9:6e:66:c8:5a:35:c6:
12:5b:2e:6b:8f:8b:c8:96:08:69:10:bd:0b:bd:04:87:77:58:
eb:1c:ea:eb:e1:60:a1:5c:cb:83:19:c7:d7:c8:2c:3a:09:af:
18:fd:04:5f:40:17:51:a1:ae:43:8a:da:79:75:de:e1:35:28:
4c:24:0c:8e:c4:03:02:aa:7a:4f:ad:f0:f7:d3:ad:b4:cd:cf:
e3:54:1c:de
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtnGM/qN+szdM4UmA0An4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjQwMTAxMDYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTVkOTdiNmZmNGIyY2UxYjc0MmI1OGRhZGRhNzBhZDhkMzcwOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOA7L2qE2UyAjjKoSuEZZqpGfX9v
pENVwIEjoJndZP3WESwTqdMbMityKBUty1uVrK5yp+VMBDjCSCPecyUM+VsGx2MK
oJ9eR8U9p4oP+Ml60ch7XBMFs6DVj5UHoTIovH4hbilxFVZKd2nLqo7GMBBrpIhD
qymr/KQuIUBso5dXABcxYIIFIFV6/DN1FDHzomFzBvTbiYaOqJUWwcRTYh5CBRZj
x3vihspaFK2CLYNDk0S9oSsBq061/SJWlQsfCyblTovGx/7U68zS7EhmJAeiSA2y
qTbqRwtprGBYllkOWUt1g5Qg++jmKvtoVo2AelMW/4AdviiiHclG45VFKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIVdl7b/Syzht0K1ja3acK2NNwnOMB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvaFYyWHR2OUxMT0czUXJXTnJkcHdyWTAzQ2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQtNjY0ZjA0ZDJhNjhk
LzEvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXbsgAwQC
uTR0MA0EAgACMAcDBQAqAN0AMA0GCSqGSIb3DQEBCwUAA4IBAQAQG9WH6Q4lR6WI
bOMQIpZs1eeKMo4tn0MxryoG9DPlTwUaP/vhL8tUBEWBNyv/Rqth2qf/6ZNY3Qs8
MeCkBO3VW4+kHdgWCKlZV2THIV0xPtmR4362NVz9xD7L6+UXe2hUbCHJHsbZvV4V
imslGO2/hUfPhyYOvzRASyDkyhiH9ndLgC+H7nyIiwp2pd/bvLdU73VL88Z1q34x
VcB6Kvy67bZ+PBDBjmwbj9VQwtluZshaNcYSWy5rj4vIlghpEL0LvQSHd1jrHOrr
4WChXMuDGcfXyCw6Ca8Y/QRfQBdRoa5Ditp5dd7hNShMJAyOxAMCqnpPrfD30620
zc/jVBze
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:05:23 2024 by rpki-client on console-fra.rpki-client.org