Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/1et_D_h1FdZdTvzr1Ffen8Za7Go.roa
File: 1et_D_h1FdZdTvzr1Ffen8Za7Go.roa (raw, json)
Hash identifier: hSFmzShXNiu5J4XNHgQiAfgv7wzFTkDZ0UpPYddeQPg=
Subject key identifier: D5:EB:7F:0F:F8:75:15:D6:5D:4E:FC:EB:D4:57:DE:9F:C6:5A:EC:6A
Certificate issuer: /CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Certificate serial: 018CC64B55DFD938F9F3EC69D8DB4D6690B8
Authority key identifier: 6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/1et_D_h1FdZdTvzr1Ffen8Za7Go.roa
Signing time: Mon 01 Jan 2024 18:31:15 +0000
ROA not before: Mon 01 Jan 2024 18:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47527
IP address blocks: 195.182.36.0/24 maxlen: 24
185.126.152.0/23 maxlen: 23
91.223.235.0/24 maxlen: 24
185.208.212.0/22 maxlen: 24
194.247.61.0/24 maxlen: 24
62.69.152.0/21 maxlen: 21
178.23.176.0/21 maxlen: 21
46.30.120.0/21 maxlen: 21
91.230.239.0/24 maxlen: 24
2a00:1cf0::/32 maxlen: 32
2a00:1b18::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.mft
rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 08:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:55:df:d9:38:f9:f3:ec:69:d8:db:4d:66:90:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c5e4ef5516799ffe0bb1b839317dbd355bb7a9b
Validity
Not Before: Jan 1 18:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5eb7f0ff87515d65d4efcebd457de9fc65aec6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b6:5c:54:5d:02:00:ae:69:e7:0e:45:2e:09:
af:8c:61:b2:26:c6:64:04:94:4e:d9:b1:04:2b:f4:
2a:fb:6b:2c:a7:51:4e:b7:76:e3:cc:a3:7c:d6:79:
77:d9:9a:1a:43:4c:c0:bf:4f:dd:f9:92:ea:4f:80:
9e:3a:90:45:ea:bc:b9:3e:f6:99:9d:e2:54:4d:7a:
48:77:ce:fb:2b:26:60:86:5f:c6:14:c2:dc:5b:c3:
bd:18:76:29:9c:ec:6b:e9:ff:61:ef:cd:73:5f:31:
c8:40:3e:a9:9b:da:7a:ac:19:de:0f:bb:64:1a:b4:
45:e8:13:35:c3:55:4e:b3:c6:61:62:fa:07:eb:42:
36:47:12:fb:ff:97:07:14:db:6e:65:63:02:55:cd:
f1:3b:ef:fc:99:73:e5:fd:77:59:0c:df:e7:5e:f2:
60:38:0b:bb:93:47:6c:1c:73:cb:6b:ef:3d:35:e6:
74:c5:38:c4:b4:c7:15:38:58:14:b4:ac:34:39:39:
1e:de:5a:2d:fe:33:36:62:c0:8d:bb:f5:9e:67:6c:
9a:5c:0e:e2:ab:32:ad:84:e4:e4:4f:59:4f:4b:3f:
60:ce:ee:e9:7e:97:fc:11:1a:eb:bf:c2:a9:56:b0:
43:aa:ad:5a:92:68:53:8a:12:c0:2b:5b:2c:8d:d0:
36:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:EB:7F:0F:F8:75:15:D6:5D:4E:FC:EB:D4:57:DE:9F:C6:5A:EC:6A
X509v3 Authority Key Identifier:
keyid:6C:5E:4E:F5:51:67:99:FF:E0:BB:1B:83:93:17:DB:D3:55:BB:7A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bF5O9VFnmf_guxuDkxfb01W7eps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/1et_D_h1FdZdTvzr1Ffen8Za7Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/9d9680-ffbf-43d1-9c05-1be753fad1bf/1/bF5O9VFnmf_guxuDkxfb01W7eps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.120.0/21
