Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/L1C-ryV_cxTKzB2_-3VP76iDww4.roa
File: L1C-ryV_cxTKzB2_-3VP76iDww4.roa (raw, json)
Hash identifier: C/1YSRmWRyKzUpt0I1CWW05dqBU1epvKDtFMmYa6xPw=
Subject key identifier: 2F:50:BE:AF:25:7F:73:14:CA:CC:1D:BF:FB:75:4F:EF:A8:83:C3:0E
Certificate issuer: /CN=7490ce6b6f8f750e03584ebbd7bdad0f11fbe31c
Certificate serial: 018CC8015ED3599C5DD87B7F2A3B4266075F
Authority key identifier: 74:90:CE:6B:6F:8F:75:0E:03:58:4E:BB:D7:BD:AD:0F:11:FB:E3:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/L1C-ryV_cxTKzB2_-3VP76iDww4.roa
Signing time: Tue 02 Jan 2024 02:29:42 +0000
ROA not before: Tue 02 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198473
IP address blocks: 2.59.184.0/22 maxlen: 22
185.149.229.0/24 maxlen: 24
185.149.230.0/24 maxlen: 24
91.235.100.0/24 maxlen: 24
2a10:b080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5e:d3:59:9c:5d:d8:7b:7f:2a:3b:42:66:07:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7490ce6b6f8f750e03584ebbd7bdad0f11fbe31c
Validity
Not Before: Jan 2 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f50beaf257f7314cacc1dbffb754fefa883c30e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8c:a8:37:34:8a:a3:7c:e1:35:ee:f6:24:55:
5f:1f:d7:b3:43:9c:2f:68:4f:76:92:3f:3f:40:c5:
f1:a0:86:5f:b8:66:ec:65:bd:7a:62:2d:e0:db:42:
02:5e:6c:c2:24:13:c5:ec:84:89:53:b2:dd:a2:26:
c9:40:f6:e1:8f:3d:a2:98:3d:36:99:32:50:95:b9:
df:b0:29:4b:29:43:7b:d4:88:46:48:80:52:dd:63:
1b:cc:8a:97:64:84:36:08:85:20:4d:e6:17:8d:5a:
b5:b4:6f:d4:ea:8e:b3:83:ec:d8:df:d8:7f:95:e1:
fc:44:1d:20:50:c7:77:91:5e:6f:e9:b8:11:de:cd:
a7:81:21:70:88:9c:77:a5:e3:3b:f9:26:3a:94:d4:
bd:98:d9:29:c5:e9:52:31:df:6c:2a:4d:47:f1:49:
64:4a:43:d6:1d:7b:46:bf:17:04:73:2e:15:27:cd:
85:48:d6:b3:29:3a:66:c5:d8:c2:64:b1:c9:90:eb:
b1:06:20:6a:d7:e4:88:61:08:77:90:fe:67:1d:76:
4b:68:d6:bc:bf:a9:35:8c:31:08:73:b4:da:13:4a:
04:66:95:f2:40:ca:86:51:b2:5b:3d:96:e9:45:e9:
dd:11:3d:f9:d5:8c:ea:23:39:89:13:87:ae:84:e1:
17:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:50:BE:AF:25:7F:73:14:CA:CC:1D:BF:FB:75:4F:EF:A8:83:C3:0E
X509v3 Authority Key Identifier:
keyid:74:90:CE:6B:6F:8F:75:0E:03:58:4E:BB:D7:BD:AD:0F:11:FB:E3:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/L1C-ryV_cxTKzB2_-3VP76iDww4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.184.0/22
91.235.100.0/24
185.149.229.0-185.149.230.255
IPv6:
2a10:b080::/29
Signature Algorithm: sha256WithRSAEncryption
96:c6:bc:4c:d0:35:de:fd:86:f2:44:a8:39:ef:fb:54:b3:89:
10:e8:4b:37:d7:ab:8e:bf:9e:b7:bf:be:29:1b:96:0b:1e:41:
c0:26:ad:c3:0a:43:de:b1:52:2a:dc:85:7c:cd:75:05:4a:d6:
d3:9c:06:f1:06:f6:a2:86:f5:7b:6a:ce:d5:35:f6:06:48:48:
15:14:1a:fe:34:55:3f:8a:85:64:a3:3f:c1:5c:b3:c0:33:02:
2a:a3:e8:37:40:b8:49:dd:6f:1d:eb:cf:76:1c:0a:6a:bc:c8:
63:d0:86:99:dd:68:10:3a:0d:43:f5:95:d8:96:b1:e7:7b:fc:
19:b1:76:ec:b8:57:c8:a0:8a:e1:e2:b6:7a:41:7c:96:a9:87:
b1:e6:11:d1:eb:ec:29:d4:d2:77:2b:79:80:4b:a8:fb:03:f6:
88:e3:7a:0b:6b:1a:a2:14:03:da:0d:1c:e9:97:47:5d:e1:59:
79:22:57:4c:d9:e7:b3:e6:bf:72:fe:37:f5:06:d6:0b:9f:9a:
75:82:ac:ce:41:f2:bd:25:ac:56:ec:f2:9d:b1:2f:db:74:70:
f2:79:71:e9:a9:e3:37:df:d8:f5:0a:45:7a:ac:7c:de:c5:17:
87:b9:eb:3c:5c:42:4e:df:cd:59:9c:c7:ac:aa:8e:10:6f:02:
05:68:56:e6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzIAV7TWZxd2Ht/KjtCZgdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTBjZTZiNmY4Zjc1MGUwMzU4NGViYmQ3YmRhZDBmMTFm
YmUzMWMwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjUwYmVhZjI1N2Y3MzE0Y2FjYzFkYmZmYjc1NGZlZmE4ODNjMzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkoyoNzSKo3zhNe72JFVfH9ezQ5wv
aE92kj8/QMXxoIZfuGbsZb16Yi3g20ICXmzCJBPF7ISJU7LdoibJQPbhjz2imD02
mTJQlbnfsClLKUN71IhGSIBS3WMbzIqXZIQ2CIUgTeYXjVq1tG/U6o6zg+zY39h/
leH8RB0gUMd3kV5v6bgR3s2ngSFwiJx3peM7+SY6lNS9mNkpxelSMd9sKk1H8Ulk
SkPWHXtGvxcEcy4VJ82FSNazKTpmxdjCZLHJkOuxBiBq1+SIYQh3kP5nHXZLaNa8
v6k1jDEIc7TaE0oEZpXyQMqGUbJbPZbpRendET351YzqIzmJE4euhOEXvwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFC9Qvq8lf3MUyswdv/t1T++og8MOMB8GA1UdIwQY
MBaAFHSQzmtvj3UOA1hOu9e9rQ8R++McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpET2EyLVBkUTREV0U2NzE3MnREeEg3NHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lZDhlYmEtNmJkNC00NDM4LWIzZTAt
YzQ5NmY5Y2FmYTgzLzEvTDFDLXJ5Vl9jeFRLekIyXy0zVlA3NmlEd3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9lZDhlYmEtNmJkNC00NDM4LWIzZTAtYzQ5NmY5Y2FmYTgz
LzEvZEpET2EyLVBkUTREV0U2NzE3MnREeEg3NHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCAju4AwQA
W+tkMAwDBAC5leUDBAC5leYwDQQCAAIwBwMFAyoQsIAwDQYJKoZIhvcNAQELBQAD
ggEBAJbGvEzQNd79hvJEqDnv+1SziRDoSzfXq46/nre/vikblgseQcAmrcMKQ96x
UirchXzNdQVK1tOcBvEG9qKG9XtqztU19gZISBUUGv40VT+KhWSjP8Fcs8AzAiqj
6DdAuEndbx3rz3YcCmq8yGPQhpndaBA6DUP1ldiWsed7/Bmxduy4V8igiuHitnpB
fJaph7HmEdHr7CnU0ncreYBLqPsD9ojjegtrGqIUA9oNHOmXR13hWXkiV0zZ57Pm
v3L+N/UG1gufmnWCrM5B8r0lrFbs8p2xL9t0cPJ5cemp4zff2PUKRXqsfN7FF4e5
6zxcQk7fzVmcx6yqjhBvAgVoVuY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:14:26 2024 by rpki-client on console-ams.rpki-client.org