Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/lI3r2LQ40_58g59CCpMEgK915Z8.roa
File: lI3r2LQ40_58g59CCpMEgK915Z8.roa (raw, json)
Hash identifier: AOi+JhZUMo6vAA0XBcjK8i1c6Rg15gpqtKfAGCn5q5Y=
Subject key identifier: 94:8D:EB:D8:B4:38:D3:FE:7C:83:9F:42:0A:93:04:80:AF:75:E5:9F
Certificate issuer: /CN=b79de9458d190e634329f9df1503b5222c1624ee
Certificate serial: 018CC34946F7859C27EBAF241FA6656DD8F1
Authority key identifier: B7:9D:E9:45:8D:19:0E:63:43:29:F9:DF:15:03:B5:22:2C:16:24:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t53pRY0ZDmNDKfnfFQO1IiwWJO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/lI3r2LQ40_58g59CCpMEgK915Z8.roa
Signing time: Mon 01 Jan 2024 04:30:08 +0000
ROA not before: Mon 01 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61076
IP address blocks: 185.231.52.0/24 maxlen: 24
185.231.53.0/24 maxlen: 24
185.231.54.0/24 maxlen: 24
185.231.55.0/24 maxlen: 24
2a13:bc84::/32 maxlen: 32
2a0c:4107::/32 maxlen: 32
2a13:bc80::/32 maxlen: 32
2a0c:4106::/32 maxlen: 32
2a13:bc85::/32 maxlen: 32
2a0c:4100::/32 maxlen: 32
2a0c:4103::/32 maxlen: 32
2a13:bc86::/32 maxlen: 32
2a0c:4105::/32 maxlen: 32
2a13:bc82::/32 maxlen: 32
2a0c:4101::/32 maxlen: 32
2a13:bc83::/32 maxlen: 32
2a0c:4104::/32 maxlen: 32
2a13:bc87::/32 maxlen: 32
2a0c:4102::/32 maxlen: 32
2a13:bc81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/t53pRY0ZDmNDKfnfFQO1IiwWJO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/t53pRY0ZDmNDKfnfFQO1IiwWJO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/t53pRY0ZDmNDKfnfFQO1IiwWJO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:46:f7:85:9c:27:eb:af:24:1f:a6:65:6d:d8:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b79de9458d190e634329f9df1503b5222c1624ee
Validity
Not Before: Jan 1 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=948debd8b438d3fe7c839f420a930480af75e59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cb:d4:0f:a5:65:ed:2c:bd:14:2e:38:28:89:
c1:41:c8:c7:30:c4:b3:7a:fb:50:78:04:6c:b1:c2:
9d:7a:5f:4c:9b:7a:21:95:6b:d2:85:c2:1b:ff:f2:
e5:f1:6b:46:aa:05:7e:a2:5f:e3:be:10:09:de:36:
bd:b3:8d:d0:a1:4b:14:74:e6:42:a0:85:d3:5a:79:
68:34:7b:b0:54:c6:39:e5:f1:f6:4c:8a:55:26:57:
cb:eb:93:9d:b3:7e:9a:11:8e:3b:07:56:cc:ad:74:
83:d6:8a:9d:c8:3d:ba:87:55:7f:6c:11:fa:c2:cd:
87:b0:c3:b2:7e:41:1d:40:96:21:de:d9:dd:28:98:
e5:b1:ca:ab:ef:62:0b:02:d5:fa:e6:52:75:c0:a0:
80:72:3b:3e:a6:53:50:a6:19:86:5b:e0:a1:e4:30:
49:c3:d2:40:9b:4e:ea:d4:f8:59:98:96:07:cd:d8:
cd:e1:19:3f:25:59:5f:1c:bd:b9:17:bf:b0:69:0c:
f7:4e:c7:14:5e:17:9a:7a:7f:65:8b:0e:5f:fe:96:
f9:51:34:6f:e0:ec:d8:52:14:bf:82:a2:dc:07:b2:
a9:8f:65:a3:69:ba:26:1f:04:09:60:60:ff:6f:8a:
a0:55:60:4c:83:04:b0:1b:3d:21:f1:e9:db:4b:38:
99:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8D:EB:D8:B4:38:D3:FE:7C:83:9F:42:0A:93:04:80:AF:75:E5:9F
X509v3 Authority Key Identifier:
keyid:B7:9D:E9:45:8D:19:0E:63:43:29:F9:DF:15:03:B5:22:2C:16:24:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t53pRY0ZDmNDKfnfFQO1IiwWJO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/lI3r2LQ40_58g59CCpMEgK915Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/3be899-a52f-43ad-8e89-f1cd9fa28cc5/1/t53pRY0ZDmNDKfnfFQO1IiwWJO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.52.0/22
IPv6:
2a0c:4100::/29
2a13:bc80::/29
Signature Algorithm: sha256WithRSAEncryption
64:80:59:1c:10:80:8d:d1:ce:a5:98:27:d7:6e:99:26:23:d9:
97:a3:da:8d:46:a2:3c:0a:75:28:1a:5c:fe:cc:31:6a:30:20:
34:fa:3a:ae:48:72:fe:97:bf:87:40:60:56:95:1e:6e:7b:e6:
35:82:ee:0c:ba:06:2e:18:ea:0c:0e:0e:9d:b2:fe:11:e9:2a:
89:c0:d2:13:be:dc:3a:62:6a:67:3f:32:31:c1:4a:7c:fe:42:
c9:44:41:a5:ee:a3:ee:e7:19:b4:c1:52:ab:9f:b5:4b:4f:90:
8e:90:f1:5f:3b:db:a9:a6:d9:09:66:65:de:3e:57:07:b7:78:
69:99:12:de:90:79:ae:cb:2f:0e:64:ea:3c:b0:1c:a4:c3:a1:
da:27:6a:13:00:6b:7c:52:ad:0b:3e:1b:8d:18:bc:03:90:3e:
b5:33:aa:e9:ec:86:3c:73:86:4e:3d:d2:fd:5e:99:c3:d7:ee:
ee:9e:7a:ee:99:ee:60:30:96:15:4d:fe:ff:26:37:13:d0:81:
50:8e:4a:32:ac:83:8e:36:35:85:78:1d:61:a3:2d:ac:c6:ac:
69:26:2a:2b:7c:1a:aa:2b:95:7f:0d:db:c3:f4:c9:91:f0:e1:
75:6f:e0:17:28:e3:45:9c:51:70:8d:94:5c:21:db:a2:32:81:
36:37:9a:79
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzDSUb3hZwn668kH6ZlbdjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OWRlOTQ1OGQxOTBlNjM0MzI5ZjlkZjE1MDNiNTIyMmMx
NjI0ZWUwHhcNMjQwMTAxMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDhkZWJkOGI0MzhkM2ZlN2M4MzlmNDIwYTkzMDQ4MGFmNzVlNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8vUD6Vl7Sy9FC44KInBQcjHMMSz
evtQeARsscKdel9Mm3ohlWvShcIb//Ll8WtGqgV+ol/jvhAJ3ja9s43QoUsUdOZC
oIXTWnloNHuwVMY55fH2TIpVJlfL65Ods36aEY47B1bMrXSD1oqdyD26h1V/bBH6
ws2HsMOyfkEdQJYh3tndKJjlscqr72ILAtX65lJ1wKCAcjs+plNQphmGW+Ch5DBJ
w9JAm07q1PhZmJYHzdjN4Rk/JVlfHL25F7+waQz3TscUXheaen9liw5f/pb5UTRv
4OzYUhS/gqLcB7Kpj2WjabomHwQJYGD/b4qgVWBMgwSwGz0h8enbSziZUQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJSN69i0ONP+fIOfQgqTBICvdeWfMB8GA1UdIwQY
MBaAFLed6UWNGQ5jQyn53xUDtSIsFiTuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDUzcFJZMFpEbU5ES2ZuZkZRTzFJaXdXSk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zYmU4OTktYTUyZi00M2FkLThlODkt
ZjFjZDlmYTI4Y2M1LzEvbEkzcjJMUTQwXzU4ZzU5Q0NwTUVnSzkxNVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zYmU4OTktYTUyZi00M2FkLThlODktZjFjZDlmYTI4Y2M1
LzEvdDUzcFJZMFpEbU5ES2ZuZkZRTzFJaXdXSk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuec0MBQE
AgACMA4DBQMqDEEAAwUDKhO8gDANBgkqhkiG9w0BAQsFAAOCAQEAZIBZHBCAjdHO
pZgn126ZJiPZl6PajUaiPAp1KBpc/swxajAgNPo6rkhy/pe/h0BgVpUebnvmNYLu
DLoGLhjqDA4OnbL+EekqicDSE77cOmJqZz8yMcFKfP5CyURBpe6j7ucZtMFSq5+1
S0+QjpDxXzvbqabZCWZl3j5XB7d4aZkS3pB5rssvDmTqPLAcpMOh2idqEwBrfFKt
Cz4bjRi8A5A+tTOq6eyGPHOGTj3S/V6Zw9fu7p567pnuYDCWFU3+/yY3E9CBUI5K
MqyDjjY1hXgdYaMtrMasaSYqK3waqiuVfw3bw/TJkfDhdW/gFyjjRZxRcI2UXCHb
ojKBNjeaeQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:43:02 2024 by rpki-client on console-fra.rpki-client.org