Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Dbdp_u0mnIPHNk7y8vcPTbvc5II.roa
File: Dbdp_u0mnIPHNk7y8vcPTbvc5II.roa (raw, json)
Hash identifier: JEApDHBs+t6ETBWmZsZ4YQw6dh/QZbMyBxBXaRM0cHE=
Subject key identifier: 0D:B7:69:FE:ED:26:9C:83:C7:36:4E:F2:F2:F7:0F:4D:BB:DC:E4:82
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 019086FC94E23B584A4D0DB2270AB339A6B0
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Dbdp_u0mnIPHNk7y8vcPTbvc5II.roa
Signing time: Sat 06 Jul 2024 07:40:18 +0000
ROA not before: Sat 06 Jul 2024 07:40:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 5.104.104.0/21 maxlen: 24
5.199.128.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
46.228.192.0/20 maxlen: 24
62.141.32.0/20 maxlen: 24
78.31.64.0/21 maxlen: 24
80.82.208.0/20 maxlen: 24
81.30.144.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
85.114.128.0/19 maxlen: 24
89.163.128.0/17 maxlen: 24
91.194.84.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
91.212.159.0/24 maxlen: 24
91.212.163.0/24 maxlen: 24
93.186.192.0/20 maxlen: 24
146.0.32.0/20 maxlen: 24
146.19.166.0/24 maxlen: 24
152.89.92.0/22 maxlen: 24
185.15.244.0/22 maxlen: 24
185.45.248.0/22 maxlen: 24
185.219.208.0/22 maxlen: 24
193.111.198.0/23 maxlen: 24
194.107.129.0/24 maxlen: 24
194.126.198.0/24 maxlen: 24
195.93.242.0/23 maxlen: 24
213.202.192.0/18 maxlen: 24
217.79.176.0/20 maxlen: 24
2001:4ba0::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
2001:4ba4::/32 maxlen: 32
2a01:480::/32 maxlen: 32
2a0a:db80:1000::/36 maxlen: 36
2a0a:db80:2000::/36 maxlen: 36
2a0a:db80:3000::/36 maxlen: 36
2a0a:db80:4000::/36 maxlen: 36
2a0a:db80:5000::/36 maxlen: 36
2a0a:db80:8000::/36 maxlen: 36
2a0c:6b00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:86:fc:94:e2:3b:58:4a:4d:0d:b2:27:0a:b3:39:a6:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jul 6 07:40:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0db769feed269c83c7364ef2f2f70f4dbbdce482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ff:95:18:7e:5a:03:b3:72:e3:09:08:ba:38:
73:9b:80:8b:22:67:1d:b5:64:7f:5e:63:74:2e:4b:
ce:8f:d4:29:9d:04:e1:00:84:a7:8b:95:a2:46:98:
db:6f:28:d4:c5:8c:b2:5e:ca:52:e6:19:7a:ac:37:
05:69:2b:3f:c6:70:09:a8:f3:33:7e:72:36:61:0f:
12:37:c3:a2:ec:ba:d2:7c:68:bc:88:42:46:18:33:
41:16:08:00:4f:6a:b5:ce:1d:df:92:a6:f9:f7:3a:
e0:7c:9b:63:e3:33:d6:fa:8b:43:ae:13:15:c4:36:
6b:58:b6:b2:aa:21:0b:e3:f6:f6:15:20:9e:bf:13:
90:ad:b0:de:f1:ce:61:18:5d:9e:be:78:a9:2c:19:
ff:d5:c1:4e:54:84:64:51:a8:63:12:f7:7a:91:2e:
d1:63:89:5a:70:d1:92:e9:62:9d:9b:70:f1:9c:91:
f3:1e:0a:2e:19:bd:43:cc:c0:5e:0c:b9:13:2e:b8:
21:33:b9:51:a1:94:4e:9e:25:97:5c:fe:fc:9b:33:
b2:43:e6:ac:8f:71:7e:95:eb:f0:ce:f8:a4:06:40:
a7:d0:ab:b1:86:c1:b6:ba:76:21:a0:d5:b4:ff:e0:
3c:63:a5:98:d6:90:c2:0d:f1:39:cc:63:75:78:d5:
45:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B7:69:FE:ED:26:9C:83:C7:36:4E:F2:F2:F7:0F:4D:BB:DC:E4:82
