Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/e_Gf72WLMV8u1jYyfF6LTN0WQ3A.roa
File: e_Gf72WLMV8u1jYyfF6LTN0WQ3A.roa (raw, json)
Hash identifier: 7XBnsEp9si6xpsD4rrwAzkCvcMKsvO4AYMXSK8+cT3M=
Subject key identifier: 7B:F1:9F:EF:65:8B:31:5F:2E:D6:36:32:7C:5E:8B:4C:DD:16:43:70
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 01900FF4698DD78CA540871D3BA561B6905E
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/e_Gf72WLMV8u1jYyfF6LTN0WQ3A.roa
Signing time: Thu 13 Jun 2024 04:56:34 +0000
ROA not before: Thu 13 Jun 2024 04:56:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 46.80.0.0/12 maxlen: 12
62.153.0.0/16 maxlen: 16
62.154.0.0/15 maxlen: 15
62.156.0.0/14 maxlen: 14
62.224.0.0/14 maxlen: 14
79.192.0.0/10 maxlen: 10
80.128.0.0/11 maxlen: 11
80.128.0.0/12 maxlen: 12
80.144.0.0/13 maxlen: 13
80.152.0.0/14 maxlen: 14
80.156.0.0/16 maxlen: 16
80.157.0.0/16 maxlen: 16
80.157.8.0/21 maxlen: 21
80.157.16.0/20 maxlen: 20
84.128.0.0/10 maxlen: 10
87.128.0.0/10 maxlen: 10
91.0.0.0/10 maxlen: 10
93.192.0.0/10 maxlen: 10
192.166.49.0/24 maxlen: 24
193.158.0.0/15 maxlen: 15
194.25.0.0/16 maxlen: 16
194.150.228.0/23 maxlen: 23
195.145.0.0/16 maxlen: 16
195.243.0.0/16 maxlen: 16
212.184.0.0/15 maxlen: 15
217.0.0.0/13 maxlen: 13
217.80.0.0/12 maxlen: 12
217.224.0.0/11 maxlen: 11
2003::/19 maxlen: 19
2003::/23 maxlen: 23
2003:8:f401::/48 maxlen: 48
2003:8:f402::/48 maxlen: 48
2003:8:f403::/48 maxlen: 48
2003:8:f404::/48 maxlen: 48
2003:8:f405::/48 maxlen: 48
2003:8:f406::/48 maxlen: 48
2003:8:f407::/48 maxlen: 48
2003:8:f408::/48 maxlen: 48
2003:8:f409::/48 maxlen: 48
2003:8:f40a::/48 maxlen: 48
2003:8:f40b::/48 maxlen: 48
2003:8:f40c::/48 maxlen: 48
2003:8:f40d::/48 maxlen: 48
2003:8:f40e::/48 maxlen: 48
2003:3c0::/28 maxlen: 28
2003:3e0::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 20:24:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0f:f4:69:8d:d7:8c:a5:40:87:1d:3b:a5:61:b6:90:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: Jun 13 04:56:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bf19fef658b315f2ed636327c5e8b4cdd164370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:cb:fe:b0:1b:92:98:fd:5b:ac:76:e5:14:4a:
d5:e7:d6:fc:d1:8c:6d:40:38:c6:b2:e7:63:d7:1d:
77:09:43:bb:4e:2b:bf:0c:1d:d3:42:d2:db:f7:42:
a5:fb:12:8b:7e:0f:37:f5:be:ed:9f:5d:13:f9:e7:
3f:fc:29:95:d8:6a:4d:a6:ad:f5:ac:fe:03:9f:a4:
34:2a:11:5b:a2:da:99:06:27:d6:00:f4:71:cd:20:
9f:b9:54:4e:90:fd:02:4f:d2:5f:52:55:13:f7:d1:
73:c3:fd:f4:95:89:22:00:a6:ff:fc:b5:86:07:d2:
6a:b5:ef:5e:70:5a:e2:cb:e9:d8:1e:af:83:2d:c1:
00:e2:8f:f0:f8:ca:4d:f8:2f:55:22:75:9e:d5:26:
28:c4:87:23:3b:f1:0e:4f:b2:68:1f:0f:85:b3:0e:
63:cd:f5:b5:ab:e6:f8:14:29:62:d1:cd:5f:29:03:
8d:9f:f4:6c:75:98:6d:fc:e5:f6:73:d6:bb:8e:71:
fe:40:23:55:18:e4:b2:0b:69:e2:bf:6d:9b:d7:7e:
59:9d:2b:ec:f0:de:db:52:86:3e:9c:d9:b5:3d:56:
3c:fa:9b:22:c5:2c:6a:0b:f4:0f:b2:5f:c5:07:6d:
6c:66:ed:b6:fa:5f:39:d1:c4:cc:ab:22:cf:35:8f:
79:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F1:9F:EF:65:8B:31:5F:2E:D6:36:32:7C:5E:8B:4C:DD:16:43:70
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/e_Gf72WLMV8u1jYyfF6LTN0WQ3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.80.0.0/12
62.153.0.0-62.159.255.255
62.224.0.0/14
79.192.0.0/10
80.128.0.0/11
84.128.0.0/10
87.128.0.0/10
91.0.0.0/10
93.192.0.0/10
192.166.49.0/24
193.158.0.0/15
194.25.0.0/16
194.150.228.0/23
195.145.0.0/16
195.243.0.0/16
212.184.0.0/15
217.0.0.0/13
217.80.0.0/12
217.224.0.0/11
IPv6:
2003::/19
Signature Algorithm: sha256WithRSAEncryption
6f:bc:1e:78:be:63:4a:61:89:20:dd:43:b2:d3:a2:ad:1d:e0:
40:e1:c8:91:af:c0:06:bc:1e:72:ee:ea:9d:b1:81:d2:ad:e9:
99:ca:31:7c:69:33:ad:27:71:da:9c:3f:54:57:81:77:ca:2d:
8d:d8:5c:de:f3:82:f4:75:49:10:e7:9a:7b:9b:cc:24:ff:7e:
79:bb:72:22:63:5e:8b:63:ba:74:f8:31:a4:b1:c8:5f:9e:c7:
90:f6:7d:6d:91:0e:f3:80:6b:90:a5:4c:c2:0a:14:2d:96:84:
0d:de:00:23:14:03:0c:d6:e0:4d:cb:54:64:01:17:ee:f7:62:
fd:14:32:2f:82:18:f5:e1:42:12:20:26:2e:3d:70:b6:5c:70:
9f:50:74:a8:04:2d:e9:aa:59:e4:48:3d:c4:0d:95:3b:21:8d:
7e:59:b8:87:47:cb:00:fe:91:fd:91:b3:c2:51:10:04:81:5e:
16:45:dc:0b:0c:2e:a8:ac:de:d4:93:cc:27:82:aa:3f:67:e1:
f2:5d:55:d4:fe:7e:2d:fa:24:cc:e6:35:0b:50:a1:65:84:0c:
ac:e6:24:32:31:82:65:56:f3:a0:97:d8:f8:9c:ea:37:da:12:
68:09:d0:e3:be:b0:e1:34:cf:4d:08:87:bc:26:a5:a2:82:10:
d9:fc:a5:07
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgISAZAP9GmN14ylQIcdO6VhtpBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjQwNjEzMDQ1NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmYxOWZlZjY1OGIzMTVmMmVkNjM2MzI3YzVlOGI0Y2RkMTY0MzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsv+sBuSmP1brHblFErV59b80Yxt
QDjGsudj1x13CUO7Tiu/DB3TQtLb90Kl+xKLfg839b7tn10T+ec//CmV2GpNpq31
rP4Dn6Q0KhFbotqZBifWAPRxzSCfuVROkP0CT9JfUlUT99Fzw/30lYkiAKb//LWG
B9Jqte9ecFriy+nYHq+DLcEA4o/w+MpN+C9VInWe1SYoxIcjO/EOT7JoHw+Fsw5j
zfW1q+b4FCli0c1fKQONn/RsdZht/OX2c9a7jnH+QCNVGOSyC2niv22b135ZnSvs
8N7bUoY+nNm1PVY8+psixSxqC/QPsl/FB21sZu22+l850cTMqyLPNY95sQIDAQAB
o4ICfTCCAnkwHQYDVR0OBBYEFHvxn+9lizFfLtY2Mnxei0zdFkNwMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL2VfR2Y3MldMTVY4dTFqWXlmRjZMVE4wV1EzQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZAGCCsGAQUFBwEHAQH/BIGAMH4wbgQCAAEwaAMDBC5Q
MAoDAwA+mQMDBT6AAwMCPuADAwZPwAMDBVCAAwMGVIADAwZXgAMDBlsAAwMGXcAD
BADApjEDAwHBngMDAMIZAwQBwpbkAwMAw5EDAwDD8wMDAdS4AwMD2QADAwTZUAMD
BdngMAwEAgACMAYDBAUgAwAwDQYJKoZIhvcNAQELBQADggEBAG+8Hni+Y0phiSDd
Q7LToq0d4EDhyJGvwAa8HnLu6p2xgdKt6ZnKMXxpM60ncdqcP1RXgXfKLY3YXN7z
gvR1SRDnmnubzCT/fnm7ciJjXotjunT4MaSxyF+ex5D2fW2RDvOAa5ClTMIKFC2W
hA3eACMUAwzW4E3LVGQBF+73Yv0UMi+CGPXhQhIgJi49cLZccJ9QdKgELemqWeRI
PcQNlTshjX5ZuIdHywD+kf2Rs8JREASBXhZF3AsMLqis3tSTzCeCqj9n4fJdVdT+
fi36JMzmNQtQoWWEDKzmJDIxgmVW86CX2Pic6jfaEmgJ0OO+sOE0z00Ih7wmpaKC
ENn8pQc=
-----END CERTIFICATE-----
Generated at Wed Jun 26 02:49:06 2024 by rpki-client on console-ams.rpki-client.org