Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/ouSxsQ0aqG7vf8WtP2LYwoUPpBU.roa
File: ouSxsQ0aqG7vf8WtP2LYwoUPpBU.roa (raw, json)
Hash identifier: Ts+5kwP3n+E6hc0F1DlJ26z5wMi+EO45QNMmehv84k4=
Subject key identifier: A2:E4:B1:B1:0D:1A:A8:6E:EF:7F:C5:AD:3F:62:D8:C2:85:0F:A4:15
Certificate issuer: /CN=048eefb5b26483561711c990f20ff552ac4e2c9c
Certificate serial: 018CC348B7898B5A5964003AB1B842F8E4C9
Authority key identifier: 04:8E:EF:B5:B2:64:83:56:17:11:C9:90:F2:0F:F5:52:AC:4E:2C:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/ouSxsQ0aqG7vf8WtP2LYwoUPpBU.roa
Signing time: Mon 01 Jan 2024 04:29:31 +0000
ROA not before: Mon 01 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35805
IP address blocks: 77.92.224.0/19 maxlen: 24
37.110.160.0/19 maxlen: 24
31.146.0.0/16 maxlen: 24
92.54.192.0/18 maxlen: 24
176.221.128.0/17 maxlen: 24
94.43.0.0/16 maxlen: 24
178.134.0.0/16 maxlen: 24
213.217.16.0/22 maxlen: 24
188.123.150.0/24 maxlen: 24
146.255.224.0/19 maxlen: 24
5.152.0.0/17 maxlen: 24
37.232.0.0/17 maxlen: 24
149.3.0.0/17 maxlen: 24
87.253.32.0/19 maxlen: 24
188.123.128.0/19 maxlen: 24
188.169.0.0/16 maxlen: 24
79.99.248.0/21 maxlen: 24
2a01:9c80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 07:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b7:89:8b:5a:59:64:00:3a:b1:b8:42:f8:e4:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048eefb5b26483561711c990f20ff552ac4e2c9c
Validity
Not Before: Jan 1 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2e4b1b10d1aa86eef7fc5ad3f62d8c2850fa415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e5:f9:20:5e:e0:c6:15:89:4a:44:84:3f:1f:
1f:58:be:d4:ee:d6:91:52:7d:b4:fc:60:a8:c6:e6:
d7:98:f0:86:ba:d3:29:bb:c6:16:38:87:3c:e2:bb:
9e:6a:a6:8e:f8:48:04:ef:b7:ca:b6:47:ac:14:0c:
e8:a5:d0:cf:3a:38:43:20:5d:5f:39:a0:52:f8:6d:
c0:62:dc:2d:de:7d:4e:c7:4b:f0:dd:b4:38:60:8b:
89:0a:56:bc:26:9f:fd:ee:80:b5:90:44:fa:30:85:
22:51:7b:14:a6:06:aa:e6:f4:4f:12:3d:b6:6b:62:
22:b4:ed:33:77:2b:f9:8f:60:29:74:d1:8b:45:9b:
bc:f4:18:7b:11:53:c9:ab:2c:1b:d1:70:80:07:cf:
7c:68:e3:dd:4f:46:c1:0b:15:d7:ea:62:ed:7c:d4:
22:4e:1e:8c:c4:7f:09:e6:f4:f5:2d:12:e1:1e:f7:
77:eb:a9:79:ed:5c:f5:f9:28:a1:86:15:60:27:dc:
9b:0a:ce:ce:24:d7:aa:15:49:4f:38:7a:fa:2f:13:
85:39:b1:0a:13:66:15:c2:20:1d:4c:85:68:d6:f4:
e7:06:46:2b:19:e8:34:4c:eb:88:00:8d:5d:92:32:
f8:d9:cc:ff:2a:c5:b6:6b:f2:dd:bc:0c:12:95:e7:
60:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E4:B1:B1:0D:1A:A8:6E:EF:7F:C5:AD:3F:62:D8:C2:85:0F:A4:15
X509v3 Authority Key Identifier:
keyid:04:8E:EF:B5:B2:64:83:56:17:11:C9:90:F2:0F:F5:52:AC:4E:2C:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/ouSxsQ0aqG7vf8WtP2LYwoUPpBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4b6354-a7a3-4351-a7de-aeac5d9cdc7b/1/BI7vtbJkg1YXEcmQ8g_1UqxOLJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.0.0/17
31.146.0.0/16
37.110.160.0/19
37.232.0.0/17
