Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/RoQN95RG5fj13aXQGiHNHfQpwHk.roa
File: RoQN95RG5fj13aXQGiHNHfQpwHk.roa (raw, json)
Hash identifier: AD+Lz26XL/WcbC9G/pIGd5u8k9wuwWeodMj5htn4P3s=
Subject key identifier: 46:84:0D:F7:94:46:E5:F8:F5:DD:A5:D0:1A:21:CD:1D:F4:29:C0:79
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 018FF2BB8B1EEA67860105239431F425F51A
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/RoQN95RG5fj13aXQGiHNHfQpwHk.roa
Signing time: Fri 07 Jun 2024 12:45:28 +0000
ROA not before: Fri 07 Jun 2024 12:45:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204957
IP address blocks: 5.34.176.0/23 maxlen: 23
5.34.178.0/23 maxlen: 23
45.90.56.0/22 maxlen: 22
62.233.57.0/24 maxlen: 24
82.117.252.0/23 maxlen: 23
82.117.254.0/24 maxlen: 24
82.117.255.0/24 maxlen: 24
82.118.20.0/22 maxlen: 22
85.90.196.0/24 maxlen: 24
195.123.232.0/22 maxlen: 22
195.123.236.0/22 maxlen: 22
195.123.240.0/22 maxlen: 22
195.123.244.0/22 maxlen: 22
195.211.96.0/23 maxlen: 23
195.211.98.0/23 maxlen: 23
217.12.206.0/23 maxlen: 23
2a05:9400::/32 maxlen: 32
2a05:9401::/32 maxlen: 32
2a05:9402::/32 maxlen: 32
2a05:9403::/32 maxlen: 32
2a05:9404::/32 maxlen: 32
2a05:9405::/32 maxlen: 32
2a05:9406::/32 maxlen: 32
2a12:6fc0::/32 maxlen: 32
2a12:6fc1::/32 maxlen: 32
2a12:6fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:bb:8b:1e:ea:67:86:01:05:23:94:31:f4:25:f5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jun 7 12:45:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46840df79446e5f8f5dda5d01a21cd1df429c079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a5:52:fd:4d:3b:a2:c1:a3:14:f1:b6:17:ef:
76:48:6c:08:0c:96:43:be:fe:c9:bc:5b:bf:bc:bc:
9e:22:27:94:63:8f:61:10:1c:21:49:ee:4f:2f:eb:
b9:c1:6d:c9:ea:00:7f:ba:95:ac:fb:cf:1b:97:91:
01:53:90:05:a5:99:bb:79:a3:37:4e:d9:9b:d5:ae:
c9:77:e7:f4:9f:8c:c0:fd:a3:e3:68:2d:54:f3:95:
cd:65:7e:ef:e5:42:1a:24:ad:0b:a5:60:9e:0f:8a:
cd:71:d8:90:cf:32:41:bd:65:e0:2b:76:73:01:1d:
b3:2d:36:ea:8a:96:ba:ef:db:94:0d:e2:dc:db:03:
2c:c7:a9:ef:85:cb:d7:cf:7c:a9:00:69:9e:a3:6b:
78:b6:f2:6c:52:fa:55:0d:68:21:df:3c:c7:31:5e:
70:bc:c4:05:dd:70:13:3e:36:75:d0:97:bb:40:bd:
85:d0:05:c1:f8:29:a0:7a:69:ef:49:0b:b9:ae:41:
64:07:fe:9a:50:3f:46:c4:1c:cb:b2:40:0d:99:8f:
9f:43:38:73:84:8c:8a:f1:f2:c8:1f:14:f9:f9:fd:
f2:3b:7e:bb:ec:ee:4d:b8:56:49:73:02:d8:da:21:
4a:1f:b2:88:f6:44:c0:df:4f:16:f2:b7:ef:c7:51:
08:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:84:0D:F7:94:46:E5:F8:F5:DD:A5:D0:1A:21:CD:1D:F4:29:C0:79
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/RoQN95RG5fj13aXQGiHNHfQpwHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.176.0/22
