Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/36CQ79aI825EMcuZzZ7N94nE0B8.roa
File: 36CQ79aI825EMcuZzZ7N94nE0B8.roa (raw, json)
Hash identifier: f1lOiBOXrEeR3eoi6Er4pxTqPhOrJSpmXqHzz+j5ws8=
Subject key identifier: DF:A0:90:EF:D6:88:F3:6E:44:31:CB:99:CD:9E:CD:F7:89:C4:D0:1F
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 0191E63E50494F374FD3F1C2402BC7A4104D
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/36CQ79aI825EMcuZzZ7N94nE0B8.roa
Signing time: Thu 12 Sep 2024 12:38:49 +0000
ROA not before: Thu 12 Sep 2024 12:38:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.100.1.0/24 maxlen: 24
185.100.2.0/24 maxlen: 24
217.30.89.0/24 maxlen: 24
217.30.90.0/24 maxlen: 24
2a10:eec0:d::/48 maxlen: 48
2a10:eec0:e::/47 maxlen: 47
2a10:eec0:10::/44 maxlen: 44
2a10:eec0:20::/43 maxlen: 43
2a10:eec0:40::/42 maxlen: 42
2a10:eec0:80::/41 maxlen: 41
2a10:eec0:100::/40 maxlen: 40
2a10:eec0:200::/39 maxlen: 39
2a10:eec0:400::/38 maxlen: 38
2a10:eec0:800::/37 maxlen: 37
2a10:eec0:1000::/36 maxlen: 36
2a10:eec0:2000::/35 maxlen: 35
2a10:eec0:4000::/34 maxlen: 34
2a10:eec0:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e6:3e:50:49:4f:37:4f:d3:f1:c2:40:2b:c7:a4:10:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Sep 12 12:38:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfa090efd688f36e4431cb99cd9ecdf789c4d01f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:07:4a:84:98:30:0e:71:69:c1:87:47:fd:57:
cf:51:f5:c8:01:da:c2:c6:16:a0:23:e2:88:af:b2:
c3:93:dd:50:79:0f:50:0b:23:cd:e3:6d:56:6f:55:
82:1d:d8:14:a9:5c:58:83:29:af:a2:ef:8e:b1:c9:
22:ca:53:09:32:df:df:1b:ee:2d:4a:16:52:02:a4:
e6:50:4c:d1:55:31:eb:ac:46:0c:a2:72:0a:39:29:
cb:c8:8d:71:00:07:ff:3d:8a:44:03:32:32:04:4a:
f7:43:3b:d0:fe:32:e7:aa:ad:6b:13:37:ee:27:ca:
5d:6d:b2:5e:be:1b:ce:bb:da:4c:55:2a:d2:f4:e8:
3d:2f:0e:10:46:43:be:b8:80:7d:47:e6:03:05:08:
24:2c:7a:47:d3:e7:90:2e:a9:65:1c:c1:40:8f:36:
5e:df:b0:2c:e7:2d:c3:3b:44:43:6e:a0:bf:da:7c:
bd:36:54:2c:aa:8b:ad:86:e1:4d:84:ac:2f:6b:7d:
3a:57:e6:91:5a:6e:bb:d8:a5:50:3c:e5:b9:6a:35:
83:c7:2d:bb:3c:fd:02:7a:45:7c:f9:5a:ae:4e:ab:
a2:11:e1:a7:d5:68:4d:b7:5c:b6:6d:12:9a:7b:da:
59:ea:bd:35:ad:9e:43:7d:e5:ed:d9:04:78:dd:a4:
d5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A0:90:EF:D6:88:F3:6E:44:31:CB:99:CD:9E:CD:F7:89:C4:D0:1F
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/36CQ79aI825EMcuZzZ7N94nE0B8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.1.0-185.100.2.255
