Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/3gHtvvEH1A4egl70kgr1NpWYgLo.roa
File: 3gHtvvEH1A4egl70kgr1NpWYgLo.roa (raw, json)
Hash identifier: 22HQPOOiRanBM1Sk0T9PhCmzcmQVB4DjL/IBowpnUVQ=
Subject key identifier: DE:01:ED:BE:F1:07:D4:0E:1E:82:5E:F4:92:0A:F5:36:95:98:80:BA
Certificate issuer: /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Certificate serial: 018FFD363A5B6684C8000C07DA17D9750047
Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/3gHtvvEH1A4egl70kgr1NpWYgLo.roa
Signing time: Sun 09 Jun 2024 13:35:40 +0000
ROA not before: Sun 09 Jun 2024 13:35:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8814
IP address blocks: 80.69.52.0/24 maxlen: 24
80.69.54.0/24 maxlen: 24
80.69.55.0/24 maxlen: 24
80.69.58.0/24 maxlen: 24
80.69.59.0/24 maxlen: 24
80.69.61.0/24 maxlen: 24
80.69.62.0/24 maxlen: 24
80.69.63.0/24 maxlen: 24
91.135.245.0/24 maxlen: 24
91.135.246.0/24 maxlen: 24
91.135.247.0/24 maxlen: 24
91.135.248.0/24 maxlen: 24
91.135.249.0/24 maxlen: 24
91.135.250.0/24 maxlen: 24
91.135.251.0/24 maxlen: 24
91.135.254.0/24 maxlen: 24
91.135.255.0/24 maxlen: 24
92.39.88.0/24 maxlen: 24
92.39.89.0/24 maxlen: 24
92.39.95.0/24 maxlen: 24
158.181.32.0/24 maxlen: 24
158.181.33.0/24 maxlen: 24
158.181.35.0/24 maxlen: 24
158.181.36.0/24 maxlen: 24
158.181.40.0/22 maxlen: 22
158.181.44.0/22 maxlen: 22
212.47.128.0/22 maxlen: 22
212.47.132.0/22 maxlen: 22
212.47.136.0/22 maxlen: 22
212.47.140.0/22 maxlen: 22
212.47.144.0/22 maxlen: 22
212.47.148.0/22 maxlen: 22
212.47.152.0/24 maxlen: 24
212.47.156.0/24 maxlen: 24
212.47.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:fd:36:3a:5b:66:84:c8:00:0c:07:da:17:d9:75:00:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Validity
Not Before: Jun 9 13:35:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de01edbef107d40e1e825ef4920af536959880ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a2:ef:3a:c5:a2:ce:12:9c:c6:1f:e9:3d:30:
77:07:bd:b3:ce:cb:7a:de:9c:5b:20:19:09:a8:eb:
f4:7b:e6:57:0b:f4:ac:8c:48:62:7d:04:0d:e4:63:
be:83:0b:85:1e:61:d5:df:5c:fe:1a:d3:7c:17:ad:
bf:c3:d0:2f:51:43:1d:a1:ff:e0:23:ea:68:65:e5:
57:22:a7:23:b8:4e:ca:5b:fd:d4:86:f2:c2:63:36:
c4:f9:8e:86:05:a4:3a:62:58:cf:a9:d5:a8:e3:90:
c6:67:42:03:f4:81:68:7a:93:c1:6f:9a:05:f7:90:
15:ac:fd:7e:c4:04:69:3e:6d:04:56:00:01:1e:c5:
f0:61:42:f5:68:5b:6b:d3:2a:7e:96:61:a4:24:12:
27:da:4d:db:24:de:2b:32:85:fa:cd:a0:94:0b:fc:
62:94:b0:4b:c4:04:a8:c9:c5:91:15:8a:d1:92:19:
2f:7d:fa:47:38:94:e5:8a:bf:80:42:1f:f0:46:5c:
7c:b5:9e:49:88:3b:ad:c9:42:96:98:2d:8f:cf:3d:
77:4d:4c:71:40:42:fa:17:58:80:5e:fc:f1:53:9a:
94:9e:bb:f9:5d:75:eb:d6:4f:a3:70:9c:ec:9f:e2:
73:93:6d:90:2b:a5:a9:ff:35:e0:07:27:56:53:03:
58:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:01:ED:BE:F1:07:D4:0E:1E:82:5E:F4:92:0A:F5:36:95:98:80:BA
X509v3 Authority Key Identifier:
keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/3gHtvvEH1A4egl70kgr1NpWYgLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.69.52.0/24
80.69.54.0/23
80.69.58.0/23
80.69.61.0-80.69.63.255
91.135.245.0-91.135.251.255
91.135.254.0/23
92.39.88.0/23
92.39.95.0/24
158.181.32.0/23
158.181.35.0-158.181.36.255
158.181.40.0/21
212.47.128.0-212.47.152.255
212.47.156.0/24
212.47.159.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:9e:59:09:52:9a:c3:09:23:4a:52:bc:15:6d:10:7d:2f:c8:
25:3f:25:21:d4:de:9e:43:d0:09:1d:a4:9c:b2:8a:05:af:51:
b2:5b:1d:c9:26:45:c1:a4:b9:0a:fe:bd:00:d4:92:18:a2:55:
6a:e5:c4:28:85:a1:d3:fa:88:04:6d:d7:81:a9:56:e4:94:7d:
53:9b:7c:1f:61:81:92:9c:9d:4c:af:3f:2d:6a:b5:e8:f8:79:
39:6b:78:64:e6:29:21:dd:0c:91:83:7c:cf:8b:f2:ae:f8:ed:
51:5a:4f:74:54:58:cd:11:ef:54:7d:5f:24:15:58:a8:37:9c:
2f:c3:d4:59:4c:5f:7f:64:2a:ac:0e:b7:ec:68:de:9a:46:08:
ce:29:e7:0d:7d:90:da:3a:5c:1a:29:ca:14:8d:57:9f:c5:bb:
67:b0:8c:dd:3c:0c:af:f2:4e:dd:da:5c:0d:4b:01:dc:c0:37:
ed:52:dc:4b:9a:0b:b0:b3:39:ee:6e:6d:53:32:7a:b6:23:c7:
00:a6:de:aa:53:ef:32:24:e4:12:45:1c:1c:0f:97:6c:ed:c6:
b7:c4:80:a2:c0:63:39:dd:3c:db:79:8b:5f:fa:20:0e:a1:8e:
1a:9a:01:44:15:34:29:a0:f0:64:58:bc:14:34:7f:a3:39:f8:
f0:cd:13:93
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAY/9NjpbZoTIAAwH2hfZdQBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi
MTU4OWMwHhcNMjQwNjA5MTMzNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTAxZWRiZWYxMDdkNDBlMWU4MjVlZjQ5MjBhZjUzNjk1OTg4MGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqLvOsWizhKcxh/pPTB3B72zzst6
3pxbIBkJqOv0e+ZXC/SsjEhifQQN5GO+gwuFHmHV31z+GtN8F62/w9AvUUMdof/g
I+poZeVXIqcjuE7KW/3UhvLCYzbE+Y6GBaQ6YljPqdWo45DGZ0ID9IFoepPBb5oF
95AVrP1+xARpPm0EVgABHsXwYUL1aFtr0yp+lmGkJBIn2k3bJN4rMoX6zaCUC/xi
lLBLxASoycWRFYrRkhkvffpHOJTlir+AQh/wRlx8tZ5JiDutyUKWmC2Pzz13TUxx
QEL6F1iAXvzxU5qUnrv5XXXr1k+jcJzsn+Jzk22QK6Wp/zXgBydWUwNYGQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFN4B7b7xB9QOHoJe9JIK9TaVmIC6MB8GA1UdIwQY
MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt
NWQ0OGJjZDdjMWRjLzEvM2dIdHZ2RUgxQTRlZ2w3MGtncjFOcFdZZ0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDItNWQ0OGJjZDdjMWRj
LzEvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAFBFNAME
AVBFNgMEAVBFOjAMAwQAUEU9AwQGUEUAMAwDBABbh/UDBAJbh/gDBAFbh/4DBAFc
J1gDBABcJ18DBAGetSAwDAMEAJ61IwMEAJ61JAMEA561KDAMAwQH1C+AAwQA1C+Y
AwQA1C+cAwQA1C+fMA0GCSqGSIb3DQEBCwUAA4IBAQBunlkJUprDCSNKUrwVbRB9
L8glPyUh1N6eQ9AJHaScsooFr1GyWx3JJkXBpLkK/r0A1JIYolVq5cQohaHT+ogE
bdeBqVbklH1Tm3wfYYGSnJ1Mrz8tarXo+Hk5a3hk5ikh3QyRg3zPi/Ku+O1RWk90
VFjNEe9UfV8kFVioN5wvw9RZTF9/ZCqsDrfsaN6aRgjOKecNfZDaOlwaKcoUjVef
xbtnsIzdPAyv8k7d2lwNSwHcwDftUtxLmguwsznubm1TMnq2I8cApt6qU+8yJOQS
RRwcD5ds7ca3xICiwGM53TzbeYtf+iAOoY4amgFEFTQpoPBkWLwUNH+jOfjwzROT
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:29:40 2024 by rpki-client on console-ams.rpki-client.org