Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/68d16a-82e5-4f4a-8730-27d03e393fb7/1/rTzB5jN_ar47vGDucA-YZ0VEH6w.roa
File: rTzB5jN_ar47vGDucA-YZ0VEH6w.roa (raw, json)
Hash identifier: qOAB/fmfUl/KZ0T4/UatQzR23sMEbMPUxeQW4h5cmx8=
Subject key identifier: AD:3C:C1:E6:33:7F:6A:BE:3B:BC:60:EE:70:0F:98:67:45:44:1F:AC
Certificate issuer: /CN=079d9053717a16a76c10ae838f5625055be0481f
Certificate serial: 018F649C013FA2F9C0DCD5F97908E40566F5
Authority key identifier: 07:9D:90:53:71:7A:16:A7:6C:10:AE:83:8F:56:25:05:5B:E0:48:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B52QU3F6FqdsEK6Dj1YlBVvgSB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/68d16a-82e5-4f4a-8730-27d03e393fb7/1/rTzB5jN_ar47vGDucA-YZ0VEH6w.roa
Signing time: Fri 10 May 2024 22:24:56 +0000
ROA not before: Fri 10 May 2024 22:24:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206192
IP address blocks: 185.21.4.0/24 maxlen: 24
185.33.61.0/24 maxlen: 24
185.93.249.0/24 maxlen: 24
185.193.4.0/23 maxlen: 23
185.193.6.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/68d16a-82e5-4f4a-8730-27d03e393fb7/1/B52QU3F6FqdsEK6Dj1YlBVvgSB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/68d16a-82e5-4f4a-8730-27d03e393fb7/1/B52QU3F6FqdsEK6Dj1YlBVvgSB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/B52QU3F6FqdsEK6Dj1YlBVvgSB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:64:9c:01:3f:a2:f9:c0:dc:d5:f9:79:08:e4:05:66:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=079d9053717a16a76c10ae838f5625055be0481f
Validity
Not Before: May 10 22:24:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad3cc1e6337f6abe3bbc60ee700f986745441fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:41:83:c9:c6:48:96:25:82:06:50:23:aa:35:
25:a7:e6:f0:99:17:a3:a5:d5:5e:f5:8e:d5:65:48:
20:f0:b5:4e:db:64:2e:57:06:4b:81:0c:ed:58:27:
73:50:81:69:ec:92:f9:8a:6e:fb:d3:79:53:20:2e:
72:07:b1:35:e3:85:d2:d1:4e:f8:79:59:a3:ac:ca:
ae:e5:ee:13:d9:13:89:f3:82:a6:9c:47:b3:4b:4f:
04:b7:64:d5:91:a4:b5:13:17:f9:47:20:1f:09:86:
60:65:42:9d:8f:72:57:18:b9:70:ba:3b:fd:1a:6e:
07:66:07:f1:59:12:02:cb:77:aa:f9:9e:c6:8b:ab:
2d:de:4e:40:67:eb:18:dc:bf:ea:94:1f:60:60:39:
de:96:c1:b2:1f:6d:88:8e:0d:ea:99:f5:4f:ab:35:
bc:9b:44:f9:24:2f:2b:1a:41:f1:62:16:44:f4:58:
d0:e7:1c:ab:6f:42:02:31:57:68:97:8c:ab:d6:ea:
09:de:d1:9a:cc:04:33:e1:ce:c9:29:58:fa:02:6a:
0d:f4:df:45:46:64:a4:44:17:fc:29:39:03:f2:8e:
1d:d5:3e:52:b8:ab:5a:ec:e2:62:eb:ed:8e:12:34:
f7:44:17:66:9e:62:de:a5:77:d0:3a:ad:11:9e:eb:
2e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:3C:C1:E6:33:7F:6A:BE:3B:BC:60:EE:70:0F:98:67:45:44:1F:AC
X509v3 Authority Key Identifier:
keyid:07:9D:90:53:71:7A:16:A7:6C:10:AE:83:8F:56:25:05:5B:E0:48:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B52QU3F6FqdsEK6Dj1YlBVvgSB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/68d16a-82e5-4f4a-8730-27d03e393fb7/1/rTzB5jN_ar47vGDucA-YZ0VEH6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/68d16a-82e5-4f4a-8730-27d03e393fb7/1/B52QU3F6FqdsEK6Dj1YlBVvgSB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.4.0/24
