Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/i9svHW1A9Q1Y5xGz3fjWlWNfq-4.roa
File: i9svHW1A9Q1Y5xGz3fjWlWNfq-4.roa (raw, json)
Hash identifier: r1c+Wk6e9zZXlCHgAFGZrju4v+fs/scIziR8eauPLSI=
Subject key identifier: 8B:DB:2F:1D:6D:40:F5:0D:58:E7:11:B3:DD:F8:D6:95:63:5F:AB:EE
Certificate issuer: /CN=68799b772b551db784eeba8b0e115a0c433cd3ba
Certificate serial: 018CC793D5CF498328448BA5F510AABCA706
Authority key identifier: 68:79:9B:77:2B:55:1D:B7:84:EE:BA:8B:0E:11:5A:0C:43:3C:D3:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHmbdytVHbeE7rqLDhFaDEM807o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/i9svHW1A9Q1Y5xGz3fjWlWNfq-4.roa
Signing time: Tue 02 Jan 2024 00:30:03 +0000
ROA not before: Tue 02 Jan 2024 00:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39691
IP address blocks: 185.234.224.0/22 maxlen: 22
185.234.224.0/23 maxlen: 23
185.234.224.0/24 maxlen: 24
185.234.225.0/24 maxlen: 24
185.234.226.0/24 maxlen: 24
185.234.227.0/24 maxlen: 24
2a0d:2f00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/aHmbdytVHbeE7rqLDhFaDEM807o.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/aHmbdytVHbeE7rqLDhFaDEM807o.mft
rsync://rpki.ripe.net/repository/DEFAULT/aHmbdytVHbeE7rqLDhFaDEM807o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:d5:cf:49:83:28:44:8b:a5:f5:10:aa:bc:a7:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68799b772b551db784eeba8b0e115a0c433cd3ba
Validity
Not Before: Jan 2 00:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bdb2f1d6d40f50d58e711b3ddf8d695635fabee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:23:16:fe:e9:60:e3:3b:96:ce:a1:86:49:97:
21:9b:a0:c8:43:92:df:e1:2c:16:4b:72:fb:e2:a1:
a6:1b:60:40:1e:af:49:85:69:45:7a:5d:38:c5:35:
d7:14:18:f2:7a:a8:f7:a3:b3:e8:b9:bd:35:de:51:
8f:09:07:02:86:33:df:49:f0:03:c2:77:4d:f0:37:
77:81:98:db:c5:bf:9b:4a:e9:4a:cb:0d:f6:17:c4:
d4:28:16:dc:08:f5:c2:ef:e5:bb:66:81:9d:bf:3e:
63:79:d5:1b:77:19:90:b2:b3:f1:4f:bc:bd:18:42:
e9:d5:5e:16:6a:d8:06:11:00:52:0e:7a:3e:84:03:
d1:33:a2:ff:5e:e6:64:45:d4:63:eb:72:68:69:96:
0d:df:46:55:b8:24:78:6b:79:19:55:3a:3c:5e:bb:
11:d9:98:78:34:7e:91:b5:23:06:93:74:c0:5a:14:
bf:61:44:72:99:59:1d:69:f0:21:36:55:76:37:bc:
27:1a:79:59:7d:d7:5b:b7:13:2e:72:25:ad:d9:43:
0a:3c:b0:c6:47:d1:db:4c:07:fa:c6:d0:16:fa:fa:
c9:bf:18:78:5c:fd:d4:91:44:e8:05:11:c2:1a:a1:
67:dd:e4:01:cc:8f:f7:b7:ef:0e:90:1d:33:e6:8a:
7b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DB:2F:1D:6D:40:F5:0D:58:E7:11:B3:DD:F8:D6:95:63:5F:AB:EE
X509v3 Authority Key Identifier:
keyid:68:79:9B:77:2B:55:1D:B7:84:EE:BA:8B:0E:11:5A:0C:43:3C:D3:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHmbdytVHbeE7rqLDhFaDEM807o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/i9svHW1A9Q1Y5xGz3fjWlWNfq-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/962f2d-7282-421e-a631-0c76a316b52e/1/aHmbdytVHbeE7rqLDhFaDEM807o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.224.0/22
