Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/A98r0K5J7JeKL64U9w07ZwosmF8.roa
File: A98r0K5J7JeKL64U9w07ZwosmF8.roa (raw, json)
Hash identifier: +6lYf/oC6tPdwpFCd6KYakoAvP56izsM11hvXbsWHxo=
Subject key identifier: 03:DF:2B:D0:AE:49:EC:97:8A:2F:AE:14:F7:0D:3B:67:0A:2C:98:5F
Certificate issuer: /CN=947121580ed02eddf4f5e5a87d37e017b32df71b
Certificate serial: 018CC6B8814996C7FFEDCE32BCAD3F1AC480
Authority key identifier: 94:71:21:58:0E:D0:2E:DD:F4:F5:E5:A8:7D:37:E0:17:B3:2D:F7:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHEhWA7QLt309eWofTfgF7Mt9xs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/A98r0K5J7JeKL64U9w07ZwosmF8.roa
Signing time: Mon 01 Jan 2024 20:30:29 +0000
ROA not before: Mon 01 Jan 2024 20:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60316
IP address blocks: 185.104.72.0/22 maxlen: 24
185.212.32.0/24 maxlen: 24
185.186.120.0/22 maxlen: 24
185.227.224.0/22 maxlen: 24
185.33.216.0/22 maxlen: 24
2a06:2f80::/29 maxlen: 32
2a04:5a00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/lHEhWA7QLt309eWofTfgF7Mt9xs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/lHEhWA7QLt309eWofTfgF7Mt9xs.mft
rsync://rpki.ripe.net/repository/DEFAULT/lHEhWA7QLt309eWofTfgF7Mt9xs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:81:49:96:c7:ff:ed:ce:32:bc:ad:3f:1a:c4:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947121580ed02eddf4f5e5a87d37e017b32df71b
Validity
Not Before: Jan 1 20:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03df2bd0ae49ec978a2fae14f70d3b670a2c985f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:37:44:88:94:3a:22:1c:8a:93:94:a6:da:5f:
f5:87:65:af:0a:65:33:f9:5c:10:bd:30:6f:80:d7:
09:15:65:22:4b:0b:69:78:3d:df:ce:3f:c6:4b:a8:
64:8f:5b:92:bb:0c:fa:9f:02:f9:c6:f0:60:1f:7b:
08:d3:7e:fa:08:8c:76:1f:9d:fa:e2:c9:5f:60:36:
62:77:cd:77:f9:d7:9e:ea:4a:30:a6:3b:7b:12:de:
29:17:d5:08:95:0f:81:02:b0:28:72:8a:dc:db:e4:
db:28:81:a6:d7:75:35:dd:f0:26:36:45:78:c9:18:
8c:11:8f:ce:7e:30:23:86:72:cd:fe:87:d4:c8:cf:
f0:12:c5:f0:9f:00:44:5b:f0:b4:8c:fe:51:0a:14:
cd:2e:80:06:6f:7b:33:cf:ee:7c:df:87:44:77:49:
0a:be:f7:ec:14:38:6c:0d:bc:e1:c5:9c:85:02:0f:
30:23:e1:7e:54:4c:cd:06:46:c8:fe:71:6b:d5:90:
33:62:4d:b8:16:38:06:84:b5:cb:24:98:a2:8b:df:
f0:d5:52:d7:3a:3d:32:04:e7:d8:dd:2b:f3:34:69:
7e:d7:fd:a2:56:a3:d0:69:b2:23:97:c1:5b:95:c3:
ff:62:c3:42:86:f2:db:0a:5e:3b:43:de:bb:ff:ec:
6f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DF:2B:D0:AE:49:EC:97:8A:2F:AE:14:F7:0D:3B:67:0A:2C:98:5F
X509v3 Authority Key Identifier:
keyid:94:71:21:58:0E:D0:2E:DD:F4:F5:E5:A8:7D:37:E0:17:B3:2D:F7:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHEhWA7QLt309eWofTfgF7Mt9xs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/A98r0K5J7JeKL64U9w07ZwosmF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/79c5bb-619d-4beb-8649-a2f425600db3/1/lHEhWA7QLt309eWofTfgF7Mt9xs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.216.0/22
