Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/c0147a-fabf-40a4-9ef5-2214e96e382f/1/RsOrEI9l60OwRKyUxo1BQvtDxdg.roa
File: RsOrEI9l60OwRKyUxo1BQvtDxdg.roa (raw, json)
Hash identifier: pRRUSTqmEM0FNyjCOA88EXnYlk3NVFtQBv52fjtCWmY=
Subject key identifier: 46:C3:AB:10:8F:65:EB:43:B0:44:AC:94:C6:8D:41:42:FB:43:C5:D8
Certificate issuer: /CN=926cc6b46295cbbc1bdf986302d0271b8b7d7af0
Certificate serial: 018FDD3C4D5E3D29CD46E2B01ABB64BD47BF
Authority key identifier: 92:6C:C6:B4:62:95:CB:BC:1B:DF:98:63:02:D0:27:1B:8B:7D:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmzGtGKVy7wb35hjAtAnG4t9evA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/c0147a-fabf-40a4-9ef5-2214e96e382f/1/RsOrEI9l60OwRKyUxo1BQvtDxdg.roa
Signing time: Mon 03 Jun 2024 08:34:27 +0000
ROA not before: Mon 03 Jun 2024 08:34:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25472
IP address blocks: 37.6.0.0/16 maxlen: 24
37.6.0.0/17 maxlen: 17
37.6.128.0/17 maxlen: 17
46.190.0.0/17 maxlen: 24
62.169.192.0/18 maxlen: 24
79.107.0.0/16 maxlen: 24
79.107.0.0/17 maxlen: 17
79.107.0.0/19 maxlen: 24
79.107.64.0/19 maxlen: 24
79.107.128.0/17 maxlen: 17
79.107.160.0/19 maxlen: 24
79.107.192.0/19 maxlen: 24
80.245.160.0/20 maxlen: 24
81.92.48.0/20 maxlen: 24
84.254.0.0/18 maxlen: 24
91.140.0.0/17 maxlen: 24
91.140.32.0/19 maxlen: 24
91.140.64.0/18 maxlen: 24
109.242.0.0/16 maxlen: 24
109.242.128.0/17 maxlen: 24
176.58.128.0/17 maxlen: 24
176.58.249.0/24 maxlen: 24
185.3.220.0/22 maxlen: 24
2a03:f000::/29 maxlen: 48
2a03:f000::/32 maxlen: 40
2a03:f002::/32 maxlen: 32
2a03:f003::/32 maxlen: 32
2a03:f003:1::/48 maxlen: 48
2a03:f003:2::/48 maxlen: 48
2a03:f003:3::/48 maxlen: 48
2a03:f003:100::/40 maxlen: 40
2a03:f003:200::/40 maxlen: 40
2a03:f003:300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/c0147a-fabf-40a4-9ef5-2214e96e382f/1/kmzGtGKVy7wb35hjAtAnG4t9evA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/c0147a-fabf-40a4-9ef5-2214e96e382f/1/kmzGtGKVy7wb35hjAtAnG4t9evA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kmzGtGKVy7wb35hjAtAnG4t9evA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:3c:4d:5e:3d:29:cd:46:e2:b0:1a:bb:64:bd:47:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926cc6b46295cbbc1bdf986302d0271b8b7d7af0
Validity
Not Before: Jun 3 08:34:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46c3ab108f65eb43b044ac94c68d4142fb43c5d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:48:0a:cb:85:a8:68:65:ef:e5:45:e1:ee:81:
06:56:a1:e1:df:22:6c:68:23:bc:76:3f:5b:75:cd:
d7:d1:77:83:19:09:f4:2b:28:c8:c5:f9:62:76:f3:
09:5e:c9:25:64:d2:14:55:63:f2:99:9e:c9:b5:44:
fb:93:f3:c9:95:f4:81:de:ac:1e:f8:f7:bc:f8:f3:
91:f3:83:1d:50:e3:38:88:50:9f:42:2a:35:68:97:
03:be:1e:59:6a:82:ac:af:63:0f:6e:6a:08:2c:4e:
32:7e:72:0d:64:a5:eb:87:5c:2b:b9:34:f4:1a:8b:
35:fd:70:61:cc:2a:a6:eb:4f:a8:fb:8f:f8:a9:2d:
78:a9:bf:fa:b9:b3:39:83:55:64:67:8c:fa:a1:c3:
67:4e:70:20:b9:ac:4d:df:06:b2:5a:e9:65:5b:5f:
98:0c:7e:37:f3:cc:23:ba:86:2e:0a:82:aa:ef:7f:
8f:57:e1:7a:7f:00:2f:54:6d:2f:84:7e:7f:1e:e3:
ad:32:e4:5c:97:73:d2:39:77:6c:fc:0c:dc:84:01:
67:dd:6e:4b:32:ba:1e:d8:bf:7e:60:30:41:cf:19:
4d:99:87:ad:39:51:82:02:09:4f:94:8d:04:f5:53:
72:91:37:45:f6:5e:d4:ba:a8:77:27:56:ee:61:57:
4a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C3:AB:10:8F:65:EB:43:B0:44:AC:94:C6:8D:41:42:FB:43:C5:D8
