Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/odWaLqj87wsP_coOILX8yHC35rE.roa
File: odWaLqj87wsP_coOILX8yHC35rE.roa (raw, json)
Hash identifier: WxP9WAzhETvgP3magMKv8nPjZlK1F2BfVjWIlwuvJUU=
Subject key identifier: A1:D5:9A:2E:A8:FC:EF:0B:0F:FD:CA:0E:20:B5:FC:C8:70:B7:E6:B1
Certificate issuer: /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial: 018CC4936848544B9A14EF1EBAEBBD12181A
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/odWaLqj87wsP_coOILX8yHC35rE.roa
Signing time: Mon 01 Jan 2024 10:30:43 +0000
ROA not before: Mon 01 Jan 2024 10:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1653
IP address blocks: 93.115.160.0/21 maxlen: 21
89.44.248.0/21 maxlen: 22
89.41.160.0/21 maxlen: 21
193.11.0.0/16 maxlen: 24
86.105.112.0/21 maxlen: 21
89.34.184.0/21 maxlen: 21
91.250.192.0/19 maxlen: 19
89.33.136.0/21 maxlen: 23
194.47.0.0/16 maxlen: 16
193.10.0.0/16 maxlen: 24
89.34.240.0/21 maxlen: 21
188.240.144.0/20 maxlen: 24
188.211.240.0/21 maxlen: 21
86.104.48.0/20 maxlen: 20
89.44.0.0/21 maxlen: 24
212.25.128.0/19 maxlen: 19
89.32.72.0/21 maxlen: 21
86.104.200.0/21 maxlen: 21
94.176.224.0/21 maxlen: 25
37.156.192.0/20 maxlen: 26
89.43.232.0/21 maxlen: 21
89.32.32.0/21 maxlen: 21
86.104.152.0/21 maxlen: 21
89.37.176.0/21 maxlen: 21
77.238.32.0/19 maxlen: 19
188.241.160.0/20 maxlen: 20
89.45.232.0/21 maxlen: 21
89.45.236.0/22 maxlen: 22
86.106.160.0/21 maxlen: 21
89.47.184.0/21 maxlen: 21
89.46.17.0/24 maxlen: 24
89.46.16.0/21 maxlen: 21
89.46.16.0/24 maxlen: 24
89.46.18.0/24 maxlen: 24
89.46.20.0/22 maxlen: 22
2001:6b0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:02:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:68:48:54:4b:9a:14:ef:1e:ba:eb:bd:12:18:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
Validity
Not Before: Jan 1 10:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1d59a2ea8fcef0b0ffdca0e20b5fcc870b7e6b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c8:45:7c:b6:20:c3:b9:4f:af:84:fc:9b:bf:
18:ae:9e:58:99:a7:7b:db:d7:07:8a:f3:f9:e1:98:
fb:c1:dd:3a:41:28:4e:8f:b5:49:80:3a:cf:a4:ba:
59:22:24:d1:15:99:92:e3:34:f8:f3:ca:46:a9:e0:
11:4f:83:cb:d0:8d:79:ab:bc:03:2c:e8:dc:e0:58:
cb:d4:51:11:4b:fe:33:62:fd:6b:a9:f8:bc:d0:4d:
a4:4e:79:b7:9d:9c:bc:57:e8:9e:6d:90:ac:29:25:
62:f5:8e:f9:bd:af:2c:ac:0b:a6:20:0d:78:27:bf:
16:18:ea:e4:ab:5b:e5:b1:19:86:4e:d2:7c:a4:ac:
d4:9c:30:e7:fd:f8:72:cb:16:72:d6:4b:14:31:94:
b7:8e:14:0c:7b:6f:ff:f0:85:6b:4c:44:a8:d2:8d:
f2:73:36:ea:75:62:d7:19:ff:53:f6:68:eb:fc:c7:
c3:73:68:98:06:49:31:f6:ba:cb:f1:87:b4:25:db:
eb:16:dc:93:69:55:a6:d0:10:7f:97:5a:1b:9c:5d:
c8:a8:af:18:25:a4:27:56:c9:de:dd:17:8e:29:31:
62:43:f5:55:bb:ac:61:b2:8c:b4:94:8f:e1:e8:9a:
61:01:ac:d1:ec:38:7f:f5:6c:d3:88:13:81:14:d8:
e2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D5:9A:2E:A8:FC:EF:0B:0F:FD:CA:0E:20:B5:FC:C8:70:B7:E6:B1
X509v3 Authority Key Identifier:
keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/odWaLqj87wsP_coOILX8yHC35rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.192.0/20
77.238.32.0/19
86.104.48.0/20
86.104.152.0/21
86.104.200.0/21
86.105.112.0/21
