Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/k2Wehx_kg1_HWqFPgAk9_NnQRbk.roa
File: k2Wehx_kg1_HWqFPgAk9_NnQRbk.roa (raw, json)
Hash identifier: +BGcU92e8ZknXWgQjnkyQfaOQaXLdzqPdq0osj5gqFc=
Subject key identifier: 93:65:9E:87:1F:E4:83:5F:C7:5A:A1:4F:80:09:3D:FC:D9:D0:45:B9
Certificate issuer: /CN=05f08b74f5117ed380723d9e429ecb4aa538525a
Certificate serial: 018FF6C6122A823A972646539E76410765F8
Authority key identifier: 05:F0:8B:74:F5:11:7E:D3:80:72:3D:9E:42:9E:CB:4A:A5:38:52:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfCLdPURftOAcj2eQp7LSqU4Ulo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/k2Wehx_kg1_HWqFPgAk9_NnQRbk.roa
Signing time: Sat 08 Jun 2024 07:35:26 +0000
ROA not before: Sat 08 Jun 2024 07:35:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35197
IP address blocks: 80.83.16.0/20 maxlen: 20
80.83.16.0/22 maxlen: 22
80.83.16.0/24 maxlen: 24
80.83.17.0/24 maxlen: 24
80.83.18.0/24 maxlen: 24
80.83.19.0/24 maxlen: 24
80.83.20.0/22 maxlen: 22
80.83.20.0/24 maxlen: 24
80.83.21.0/24 maxlen: 24
80.83.22.0/24 maxlen: 24
80.83.23.0/24 maxlen: 24
80.83.24.0/24 maxlen: 24
80.83.25.0/24 maxlen: 24
80.83.26.0/24 maxlen: 24
80.83.27.0/24 maxlen: 24
80.83.28.0/24 maxlen: 24
80.83.29.0/24 maxlen: 24
80.83.30.0/24 maxlen: 24
80.83.31.0/24 maxlen: 24
109.110.98.0/24 maxlen: 24
109.110.99.0/24 maxlen: 24
109.110.100.0/24 maxlen: 24
109.110.101.0/24 maxlen: 24
109.110.102.0/24 maxlen: 24
109.110.103.0/24 maxlen: 24
109.110.104.0/24 maxlen: 24
109.110.105.0/24 maxlen: 24
2a0d:6340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/BfCLdPURftOAcj2eQp7LSqU4Ulo.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/BfCLdPURftOAcj2eQp7LSqU4Ulo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BfCLdPURftOAcj2eQp7LSqU4Ulo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f6:c6:12:2a:82:3a:97:26:46:53:9e:76:41:07:65:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f08b74f5117ed380723d9e429ecb4aa538525a
Validity
Not Before: Jun 8 07:35:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93659e871fe4835fc75aa14f80093dfcd9d045b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c7:cb:92:fb:98:b6:84:bf:5b:f8:6e:63:15:
9c:fd:3e:64:a2:03:f7:cd:a3:fb:ec:af:86:0c:75:
03:04:c5:6d:e9:56:71:ab:21:f6:05:64:5e:3d:98:
41:37:a5:18:d0:6c:93:3a:ac:f4:84:b8:2e:81:dd:
62:40:48:16:71:e9:ee:4d:cc:08:68:18:81:17:f5:
3f:44:d8:f9:a5:36:b8:0c:5b:ac:a6:e7:64:bb:4b:
cb:af:a3:35:03:26:96:3f:93:cc:e7:67:f3:92:24:
e1:ec:ce:04:b4:14:ad:88:e8:a6:b4:04:b4:32:d3:
0a:de:34:b9:2c:3b:1c:25:29:fc:7b:c2:91:b9:6e:
06:5f:73:92:bf:9f:bf:c6:11:40:d3:bb:50:40:76:
e4:04:4a:8e:31:07:d0:aa:6c:24:86:c0:77:e0:69:
b4:a9:32:58:aa:19:27:a8:db:d6:df:6b:44:50:cc:
b3:f2:af:96:81:b9:5e:b2:9c:97:87:16:bb:7b:73:
c1:48:95:07:aa:ac:22:c2:3c:c1:23:23:94:53:54:
bb:90:c2:bb:27:cf:53:2f:7c:bf:a9:07:b8:28:7a:
2d:27:e4:73:d7:11:ef:5d:b2:6f:13:95:45:53:e6:
61:72:4e:bb:a3:fa:95:2b:f2:85:75:bc:04:73:9c:
01:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:65:9E:87:1F:E4:83:5F:C7:5A:A1:4F:80:09:3D:FC:D9:D0:45:B9
X509v3 Authority Key Identifier:
keyid:05:F0:8B:74:F5:11:7E:D3:80:72:3D:9E:42:9E:CB:4A:A5:38:52:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfCLdPURftOAcj2eQp7LSqU4Ulo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/k2Wehx_kg1_HWqFPgAk9_NnQRbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/1886d8-d874-4c24-92b9-d41ac81d1cc4/1/BfCLdPURftOAcj2eQp7LSqU4Ulo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.16.0/20
109.110.98.0-109.110.105.255
IPv6:
2a0d:6340::/29
Signature Algorithm: sha256WithRSAEncryption
04:f7:29:6a:be:e8:c7:00:5f:ba:32:5f:89:05:7d:0c:b0:c7:
cd:ef:f4:80:a6:b1:f7:35:22:b8:1d:0b:90:c7:b7:f2:4b:66:
52:f9:4a:a3:65:d7:ea:f7:5e:eb:9d:c7:d3:08:98:8b:23:3b:
c1:1b:08:85:4d:92:f0:b9:d1:a8:39:bd:9f:3c:dc:0b:a8:b3:
ae:a3:26:3b:06:33:a4:1e:64:d9:37:65:1c:c5:3e:40:7d:b1:
e5:05:8c:13:cb:ce:9e:d3:74:c0:45:bf:40:e2:11:11:bc:7a:
a4:51:d5:84:a7:e4:cc:18:f7:a5:f3:61:57:f5:8b:3d:8d:b2:
35:e7:2b:ac:74:af:82:bd:f0:c4:96:19:79:bc:de:42:08:26:
fd:56:2b:d0:71:b9:8e:02:10:39:99:46:89:27:0d:86:68:83:
25:d7:3c:9c:c6:6b:7e:fa:5a:2e:87:a1:71:62:21:f6:4d:59:
ff:60:c8:d0:a3:1c:05:c0:c2:da:ac:4d:4a:55:c2:c8:92:cd:
8f:88:e1:69:c9:af:d8:57:55:71:7a:34:1a:b5:48:c1:6f:bf:
db:f6:95:ab:a4:06:28:a3:d9:5d:c0:7c:ed:e4:16:23:04:e4:
ba:74:58:99:1f:72:68:08:85:83:48:61:0f:53:5e:61:d2:d5:
79:de:15:21
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY/2xhIqgjqXJkZTnnZBB2X4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjA4Yjc0ZjUxMTdlZDM4MDcyM2Q5ZTQyOWVjYjRhYTUz
ODUyNWEwHhcNMjQwNjA4MDczNTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzY1OWU4NzFmZTQ4MzVmYzc1YWExNGY4MDA5M2RmY2Q5ZDA0NWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sfLkvuYtoS/W/huYxWc/T5kogP3
zaP77K+GDHUDBMVt6VZxqyH2BWRePZhBN6UY0GyTOqz0hLgugd1iQEgWcenuTcwI
aBiBF/U/RNj5pTa4DFuspudku0vLr6M1AyaWP5PM52fzkiTh7M4EtBStiOimtAS0
MtMK3jS5LDscJSn8e8KRuW4GX3OSv5+/xhFA07tQQHbkBEqOMQfQqmwkhsB34Gm0
qTJYqhknqNvW32tEUMyz8q+WgblespyXhxa7e3PBSJUHqqwiwjzBIyOUU1S7kMK7
J89TL3y/qQe4KHotJ+Rz1xHvXbJvE5VFU+Zhck67o/qVK/KFdbwEc5wBGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJNlnocf5INfx1qhT4AJPfzZ0EW5MB8GA1UdIwQY
MBaAFAXwi3T1EX7TgHI9nkKey0qlOFJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZDTGRQVVJmdE9BY2oyZVFwN0xTcVU0VWxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xODg2ZDgtZDg3NC00YzI0LTkyYjkt
ZDQxYWM4MWQxY2M0LzEvazJXZWh4X2tnMV9IV3FGUGdBazlfTm5RUmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xODg2ZDgtZDg3NC00YzI0LTkyYjktZDQxYWM4MWQxY2M0
LzEvQmZDTGRQVVJmdE9BY2oyZVFwN0xTcVU0VWxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQEUFMQMAwD
BAFtbmIDBAFtbmgwDQQCAAIwBwMFAyoNY0AwDQYJKoZIhvcNAQELBQADggEBAAT3
KWq+6McAX7oyX4kFfQywx83v9ICmsfc1IrgdC5DHt/JLZlL5SqNl1+r3Xuudx9MI
mIsjO8EbCIVNkvC50ag5vZ883Auos66jJjsGM6QeZNk3ZRzFPkB9seUFjBPLzp7T
dMBFv0DiERG8eqRR1YSn5MwY96XzYVf1iz2NsjXnK6x0r4K98MSWGXm83kIIJv1W
K9BxuY4CEDmZRoknDYZogyXXPJzGa376Wi6HoXFiIfZNWf9gyNCjHAXAwtqsTUpV
wsiSzY+I4WnJr9hXVXF6NBq1SMFvv9v2laukBiij2V3AfO3kFiME5Lp0WJkfcmgI
hYNIYQ9TXmHS1XneFSE=
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:38:13 2024 by rpki-client on console-ams.rpki-client.org