45.90.56.0/22
62.233.57.0/24
82.117.252.0/22
82.118.20.0/22
85.90.196.0/24
195.123.232.0-195.123.247.255
195.211.96.0/22
217.12.206.0/23
IPv6:
2a05:9400::-2a05:9406:ffff:ffff:ffff:ffff:ffff:ffff
2a12:6fc0::-2a12:6fc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
42:24:33:b4:f8:9f:70:96:10:01:e3:d8:b7:9c:40:99:9b:e5:
76:58:9c:a5:72:07:8d:58:37:73:e8:83:a8:d6:7f:a1:44:0e:
b5:45:2f:03:ff:97:be:3b:e0:3c:c6:80:a4:d1:e1:8c:23:e9:
38:54:51:5e:f2:d7:b3:1a:7a:66:44:af:92:80:ce:3a:aa:71:
dd:3d:02:d0:65:6b:3e:ae:8b:48:10:af:d3:bb:a6:10:eb:48:
c5:94:cd:f3:0b:8b:24:5e:e6:51:79:67:45:5f:c4:90:d6:48:
35:2f:6b:e3:4c:f1:ab:2c:75:16:f2:a0:c2:45:c9:09:35:af:
cf:90:38:b1:46:c9:17:8b:ef:9f:ab:7a:ce:2f:a2:07:94:b9:
3b:be:67:04:75:92:d1:a5:7b:6d:55:e1:94:26:61:39:0c:e1:
07:6c:2e:26:93:79:00:c5:28:dc:ea:6b:6c:d9:b0:15:09:24:
36:4f:60:90:22:56:09:3e:1b:13:2b:2f:d3:62:31:a8:53:72:
92:ad:bf:fc:67:d0:2c:30:42:f4:16:be:07:98:4c:e7:7c:e3:
1c:41:48:b1:3b:9e:8d:8b:84:c8:b0:19:90:d0:54:63:98:05:
44:ef:e5:97:a4:a8:ae:71:a0:ad:aa:62:e5:70:0d:69:28:81:
b8:c3:ec:ff
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAY/yu4se6meGAQUjlDH0JfUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjQwNjA3MTI0NTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njg0MGRmNzk0NDZlNWY4ZjVkZGE1ZDAxYTIxY2QxZGY0MjljMDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKVS/U07osGjFPG2F+92SGwIDJZD
vv7JvFu/vLyeIieUY49hEBwhSe5PL+u5wW3J6gB/upWs+88bl5EBU5AFpZm7eaM3
Ttmb1a7Jd+f0n4zA/aPjaC1U85XNZX7v5UIaJK0LpWCeD4rNcdiQzzJBvWXgK3Zz
AR2zLTbqipa679uUDeLc2wMsx6nvhcvXz3ypAGmeo2t4tvJsUvpVDWgh3zzHMV5w
vMQF3XATPjZ10Je7QL2F0AXB+CmgemnvSQu5rkFkB/6aUD9GxBzLskANmY+fQzhz
hIyK8fLIHxT5+f3yO3677O5NuFZJcwLY2iFKH7KI9kTA308W8rfvx1EI0wIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFEaEDfeURuX49d2l0BohzR30KcB5MB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvUm9RTjk1Ukc1ZmoxM2FYUUdpSE5IZlFwd0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBEBAIAATA+AwQCBSKwAwQC
LVo4AwQAPuk5AwQCUnX8AwQCUnYUAwQAVVrEMAwDBAPDe+gDBAPDe/ADBALD02AD
BAHZDM4wJQQCAAIwHzANAwQCKgWUAwUAKgWUBjAOAwUGKhJvwAMFACoSb8IwDQYJ
KoZIhvcNAQELBQADggEBAEIkM7T4n3CWEAHj2LecQJmb5XZYnKVyB41YN3Pog6jW
f6FEDrVFLwP/l7474DzGgKTR4Ywj6ThUUV7y17MaemZEr5KAzjqqcd09AtBlaz6u
i0gQr9O7phDrSMWUzfMLiyRe5lF5Z0VfxJDWSDUva+NM8assdRbyoMJFyQk1r8+Q
OLFGyReL75+res4vogeUuTu+ZwR1ktGle21V4ZQmYTkM4QdsLiaTeQDFKNzqa2zZ
sBUJJDZPYJAiVgk+GxMrL9NiMahTcpKtv/xn0CwwQvQWvgeYTOd84xxBSLE7no2L
hMiwGZDQVGOYBUTv5ZekqK5xoK2qYuVwDWkogbjD7P8=
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:28:59 2024 by rpki-client on console-ams.rpki-client.org