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/Dbdp_u0mnIPHNk7y8vcPTbvc5II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
91.212.163.0/24
93.186.192.0/20
146.0.32.0/20
146.19.166.0/24
152.89.92.0/22
185.15.244.0/22
185.45.248.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
194.126.198.0/24
195.93.242.0/23
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2a01:480::/32
2a0a:db80:1000::-2a0a:db80:5fff:ffff:ffff:ffff:ffff:ffff
2a0a:db80:8000::/36
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
b5:a5:51:ff:14:52:92:b4:a8:2f:60:c0:28:6d:28:cb:85:a4:
e4:15:38:59:13:43:53:7d:dc:77:ce:0e:d5:9f:ae:d1:3e:28:
1a:63:2a:5e:d0:ab:7e:51:06:b6:03:1a:8d:17:a0:cd:8e:ba:
69:27:e7:19:df:64:5a:b9:2f:1a:ca:16:97:d6:55:b2:a6:7e:
d2:7b:ed:dc:d6:97:d2:aa:03:06:83:34:e9:a6:33:fe:6e:eb:
88:c9:7d:32:45:89:4c:b7:1b:90:a9:c4:d0:52:a7:24:0e:96:
31:7f:a4:06:ff:19:d5:cc:bc:4c:63:27:53:9f:ab:57:47:76:
0a:31:6f:54:98:53:be:7a:d4:09:30:46:00:46:2d:14:cf:cd:
e8:08:bf:dc:81:0d:e5:f2:8c:40:ba:b5:23:09:a3:7f:20:8a:
6d:5b:5d:f4:d9:3c:c2:ea:13:dc:3d:3c:96:91:b3:82:4a:8b:
a4:f9:94:81:55:23:11:ba:53:0b:0e:8f:c3:62:ce:fd:24:28:
d0:60:b1:9c:04:8d:00:e0:4d:a1:74:fa:2b:9d:2c:fb:06:36:
56:b2:8f:19:9c:ac:81:19:97:4e:98:12:44:bd:66:b5:a2:41:
65:06:b9:18:03:8f:20:79:3d:86:07:bf:92:ca:d6:5c:28:c5:
23:66:2d:25
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAZCG/JTiO1hKTQ2yJwqzOaawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwNzA2MDc0MDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGI3NjlmZWVkMjY5YzgzYzczNjRlZjJmMmY3MGY0ZGJiZGNlNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/+VGH5aA7Ny4wkIujhzm4CLImcd
tWR/XmN0LkvOj9QpnQThAISni5WiRpjbbyjUxYyyXspS5hl6rDcFaSs/xnAJqPMz
fnI2YQ8SN8Oi7LrSfGi8iEJGGDNBFggAT2q1zh3fkqb59zrgfJtj4zPW+otDrhMV
xDZrWLayqiEL4/b2FSCevxOQrbDe8c5hGF2evnipLBn/1cFOVIRkUahjEvd6kS7R
Y4lacNGS6WKdm3DxnJHzHgouGb1DzMBeDLkTLrghM7lRoZROniWXXP78mzOyQ+as
j3F+levwzvikBkCn0KuxhsG2unYhoNW0/+A8Y6WY1pDCDfE5zGN1eNVFQQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFA23af7tJpyDxzZO8vL3D0273OSCMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvRGJkcF91MG1uSVBITms3eTh2Y1BUYnZjNUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCBuwQCAAEwgbQD
BAMFaGgDBAQFx4ADBAMlnfgDBAQuFCADBAQu5MADBAQ+jSADBANOH0ADBARQUtAD
BARRHpADBANTiFADBAZVDsADBAVVcoADBAdZo4ADBABbwlQDBABb1JkDBABb1J8D
BABb1KMDBARdusADBASSACADBACSE6YDBAKYWVwDBAK5D/QDBAK5LfgDBAK529AD
BAHBb8YDBADCa4EDBADCfsYDBAHDXfIDBAbVysADBATZT7AwRQQCAAIwPwMFASAB
S6AwDgMFACABS6MDBQAgAUukAwUAKgEEgDAQAwYEKgrbgBADBgUqCtuAQAMGBCoK
24CAAwUAKgxrADANBgkqhkiG9w0BAQsFAAOCAQEAtaVR/xRSkrSoL2DAKG0oy4Wk
5BU4WRNDU33cd84O1Z+u0T4oGmMqXtCrflEGtgMajRegzY66aSfnGd9kWrkvGsoW
l9ZVsqZ+0nvt3NaX0qoDBoM06aYz/m7riMl9MkWJTLcbkKnE0FKnJA6WMX+kBv8Z
1cy8TGMnU5+rV0d2CjFvVJhTvnrUCTBGAEYtFM/N6Ai/3IEN5fKMQLq1IwmjfyCK
bVtd9Nk8wuoT3D08lpGzgkqLpPmUgVUjEbpTCw6Pw2LO/SQo0GCxnASNAOBNoXT6
K50s+wY2VrKPGZysgRmXTpgSRL1mtaJBZQa5GAOPIHk9hge/ksrWXCjFI2YtJQ==
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:04:33 2024 by rpki-client on console-fra.rpki-client.org