Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/18NWIZpFqLre7uRi8EpHcR_yMjc.roa
File: 18NWIZpFqLre7uRi8EpHcR_yMjc.roa (raw, json)
Hash identifier: qAa8HnO1BnPmDmzTy/gA2bgoSQCgCId1ceGCzPKMU7s=
Subject key identifier: D7:C3:56:21:9A:45:A8:BA:DE:EE:E4:62:F0:4A:47:71:1F:F2:32:37
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 018F80BEE7CB062C72408BD897F92508C339
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/18NWIZpFqLre7uRi8EpHcR_yMjc.roa
Signing time: Thu 16 May 2024 09:32:25 +0000
ROA not before: Thu 16 May 2024 09:32:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1273
IP address blocks: 62.25.64.0/18 maxlen: 18
62.208.0.0/16 maxlen: 16
62.221.0.0/19 maxlen: 19
90.249.160.0/19 maxlen: 19
141.1.0.0/16 maxlen: 16
185.204.4.0/22 maxlen: 22
193.164.160.0/19 maxlen: 19
194.6.0.0/18 maxlen: 18
194.6.64.0/19 maxlen: 19
194.112.64.0/18 maxlen: 18
194.152.64.0/19 maxlen: 19
194.176.128.0/19 maxlen: 19
194.177.160.0/19 maxlen: 19
194.205.0.0/16 maxlen: 16
194.221.0.0/16 maxlen: 16
195.2.0.0/19 maxlen: 19
195.10.0.0/18 maxlen: 18
195.27.0.0/16 maxlen: 16
195.44.0.0/16 maxlen: 16
195.59.0.0/16 maxlen: 16
195.80.64.0/19 maxlen: 19
195.89.0.0/16 maxlen: 16
195.89.13.0/24 maxlen: 24
195.92.0.0/16 maxlen: 16
195.144.128.0/19 maxlen: 19
212.62.0.0/19 maxlen: 19
212.137.0.0/16 maxlen: 16
212.158.0.0/17 maxlen: 17
212.165.0.0/19 maxlen: 19
213.12.0.0/16 maxlen: 16
213.38.0.0/16 maxlen: 16
213.185.192.0/19 maxlen: 19
213.216.128.0/18 maxlen: 18
217.134.0.0/15 maxlen: 15
217.135.0.0/16 maxlen: 16
217.161.0.0/16 maxlen: 16
2001:5000::/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:be:e7:cb:06:2c:72:40:8b:d8:97:f9:25:08:c3:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: May 16 09:32:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7c356219a45a8badeeee462f04a47711ff23237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b7:28:23:2a:be:00:bf:9d:97:e7:da:c5:41:
6a:00:9f:02:f4:6b:7c:47:fb:70:df:9a:b8:a0:71:
2a:86:23:36:f6:52:c2:bb:96:d6:ce:e5:4e:a6:1e:
b1:be:86:26:2e:97:69:76:09:1f:00:a8:79:47:6e:
d5:fe:38:a9:48:fa:d9:e1:ba:08:49:50:80:85:19:
13:67:30:95:f4:79:b1:22:9a:bd:94:38:98:18:5e:
da:cf:86:c9:eb:72:79:c0:0c:bf:cb:7e:a4:72:b3:
80:e4:0a:73:10:bc:2d:db:1f:ec:95:38:99:9a:27:
fd:8a:83:33:54:71:07:06:eb:6a:dd:9c:dd:40:0a:
84:41:da:6b:de:56:e8:70:59:e6:bf:95:62:0c:6d:
20:69:e4:1a:1d:79:63:eb:cb:69:ba:34:d2:0e:b9:
86:67:63:33:9a:81:08:01:0f:7a:f8:be:05:8e:6c:
9a:49:95:0a:47:9e:72:25:ef:3c:88:fa:bc:e7:43:
10:33:f0:c8:d6:f1:fc:60:ee:94:1a:5b:0f:5b:16:
57:50:e6:7d:09:75:b3:dc:7f:26:81:06:66:cd:e6:
86:d3:c1:67:ea:3a:de:15:7a:47:18:e9:0a:6d:dd:
3b:52:f8:81:bd:9c:44:d7:2b:cd:af:91:42:51:0f:
c6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C3:56:21:9A:45:A8:BA:DE:EE:E4:62:F0:4A:47:71:1F:F2:32:37
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/18NWIZpFqLre7uRi8EpHcR_yMjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.25.64.0/18
62.208.0.0/16
62.221.0.0/19
90.249.160.0/19
