Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/xYfXaQ2HU9NkTt0lghxlALce3h0.roa
File: xYfXaQ2HU9NkTt0lghxlALce3h0.roa (raw, json)
Hash identifier: E6rA7scumvTxg/jrCmNlmYmHq2R+WCnd3lXgLYrdsTs=
Subject key identifier: C5:87:D7:69:0D:87:53:D3:64:4E:DD:25:82:1C:65:00:B7:1E:DE:1D
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018F71C019273CA4B3FCED5F8A19884FB13C
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/xYfXaQ2HU9NkTt0lghxlALce3h0.roa
Signing time: Mon 13 May 2024 11:39:25 +0000
ROA not before: Mon 13 May 2024 11:39:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 45.80.80.0/24 maxlen: 24
45.80.82.0/23 maxlen: 23
45.80.82.0/24 maxlen: 24
45.80.83.0/24 maxlen: 24
45.83.50.0/23 maxlen: 23
45.83.50.0/24 maxlen: 24
45.83.51.0/24 maxlen: 24
80.66.112.0/20 maxlen: 20
80.66.112.0/23 maxlen: 23
80.66.114.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
80.66.116.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/24 maxlen: 24
80.66.121.0/24 maxlen: 24
80.66.122.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
185.203.20.0/22 maxlen: 22
185.203.20.0/24 maxlen: 24
185.203.21.0/24 maxlen: 24
185.203.22.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
185.229.212.0/22 maxlen: 22
185.229.212.0/24 maxlen: 24
185.229.213.0/24 maxlen: 24
185.229.214.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 09:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:71:c0:19:27:3c:a4:b3:fc:ed:5f:8a:19:88:4f:b1:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: May 13 11:39:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c587d7690d8753d3644edd25821c6500b71ede1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c7:8d:8e:10:80:f5:0d:ca:c6:9b:aa:09:bf:
bd:71:b5:8d:37:a0:26:cb:b6:a3:69:aa:54:7c:a0:
d7:bb:e3:32:35:9d:e8:35:13:50:b1:0d:05:a7:55:
1f:d1:ce:d8:fd:03:ad:d1:26:47:82:aa:cf:e8:05:
ad:64:8e:63:2a:c9:6d:5b:68:c2:fe:eb:2a:91:db:
f2:f2:21:6e:f4:72:c6:a1:1d:f5:79:f1:de:6a:47:
87:06:44:96:f2:2d:77:5b:41:07:58:cc:62:38:0e:
1c:54:1c:a8:14:0c:5d:41:97:29:20:5a:97:3c:fd:
ce:48:54:f4:08:f8:38:d8:1d:07:92:48:3f:22:83:
38:65:85:76:a1:d4:c8:9f:29:e4:cf:00:98:e9:d6:
2a:75:a5:02:f5:26:2c:8d:ec:b6:9d:75:74:47:33:
50:45:9a:51:d7:c9:bf:0b:9f:23:dd:32:b4:20:4a:
38:3a:06:60:03:6e:84:ac:a8:9f:24:68:61:1f:fd:
df:00:37:bb:3b:a6:4b:2c:af:0f:90:0d:c9:07:3c:
38:33:0d:4a:1d:ff:35:47:67:ca:5c:67:06:4a:d6:
1c:c3:c0:f7:50:84:44:f4:29:a9:53:aa:72:70:32:
5a:dd:ab:b7:64:a3:5a:d6:ef:1e:42:0a:76:7c:ed:
d0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:87:D7:69:0D:87:53:D3:64:4E:DD:25:82:1C:65:00:B7:1E:DE:1D
