Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/LL7ibCevj1Uc9dyjXVlqucHC7yw.roa
File: LL7ibCevj1Uc9dyjXVlqucHC7yw.roa (raw, json)
Hash identifier: 6MMlhArGYFl8Fw0VNeE2xw+SZ67xiWVMf//eojedOFw=
Subject key identifier: 2C:BE:E2:6C:27:AF:8F:55:1C:F5:DC:A3:5D:59:6A:B9:C1:C2:EF:2C
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 018F5910B02352CABDC9892B1C4A9E6D0FA5
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/LL7ibCevj1Uc9dyjXVlqucHC7yw.roa
Signing time: Wed 08 May 2024 16:36:56 +0000
ROA not before: Wed 08 May 2024 16:36:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24961
IP address blocks: 5.104.104.0/21 maxlen: 24
5.199.128.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
46.228.192.0/20 maxlen: 24
62.141.32.0/20 maxlen: 24
78.31.64.0/21 maxlen: 24
80.82.208.0/20 maxlen: 24
81.30.144.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
85.114.128.0/19 maxlen: 24
89.163.128.0/17 maxlen: 24
91.194.84.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
91.212.159.0/24 maxlen: 24
91.212.163.0/24 maxlen: 24
93.186.192.0/20 maxlen: 24
146.0.32.0/20 maxlen: 24
146.19.166.0/24 maxlen: 24
152.89.92.0/22 maxlen: 24
185.15.244.0/22 maxlen: 24
185.45.248.0/22 maxlen: 24
185.219.208.0/22 maxlen: 24
193.111.198.0/23 maxlen: 24
194.107.129.0/24 maxlen: 24
194.126.198.0/24 maxlen: 24
195.93.242.0/23 maxlen: 24
213.202.192.0/18 maxlen: 24
217.79.176.0/20 maxlen: 24
2001:4ba0::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
2001:4ba4::/32 maxlen: 32
2a01:480::/32 maxlen: 32
2a0c:6b00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:59:10:b0:23:52:ca:bd:c9:89:2b:1c:4a:9e:6d:0f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: May 8 16:36:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2cbee26c27af8f551cf5dca35d596ab9c1c2ef2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:43:53:22:d3:b5:c7:56:e9:03:c2:39:9e:31:
6f:e6:35:f0:b8:38:72:c7:ac:75:45:0f:9b:88:a4:
fa:ef:52:93:78:27:31:de:9c:19:ff:60:83:fb:9d:
90:e4:56:44:93:a6:45:22:04:66:10:57:8b:78:f2:
6a:7b:bb:c8:ff:da:60:7b:1a:b1:68:65:a3:cc:5f:
f2:dd:cf:0e:ac:86:28:7c:12:b9:2f:69:c2:2e:28:
22:ff:d2:61:74:5b:09:14:c8:29:6e:b8:c0:ce:9f:
82:1d:38:b7:e7:2f:59:93:68:e0:b3:d4:ad:a9:53:
72:a5:d6:09:fe:21:db:50:1e:d6:32:cc:bf:fa:ee:
ec:76:33:04:83:d5:9a:84:a1:a7:a6:25:69:09:41:
62:06:ad:75:c0:ac:20:f0:0e:a1:9c:58:cf:99:fb:
81:db:a7:c7:fc:63:2d:63:cb:97:d4:02:b1:c3:51:
1c:3f:81:47:64:67:b8:19:7b:53:20:7c:1a:97:96:
17:6e:47:8a:0a:99:55:23:6d:6d:98:e9:6c:a8:df:
95:97:9b:7b:16:02:e4:49:64:a6:8f:4c:f4:50:97:
fc:65:01:8f:a5:2c:dc:ab:e8:90:70:ab:4b:00:5d:
0f:db:d3:9f:17:a6:82:30:9c:bc:2e:de:ae:a9:98:
89:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:BE:E2:6C:27:AF:8F:55:1C:F5:DC:A3:5D:59:6A:B9:C1:C2:EF:2C
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/LL7ibCevj1Uc9dyjXVlqucHC7yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
