Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/l3Dqhvzk2A1PNdMUBeKT-E5ofk8.roa
File: l3Dqhvzk2A1PNdMUBeKT-E5ofk8.roa (raw, json)
Hash identifier: 4zzSGY3DsTBW08un8lJfY23hsq3akXsHvqmqpacVGpo=
Subject key identifier: 97:70:EA:86:FC:E4:D8:0D:4F:35:D3:14:05:E2:93:F8:4E:68:7E:4F
Certificate issuer: /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial: 018CC5DCED6EE46916FBB0562DADE261DED9
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/l3Dqhvzk2A1PNdMUBeKT-E5ofk8.roa
Signing time: Mon 01 Jan 2024 16:30:39 +0000
ROA not before: Mon 01 Jan 2024 16:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8820
IP address blocks: 81.92.0.0/20 maxlen: 24
195.8.254.2/31 maxlen: 32
212.60.128.0/19 maxlen: 24
78.41.48.0/22 maxlen: 24
82.139.192.0/18 maxlen: 24
195.8.224.0/19 maxlen: 24
213.240.128.0/18 maxlen: 24
46.236.192.0/18 maxlen: 24
195.8.253.0/24 maxlen: 24
212.17.224.0/19 maxlen: 24
2a01:170:1000::/36 maxlen: 48
2a01:170::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.mft
rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 18:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:ed:6e:e4:69:16:fb:b0:56:2d:ad:e2:61:de:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Validity
Not Before: Jan 1 16:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9770ea86fce4d80d4f35d31405e293f84e687e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:44:ea:87:a0:32:03:aa:c5:79:2b:0e:58:7f:
44:b1:ba:fb:e8:3f:46:41:7d:28:b0:f0:e4:f4:62:
46:11:a0:b2:da:2d:d4:05:7c:d2:dd:30:14:82:43:
e9:bd:58:7d:f3:9d:b0:ff:10:03:1b:46:9c:1c:3a:
b5:b9:37:9e:15:a8:36:f5:9d:42:35:c5:38:19:dc:
bf:8e:4b:ce:ae:a7:b9:ad:59:da:10:6c:46:f6:66:
10:e7:57:ca:3f:6c:ee:92:2e:39:8e:b2:dc:cb:49:
f8:fa:79:df:8b:12:f1:60:f9:c9:26:4a:be:21:50:
7b:1d:6c:d5:e9:09:84:81:20:cb:1f:c0:f4:b0:f6:
07:c7:a8:2a:51:aa:70:a1:b5:c2:53:83:e7:8d:a3:
7a:2b:99:2a:cd:67:81:77:24:09:51:d3:98:2d:70:
4c:01:5c:05:3a:ad:0c:ce:3d:c4:7b:87:a0:e3:38:
8d:26:ee:38:62:18:0f:e2:27:e4:90:9d:63:11:3e:
4c:da:a1:fd:d9:0f:42:54:0a:76:8d:93:51:2c:18:
45:cf:71:c2:9e:70:38:e8:3a:6f:67:d3:8c:36:9f:
64:3f:45:89:97:06:67:3b:7c:e6:a6:90:5a:82:42:
0e:6b:7f:8b:db:65:e2:00:6e:0f:45:bf:82:26:c0:
a6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:70:EA:86:FC:E4:D8:0D:4F:35:D3:14:05:E2:93:F8:4E:68:7E:4F
X509v3 Authority Key Identifier:
keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/l3Dqhvzk2A1PNdMUBeKT-E5ofk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.192.0/18
