Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a413c6-08ba-42d8-94ca-d8721b80dd79/1/IU6N9bb9bm2XkvUX5lUbhNW3qeQ.roa
File: IU6N9bb9bm2XkvUX5lUbhNW3qeQ.roa (raw, json)
Hash identifier: VggDcsYTZY0oHYjO2xAu2Yp+WEzQzDqPdNv/MBwuIBk=
Subject key identifier: 21:4E:8D:F5:B6:FD:6E:6D:97:92:F5:17:E6:55:1B:84:D5:B7:A9:E4
Certificate issuer: /CN=956ad9a95ac15802e58341808a04de53d9cf82f1
Certificate serial: 01934DAE9F1408068C6535440A3CAB6A793E
Authority key identifier: 95:6A:D9:A9:5A:C1:58:02:E5:83:41:80:8A:04:DE:53:D9:CF:82:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lWrZqVrBWALlg0GAigTeU9nPgvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/a413c6-08ba-42d8-94ca-d8721b80dd79/1/IU6N9bb9bm2XkvUX5lUbhNW3qeQ.roa
Signing time: Thu 21 Nov 2024 07:45:09 +0000
ROA not before: Thu 21 Nov 2024 07:45:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62440
IP address blocks: 185.35.128.0/22 maxlen: 22
185.35.128.0/24 maxlen: 24
185.35.129.0/24 maxlen: 24
185.35.130.0/24 maxlen: 24
185.35.131.0/24 maxlen: 24
212.94.16.0/20 maxlen: 20
212.94.16.0/24 maxlen: 24
212.94.17.0/24 maxlen: 24
212.94.18.0/24 maxlen: 24
212.94.19.0/24 maxlen: 24
212.94.20.0/24 maxlen: 24
212.94.21.0/24 maxlen: 24
212.94.22.0/24 maxlen: 24
212.94.23.0/24 maxlen: 24
212.94.24.0/24 maxlen: 24
212.94.25.0/24 maxlen: 24
212.94.26.0/24 maxlen: 24
212.94.27.0/24 maxlen: 24
212.94.28.0/24 maxlen: 24
212.94.29.0/24 maxlen: 24
212.94.30.0/24 maxlen: 24
212.94.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/a413c6-08ba-42d8-94ca-d8721b80dd79/1/lWrZqVrBWALlg0GAigTeU9nPgvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/a413c6-08ba-42d8-94ca-d8721b80dd79/1/lWrZqVrBWALlg0GAigTeU9nPgvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/lWrZqVrBWALlg0GAigTeU9nPgvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 13:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4d:ae:9f:14:08:06:8c:65:35:44:0a:3c:ab:6a:79:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=956ad9a95ac15802e58341808a04de53d9cf82f1
Validity
Not Before: Nov 21 07:45:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=214e8df5b6fd6e6d9792f517e6551b84d5b7a9e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:1d:38:46:76:75:9e:1a:0a:71:73:9f:2c:
14:a6:7d:5e:f2:e7:c2:b4:80:21:3f:70:c6:fc:45:
7d:f8:65:cf:ee:aa:98:70:1a:84:f9:e0:83:d6:bc:
38:8a:55:8c:8a:4f:c7:98:5b:32:29:72:96:3e:f1:
c6:15:f8:ee:e5:db:c4:27:55:41:b2:77:93:84:86:
27:6d:e9:60:86:33:ca:ba:ac:40:74:64:5e:68:2d:
a5:8b:d8:1e:ab:aa:fd:78:98:7a:a3:60:65:de:f3:
2d:72:2d:42:57:29:12:24:19:b7:7f:a5:76:ee:c2:
83:c8:e1:3d:b6:88:60:35:7d:3e:77:f1:78:fb:b5:
11:57:2a:d7:a0:e9:eb:c9:22:05:8b:f2:e5:1e:f7:
4c:0b:e4:57:d5:3d:29:62:2a:d0:04:bb:fc:36:72:
e7:89:85:17:1c:57:46:57:4b:29:12:38:fc:9b:5a:
6a:43:d4:94:11:74:91:90:ec:44:e1:9c:98:87:d9:
91:73:d7:c8:30:86:f6:f2:d5:ca:96:bf:1f:eb:c3:
66:4e:6b:60:53:e1:1b:e5:4b:3b:6f:7f:49:15:d7:
12:10:43:f5:86:52:61:75:de:10:57:65:1d:d5:23:
23:83:27:c5:f6:d5:06:73:b2:bb:46:00:3f:d3:64:
ee:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4E:8D:F5:B6:FD:6E:6D:97:92:F5:17:E6:55:1B:84:D5:B7:A9:E4