IPv6:
2a0d:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
32:6c:e7:6f:32:6c:24:f6:09:c2:e3:d7:b8:f2:43:0e:e2:e7:
96:9f:7c:23:09:15:11:f5:1c:f5:bc:ba:45:66:9d:c5:c9:66:
58:70:bf:80:76:32:73:65:b9:68:44:d2:d1:7b:2f:5a:20:bb:
b0:a8:aa:30:66:01:81:99:04:6c:b0:f0:23:16:67:69:b9:ab:
1a:bf:17:23:6f:8b:c8:31:8a:5b:4e:f9:76:fd:8b:0f:e0:60:
21:c5:f8:47:3e:e4:50:84:03:ec:96:af:14:63:e5:e3:bb:0e:
93:e0:f7:c4:fc:03:89:38:95:ce:7b:1b:66:ce:52:fd:d4:4f:
b6:ed:5f:59:be:df:fc:9f:79:ff:87:01:67:48:28:0a:21:fe:
6c:2b:14:37:b6:0b:b5:97:58:45:f6:49:73:c2:22:cf:ee:de:
d7:df:0c:bc:ef:79:9f:30:18:7a:13:7d:b5:93:35:70:ca:43:
f4:a0:5d:f4:ef:70:a0:c9:67:85:26:be:87:39:c0:d1:ec:5f:
ba:d6:6f:0e:c2:6b:0c:3f:bb:8e:70:b3:6d:1e:83:1e:51:7b:
44:78:75:94:3b:ac:c5:07:9a:05:87:b8:a5:be:8e:be:2b:2c:
7e:89:ac:79:20:15:93:f8:91:1d:03:8c:e0:a3:dd:f2:f6:4a:
86:74:25:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHk9XPSYMoRIul9RCqvKcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4Nzk5Yjc3MmI1NTFkYjc4NGVlYmE4YjBlMTE1YTBjNDMz
Y2QzYmEwHhcNMjQwMTAyMDAzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmRiMmYxZDZkNDBmNTBkNThlNzExYjNkZGY4ZDY5NTYzNWZhYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSMW/ulg4zuWzqGGSZchm6DIQ5Lf
4SwWS3L74qGmG2BAHq9JhWlFel04xTXXFBjyeqj3o7Poub013lGPCQcChjPfSfAD
wndN8Dd3gZjbxb+bSulKyw32F8TUKBbcCPXC7+W7ZoGdvz5jedUbdxmQsrPxT7y9
GELp1V4WatgGEQBSDno+hAPRM6L/XuZkRdRj63JoaZYN30ZVuCR4a3kZVTo8XrsR
2Zh4NH6RtSMGk3TAWhS/YURymVkdafAhNlV2N7wnGnlZfddbtxMuciWt2UMKPLDG
R9HbTAf6xtAW+vrJvxh4XP3UkUToBRHCGqFn3eQBzI/3t+8OkB0z5op7yQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIvbLx1tQPUNWOcRs9341pVjX6vuMB8GA1UdIwQY
MBaAFGh5m3crVR23hO66iw4RWgxDPNO6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUhtYmR5dFZIYmVFN3JxTERoRmFERU04MDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi85NjJmMmQtNzI4Mi00MjFlLWE2MzEt
MGM3NmEzMTZiNTJlLzEvaTlzdkhXMUE5UTFZNXhHejNmaldsV05mcS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi85NjJmMmQtNzI4Mi00MjFlLWE2MzEtMGM3NmEzMTZiNTJl
LzEvYUhtYmR5dFZIYmVFN3JxTERoRmFERU04MDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuergMA8E
AgACMAkDBwAqDS8AAAAwDQYJKoZIhvcNAQELBQADggEBADJs528ybCT2CcLj17jy
Qw7i55affCMJFRH1HPW8ukVmncXJZlhwv4B2MnNluWhE0tF7L1ogu7CoqjBmAYGZ
BGyw8CMWZ2m5qxq/FyNvi8gxiltO+Xb9iw/gYCHF+Ec+5FCEA+yWrxRj5eO7DpPg
98T8A4k4lc57G2bOUv3UT7btX1m+3/yfef+HAWdIKAoh/mwrFDe2C7WXWEX2SXPC
Is/u3tffDLzveZ8wGHoTfbWTNXDKQ/SgXfTvcKDJZ4Umvoc5wNHsX7rWbw7Caww/
u45ws20egx5Re0R4dZQ7rMUHmgWHuKW+jr4rLH6JrHkgFZP4kR0DjOCj3fL2SoZ0
JV0=
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:58:22 2024 by rpki-client on console-fra.rpki-client.org