Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/rwhD_VupZitX-i2FOfYMkg9LzFY.roa
File: rwhD_VupZitX-i2FOfYMkg9LzFY.roa (raw, json)
Hash identifier: U32P25JCwKKmyUldnhGq4dL0MXJDa3QWnuGX/juSDaI=
Subject key identifier: AF:08:43:FD:5B:A9:66:2B:57:FA:2D:85:39:F6:0C:92:0F:4B:CC:56
Certificate issuer: /CN=eacb96413ac8f2c16b94795689174d7a72201ef5
Certificate serial: 018CC7261444F1460A7FFEFA2BF433E53490
Authority key identifier: EA:CB:96:41:3A:C8:F2:C1:6B:94:79:56:89:17:4D:7A:72:20:1E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6suWQTrI8sFrlHlWiRdNenIgHvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/rwhD_VupZitX-i2FOfYMkg9LzFY.roa
Signing time: Mon 01 Jan 2024 22:30:10 +0000
ROA not before: Mon 01 Jan 2024 22:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20634
IP address blocks: 80.248.192.0/20 maxlen: 20
80.66.224.0/20 maxlen: 20
80.66.226.0/23 maxlen: 23
80.66.224.0/23 maxlen: 23
80.66.228.0/23 maxlen: 23
80.66.232.0/23 maxlen: 23
80.66.230.0/23 maxlen: 23
80.66.236.0/23 maxlen: 23
80.66.234.0/23 maxlen: 23
217.173.224.0/20 maxlen: 20
217.173.226.0/23 maxlen: 23
217.173.224.0/23 maxlen: 23
80.66.238.0/23 maxlen: 23
89.248.144.0/20 maxlen: 20
185.112.48.0/22 maxlen: 22
217.173.230.0/23 maxlen: 23
217.173.228.0/23 maxlen: 23
217.173.232.0/23 maxlen: 23
217.173.236.0/23 maxlen: 23
217.173.234.0/23 maxlen: 23
217.173.238.0/23 maxlen: 23
80.72.48.0/20 maxlen: 20
2a00:ec0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/6suWQTrI8sFrlHlWiRdNenIgHvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/6suWQTrI8sFrlHlWiRdNenIgHvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/6suWQTrI8sFrlHlWiRdNenIgHvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:14:44:f1:46:0a:7f:fe:fa:2b:f4:33:e5:34:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eacb96413ac8f2c16b94795689174d7a72201ef5
Validity
Not Before: Jan 1 22:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af0843fd5ba9662b57fa2d8539f60c920f4bcc56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:27:f4:ea:ae:dd:46:cb:d3:8b:e4:e0:0c:22:
52:2f:d3:75:cc:c5:7e:6c:62:77:f8:62:ed:40:1a:
7d:2b:9b:04:05:21:a7:e8:e2:cd:af:9e:2a:e8:45:
ee:2e:3d:b8:44:75:63:b9:80:e2:90:a2:ee:a2:d1:
59:d2:4d:f7:f5:31:53:85:5a:31:fa:65:27:2c:9f:
ff:e8:47:53:4d:d2:0a:72:4c:c1:7b:1b:68:9f:77:
b6:6f:94:76:f7:0d:2e:a9:6a:db:a8:2a:58:b1:ca:
59:1a:bb:0c:1d:17:52:7b:1b:d1:f2:1f:f3:b9:b5:
d8:69:1b:f8:e0:8e:bf:22:f3:11:08:8a:ad:59:dd:
c5:5c:86:7e:fd:21:3b:aa:2d:25:c2:10:60:e5:67:
b0:9e:1d:ad:c7:57:09:50:3d:d0:66:88:6e:82:14:
68:a4:6d:ae:b4:70:86:79:a8:9d:8c:32:89:8b:5f:
fa:4b:39:4a:ac:12:27:61:62:15:e2:36:8a:a8:46:
26:82:2a:04:ac:26:15:84:6e:5d:d4:3f:57:ed:4c:
e5:c2:a3:a7:3f:08:1b:bb:3b:d1:85:0c:0f:9d:83:
d4:07:e4:72:4b:35:aa:e6:1d:32:0d:8a:81:be:09:
e0:46:04:60:b4:a8:00:39:f0:50:33:8e:0d:4c:14:
a6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:08:43:FD:5B:A9:66:2B:57:FA:2D:85:39:F6:0C:92:0F:4B:CC:56
X509v3 Authority Key Identifier:
keyid:EA:CB:96:41:3A:C8:F2:C1:6B:94:79:56:89:17:4D:7A:72:20:1E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6suWQTrI8sFrlHlWiRdNenIgHvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/rwhD_VupZitX-i2FOfYMkg9LzFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d41df7-941d-47ae-b15c-37fe6b65f68f/1/6suWQTrI8sFrlHlWiRdNenIgHvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.224.0/20
80.72.48.0/20
80.248.192.0/20
89.248.144.0/20
185.112.48.0/22
217.173.224.0/20
IPv6:
2a00:ec0::/32
Signature Algorithm: sha256WithRSAEncryption
c2:28:4c:6b:88:df:89:bf:30:70:00:06:fc:01:7c:1d:94:cc:
23:31:e3:6a:bf:b0:ee:8e:57:77:17:db:9a:7d:ee:3c:e8:7e:
b2:ac:08:14:89:2e:b3:fe:dc:dc:9a:6a:78:f2:2e:25:91:07:
6a:a0:52:0f:68:23:79:39:b8:78:1f:bc:69:b2:17:e4:97:15:
c6:f3:84:97:bd:fd:07:a8:6f:2c:3c:25:de:f5:26:ca:be:73:
9b:b5:1c:f1:7a:f6:32:cd:ee:7b:e9:7f:e1:d1:8a:0f:4c:ae:
60:3a:cf:b4:87:86:78:91:52:bc:82:7d:e1:14:da:be:26:92:
8b:a1:a8:be:2e:8d:cc:c4:2b:5e:db:7e:ec:6e:6a:6a:39:a7:
b4:84:97:c5:b5:01:f3:20:38:c1:0b:da:4e:82:a2:b4:92:3b:
72:48:a9:eb:1d:df:1b:06:2f:52:4e:44:ff:42:95:d4:7f:60:
4a:d1:26:16:6a:5e:c3:86:39:f9:52:c3:ba:3b:b8:a7:80:50:
96:99:34:de:1f:b0:c9:77:a4:a3:0c:10:61:49:a4:96:a9:ab:
bc:5f:1e:c2:93:75:13:54:2b:f4:1e:f8:4a:6d:42:f3:5c:f8:
98:4f:7c:67:7f:93:49:51:08:61:18:c9:7c:5c:83:e9:ac:1d:
ac:e6:38:8d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzHJhRE8UYKf/76K/Qz5TSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhY2I5NjQxM2FjOGYyYzE2Yjk0Nzk1Njg5MTc0ZDdhNzIy
MDFlZjUwHhcNMjQwMTAxMjIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA4NDNmZDViYTk2NjJiNTdmYTJkODUzOWY2MGM5MjBmNGJjYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArif06q7dRsvTi+TgDCJSL9N1zMV+
bGJ3+GLtQBp9K5sEBSGn6OLNr54q6EXuLj24RHVjuYDikKLuotFZ0k339TFThVox
+mUnLJ//6EdTTdIKckzBexton3e2b5R29w0uqWrbqCpYscpZGrsMHRdSexvR8h/z
ubXYaRv44I6/IvMRCIqtWd3FXIZ+/SE7qi0lwhBg5Wewnh2tx1cJUD3QZohughRo
pG2utHCGeaidjDKJi1/6SzlKrBInYWIV4jaKqEYmgioErCYVhG5d1D9X7UzlwqOn
PwgbuzvRhQwPnYPUB+RySzWq5h0yDYqBvgngRgRgtKgAOfBQM44NTBSmvQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFK8IQ/1bqWYrV/othTn2DJIPS8xWMB8GA1UdIwQY
MBaAFOrLlkE6yPLBa5R5VokXTXpyIB71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnN1V1FUckk4c0ZybEhsV2lSZE5lbklnSHZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9kNDFkZjctOTQxZC00N2FlLWIxNWMt
MzdmZTZiNjVmNjhmLzEvcndoRF9WdXBaaXRYLWkyRk9mWU1rZzlMekZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9kNDFkZjctOTQxZC00N2FlLWIxNWMtMzdmZTZiNjVmNjhm
LzEvNnN1V1FUckk4c0ZybEhsV2lSZE5lbklnSHZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUELgAwQE
UEgwAwQEUPjAAwQEWfiQAwQCuXAwAwQE2a3gMA0EAgACMAcDBQAqAA7AMA0GCSqG
SIb3DQEBCwUAA4IBAQDCKExriN+JvzBwAAb8AXwdlMwjMeNqv7Dujld3F9uafe48
6H6yrAgUiS6z/tzcmmp48i4lkQdqoFIPaCN5Obh4H7xpshfklxXG84SXvf0HqG8s
PCXe9SbKvnObtRzxevYyze576X/h0YoPTK5gOs+0h4Z4kVK8gn3hFNq+JpKLoai+
Lo3MxCte237sbmpqOae0hJfFtQHzIDjBC9pOgqK0kjtySKnrHd8bBi9STkT/QpXU
f2BK0SYWal7Dhjn5UsO6O7ingFCWmTTeH7DJd6SjDBBhSaSWqau8Xx7Ck3UTVCv0
HvhKbULzXPiYT3xnf5NJUQhhGMl8XIPprB2s5jiN
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:04:30 2024 by rpki-client on console-fra.rpki-client.org