Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/ra_XxKZ8KXkvgH8gcb8QYpfGCiw.roa
File: ra_XxKZ8KXkvgH8gcb8QYpfGCiw.roa (raw, json)
Hash identifier: gzajrjkxx8DZP1egWdVZvjU/k56qTp5cm6IQn5sQFbw=
Subject key identifier: AD:AF:D7:C4:A6:7C:29:79:2F:80:7F:20:71:BF:10:62:97:C6:0A:2C
Certificate issuer: /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial: 01933AA0B1B7435FAC1241B2301F2562A324
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/ra_XxKZ8KXkvgH8gcb8QYpfGCiw.roa
Signing time: Sun 17 Nov 2024 14:57:09 +0000
ROA not before: Sun 17 Nov 2024 14:57:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57324
IP address blocks: 93.187.32.0/24 maxlen: 24
93.187.33.0/24 maxlen: 24
93.187.34.0/24 maxlen: 24
93.187.35.0/24 maxlen: 24
93.187.36.0/24 maxlen: 24
93.187.37.0/24 maxlen: 24
93.187.38.0/24 maxlen: 24
93.187.39.0/24 maxlen: 24
185.52.118.0/24 maxlen: 24
185.52.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3a:a0:b1:b7:43:5f:ac:12:41:b2:30:1f:25:62:a3:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Validity
Not Before: Nov 17 14:57:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adafd7c4a67c29792f807f2071bf106297c60a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b7:82:c2:ad:06:5b:82:23:c3:9f:9b:df:b4:
34:53:72:7a:5b:39:3f:ca:1f:04:d4:fa:d1:ec:fe:
01:9a:51:53:95:5a:bf:9e:37:fb:b4:62:86:33:42:
c2:33:fd:a3:56:c2:3f:2f:c3:65:23:e0:8e:b2:2a:
c0:83:b1:f2:e2:f4:53:fa:7a:06:be:0e:7f:a0:86:
8d:8c:66:eb:ca:bc:2b:b7:de:89:29:4b:3e:40:af:
fd:0a:39:d3:95:84:bc:a3:6a:58:c1:1a:04:cc:52:
52:95:5f:ff:37:a4:1e:2e:d7:72:ce:89:a0:f1:52:
a9:bb:de:84:c1:6f:b2:9c:e0:4b:b2:c9:38:ad:2b:
08:1a:52:94:9e:e2:e0:35:56:bd:58:8f:b1:4d:de:
e3:48:fe:2e:96:fd:a0:41:9a:f3:fc:26:22:b8:3c:
89:6a:a4:40:39:4c:13:1b:39:7f:82:83:f3:13:67:
b7:f6:f3:23:a6:f5:6e:b9:af:63:9f:da:8c:77:59:
d8:99:73:a0:6b:09:c5:a9:9e:d6:6e:00:31:28:d9:
21:fe:61:99:69:33:70:58:33:12:9e:2d:d3:fa:59:
e6:35:cb:53:02:ce:3a:15:f1:5e:e2:a5:ce:5a:2a:
16:22:52:d9:9a:57:7e:c2:89:54:38:43:97:b5:da:
eb:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:AF:D7:C4:A6:7C:29:79:2F:80:7F:20:71:BF:10:62:97:C6:0A:2C
X509v3 Authority Key Identifier:
keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/ra_XxKZ8KXkvgH8gcb8QYpfGCiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.187.32.0/21
185.52.118.0/23
Signature Algorithm: sha256WithRSAEncryption
81:2f:ec:42:81:cf:9b:9e:c4:b6:1a:4e:ad:7d:c6:6c:e0:e8:
26:49:21:4a:26:25:5b:4a:bb:b7:c8:ad:7b:dd:24:05:eb:7f:
43:dc:e2:27:7c:59:7d:7e:d1:7e:63:49:0b:33:70:77:0d:be:
ae:3f:ab:ae:03:fd:77:0e:48:bd:61:5d:2d:27:2d:f7:37:2b:
c3:1f:c4:7a:cd:13:ea:bc:56:16:e8:ab:c9:1b:f1:bf:a0:a0:
f4:e2:bd:27:64:5b:e6:f4:68:89:38:22:9a:c4:58:26:c3:a2:
a1:7b:a5:b0:99:c4:bb:21:fb:0c:bd:a6:20:f4:b8:75:03:84:
93:e2:b5:14:9b:e9:15:33:93:a9:c9:47:2b:c7:8f:fb:80:d4:
c2:13:82:ad:95:6e:a4:96:1a:bc:c3:32:36:6a:03:31:c2:8f:
06:f1:7c:7c:93:64:09:5f:ae:02:22:77:92:26:ec:93:97:b5:
65:d0:d5:48:42:b1:a8:f8:c8:40:67:13:77:50:95:1f:af:c5:
d8:4d:02:c1:53:63:d6:8c:37:e4:ee:2c:cf:66:c7:c1:ae:a6:
b3:d7:92:b0:38:47:ca:9e:92:52:58:d5:fc:55:8a:7b:eb:4c:
15:4d:d3:31:9c:a9:c2:00:87:56:6b:57:f9:13:a7:ab:07:99:
97:8f:e0:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZM6oLG3Q1+sEkGyMB8lYqMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjQxMTE3MTQ1NzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGFmZDdjNGE2N2MyOTc5MmY4MDdmMjA3MWJmMTA2Mjk3YzYwYTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbeCwq0GW4Ijw5+b37Q0U3J6Wzk/
yh8E1PrR7P4BmlFTlVq/njf7tGKGM0LCM/2jVsI/L8NlI+COsirAg7Hy4vRT+noG
vg5/oIaNjGbryrwrt96JKUs+QK/9CjnTlYS8o2pYwRoEzFJSlV//N6QeLtdyzomg
8VKpu96EwW+ynOBLssk4rSsIGlKUnuLgNVa9WI+xTd7jSP4ulv2gQZrz/CYiuDyJ
aqRAOUwTGzl/goPzE2e39vMjpvVuua9jn9qMd1nYmXOgawnFqZ7WbgAxKNkh/mGZ
aTNwWDMSni3T+lnmNctTAs46FfFe4qXOWioWIlLZmld+wolUOEOXtdrrAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK2v18SmfCl5L4B/IHG/EGKXxgosMB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvcmFfWHhLWjhLWGt2Z0g4Z2NiOFFZcGZHQ2l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQtNjY0ZjA0ZDJhNjhk
LzEvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXbsgAwQB
uTR2MA0GCSqGSIb3DQEBCwUAA4IBAQCBL+xCgc+bnsS2Gk6tfcZs4OgmSSFKJiVb
Sru3yK173SQF639D3OInfFl9ftF+Y0kLM3B3Db6uP6uuA/13Dki9YV0tJy33NyvD
H8R6zRPqvFYW6KvJG/G/oKD04r0nZFvm9GiJOCKaxFgmw6Khe6WwmcS7IfsMvaYg
9Lh1A4ST4rUUm+kVM5OpyUcrx4/7gNTCE4KtlW6klhq8wzI2agMxwo8G8Xx8k2QJ
X64CIneSJuyTl7Vl0NVIQrGo+MhAZxN3UJUfr8XYTQLBU2PWjDfk7izPZsfBrqaz
15KwOEfKnpJSWNX8VYp760wVTdMxnKnCAIdWa1f5E6erB5mXj+AK
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:05:23 2024 by rpki-client on console-fra.rpki-client.org