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/xYfXaQ2HU9NkTt0lghxlALce3h0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.80.0/24
45.80.82.0/23
45.83.50.0/23
80.66.112.0/20
89.42.70.0/24
89.44.150.0/23
94.198.46.0/23
178.19.32.0/23
178.19.44.0/24
178.19.47.0/24
185.203.20.0/22
185.229.212.0/22
185.242.175.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:6c:fa:86:a9:36:48:8c:b8:93:d0:13:c0:d0:94:3b:d9:11:
9d:f8:2a:9a:73:34:08:88:6d:65:e6:91:c3:db:66:08:4e:1c:
22:58:ed:a6:8d:3d:19:47:92:37:73:13:8b:97:4b:30:2d:00:
bd:bb:20:a3:58:88:a5:b3:9e:77:73:42:c7:19:b0:a1:18:05:
89:39:16:76:dd:60:4d:3b:e5:0f:2e:15:89:0a:bc:2b:60:df:
2e:cd:c8:99:bc:a3:64:39:42:07:73:38:48:54:57:2a:fa:51:
40:df:06:0f:f6:a4:5b:02:80:6a:c8:63:8c:af:db:18:66:7a:
01:2c:48:29:22:da:41:1e:0e:71:74:b8:98:63:1a:29:8e:84:
4c:22:cf:27:3b:9b:37:29:cc:88:4d:32:d5:2d:71:bf:12:db:
5e:52:f5:1c:9d:18:02:e7:83:b7:2f:da:a1:4a:e0:2d:37:f6:
78:0c:02:0d:28:dc:84:cd:62:92:a1:fd:c6:e4:76:57:2f:b0:
a4:14:d8:c8:0b:95:70:9b:e6:21:a6:af:c8:28:34:77:14:09:
be:12:c2:77:da:d1:b1:03:dd:1e:ba:be:ba:31:e6:c2:66:95:
c3:3c:34:bb:31:02:33:8b:74:bd:d1:83:68:49:ff:08:94:94:
45:19:88:88
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY9xwBknPKSz/O1fihmIT7E8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNTEzMTEzOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTg3ZDc2OTBkODc1M2QzNjQ0ZWRkMjU4MjFjNjUwMGI3MWVkZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38eNjhCA9Q3KxpuqCb+9cbWNN6Am
y7ajaapUfKDXu+MyNZ3oNRNQsQ0Fp1Uf0c7Y/QOt0SZHgqrP6AWtZI5jKsltW2jC
/usqkdvy8iFu9HLGoR31efHeakeHBkSW8i13W0EHWMxiOA4cVByoFAxdQZcpIFqX
PP3OSFT0CPg42B0Hkkg/IoM4ZYV2odTInynkzwCY6dYqdaUC9SYsjey2nXV0RzNQ
RZpR18m/C58j3TK0IEo4OgZgA26ErKifJGhhH/3fADe7O6ZLLK8PkA3JBzw4Mw1K
Hf81R2fKXGcGStYcw8D3UIRE9CmpU6pycDJa3au3ZKNa1u8eQgp2fO3QJwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMWH12kNh1PTZE7dJYIcZQC3Ht4dMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEveFlmWGFRMkhVOU5rVHQwbGdoeGxBTGNlM2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALVBQAwQB
LVBSAwQBLVMyAwQEUEJwAwQAWSpGAwQBWSyWAwQBXsYuAwQBshMgAwQAshMsAwQA
shMvAwQCucsUAwQCueXUAwQAufKvMA0GCSqGSIb3DQEBCwUAA4IBAQA/bPqGqTZI
jLiT0BPA0JQ72RGd+CqaczQIiG1l5pHD22YIThwiWO2mjT0ZR5I3cxOLl0swLQC9
uyCjWIils553c0LHGbChGAWJORZ23WBNO+UPLhWJCrwrYN8uzciZvKNkOUIHczhI
VFcq+lFA3wYP9qRbAoBqyGOMr9sYZnoBLEgpItpBHg5xdLiYYxopjoRMIs8nO5s3
KcyITTLVLXG/EtteUvUcnRgC54O3L9qhSuAtN/Z4DAINKNyEzWKSof3G5HZXL7Ck
FNjIC5Vwm+Yhpq/IKDR3FAm+EsJ32tGxA90eur66MebCZpXDPDS7MQIzi3S90YNo
Sf8IlJRFGYiI
-----END CERTIFICATE-----
Generated at Fri Jun 14 17:10:22 2024 by rpki-client on console-fra.rpki-client.org