Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/h_xhWW-0j9aTb41K5Vr-Psbj2do.roa
File: h_xhWW-0j9aTb41K5Vr-Psbj2do.roa (raw, json)
Hash identifier: 2G0mgfbgpD1doEU4B3IWRS+7sCNO5RvWpB3yrTgmymo=
Subject key identifier: 87:FC:61:59:6F:B4:8F:D6:93:6F:8D:4A:E5:5A:FE:3E:C6:E3:D9:DA
Certificate issuer: /CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Certificate serial: 018FDCECA7C7C052A1D7EF864B4EB0372DE4
Authority key identifier: 27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/h_xhWW-0j9aTb41K5Vr-Psbj2do.roa
Signing time: Mon 03 Jun 2024 07:07:27 +0000
ROA not before: Mon 03 Jun 2024 07:07:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35432
IP address blocks: 46.251.96.0/19 maxlen: 24
64.59.208.0/20 maxlen: 24
65.18.208.0/20 maxlen: 24
66.205.64.0/19 maxlen: 24
69.6.0.0/19 maxlen: 24
69.94.112.0/20 maxlen: 24
77.83.248.0/22 maxlen: 24
80.244.16.0/20 maxlen: 24
85.132.224.0/19 maxlen: 24
91.184.192.0/19 maxlen: 24
109.110.224.0/19 maxlen: 24
139.138.192.0/19 maxlen: 24
164.215.0.0/19 maxlen: 24
185.7.156.0/22 maxlen: 24
185.42.32.0/22 maxlen: 24
185.162.16.0/22 maxlen: 24
194.64.144.0/22 maxlen: 24
194.233.16.0/22 maxlen: 24
194.233.24.0/22 maxlen: 24
194.233.60.0/22 maxlen: 24
195.179.96.0/20 maxlen: 24
212.32.16.0/21 maxlen: 24
212.32.56.0/21 maxlen: 24
212.50.96.0/19 maxlen: 24
213.133.80.0/20 maxlen: 24
213.140.192.0/19 maxlen: 24
216.241.128.0/19 maxlen: 24
2a02:540::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dc:ec:a7:c7:c0:52:a1:d7:ef:86:4b:4e:b0:37:2d:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Validity
Not Before: Jun 3 07:07:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87fc61596fb48fd6936f8d4ae55afe3ec6e3d9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5f:2d:48:1f:a5:ce:2c:c6:55:0f:43:24:56:
59:09:7e:56:77:76:16:44:7d:0a:3c:87:52:0b:fd:
95:f6:3f:59:31:75:ef:2f:75:ae:a3:99:ec:00:45:
58:9a:92:c5:fe:a5:bd:39:4e:58:55:e2:96:db:93:
6a:38:87:8f:7c:7d:85:0d:b2:a7:b5:5c:19:28:d6:
50:6b:ff:31:58:36:b9:7f:fa:3b:a1:98:70:28:b8:
50:67:d4:e4:cd:26:f0:c8:96:14:5f:3b:20:02:3a:
94:61:e5:79:0a:cb:d2:db:1e:cd:e5:14:7b:6e:d8:
51:a3:ee:8b:b0:b8:9d:39:49:8e:4a:29:2a:2c:88:
b8:3b:bd:81:74:63:e0:fc:d9:d9:73:d3:ec:8e:e9:
13:a8:2f:fc:c1:42:59:34:c2:a0:92:27:e7:c6:3f:
84:b5:34:4f:e4:06:79:96:34:f4:a9:d7:5e:77:bc:
3e:47:58:8a:6d:66:c7:35:90:4a:fe:70:04:ba:e9:
8f:ae:3d:9b:1b:61:5b:31:91:8f:fc:df:c6:4c:be:
5f:c8:00:3d:4b:98:d9:39:2d:78:03:b1:53:d1:6b:
1f:b4:c4:47:3c:e3:be:67:b1:27:65:78:08:36:70:
33:8d:09:c4:4b:ae:d2:bf:c2:bc:2b:fa:4d:11:78:
4c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FC:61:59:6F:B4:8F:D6:93:6F:8D:4A:E5:5A:FE:3E:C6:E3:D9:DA
X509v3 Authority Key Identifier:
keyid:27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/h_xhWW-0j9aTb41K5Vr-Psbj2do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.96.0/19
64.59.208.0/20
65.18.208.0/20
66.205.64.0/19
69.6.0.0/19
69.94.112.0/20
77.83.248.0/22
80.244.16.0/20
85.132.224.0/19
91.184.192.0/19
109.110.224.0/19
139.138.192.0/19
164.215.0.0/19
185.7.156.0/22