X509v3 Authority Key Identifier:
keyid:92:6C:C6:B4:62:95:CB:BC:1B:DF:98:63:02:D0:27:1B:8B:7D:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmzGtGKVy7wb35hjAtAnG4t9evA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0147a-fabf-40a4-9ef5-2214e96e382f/1/RsOrEI9l60OwRKyUxo1BQvtDxdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0147a-fabf-40a4-9ef5-2214e96e382f/1/kmzGtGKVy7wb35hjAtAnG4t9evA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.6.0.0/16
46.190.0.0/17
62.169.192.0/18
79.107.0.0/16
80.245.160.0/20
81.92.48.0/20
84.254.0.0/18
91.140.0.0/17
109.242.0.0/16
176.58.128.0/17
185.3.220.0/22
IPv6:
2a03:f000::/29
Signature Algorithm: sha256WithRSAEncryption
04:09:c5:c3:0b:b1:8f:be:39:3b:37:28:1c:d3:84:4c:6d:d8:
88:a8:da:67:05:b3:11:59:5f:3a:df:31:c9:36:eb:4a:55:32:
fd:58:65:5b:01:46:4f:0b:41:0c:b5:86:f8:87:de:61:a2:70:
5b:c2:cb:0e:3e:19:b2:31:01:cc:e6:e6:fb:7b:a2:3d:24:f1:
5d:54:b9:a1:ca:a0:6d:94:ed:70:f8:f4:69:10:6b:1d:d0:a9:
8b:2b:a5:9f:be:0a:a5:64:1e:65:75:5e:26:0a:d5:7f:92:69:
1a:5b:0d:25:26:6d:6b:94:9c:8b:da:ab:1a:47:5b:5a:97:ab:
6d:02:3e:a0:c0:8b:5f:b5:72:02:f7:01:46:b6:ca:96:91:42:
b2:18:1e:8b:8d:b0:4a:c0:ae:4a:23:fe:f8:93:3d:35:99:e6:
ca:75:0d:9b:40:7c:6b:73:cd:ef:49:04:26:c7:90:5e:b2:45:
a4:aa:19:9e:fe:f8:dd:1b:2c:3b:17:f3:6a:d6:18:71:51:fa:
d5:ab:c9:9c:01:94:be:20:a6:dc:ce:14:a3:c4:b5:0a:97:ed:
5f:87:5b:8d:50:08:f3:45:67:2f:e5:e1:c8:b0:c2:09:3e:2b:
93:f3:98:27:4e:48:84:67:2c:c9:b6:f3:cb:ef:5c:da:02:cd:
d6:ac:3d:2c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY/dPE1ePSnNRuKwGrtkvUe/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNmNjNmI0NjI5NWNiYmMxYmRmOTg2MzAyZDAyNzFiOGI3
ZDdhZjAwHhcNMjQwNjAzMDgzNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmMzYWIxMDhmNjVlYjQzYjA0NGFjOTRjNjhkNDE0MmZiNDNjNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UgKy4WoaGXv5UXh7oEGVqHh3yJs
aCO8dj9bdc3X0XeDGQn0KyjIxflidvMJXsklZNIUVWPymZ7JtUT7k/PJlfSB3qwe
+Pe8+POR84MdUOM4iFCfQio1aJcDvh5ZaoKsr2MPbmoILE4yfnINZKXrh1wruTT0
Gos1/XBhzCqm60+o+4/4qS14qb/6ubM5g1VkZ4z6ocNnTnAguaxN3wayWullW1+Y
DH4388wjuoYuCoKq73+PV+F6fwAvVG0vhH5/HuOtMuRcl3PSOXds/AzchAFn3W5L
Mroe2L9+YDBBzxlNmYetOVGCAglPlI0E9VNykTdF9l7Uuqh3J1buYVdKzwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFEbDqxCPZetDsESslMaNQUL7Q8XYMB8GA1UdIwQY
MBaAFJJsxrRilcu8G9+YYwLQJxuLfXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva216R3RHS1Z5N3diMzVoakF0QW5HNHQ5ZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jMDE0N2EtZmFiZi00MGE0LTllZjUt
MjIxNGU5NmUzODJmLzEvUnNPckVJOWw2ME93Ukt5VXhvMUJRdnREeGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jMDE0N2EtZmFiZi00MGE0LTllZjUtMjIxNGU5NmUzODJm
LzEva216R3RHS1Z5N3diMzVoakF0QW5HNHQ5ZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwMAJQYDBAcu
vgADBAY+qcADAwBPawMEBFD1oAMEBFFcMAMEBlT+AAMEB1uMAAMDAG3yAwQHsDqA
AwQCuQPcMA0EAgACMAcDBQMqA/AAMA0GCSqGSIb3DQEBCwUAA4IBAQAECcXDC7GP
vjk7Nygc04RMbdiIqNpnBbMRWV863zHJNutKVTL9WGVbAUZPC0EMtYb4h95honBb
wssOPhmyMQHM5ub7e6I9JPFdVLmhyqBtlO1w+PRpEGsd0KmLK6WfvgqlZB5ldV4m
CtV/kmkaWw0lJm1rlJyL2qsaR1tal6ttAj6gwItftXIC9wFGtsqWkUKyGB6LjbBK
wK5KI/74kz01mebKdQ2bQHxrc83vSQQmx5BeskWkqhme/vjdGyw7F/Nq1hhxUfrV
q8mcAZS+IKbczhSjxLUKl+1fh1uNUAjzRWcv5eHIsMIJPiuT85gnTkiEZyzJtvPL
71zaAs3WrD0s
-----END CERTIFICATE-----
Generated at Thu Jun 20 11:21:21 2024 by rpki-client on console-fra.rpki-client.org