91.212.163.0/24
93.186.192.0/20
146.0.32.0/20
146.19.166.0/24
152.89.92.0/22
185.15.244.0/22
185.45.248.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
194.126.198.0/24
195.93.242.0/23
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2a01:480::/32
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
46:6d:e0:5f:fc:79:2d:aa:54:4f:5e:fe:8f:fb:59:63:17:b5:
3c:d8:d7:b1:2f:dd:31:02:eb:6a:a5:68:fa:8b:1a:00:15:91:
c6:eb:a3:58:9b:0c:b3:de:e5:aa:fd:9a:6d:f3:b7:d9:ad:40:
fc:0d:7a:af:90:e0:df:05:6d:04:8b:ba:cd:45:2e:7b:be:e3:
64:94:4f:71:70:d6:32:b3:eb:ea:39:ce:db:20:59:93:7a:01:
4e:46:ea:57:45:74:07:e1:a7:4c:4a:c1:18:36:5b:2a:1f:0a:
73:ff:06:31:0b:4c:e2:2b:a4:ff:62:ae:21:3f:e4:c2:03:9d:
ed:07:c0:6c:7d:be:82:80:f5:5e:c3:39:6e:a9:c3:80:f2:ac:
19:ed:ac:9a:f1:06:d1:80:26:54:8f:eb:30:af:3f:41:52:5f:
e1:f0:0d:7f:59:e2:11:09:84:51:5f:0c:a8:f9:93:5e:a1:9f:
9c:ea:01:1f:bd:d5:c9:c6:44:0a:fb:15:9e:d9:ca:e6:38:fa:
d3:de:c4:3b:b4:bd:c6:83:1c:6e:8f:d9:95:9c:b2:78:35:4f:
99:bc:7d:29:3b:08:56:61:95:39:68:17:00:ab:3a:21:e6:79:
20:cf:9a:fe:4a:59:d6:15:d7:4c:92:20:e1:44:d4:a1:f7:21:
77:7b:97:df
-----BEGIN CERTIFICATE-----
MIIF3TCCBMWgAwIBAgISAY9ZELAjUsq9yYkrHEqebQ+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjQwNTA4MTYzNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2JlZTI2YzI3YWY4ZjU1MWNmNWRjYTM1ZDU5NmFiOWMxYzJlZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20NTItO1x1bpA8I5njFv5jXwuDhy
x6x1RQ+biKT671KTeCcx3pwZ/2CD+52Q5FZEk6ZFIgRmEFeLePJqe7vI/9pgexqx
aGWjzF/y3c8OrIYofBK5L2nCLigi/9JhdFsJFMgpbrjAzp+CHTi35y9Zk2jgs9St
qVNypdYJ/iHbUB7WMsy/+u7sdjMEg9WahKGnpiVpCUFiBq11wKwg8A6hnFjPmfuB
26fH/GMtY8uX1AKxw1EcP4FHZGe4GXtTIHwal5YXbkeKCplVI21tmOlsqN+Vl5t7
FgLkSWSmj0z0UJf8ZQGPpSzcq+iQcKtLAF0P29OfF6aCMJy8Lt6uqZiJbwIDAQAB
o4IC6TCCAuUwHQYDVR0OBBYEFCy+4mwnr49VHPXco11ZarnBwu8sMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvTEw3aWJDZXZqMVVjOWR5alhWbHF1Y0hDN3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH+BggrBgEFBQcBBwEB/wSB7jCB6zCBuwQCAAEwgbQDBAMF
aGgDBAQFx4ADBAMlnfgDBAQuFCADBAQu5MADBAQ+jSADBANOH0ADBARQUtADBARR
HpADBANTiFADBAZVDsADBAVVcoADBAdZo4ADBABbwlQDBABb1JkDBABb1J8DBABb
1KMDBARdusADBASSACADBACSE6YDBAKYWVwDBAK5D/QDBAK5LfgDBAK529ADBAHB
b8YDBADCa4EDBADCfsYDBAHDXfIDBAbVysADBATZT7AwKwQCAAIwJQMFASABS6Aw
DgMFACABS6MDBQAgAUukAwUAKgEEgAMFACoMawAwDQYJKoZIhvcNAQELBQADggEB
AEZt4F/8eS2qVE9e/o/7WWMXtTzY17Ev3TEC62qlaPqLGgAVkcbro1ibDLPe5ar9
mm3zt9mtQPwNeq+Q4N8FbQSLus1FLnu+42SUT3Fw1jKz6+o5ztsgWZN6AU5G6ldF
dAfhp0xKwRg2WyofCnP/BjELTOIrpP9iriE/5MIDne0HwGx9voKA9V7DOW6pw4Dy
rBntrJrxBtGAJlSP6zCvP0FSX+HwDX9Z4hEJhFFfDKj5k16hn5zqAR+91cnGRAr7
FZ7ZyuY4+tPexDu0vcaDHG6P2ZWcsng1T5m8fSk7CFZhlTloFwCrOiHmeSDPmv5K
WdYV10ySIOFE1KH3IXd7l98=
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:36:13 2024 by rpki-client on console-ams.rpki-client.org