78.41.48.0/22
81.92.0.0/20
82.139.192.0/18
195.8.224.0/19
212.17.224.0/19
212.60.128.0/19
213.240.128.0/18
IPv6:
2a01:170::/32
Signature Algorithm: sha256WithRSAEncryption
29:e5:e2:58:ad:f3:36:2e:8a:d2:6c:40:f6:0d:34:55:29:22:
3c:d3:2c:65:5d:50:f0:1b:67:b4:cb:fa:a2:35:0a:cf:39:0d:
8a:34:a5:8b:3a:c2:6d:9d:e0:56:c2:66:ef:92:fb:9a:f6:c6:
45:83:9b:cf:fa:fa:57:ab:f1:5a:af:1e:fa:bd:bb:73:3e:49:
e9:4d:9b:5d:db:22:2a:6d:59:42:76:ff:bb:a9:39:a2:a1:a1:
9d:6f:53:4e:55:2f:6d:cc:60:b7:26:3f:43:5a:71:10:16:39:
7c:0c:d4:62:95:35:3f:68:4d:da:a5:90:9c:09:6f:cb:7d:0c:
79:5f:5f:3c:40:29:10:96:9e:e4:84:7e:6f:c3:69:81:0f:52:
33:89:d3:26:1b:a5:69:d4:c4:d6:e1:ba:cd:23:56:37:4a:38:
c0:d3:51:f3:7c:a9:df:e3:76:36:ac:91:81:99:cf:1d:f2:cb:
91:83:8b:1c:d0:89:c9:43:7b:02:d0:86:1e:23:f6:6b:ae:f1:
57:4d:9c:2d:db:d2:e1:35:ff:c8:a6:f9:bc:0a:b8:1b:c0:c1:
fc:4c:4e:39:8a:2c:78:96:b4:b1:1f:00:52:04:20:8e:15:4a:
20:76:93:9f:79:18:43:18:48:b8:7f:38:4d:70:49:bd:00:63:
e5:fb:49:0d
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzF3O1u5GkW+7BWLa3iYd7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjQwMTAxMTYzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzcwZWE4NmZjZTRkODBkNGYzNWQzMTQwNWUyOTNmODRlNjg3ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikTqh6AyA6rFeSsOWH9Esbr76D9G
QX0osPDk9GJGEaCy2i3UBXzS3TAUgkPpvVh9852w/xADG0acHDq1uTeeFag29Z1C
NcU4Gdy/jkvOrqe5rVnaEGxG9mYQ51fKP2zuki45jrLcy0n4+nnfixLxYPnJJkq+
IVB7HWzV6QmEgSDLH8D0sPYHx6gqUapwobXCU4PnjaN6K5kqzWeBdyQJUdOYLXBM
AVwFOq0Mzj3Ee4eg4ziNJu44YhgP4ifkkJ1jET5M2qH92Q9CVAp2jZNRLBhFz3HC
nnA46DpvZ9OMNp9kP0WJlwZnO3zmppBagkIOa3+L22XiAG4PRb+CJsCmBQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJdw6ob85NgNTzXTFAXik/hOaH5PMB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvbDNEcWh2emsyQTFQTmRNVUJlS1QtRTVvZms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGLuzAAwQC
TikwAwQEUVwAAwQGUovAAwQFwwjgAwQF1BHgAwQF1DyAAwQG1fCAMA0EAgACMAcD
BQAqAQFwMA0GCSqGSIb3DQEBCwUAA4IBAQAp5eJYrfM2LorSbED2DTRVKSI80yxl
XVDwG2e0y/qiNQrPOQ2KNKWLOsJtneBWwmbvkvua9sZFg5vP+vpXq/Farx76vbtz
PknpTZtd2yIqbVlCdv+7qTmioaGdb1NOVS9tzGC3Jj9DWnEQFjl8DNRilTU/aE3a
pZCcCW/LfQx5X188QCkQlp7khH5vw2mBD1IzidMmG6Vp1MTW4brNI1Y3SjjA01Hz
fKnf43Y2rJGBmc8d8suRg4sc0InJQ3sC0IYeI/ZrrvFXTZwt29LhNf/Ipvm8Crgb
wMH8TE45iix4lrSxHwBSBCCOFUogdpOfeRhDGEi4fzhNcEm9AGPl+0kN
-----END CERTIFICATE-----
Generated at Fri Jun 21 20:12:13 2024 by rpki-client on console-fra.rpki-client.org