62.69.152.0/21
91.223.235.0/24
91.230.239.0/24
178.23.176.0/21
185.126.152.0/23
185.208.212.0/22
194.247.61.0/24
195.182.36.0/24
IPv6:
2a00:1b18::/29
2a00:1cf0::/32
Signature Algorithm: sha256WithRSAEncryption
a7:66:ce:f8:27:94:4f:6d:69:bb:e8:29:ef:7b:79:e6:71:25:
13:26:0f:8d:60:aa:0a:cc:d3:b8:e3:f0:d5:4c:5e:ed:05:63:
fd:3b:3d:de:34:90:2d:6b:87:22:73:f9:7d:0b:8c:cd:d9:50:
3f:df:70:da:80:76:d6:74:f2:34:0f:90:55:e0:cb:9e:6d:3b:
ba:6c:0c:98:1c:4f:3e:90:74:07:85:d0:6c:4a:c8:ac:fb:cf:
e9:22:31:20:6c:dd:bd:c3:1f:58:3f:8a:50:e8:05:1d:67:d7:
b4:2a:26:b3:5d:95:9c:f4:ae:52:ff:c2:57:21:8c:c8:f5:78:
4b:63:3b:a6:03:20:d4:8f:68:16:31:b9:30:19:61:72:b8:ea:
cf:88:63:f7:09:89:d2:74:aa:46:04:52:28:9a:5e:b4:81:9c:
87:6d:95:4b:c1:54:fe:7e:03:c6:4b:6f:23:ec:08:5e:5d:4a:
47:a8:1b:54:32:a1:1b:82:cd:73:54:6b:fe:32:77:71:60:db:
03:48:e3:90:5c:29:4b:de:0f:72:15:95:62:05:65:55:4f:43:
f6:af:78:95:d2:78:82:d4:b9:1d:95:43:93:9e:cc:2c:18:0d:
8a:4e:67:82:61:be:d1:74:df:c6:23:95:7e:25:d7:13:ec:d3:
e3:2d:24:41
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzGS1Xf2Tj58+xp2NtNZpC4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNWU0ZWY1NTE2Nzk5ZmZlMGJiMWI4MzkzMTdkYmQzNTVi
YjdhOWIwHhcNMjQwMTAxMTgzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWViN2YwZmY4NzUxNWQ2NWQ0ZWZjZWJkNDU3ZGU5ZmM2NWFlYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbZcVF0CAK5p5w5FLgmvjGGyJsZk
BJRO2bEEK/Qq+2ssp1FOt3bjzKN81nl32ZoaQ0zAv0/d+ZLqT4CeOpBF6ry5PvaZ
neJUTXpId877KyZghl/GFMLcW8O9GHYpnOxr6f9h781zXzHIQD6pm9p6rBneD7tk
GrRF6BM1w1VOs8ZhYvoH60I2RxL7/5cHFNtuZWMCVc3xO+/8mXPl/XdZDN/nXvJg
OAu7k0dsHHPLa+89NeZ0xTjEtMcVOFgUtKw0OTke3lot/jM2YsCNu/WeZ2yaXA7i
qzKthOTkT1lPSz9gzu7pfpf8ERrrv8KpVrBDqq1akmhTihLAK1ssjdA2xwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFNXrfw/4dRXWXU7869RX3p/GWuxqMB8GA1UdIwQY
MBaAFGxeTvVRZ5n/4Lsbg5MX29NVu3qbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUt
MWJlNzUzZmFkMWJmLzEvMWV0X0RfaDFGZFpkVHZ6cjFGZmVuOFphN0dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS85ZDk2ODAtZmZiZi00M2QxLTljMDUtMWJlNzUzZmFkMWJm
LzEvYkY1TzlWRm5tZl9ndXh1RGt4ZmIwMVc3ZXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDLh54AwQD
PkWYAwQAW9/rAwQAW+bvAwQDshewAwQBuX6YAwQCudDUAwQAwvc9AwQAw7YkMBQE
AgACMA4DBQMqABsYAwUAKgAc8DANBgkqhkiG9w0BAQsFAAOCAQEAp2bO+CeUT21p
u+gp73t55nElEyYPjWCqCszTuOPw1Uxe7QVj/Ts93jSQLWuHInP5fQuMzdlQP99w
2oB21nTyNA+QVeDLnm07umwMmBxPPpB0B4XQbErIrPvP6SIxIGzdvcMfWD+KUOgF
HWfXtComs12VnPSuUv/CVyGMyPV4S2M7pgMg1I9oFjG5MBlhcrjqz4hj9wmJ0nSq
RgRSKJpetIGch22VS8FU/n4DxktvI+wIXl1KR6gbVDKhG4LNc1Rr/jJ3cWDbA0jj
kFwpS94PchWVYgVlVU9D9q94ldJ4gtS5HZVDk57MLBgNik5ngmG+0XTfxiOVfiXX
E+zT4y0kQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 20 13:37:21 2024 by rpki-client on console-fra.rpki-client.org