185.33.61.0/24
185.93.249.0/24
185.193.4.0/22
Signature Algorithm: sha256WithRSAEncryption
87:8c:0b:a6:7a:64:8f:24:2b:ac:4c:c0:74:35:0a:cc:78:fd:
38:70:2a:a4:08:d0:8c:3c:31:cc:57:c0:0c:42:05:dd:7b:05:
e8:c3:bf:c1:4c:0f:8f:9f:4a:4a:dd:35:35:29:43:7a:7f:55:
7e:30:a9:d2:da:e3:77:78:e8:5e:83:e6:68:e0:f6:68:5a:6a:
64:3e:d3:fd:8f:34:f5:a8:47:5e:6a:b3:71:42:3c:45:d9:95:
73:91:ee:3c:83:86:d0:2f:1a:d5:1a:73:09:13:28:49:a5:9d:
ab:8f:33:7e:32:86:52:5c:fc:d2:0a:63:d7:1a:3e:16:d0:ed:
b0:57:c1:88:d0:c3:59:53:df:66:c6:ec:f9:ab:39:44:94:84:
e2:48:88:2c:a7:39:76:24:7a:92:c7:4a:43:77:e5:b8:2d:56:
ff:ed:54:ce:5e:2f:bc:a0:f1:fd:9e:97:b4:4c:fe:72:32:20:
62:3e:df:a6:e5:df:8f:c8:4d:8c:b7:7e:6b:43:f6:9b:a4:d2:
5f:11:dd:9e:9f:cf:43:82:57:2d:96:77:e1:ee:a3:54:81:d3:
5d:52:6e:f2:b4:bc:a0:93:03:54:1a:3b:7e:74:bb:a3:86:bc:
7e:90:3d:62:ca:4d:45:d0:83:ec:52:9d:f7:e7:ab:2b:55:f2:
cd:29:f8:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9knAE/ovnA3NX5eQjkBWb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3OWQ5MDUzNzE3YTE2YTc2YzEwYWU4MzhmNTYyNTA1NWJl
MDQ4MWYwHhcNMjQwNTEwMjIyNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDNjYzFlNjMzN2Y2YWJlM2JiYzYwZWU3MDBmOTg2NzQ1NDQxZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEGDycZIliWCBlAjqjUlp+bwmRej
pdVe9Y7VZUgg8LVO22QuVwZLgQztWCdzUIFp7JL5im7703lTIC5yB7E144XS0U74
eVmjrMqu5e4T2ROJ84KmnEezS08Et2TVkaS1Exf5RyAfCYZgZUKdj3JXGLlwujv9
Gm4HZgfxWRICy3eq+Z7Gi6st3k5AZ+sY3L/qlB9gYDnelsGyH22Ijg3qmfVPqzW8
m0T5JC8rGkHxYhZE9FjQ5xyrb0ICMVdol4yr1uoJ3tGazAQz4c7JKVj6AmoN9N9F
RmSkRBf8KTkD8o4d1T5SuKta7OJi6+2OEjT3RBdmnmLepXfQOq0RnusuZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFK08weYzf2q+O7xg7nAPmGdFRB+sMB8GA1UdIwQY
MBaAFAedkFNxehanbBCug49WJQVb4EgfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjUyUVUzRjZGcWRzRUs2RGoxWWxCVnZnU0I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OGQxNmEtODJlNS00ZjRhLTg3MzAt
MjdkMDNlMzkzZmI3LzEvclR6QjVqTl9hcjQ3dkdEdWNBLVlaMFZFSDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OGQxNmEtODJlNS00ZjRhLTg3MzAtMjdkMDNlMzkzZmI3
LzEvQjUyUVUzRjZGcWRzRUs2RGoxWWxCVnZnU0I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuRUEAwQA
uSE9AwQAuV35AwQCucEEMA0GCSqGSIb3DQEBCwUAA4IBAQCHjAumemSPJCusTMB0
NQrMeP04cCqkCNCMPDHMV8AMQgXdewXow7/BTA+Pn0pK3TU1KUN6f1V+MKnS2uN3
eOheg+Zo4PZoWmpkPtP9jzT1qEdearNxQjxF2ZVzke48g4bQLxrVGnMJEyhJpZ2r
jzN+MoZSXPzSCmPXGj4W0O2wV8GI0MNZU99mxuz5qzlElITiSIgspzl2JHqSx0pD
d+W4LVb/7VTOXi+8oPH9npe0TP5yMiBiPt+m5d+PyE2Mt35rQ/abpNJfEd2en89D
glctlnfh7qNUgdNdUm7ytLygkwNUGjt+dLujhrx+kD1iyk1F0IPsUp3356srVfLN
Kfja
-----END CERTIFICATE-----
Generated at Wed Jun 26 08:06:06 2024 by rpki-client on console-fra.rpki-client.org