86.106.160.0/21
89.32.32.0/21
89.32.72.0/21
89.33.136.0/21
89.34.184.0/21
89.34.240.0/21
89.37.176.0/21
89.41.160.0/21
89.43.232.0/21
89.44.0.0/21
89.44.248.0/21
89.45.232.0/21
89.46.16.0/21
89.47.184.0/21
91.250.192.0/19
93.115.160.0/21
94.176.224.0/21
188.211.240.0/21
188.240.144.0/20
188.241.160.0/20
193.10.0.0/15
194.47.0.0/16
212.25.128.0/19
IPv6:
2001:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
03:14:00:fe:9f:3f:64:fe:b9:67:35:0c:39:04:eb:14:f7:fc:
b3:26:82:56:68:ba:fc:2e:67:4e:8f:bd:3e:58:f9:62:20:ec:
fc:be:8f:89:83:e5:b2:22:0a:ea:65:85:f8:f5:d7:3a:06:94:
4a:13:0d:8a:09:05:10:20:dd:90:60:54:4c:c4:56:33:6f:68:
5c:a4:47:79:4d:97:40:6a:0b:cd:d2:70:79:84:75:e1:28:c5:
31:c3:73:c2:b3:14:dc:2d:fa:52:c9:15:d6:94:8e:fb:3f:2c:
0c:49:3f:58:97:87:44:ba:c1:11:61:3d:93:d5:f6:ff:bd:99:
50:68:d1:4d:bf:df:57:eb:38:b5:8f:2c:cd:64:76:a0:4c:0b:
2c:4e:06:40:1f:ee:5f:a3:9b:1b:dd:a7:19:ab:15:a2:2e:e0:
6f:6a:b6:e6:5a:ef:7f:30:e3:1c:60:53:74:1c:40:ba:1b:ad:
59:96:76:51:6a:77:30:83:c7:73:2a:55:b4:cc:e1:a6:ba:1c:
3c:b3:ec:2b:3e:85:cf:02:8b:2c:9c:1c:ee:9b:49:c1:7d:fa:
ef:89:a9:4b:64:b5:4c:6d:eb:ec:98:b3:7b:f4:22:93:ca:c8:
ce:9e:9c:1b:72:38:1d:e1:58:c3:9e:17:59:1a:2d:98:03:48:
69:d8:db:d1
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAYzEk2hIVEuaFO8euuu9EhgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MDFmMjNjZTgyMWMyNjRkNjc3Mjc1MzZlYzE4MzUzNzU5
NGM1ZjIwHhcNMjQwMTAxMTAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQ1OWEyZWE4ZmNlZjBiMGZmZGNhMGUyMGI1ZmNjODcwYjdlNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8hFfLYgw7lPr4T8m78Yrp5Ymad7
29cHivP54Zj7wd06QShOj7VJgDrPpLpZIiTRFZmS4zT488pGqeART4PL0I15q7wD
LOjc4FjL1FERS/4zYv1rqfi80E2kTnm3nZy8V+iebZCsKSVi9Y75va8srAumIA14
J78WGOrkq1vlsRmGTtJ8pKzUnDDn/fhyyxZy1ksUMZS3jhQMe2//8IVrTESo0o3y
czbqdWLXGf9T9mjr/MfDc2iYBkkx9rrL8Ye0JdvrFtyTaVWm0BB/l1obnF3IqK8Y
JaQnVsne3ReOKTFiQ/VVu6xhsoy0lI/h6JphAazR7Dh/9WzTiBOBFNji7wIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFKHVmi6o/O8LD/3KDiC1/Mhwt+axMB8GA1UdIwQY
MBaAFOgB8jzoIcJk1ncnU27Bg1N1lMXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAt
NDY0ZWIxODNiNTY4LzEvb2RXYUxxajg3d3NQX2NvT0lMWDh5SEMzNXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9lYWI0ZDgtNmFmZC00ZjgxLWFiMTAtNDY0ZWIxODNiNTY4
LzEvNkFIeVBPZ2h3bVRXZHlkVGJzR0RVM1dVeGZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHYBggrBgEFBQcBBwEB/wSByDCBxTCBswQCAAEwgawDBAQl
nMADBAVN7iADBARWaDADBANWaJgDBANWaMgDBANWaXADBANWaqADBANZICADBANZ
IEgDBANZIYgDBANZIrgDBANZIvADBANZJbADBANZKaADBANZK+gDBANZLAADBANZ
LPgDBANZLegDBANZLhADBANZL7gDBAVb+sADBANdc6ADBANesOADBAO80/ADBAS8
8JADBAS88aADAwHBCgMDAMIvAwQF1BmAMA0EAgACMAcDBQAgAQawMA0GCSqGSIb3
DQEBCwUAA4IBAQADFAD+nz9k/rlnNQw5BOsU9/yzJoJWaLr8LmdOj70+WPliIOz8
vo+Jg+WyIgrqZYX49dc6BpRKEw2KCQUQIN2QYFRMxFYzb2hcpEd5TZdAagvN0nB5
hHXhKMUxw3PCsxTcLfpSyRXWlI77PywMST9Yl4dEusERYT2T1fb/vZlQaNFNv99X
6zi1jyzNZHagTAssTgZAH+5fo5sb3acZqxWiLuBvarbmWu9/MOMcYFN0HEC6G61Z
lnZRancwg8dzKlW0zOGmuhw8s+wrPoXPAossnBzum0nBffrvialLZLVMbevsmLN7
9CKTysjOnpwbcjgd4VjDnhdZGi2YA0hp2NvR
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:27:06 2024 by rpki-client on console-fra.rpki-client.org