141.1.0.0/16
185.204.4.0/22
193.164.160.0/19
194.6.0.0-194.6.95.255
194.112.64.0/18
194.152.64.0/19
194.176.128.0/19
194.177.160.0/19
194.205.0.0/16
194.221.0.0/16
195.2.0.0/19
195.10.0.0/18
195.27.0.0/16
195.44.0.0/16
195.59.0.0/16
195.80.64.0/19
195.89.0.0/16
195.92.0.0/16
195.144.128.0/19
212.62.0.0/19
212.137.0.0/16
212.158.0.0/17
212.165.0.0/19
213.12.0.0/16
213.38.0.0/16
213.185.192.0/19
213.216.128.0/18
217.134.0.0/15
217.161.0.0/16
IPv6:
2001:5000::/21
Signature Algorithm: sha256WithRSAEncryption
0f:e6:9a:a2:7c:f1:db:ad:89:ed:44:82:d4:6c:fe:61:b8:b1:
7c:57:ed:7e:f6:96:7d:e3:ae:35:05:24:39:95:5b:09:71:57:
43:0e:7f:34:0f:d8:39:bc:5b:66:3d:fb:6c:05:71:56:29:1b:
6c:55:68:33:28:26:55:74:a7:93:2a:eb:e7:70:05:92:b5:ca:
86:42:87:f5:13:9f:ae:f3:3f:a4:6e:0a:9b:66:ff:51:7b:d2:
bb:0c:46:03:4e:1d:84:60:2e:bd:ba:84:e2:0e:74:02:5e:01:
35:6f:28:47:a9:a9:1c:22:21:06:5f:28:e1:bc:6a:89:f0:78:
ce:af:79:b4:d7:94:c5:ff:a7:3c:20:bd:c4:c1:8d:82:64:42:
d9:b8:8c:50:21:67:6f:59:55:8f:bd:e0:d5:a3:f5:5d:92:d7:
12:40:27:9f:e2:36:87:0c:c6:df:e6:fe:b3:e5:ee:e3:93:c0:
9c:58:d2:84:0f:af:4f:23:33:36:05:f8:3f:17:42:cc:c8:3b:
94:ce:a6:6a:34:2e:1b:13:44:1a:27:00:d5:57:f3:6d:8d:34:
3d:79:3b:1f:14:80:29:3c:65:c3:07:59:80:72:22:b6:cb:a4:
c0:27:38:c6:d1:ef:aa:35:ab:11:c2:13:34:e4:93:9c:89:6c:
ce:e3:49:89
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAY+AvufLBixyQIvYl/klCMM5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjQwNTE2MDkzMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2MzNTYyMTlhNDVhOGJhZGVlZWU0NjJmMDRhNDc3MTFmZjIzMjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7coIyq+AL+dl+faxUFqAJ8C9Gt8
R/tw35q4oHEqhiM29lLCu5bWzuVOph6xvoYmLpdpdgkfAKh5R27V/jipSPrZ4boI
SVCAhRkTZzCV9HmxIpq9lDiYGF7az4bJ63J5wAy/y36kcrOA5ApzELwt2x/slTiZ
mif9ioMzVHEHButq3ZzdQAqEQdpr3lbocFnmv5ViDG0gaeQaHXlj68tpujTSDrmG
Z2MzmoEIAQ96+L4FjmyaSZUKR55yJe88iPq850MQM/DI1vH8YO6UGlsPWxZXUOZ9
CXWz3H8mgQZmzeaG08Fn6jreFXpHGOkKbd07UviBvZxE1yvNr5FCUQ/GkQIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFNfDViGaRai63u7kYvBKR3Ef8jI3MB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvMThOV0lacEZxTHJlN3VSaThFcEhjUl95TWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBxgQCAAEwgb8DBAY+
GUADAwA+0AMEBT7dAAMEBVr5oAMDAI0BAwQCucwEAwQFwaSgMAsDAwHCBgMEBcIG
QAMEBsJwQAMEBcKYQAMEBcKwgAMEBcKxoAMDAMLNAwMAwt0DBAXDAgADBAbDCgAD
AwDDGwMDAMMsAwMAwzsDBAXDUEADAwDDWQMDAMNcAwQFw5CAAwQF1D4AAwMA1IkD
BAfUngADBAXUpQADAwDVDAMDANUmAwQF1bnAAwQG1diAAwMB2YYDAwDZoTAMBAIA
AjAGAwQDIAFQMA0GCSqGSIb3DQEBCwUAA4IBAQAP5pqifPHbrYntRILUbP5huLF8
V+1+9pZ94641BSQ5lVsJcVdDDn80D9g5vFtmPftsBXFWKRtsVWgzKCZVdKeTKuvn
cAWStcqGQof1E5+u8z+kbgqbZv9Re9K7DEYDTh2EYC69uoTiDnQCXgE1byhHqakc
IiEGXyjhvGqJ8HjOr3m015TF/6c8IL3EwY2CZELZuIxQIWdvWVWPveDVo/VdktcS
QCef4jaHDMbf5v6z5e7jk8CcWNKED69PIzM2Bfg/F0LMyDuUzqZqNC4bE0QaJwDV
V/NtjTQ9eTsfFIApPGXDB1mAciK2y6TAJzjG0e+qNasRwhM05JOciWzO40mJ
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:24:01 2024 by rpki-client on console-fra.rpki-client.org