77.92.224.0/19
79.99.248.0/21
87.253.32.0/19
92.54.192.0/18
94.43.0.0/16
146.255.224.0/19
149.3.0.0/17
176.221.128.0/17
178.134.0.0/16
188.123.128.0/19
188.169.0.0/16
213.217.16.0/22
IPv6:
2a01:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
19:4c:07:38:84:7c:28:8c:04:66:9e:78:60:f1:a7:d8:9e:03:
e3:f1:7f:00:4e:e0:08:07:1c:46:c7:e1:e7:65:ce:b7:e9:d7:
b0:b3:5c:0a:0c:20:79:a8:a3:55:0d:cc:6a:6d:c0:f8:76:f1:
b4:03:41:6e:c2:b1:2f:b3:c0:f9:10:14:19:46:f3:18:aa:fe:
59:0c:b9:fb:e9:10:52:34:8e:58:f1:95:d8:49:b5:90:d6:03:
ff:00:72:10:6d:eb:b2:cc:38:fd:78:25:b3:48:01:f0:ee:4c:
19:a2:a7:cd:ba:13:43:09:0d:a9:30:ee:ab:88:bd:8e:be:9a:
9a:24:99:41:0e:d6:72:05:38:95:eb:57:24:2a:23:d4:1e:28:
bc:85:5a:d3:76:46:40:36:64:16:f6:6f:ee:77:ed:40:5a:ff:
4d:a5:cc:40:3e:1a:51:39:31:61:8e:22:e8:2c:ec:92:f5:15:
47:79:42:17:6f:5e:f4:cf:e5:90:b5:61:b9:a8:9f:c6:21:bc:
79:bd:db:ce:67:43:d9:af:84:c9:79:ce:5f:b6:a5:70:c9:36:
91:1a:83:d8:f6:c5:4f:a6:a6:ee:ff:05:cb:a2:5c:8a:4b:25:
6f:03:2c:08:c7:a7:80:40:7e:c1:e7:c1:71:92:1f:a0:c9:5e:
b0:f9:2f:ed
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYzDSLeJi1pZZAA6sbhC+OTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0OGVlZmI1YjI2NDgzNTYxNzExYzk5MGYyMGZmNTUyYWM0
ZTJjOWMwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmU0YjFiMTBkMWFhODZlZWY3ZmM1YWQzZjYyZDhjMjg1MGZhNDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeX5IF7gxhWJSkSEPx8fWL7U7taR
Un20/GCoxubXmPCGutMpu8YWOIc84rueaqaO+EgE77fKtkesFAzopdDPOjhDIF1f
OaBS+G3AYtwt3n1Ox0vw3bQ4YIuJCla8Jp/97oC1kET6MIUiUXsUpgaq5vRPEj22
a2IitO0zdyv5j2ApdNGLRZu89Bh7EVPJqywb0XCAB898aOPdT0bBCxXX6mLtfNQi
Th6MxH8J5vT1LRLhHvd366l57Vz1+SihhhVgJ9ybCs7OJNeqFUlPOHr6LxOFObEK
E2YVwiAdTIVo1vTnBkYrGeg0TOuIAI1dkjL42cz/KsW2a/LdvAwSledg/wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFKLksbENGqhu73/FrT9i2MKFD6QVMB8GA1UdIwQY
MBaAFASO77WyZINWFxHJkPIP9VKsTiycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkk3dnRiSmtnMVlYRWNtUThnXzFVcXhPTEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YjYzNTQtYTdhMy00MzUxLWE3ZGUt
YWVhYzVkOWNkYzdiLzEvb3VTeHNRMGFxRzd2ZjhXdFAyTFl3b1VQcEJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80YjYzNTQtYTdhMy00MzUxLWE3ZGUtYWVhYzVkOWNkYzdi
LzEvQkk3dnRiSmtnMVlYRWNtUThnXzFVcXhPTEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEBwWYAAMD
AB+SAwQFJW6gAwQHJegAAwQFTVzgAwQDT2P4AwQFV/0gAwQGXDbAAwMAXisDBAWS
/+ADBAeVAwADBAew3YADAwCyhgMEBbx7gAMDALypAwQC1dkQMA0EAgACMAcDBQMq
AZyAMA0GCSqGSIb3DQEBCwUAA4IBAQAZTAc4hHwojARmnnhg8afYngPj8X8ATuAI
BxxGx+HnZc636dews1wKDCB5qKNVDcxqbcD4dvG0A0FuwrEvs8D5EBQZRvMYqv5Z
DLn76RBSNI5Y8ZXYSbWQ1gP/AHIQbeuyzDj9eCWzSAHw7kwZoqfNuhNDCQ2pMO6r
iL2OvpqaJJlBDtZyBTiV61ckKiPUHii8hVrTdkZANmQW9m/ud+1AWv9NpcxAPhpR
OTFhjiLoLOyS9RVHeUIXb170z+WQtWG5qJ/GIbx5vdvOZ0PZr4TJec5ftqVwyTaR
GoPY9sVPpqbu/wXLolyKSyVvAywIx6eAQH7B58Fxkh+gyV6w+S/t
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:24:03 2024 by rpki-client on console-ams.rpki-client.org