185.104.72.0/22
185.186.120.0/22
185.212.32.0/24
185.227.224.0/22
IPv6:
2a04:5a00::/29
2a06:2f80::/29
Signature Algorithm: sha256WithRSAEncryption
b1:fa:f8:c8:71:98:16:e5:81:ea:ec:3f:33:c7:86:9d:01:73:
a5:7b:2f:5b:4b:b5:bf:d6:32:67:46:c5:2a:0d:fa:de:ea:5e:
ed:1e:05:a4:05:58:30:01:fb:95:e1:30:0e:d6:a2:96:aa:44:
0c:bb:6b:80:22:a6:dd:f5:7e:a3:68:7a:11:2f:0a:87:50:bb:
d9:ca:b6:8c:ee:e7:f3:56:78:40:46:56:8c:ac:91:34:1e:58:
4c:16:3f:38:af:a8:02:fe:bb:72:91:e3:85:de:48:1d:16:46:
a7:ea:1b:99:36:ca:ba:c9:ed:ac:32:cc:ec:75:5c:42:70:87:
c0:f3:d5:58:53:4d:de:29:30:5c:46:1b:91:05:28:1b:5f:17:
34:33:31:34:32:63:b7:2d:a7:a4:95:f5:4c:24:c7:52:48:08:
37:1b:d1:54:fe:a1:d5:32:25:58:19:85:8d:58:cc:b4:7b:76:
43:67:06:d3:80:09:d1:3c:92:c9:98:62:75:95:21:c8:a9:17:
11:19:28:03:d5:e6:6b:66:b5:92:02:17:b8:ad:94:64:f9:22:
88:7e:bd:1e:49:49:73:90:6c:f1:35:0c:59:ba:a6:2c:03:5a:
fc:43:48:5b:b0:70:dc:7f:06:6d:cd:bd:48:b1:6e:1d:02:8c:
7d:dc:a6:49
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzGuIFJlsf/7c4yvK0/GsSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzEyMTU4MGVkMDJlZGRmNGY1ZTVhODdkMzdlMDE3YjMy
ZGY3MWIwHhcNMjQwMTAxMjAzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RmMmJkMGFlNDllYzk3OGEyZmFlMTRmNzBkM2I2NzBhMmM5ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzdEiJQ6IhyKk5Sm2l/1h2WvCmUz
+VwQvTBvgNcJFWUiSwtpeD3fzj/GS6hkj1uSuwz6nwL5xvBgH3sI0376CIx2H536
4slfYDZid813+dee6kowpjt7Et4pF9UIlQ+BArAocorc2+TbKIGm13U13fAmNkV4
yRiMEY/OfjAjhnLN/ofUyM/wEsXwnwBEW/C0jP5RChTNLoAGb3szz+5834dEd0kK
vvfsFDhsDbzhxZyFAg8wI+F+VEzNBkbI/nFr1ZAzYk24FjgGhLXLJJiii9/w1VLX
Oj0yBOfY3SvzNGl+1/2iVqPQabIjl8FblcP/YsNChvLbCl47Q967/+xvHwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFAPfK9CuSeyXii+uFPcNO2cKLJhfMB8GA1UdIwQY
MBaAFJRxIVgO0C7d9PXlqH034BezLfcbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhFaFdBN1FMdDMwOWVXb2ZUZmdGN010OXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS83OWM1YmItNjE5ZC00YmViLTg2NDkt
YTJmNDI1NjAwZGIzLzEvQTk4cjBLNUo3SmVLTDY0VTl3MDdad29zbUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS83OWM1YmItNjE5ZC00YmViLTg2NDktYTJmNDI1NjAwZGIz
LzEvbEhFaFdBN1FMdDMwOWVXb2ZUZmdGN010OXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCuSHYAwQC
uWhIAwQCubp4AwQAudQgAwQCuePgMBQEAgACMA4DBQMqBFoAAwUDKgYvgDANBgkq
hkiG9w0BAQsFAAOCAQEAsfr4yHGYFuWB6uw/M8eGnQFzpXsvW0u1v9YyZ0bFKg36
3upe7R4FpAVYMAH7leEwDtailqpEDLtrgCKm3fV+o2h6ES8Kh1C72cq2jO7n81Z4
QEZWjKyRNB5YTBY/OK+oAv67cpHjhd5IHRZGp+obmTbKusntrDLM7HVcQnCHwPPV
WFNN3ikwXEYbkQUoG18XNDMxNDJjty2npJX1TCTHUkgINxvRVP6h1TIlWBmFjVjM
tHt2Q2cG04AJ0TySyZhidZUhyKkXERkoA9Xma2a1kgIXuK2UZPkiiH69HklJc5Bs
8TUMWbqmLANa/ENIW7Bw3H8Gbc29SLFuHQKMfdymSQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:22:17 2024 by rpki-client on console-fra.rpki-client.org