Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/AspSVUqcTyY3tgeJPVtmoMZTUEc.roa
File: AspSVUqcTyY3tgeJPVtmoMZTUEc.roa (raw, json)
Hash identifier: 5mazVwl41nmOIHx0+IXkI5Y6TP9lGglLHqnZw5m790Y=
Subject key identifier: 02:CA:52:55:4A:9C:4F:26:37:B6:07:89:3D:5B:66:A0:C6:53:50:47
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 018CC3B6E189CCA99535E9E9D6F6F4FE3F75
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/AspSVUqcTyY3tgeJPVtmoMZTUEc.roa
Signing time: Mon 01 Jan 2024 06:29:51 +0000
ROA not before: Mon 01 Jan 2024 06:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206150
IP address blocks: 185.187.47.0/24 maxlen: 24
185.187.46.0/23 maxlen: 23
185.187.46.0/24 maxlen: 24
92.42.22.0/24 maxlen: 24
92.42.23.0/24 maxlen: 24
92.42.21.0/24 maxlen: 24
92.42.20.0/24 maxlen: 24
194.50.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e1:89:cc:a9:95:35:e9:e9:d6:f6:f4:fe:3f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 1 06:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02ca52554a9c4f2637b607893d5b66a0c6535047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1e:24:28:36:1c:13:1e:7a:9c:a8:a3:dd:73:
54:34:fe:37:45:4a:b5:4f:97:ed:ea:ac:f5:20:ca:
d0:29:2f:b3:5c:98:0c:7d:1f:03:c7:93:09:87:1a:
89:13:4d:21:d3:0f:68:28:3d:fc:5e:85:39:4a:bb:
5a:4c:b7:1f:09:12:14:f3:59:07:8a:e9:0c:c8:c6:
c3:cb:67:6d:e1:17:2d:b1:d7:51:52:ab:ce:6a:4d:
79:3b:34:28:c1:d8:2a:c6:b5:1a:68:80:92:99:9a:
2b:f3:ea:07:11:b9:8b:c7:59:11:b1:d9:0a:81:1c:
c1:a2:df:6b:35:a9:b3:27:23:66:fc:d4:19:3c:49:
da:8f:0a:f5:d7:db:47:a0:3f:a0:9b:2a:76:79:20:
4d:fc:6f:e7:51:92:47:7c:b1:38:20:26:39:35:04:
3f:61:bb:35:71:58:a4:e2:d7:fc:42:06:3b:34:f7:
61:1b:fc:f9:59:3c:d7:bb:f3:d7:65:d5:07:6d:00:
09:bf:46:42:a7:ed:a5:12:b3:32:85:07:ac:0d:07:
c8:f7:db:8a:2d:ab:77:2a:3b:a6:a9:d8:fb:99:43:
9d:80:44:0c:f9:26:df:61:6e:35:9f:e2:32:8e:1e:
cb:fe:91:1d:ec:74:30:d9:27:4d:c5:a0:47:ff:3f:
ec:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:CA:52:55:4A:9C:4F:26:37:B6:07:89:3D:5B:66:A0:C6:53:50:47
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/AspSVUqcTyY3tgeJPVtmoMZTUEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.20.0/22
185.187.46.0/23
194.50.59.0/24
Signature Algorithm: sha256WithRSAEncryption
04:5c:a7:1d:33:be:c0:26:4e:75:0d:20:f3:e9:3f:d8:99:57:
2c:6a:6d:41:2f:4d:84:14:6a:bc:78:ae:13:9c:ea:2c:a2:01:
39:f7:ff:20:43:ad:28:25:e8:82:fd:b8:e5:dd:8a:b3:4c:43:
3a:ea:f5:46:5d:a2:19:f3:8d:fc:6d:8b:6b:45:dc:3e:27:a9:
7a:15:b4:ab:88:b5:3b:72:8d:23:8f:f6:39:de:fa:a2:ad:0c:
b8:70:04:98:f3:e2:64:6e:39:0e:55:a9:22:21:d5:1c:e6:4f:
eb:c1:af:1d:df:2e:29:19:da:b8:51:ae:db:96:64:06:65:44:
6e:e7:9a:6b:f0:73:ab:20:23:97:c0:56:14:ff:15:ec:21:38:
b9:4a:4e:a7:d4:00:6a:88:8c:3d:50:7c:19:62:29:3c:f5:d7:
2b:b7:7b:e1:e4:2e:c4:fd:a1:7d:25:98:bd:82:16:6b:ba:dc:
58:ef:5a:41:c3:b8:68:28:5b:28:a7:75:e7:16:48:f7:cd:fe:
2a:f2:95:79:29:ec:c8:67:ab:a5:5d:9b:af:16:1e:5c:45:ca:
84:c7:85:34:5b:73:1e:eb:98:10:7c:b9:1e:38:78:96:4d:95:
fb:bd:ad:f4:7e:2e:1a:03:2a:50:cb:a9:36:9b:65:af:cd:29:
97:02:a6:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtuGJzKmVNenp1vb0/j91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjQwMTAxMDYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmNhNTI1NTRhOWM0ZjI2MzdiNjA3ODkzZDViNjZhMGM2NTM1MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwB4kKDYcEx56nKij3XNUNP43RUq1
T5ft6qz1IMrQKS+zXJgMfR8Dx5MJhxqJE00h0w9oKD38XoU5SrtaTLcfCRIU81kH
iukMyMbDy2dt4RctsddRUqvOak15OzQowdgqxrUaaICSmZor8+oHEbmLx1kRsdkK
gRzBot9rNamzJyNm/NQZPEnajwr119tHoD+gmyp2eSBN/G/nUZJHfLE4ICY5NQQ/
Ybs1cVik4tf8QgY7NPdhG/z5WTzXu/PXZdUHbQAJv0ZCp+2lErMyhQesDQfI99uK
Lat3Kjumqdj7mUOdgEQM+SbfYW41n+Iyjh7L/pEd7HQw2SdNxaBH/z/s+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFALKUlVKnE8mN7YHiT1bZqDGU1BHMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvQXNwU1ZVcWNUeVkzdGdlSlBWdG1vTVpUVUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXCoUAwQB
ubsuAwQAwjI7MA0GCSqGSIb3DQEBCwUAA4IBAQAEXKcdM77AJk51DSDz6T/YmVcs
am1BL02EFGq8eK4TnOosogE59/8gQ60oJeiC/bjl3YqzTEM66vVGXaIZ8438bYtr
Rdw+J6l6FbSriLU7co0jj/Y53vqirQy4cASY8+JkbjkOVakiIdUc5k/rwa8d3y4p
Gdq4Ua7blmQGZURu55pr8HOrICOXwFYU/xXsITi5Sk6n1ABqiIw9UHwZYik89dcr
t3vh5C7E/aF9JZi9ghZrutxY71pBw7hoKFsop3XnFkj3zf4q8pV5KezIZ6ulXZuv
Fh5cRcqEx4U0W3Me65gQfLkeOHiWTZX7va30fi4aAypQy6k2m2WvzSmXAqYQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:11:19 2024 by rpki-client on console-ams.rpki-client.org