217.30.89.0-217.30.90.255
IPv6:
2a10:eec0:d::-2a10:eec0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3c:f6:71:93:d2:fe:30:30:ca:7d:c5:21:66:87:ad:6b:b8:73:
40:fa:ad:cb:ab:d9:37:7b:d2:d3:da:91:c3:4d:ba:63:08:6e:
a9:bf:7f:13:8b:f5:c5:bc:7d:c1:20:c3:a1:e5:0a:d4:81:6a:
f1:8c:6b:d9:1d:10:e0:30:af:8e:42:c8:9f:8e:8f:dc:a0:1f:
73:ef:01:ca:e1:84:72:11:81:f2:cd:e1:af:c6:1e:70:0e:fe:
45:48:91:21:8b:43:71:d1:23:25:8d:e7:92:43:85:ac:57:81:
cc:35:05:a1:ea:90:f2:66:e5:c1:d4:f1:c2:bc:be:ae:e6:94:
cb:84:fa:20:41:b0:28:47:73:33:e5:cf:f9:af:0f:42:24:30:
12:8c:47:39:07:3e:bb:09:a1:f8:a9:4f:12:a2:b0:06:10:8f:
89:50:a8:54:f2:6b:cd:b7:34:65:22:4e:4e:71:98:cd:24:6f:
d2:85:4d:56:f5:85:1d:83:7f:52:27:05:c2:c3:d6:05:48:8e:
71:d5:8c:5f:b5:5b:f9:1d:78:87:1d:ad:91:02:51:73:88:bd:
66:0d:d9:66:04:a5:08:30:37:01:48:a3:b6:b8:6a:44:80:16:
ab:a8:97:2f:1c:0c:d9:c3:e4:38:70:d2:5c:b4:f7:0b:11:48:
ae:d3:f7:c1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZHmPlBJTzdP0/HCQCvHpBBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQwOTEyMTIzODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmEwOTBlZmQ2ODhmMzZlNDQzMWNiOTljZDllY2RmNzg5YzRkMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QdKhJgwDnFpwYdH/VfPUfXIAdrC
xhagI+KIr7LDk91QeQ9QCyPN421Wb1WCHdgUqVxYgymvou+OsckiylMJMt/fG+4t
ShZSAqTmUEzRVTHrrEYMonIKOSnLyI1xAAf/PYpEAzIyBEr3QzvQ/jLnqq1rEzfu
J8pdbbJevhvOu9pMVSrS9Og9Lw4QRkO+uIB9R+YDBQgkLHpH0+eQLqllHMFAjzZe
37As5y3DO0RDbqC/2ny9NlQsqouthuFNhKwva306V+aRWm672KVQPOW5ajWDxy27
PP0CekV8+VquTquiEeGn1WhNt1y2bRKae9pZ6r01rZ5DfeXt2QR43aTV6QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFN+gkO/WiPNuRDHLmc2ezfeJxNAfMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvMzZDUTc5YUk4MjVFTWN1WnpaN045NG5FMEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAiBAIAATAcMAwDBAC5ZAED
BAC5ZAIwDAMEANkeWQMEANkeWjAYBAIAAjASMBADBwAqEO7AAA0DBQAqEO7AMA0G
CSqGSIb3DQEBCwUAA4IBAQA89nGT0v4wMMp9xSFmh61ruHNA+q3Lq9k3e9LT2pHD
TbpjCG6pv38Ti/XFvH3BIMOh5QrUgWrxjGvZHRDgMK+OQsifjo/coB9z7wHK4YRy
EYHyzeGvxh5wDv5FSJEhi0Nx0SMljeeSQ4WsV4HMNQWh6pDyZuXB1PHCvL6u5pTL
hPogQbAoR3Mz5c/5rw9CJDASjEc5Bz67CaH4qU8SorAGEI+JUKhU8mvNtzRlIk5O
cZjNJG/ShU1W9YUdg39SJwXCw9YFSI5x1YxftVv5HXiHHa2RAlFziL1mDdlmBKUI
MDcBSKO2uGpEgBarqJcvHAzZw+Q4cNJctPcLEUiu0/fB
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:01:24 2024 by rpki-client on console-fra.rpki-client.org