185.42.32.0/22
185.162.16.0/22
194.64.144.0/22
194.233.16.0/22
194.233.24.0/22
194.233.60.0/22
195.179.96.0/20
212.32.16.0/21
212.32.56.0/21
212.50.96.0/19
213.133.80.0/20
213.140.192.0/19
216.241.128.0/19
IPv6:
2a02:540::/32
Signature Algorithm: sha256WithRSAEncryption
15:a9:d2:63:a5:81:4a:e8:b0:60:59:b4:12:5d:93:b0:65:f2:
de:16:1c:c5:47:f8:42:c5:d4:82:24:e0:45:07:da:60:00:5c:
31:a3:1e:04:90:28:d1:8c:76:8e:63:c0:5a:86:75:25:e2:d5:
f8:02:eb:c0:03:e8:f4:e7:7c:5b:52:78:b8:1e:0f:49:d2:bd:
e0:61:0f:3b:01:1c:4a:62:ee:e9:1b:fd:03:44:f2:f7:05:4e:
23:20:e8:fa:fb:5f:a5:38:dd:7a:40:cc:5f:83:bc:ca:18:8b:
34:f5:81:7f:5e:90:1f:ba:c7:8b:28:70:ab:47:85:bf:ec:ba:
19:76:ca:f9:e8:1a:0d:39:3e:18:26:2f:c5:40:35:b0:d3:b2:
0c:29:c3:0c:78:e7:e8:2c:ff:65:3b:e3:de:ee:41:fe:6a:4d:
40:08:56:df:e6:41:8b:f5:3e:1a:5f:b2:47:e0:8e:62:78:bc:
08:83:27:b8:e9:34:c6:df:a9:87:e1:c3:47:af:fe:ed:77:b4:
49:08:e0:0b:0a:6b:1d:c1:c4:8c:ff:0c:10:5f:9f:1b:b7:3f:
cd:ba:e6:b0:e2:a8:62:e1:49:e2:6c:b3:60:b0:58:37:4a:5d:
a7:f5:88:eb:16:f0:7a:41:18:20:c3:c9:1e:ba:18:63:ac:ca:
59:de:35:0b
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAY/c7KfHwFKh1++GS06wNy3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDI5YTM2ZmMwY2NhMmUwYThkMDQ1ZjAyMmRmYzgzMWE1
MTczMDgwHhcNMjQwNjAzMDcwNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2ZjNjE1OTZmYjQ4ZmQ2OTM2ZjhkNGFlNTVhZmUzZWM2ZTNkOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF8tSB+lzizGVQ9DJFZZCX5Wd3YW
RH0KPIdSC/2V9j9ZMXXvL3Wuo5nsAEVYmpLF/qW9OU5YVeKW25NqOIePfH2FDbKn
tVwZKNZQa/8xWDa5f/o7oZhwKLhQZ9TkzSbwyJYUXzsgAjqUYeV5CsvS2x7N5RR7
bthRo+6LsLidOUmOSikqLIi4O72BdGPg/NnZc9PsjukTqC/8wUJZNMKgkifnxj+E
tTRP5AZ5ljT0qdded7w+R1iKbWbHNZBK/nAEuumPrj2bG2FbMZGP/N/GTL5fyAA9
S5jZOS14A7FT0WsftMRHPOO+Z7EnZXgINnAzjQnES67Sv8K8K/pNEXhM9QIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFIf8YVlvtI/Wk2+NSuVa/j7G49naMB8GA1UdIwQY
MBaAFCcCmjb8DMouCo0EXwIt/IMaUXMIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndLYU52d015aTRLalFSZkFpMzhneHBSY3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS81M2JiMjMtZGZhOC00NzkyLWIzMTct
NTBkMGE1MzIzNjQxLzEvaF94aFdXLTBqOWFUYjQxSzVWci1Qc2JqMmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS81M2JiMjMtZGZhOC00NzkyLWIzMTctNTBkMGE1MzIzNjQx
LzEvSndLYU52d015aTRLalFSZkFpMzhneHBSY3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAUu
+2ADBARAO9ADBARBEtADBAVCzUADBAVFBgADBARFXnADBAJNU/gDBARQ9BADBAVV
hOADBAVbuMADBAVtbuADBAWLisADBAWk1wADBAK5B5wDBAK5KiADBAK5ohADBALC
QJADBALC6RADBALC6RgDBALC6TwDBATDs2ADBAPUIBADBAPUIDgDBAXUMmADBATV
hVADBAXVjMADBAXY8YAwDQQCAAIwBwMFACoCBUAwDQYJKoZIhvcNAQELBQADggEB
ABWp0mOlgUrosGBZtBJdk7Bl8t4WHMVH+ELF1IIk4EUH2mAAXDGjHgSQKNGMdo5j
wFqGdSXi1fgC68AD6PTnfFtSeLgeD0nSveBhDzsBHEpi7ukb/QNE8vcFTiMg6Pr7
X6U43XpAzF+DvMoYizT1gX9ekB+6x4socKtHhb/suhl2yvnoGg05PhgmL8VANbDT
sgwpwwx45+gs/2U7497uQf5qTUAIVt/mQYv1PhpfskfgjmJ4vAiDJ7jpNMbfqYfh
w0ev/u13tEkI4AsKax3BxIz/DBBfnxu3P8265rDiqGLhSeJss2CwWDdKXaf1iOsW
8HpBGCDDyR66GGOsylneNQs=
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:18:59 2024 by rpki-client on console-ams.rpki-client.org