Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/c2vIVYk21nmHSH_w7FWYZJO5tJo.roa
File: c2vIVYk21nmHSH_w7FWYZJO5tJo.roa (raw, json)
Hash identifier: 1wFwIw3olIlp2GDC16upS7RwHN7Rjx/4HFnQuk3GX/A=
Subject key identifier: 73:6B:C8:55:89:36:D6:79:87:48:7F:F0:EC:55:98:64:93:B9:B4:9A
Certificate issuer: /CN=9955c5a7137eb5d47ea24e17d27fa92d0b42fbd8
Certificate serial: 018CC7271860C6E8BCC3A0461D08407FB30C
Authority key identifier: 99:55:C5:A7:13:7E:B5:D4:7E:A2:4E:17:D2:7F:A9:2D:0B:42:FB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mVXFpxN-tdR-ok4X0n-pLQtC-9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/c2vIVYk21nmHSH_w7FWYZJO5tJo.roa
Signing time: Mon 01 Jan 2024 22:31:17 +0000
ROA not before: Mon 01 Jan 2024 22:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12361
IP address blocks: 195.97.52.0/24 maxlen: 24
62.74.128.0/17 maxlen: 17
77.69.38.0/24 maxlen: 24
213.249.32.0/19 maxlen: 19
62.74.0.0/17 maxlen: 22
213.249.40.0/24 maxlen: 24
62.74.0.0/16 maxlen: 24
213.249.59.0/24 maxlen: 24
195.46.0.0/19 maxlen: 24
195.46.0.0/20 maxlen: 20
185.158.220.0/22 maxlen: 22
185.158.220.0/23 maxlen: 23
185.158.222.0/23 maxlen: 23
213.249.0.0/18 maxlen: 18
213.249.0.0/19 maxlen: 19
213.249.0.0/21 maxlen: 21
195.46.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/mVXFpxN-tdR-ok4X0n-pLQtC-9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/mVXFpxN-tdR-ok4X0n-pLQtC-9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/mVXFpxN-tdR-ok4X0n-pLQtC-9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:18:60:c6:e8:bc:c3:a0:46:1d:08:40:7f:b3:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9955c5a7137eb5d47ea24e17d27fa92d0b42fbd8
Validity
Not Before: Jan 1 22:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=736bc8558936d67987487ff0ec55986493b9b49a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:40:5a:d0:1e:88:ae:d0:9b:8b:51:dc:6f:87:
bb:b8:7e:5a:95:ac:fd:86:b8:28:57:9b:c0:54:47:
8e:e4:67:ae:cc:26:6b:07:df:e6:7a:b3:aa:93:b0:
91:5c:04:32:6e:a1:ac:ee:09:51:d1:44:28:b0:a0:
e1:b3:2e:30:06:f5:d3:08:4c:f4:88:e0:4a:65:92:
25:77:8d:03:a7:5e:af:4c:47:e1:fc:b7:c6:48:2d:
00:bf:e2:54:f1:ca:37:cb:ef:ff:6b:56:aa:21:97:
f6:fc:71:b0:3d:26:38:88:e8:6a:23:c3:45:ab:73:
73:0f:3e:34:06:f6:16:7b:6a:a1:48:62:1a:b0:de:
c9:66:04:f2:38:0e:be:e4:63:8f:68:e1:be:56:e5:
03:96:bf:c8:0d:12:1b:d5:04:28:84:b7:c2:c3:e7:
bc:07:bf:91:9d:11:6b:6b:b8:cb:06:64:be:ef:0a:
69:7b:16:e3:9d:a9:a3:a7:d1:de:95:58:bb:73:e0:
84:dd:7a:9a:85:28:dc:55:6c:3a:41:2f:ea:28:cd:
b7:d1:d1:84:f6:17:5f:aa:2c:53:51:e8:46:21:67:
f2:4d:35:09:79:0b:7e:ed:5b:10:93:7c:4a:0f:78:
75:44:48:49:fb:cf:d6:ab:45:ce:72:7f:49:cc:b3:
5f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:6B:C8:55:89:36:D6:79:87:48:7F:F0:EC:55:98:64:93:B9:B4:9A
X509v3 Authority Key Identifier:
keyid:99:55:C5:A7:13:7E:B5:D4:7E:A2:4E:17:D2:7F:A9:2D:0B:42:FB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mVXFpxN-tdR-ok4X0n-pLQtC-9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/c2vIVYk21nmHSH_w7FWYZJO5tJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/9453a0-e655-480e-b6a9-e39524e7a6ed/1/mVXFpxN-tdR-ok4X0n-pLQtC-9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.74.0.0/16
77.69.38.0/24
185.158.220.0/22
195.46.0.0/19
195.97.52.0/24
213.249.0.0/18
Signature Algorithm: sha256WithRSAEncryption
7f:64:b0:74:66:cd:13:fb:68:89:12:6d:f7:70:a6:e4:8f:33:
43:ed:e6:0a:42:a6:62:a1:7f:39:a5:12:ff:47:21:e9:fb:da:
9b:e3:3c:f6:24:b2:5e:b3:6d:84:48:99:81:fc:42:9e:93:8b:
1c:71:5b:a9:02:e2:3f:a9:ea:e1:fe:c8:99:1e:b8:12:cf:42:
74:87:12:67:14:47:c7:9e:15:7d:59:33:51:34:32:5b:c3:99:
e1:18:5c:b7:7b:65:ed:8c:3f:22:70:8c:9c:6e:72:53:72:ca:
f7:41:f5:eb:40:9a:f4:14:f5:0c:07:f7:22:96:45:4d:96:43:
bf:27:35:3e:bd:9b:20:6c:14:fc:5f:c3:34:8b:6f:f0:f9:3e:
04:d2:c3:a6:a6:9f:37:20:17:f7:12:7b:4c:e2:23:45:00:a1:
ae:ef:27:23:4c:9c:2a:4c:ee:5c:62:47:29:82:b5:0e:00:40:
65:80:36:d6:ce:43:53:e1:6f:aa:00:a6:68:f8:3c:27:8e:89:
26:b0:12:c5:cd:d2:38:81:34:c3:42:ad:fe:6c:a4:d9:a6:9b:
4d:db:bc:35:02:c8:ff:cc:c3:93:9a:c0:e9:f3:81:ec:d4:5a:
18:cc:ca:b7:42:4e:5e:11:18:c9:58:75:82:c1:22:25:ed:01:
e3:f1:2c:3b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzHJxhgxui8w6BGHQhAf7MMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NTVjNWE3MTM3ZWI1ZDQ3ZWEyNGUxN2QyN2ZhOTJkMGI0
MmZiZDgwHhcNMjQwMTAxMjIzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzZiYzg1NTg5MzZkNjc5ODc0ODdmZjBlYzU1OTg2NDkzYjliNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUBa0B6IrtCbi1Hcb4e7uH5alaz9
hrgoV5vAVEeO5GeuzCZrB9/merOqk7CRXAQybqGs7glR0UQosKDhsy4wBvXTCEz0
iOBKZZIld40Dp16vTEfh/LfGSC0Av+JU8co3y+//a1aqIZf2/HGwPSY4iOhqI8NF
q3NzDz40BvYWe2qhSGIasN7JZgTyOA6+5GOPaOG+VuUDlr/IDRIb1QQohLfCw+e8
B7+RnRFra7jLBmS+7wppexbjnamjp9HelVi7c+CE3XqahSjcVWw6QS/qKM230dGE
9hdfqixTUehGIWfyTTUJeQt+7VsQk3xKD3h1REhJ+8/Wq0XOcn9JzLNfZwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHNryFWJNtZ5h0h/8OxVmGSTubSaMB8GA1UdIwQY
MBaAFJlVxacTfrXUfqJOF9J/qS0LQvvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVZYRnB4Ti10ZFItb2s0WDBuLXBMUXRDLTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy85NDUzYTAtZTY1NS00ODBlLWI2YTkt
ZTM5NTI0ZTdhNmVkLzEvYzJ2SVZZazIxbm1IU0hfdzdGV1laSk81dEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy85NDUzYTAtZTY1NS00ODBlLWI2YTktZTM5NTI0ZTdhNmVk
LzEvbVZYRnB4Ti10ZFItb2s0WDBuLXBMUXRDLTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAATAjAwMAPkoDBABN
RSYDBAK5ntwDBAXDLgADBADDYTQDBAbV+QAwDQYJKoZIhvcNAQELBQADggEBAH9k
sHRmzRP7aIkSbfdwpuSPM0Pt5gpCpmKhfzmlEv9HIen72pvjPPYksl6zbYRImYH8
Qp6TixxxW6kC4j+p6uH+yJkeuBLPQnSHEmcUR8eeFX1ZM1E0MlvDmeEYXLd7Ze2M
PyJwjJxuclNyyvdB9etAmvQU9QwH9yKWRU2WQ78nNT69myBsFPxfwzSLb/D5PgTS
w6amnzcgF/cSe0ziI0UAoa7vJyNMnCpM7lxiRymCtQ4AQGWANtbOQ1Phb6oApmj4
PCeOiSawEsXN0jiBNMNCrf5spNmmm03bvDUCyP/Mw5OawOnzgezUWhjMyrdCTl4R
GMlYdYLBIiXtAePxLDs=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:42:45 2024 by rpki-client on console-fra.rpki-client.org