X509v3 Authority Key Identifier:
keyid:95:6A:D9:A9:5A:C1:58:02:E5:83:41:80:8A:04:DE:53:D9:CF:82:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWrZqVrBWALlg0GAigTeU9nPgvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a413c6-08ba-42d8-94ca-d8721b80dd79/1/IU6N9bb9bm2XkvUX5lUbhNW3qeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a413c6-08ba-42d8-94ca-d8721b80dd79/1/lWrZqVrBWALlg0GAigTeU9nPgvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.128.0/22
212.94.16.0/20
Signature Algorithm: sha256WithRSAEncryption
7b:34:fd:c4:ed:3d:ff:05:31:3b:bf:69:b1:4e:dd:95:45:d2:
17:00:69:b2:ee:2b:fd:c3:c1:8c:e1:08:fd:01:2e:87:ff:18:
ee:31:31:fe:69:ab:16:ec:27:8d:e0:8a:67:ca:16:10:f1:89:
a0:e5:bb:0b:f4:0b:28:05:0e:97:9e:32:b9:db:9b:8b:e8:07:
18:55:89:4b:18:e7:33:ba:34:b9:20:15:d0:f0:46:02:5d:99:
51:c9:9d:91:e2:6e:9c:17:b9:33:00:78:86:d4:5f:2e:d6:7d:
1a:4e:c6:d5:3e:92:98:ba:14:2b:56:9a:c4:7c:7a:42:64:f4:
bb:41:58:b6:43:fd:87:6a:ae:db:86:9c:b2:60:8f:4f:cf:19:
8a:f5:b8:bc:ae:d5:37:32:7f:e6:74:9c:8d:46:82:38:87:ed:
a6:c5:0b:b5:7e:d4:5d:aa:dc:b2:8d:05:f2:f1:6a:f2:e0:15:
b6:dc:39:14:d1:c6:4b:64:7d:c3:0d:f3:cd:fc:17:51:42:a0:
89:be:23:4c:f1:81:f5:86:d4:4e:4b:7b:c6:69:65:a4:5b:29:
de:af:b1:68:94:9d:35:5b:93:18:17:7c:42:cb:19:d3:08:c4:
33:d5:be:be:d4:37:ca:95:20:d8:eb:72:21:8f:01:4a:ee:e2:
56:41:b5:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNNrp8UCAaMZTVECjyrank+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NmFkOWE5NWFjMTU4MDJlNTgzNDE4MDhhMDRkZTUzZDlj
ZjgyZjEwHhcNMjQxMTIxMDc0NTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRlOGRmNWI2ZmQ2ZTZkOTc5MmY1MTdlNjU1MWI4NGQ1YjdhOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKcdOEZ2dZ4aCnFznywUpn1e8ufC
tIAhP3DG/EV9+GXP7qqYcBqE+eCD1rw4ilWMik/HmFsyKXKWPvHGFfju5dvEJ1VB
sneThIYnbelghjPKuqxAdGReaC2li9geq6r9eJh6o2Bl3vMtci1CVykSJBm3f6V2
7sKDyOE9tohgNX0+d/F4+7URVyrXoOnrySIFi/LlHvdMC+RX1T0pYirQBLv8NnLn
iYUXHFdGV0spEjj8m1pqQ9SUEXSRkOxE4ZyYh9mRc9fIMIb28tXKlr8f68NmTmtg
U+Eb5Us7b39JFdcSEEP1hlJhdd4QV2Ud1SMjgyfF9tUGc7K7RgA/02TufwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCFOjfW2/W5tl5L1F+ZVG4TVt6nkMB8GA1UdIwQY
MBaAFJVq2alawVgC5YNBgIoE3lPZz4LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFdyWnFWckJXQUxsZzBHQWlnVGVVOW5QZ3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNDEzYzYtMDhiYS00MmQ4LTk0Y2Et
ZDg3MjFiODBkZDc5LzEvSVU2TjliYjlibTJYa3ZVWDVsVWJoTlczcWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNDEzYzYtMDhiYS00MmQ4LTk0Y2EtZDg3MjFiODBkZDc5
LzEvbFdyWnFWckJXQUxsZzBHQWlnVGVVOW5QZ3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSOAAwQE
1F4QMA0GCSqGSIb3DQEBCwUAA4IBAQB7NP3E7T3/BTE7v2mxTt2VRdIXAGmy7iv9
w8GM4Qj9AS6H/xjuMTH+aasW7CeN4IpnyhYQ8Ymg5bsL9AsoBQ6XnjK525uL6AcY
VYlLGOczujS5IBXQ8EYCXZlRyZ2R4m6cF7kzAHiG1F8u1n0aTsbVPpKYuhQrVprE
fHpCZPS7QVi2Q/2Haq7bhpyyYI9PzxmK9bi8rtU3Mn/mdJyNRoI4h+2mxQu1ftRd
qtyyjQXy8Wry4BW23DkU0cZLZH3DDfPN/BdRQqCJviNM8YH1htROS3vGaWWkWyne
r7FolJ01W5MYF3xCyxnTCMQz1b6+1DfKlSDY63IhjwFK7uJWQbUX
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:57:12 2024 by rpki-client on console-ams.rpki-client.org