Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/uhPs9NEjSkjkXZoHb-HaROAUp-k.roa
File: uhPs9NEjSkjkXZoHb-HaROAUp-k.roa (raw, json)
Hash identifier: TILq5aCCFJsvoUpVY5d5aNjGmJP66bBGJo8rmnvNZ2s=
Subject key identifier: BA:13:EC:F4:D1:23:4A:48:E4:5D:9A:07:6F:E1:DA:44:E0:14:A7:E9
Certificate issuer: /CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Certificate serial: 018F14790DCE6AA0EDC1EFADA5A4EEAD5452
Authority key identifier: 94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/uhPs9NEjSkjkXZoHb-HaROAUp-k.roa
Signing time: Thu 25 Apr 2024 08:57:08 +0000
ROA not before: Thu 25 Apr 2024 08:57:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62005
IP address blocks: 45.86.228.0/24 maxlen: 24
45.86.229.0/24 maxlen: 24
45.86.231.0/24 maxlen: 24
45.129.199.0/24 maxlen: 24
62.106.66.0/24 maxlen: 24
77.72.85.0/24 maxlen: 24
91.235.234.0/24 maxlen: 24
91.242.241.0/24 maxlen: 24
146.19.143.0/24 maxlen: 24
146.19.254.0/24 maxlen: 24
176.124.32.0/24 maxlen: 24
176.124.33.0/24 maxlen: 24
185.39.18.0/24 maxlen: 24
185.123.53.0/24 maxlen: 24
193.109.120.0/24 maxlen: 24
193.200.16.0/24 maxlen: 24
193.200.17.0/24 maxlen: 24
194.61.120.0/24 maxlen: 24
194.61.121.0/24 maxlen: 24
195.54.160.0/24 maxlen: 24
212.46.38.0/24 maxlen: 24
213.109.192.0/24 maxlen: 24
2a10:1fc0:1::/48 maxlen: 48
2a10:1fc0:2::/48 maxlen: 48
2a10:1fc0:3::/48 maxlen: 48
2a10:1fc0:4::/48 maxlen: 48
2a10:1fc0:5::/48 maxlen: 48
2a10:1fc0:6::/48 maxlen: 48
2a10:1fc0:8::/48 maxlen: 48
2a10:1fc0:b::/48 maxlen: 48
2a10:1fc0:c::/48 maxlen: 48
2a10:1fc0:d::/48 maxlen: 48
2a10:1fc0:e::/48 maxlen: 48
2a10:1fc0:f::/48 maxlen: 48
2a10:1fc0:10::/48 maxlen: 48
2a10:1fc0:11::/48 maxlen: 48
2a10:1fc0:12::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:79:0d:ce:6a:a0:ed:c1:ef:ad:a5:a4:ee:ad:54:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=947320d030930178e6f7ceef91d2ab8784d3dc16
Validity
Not Before: Apr 25 08:57:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba13ecf4d1234a48e45d9a076fe1da44e014a7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:74:59:58:51:a2:1a:e9:33:75:5f:40:8d:8c:
5c:eb:b6:f7:fe:e0:19:7b:17:51:12:f4:b4:9e:d5:
97:d0:fb:fa:d5:7a:7b:1e:4f:7e:c1:1d:f2:23:fe:
2e:a1:39:eb:93:a1:d9:4f:8e:2b:f6:28:91:1a:59:
17:d4:29:ff:10:e7:61:2b:d0:43:82:94:af:32:95:
dc:71:0e:1c:56:b4:48:5c:aa:fb:ab:6a:07:e3:f8:
e4:59:37:b7:a8:2c:0f:4a:a9:3a:f4:a8:d7:62:22:
8e:81:09:50:62:51:2e:9f:0e:9f:44:a4:71:62:f8:
4e:ba:02:cd:f6:3a:51:61:2e:27:de:12:32:1d:f0:
ed:b4:b5:f2:c0:ea:fd:61:69:eb:de:6a:e8:b0:79:
c5:c1:0f:02:82:e4:34:61:84:a9:c5:26:d3:ec:2d:
ab:08:0f:87:5a:52:c0:82:26:1a:0d:d7:49:76:44:
1a:a3:37:aa:5e:70:7a:06:36:1d:5c:b6:6a:88:9e:
75:b6:5a:be:43:42:d6:01:84:bc:99:d9:3c:99:a5:
12:43:9d:2c:09:56:a7:3e:16:4f:0f:86:5f:bf:b3:
4d:b0:7c:d9:e2:50:8c:8d:da:05:0b:5e:95:06:a4:
b6:c6:df:08:2f:7a:03:f1:7f:20:5f:9f:9d:c9:22:
dd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:13:EC:F4:D1:23:4A:48:E4:5D:9A:07:6F:E1:DA:44:E0:14:A7:E9
X509v3 Authority Key Identifier:
keyid:94:73:20:D0:30:93:01:78:E6:F7:CE:EF:91:D2:AB:87:84:D3:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lHMg0DCTAXjm987vkdKrh4TT3BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/uhPs9NEjSkjkXZoHb-HaROAUp-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/82e876-c997-4605-87aa-8ac4a21938b4/1/lHMg0DCTAXjm987vkdKrh4TT3BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.228.0/23
45.86.231.0/24
45.129.199.0/24
62.106.66.0/24
77.72.85.0/24
91.235.234.0/24
91.242.241.0/24
146.19.143.0/24
146.19.254.0/24
176.124.32.0/23
185.39.18.0/24
185.123.53.0/24
193.109.120.0/24
193.200.16.0/23
194.61.120.0/23
195.54.160.0/24
212.46.38.0/24
213.109.192.0/24
IPv6:
2a10:1fc0:1::-2a10:1fc0:6:ffff:ffff:ffff:ffff:ffff
2a10:1fc0:8::/48
2a10:1fc0:b::-2a10:1fc0:12:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ad:24:4e:5e:c7:68:92:21:b9:72:46:3d:92:e1:c5:11:d7:a3:
62:ec:a3:1b:7e:07:6e:55:91:3e:75:2b:34:f2:c2:1e:7c:bd:
36:52:77:16:07:f7:e0:54:31:1a:63:2a:98:8c:0f:f3:c8:1e:
9a:1e:06:e0:0b:e4:02:ba:ee:38:c2:31:c2:5c:58:dc:c2:d2:
b0:29:9a:be:d1:49:1e:27:69:21:7c:a5:9e:51:ab:bf:0c:6f:
4f:35:44:43:1e:e7:6a:ed:2b:45:93:06:34:cc:89:d5:fe:f0:
d0:4f:12:48:94:a0:42:63:9b:2a:a8:4e:59:70:5a:f6:3f:30:
b6:91:4e:cf:11:fd:be:d3:ca:7d:72:18:47:4d:5d:00:a2:b6:
29:82:2c:a5:56:b7:4f:9d:1b:90:19:55:59:d6:23:33:b0:04:
32:7c:ba:d9:2b:40:91:8f:fe:ec:16:f3:06:f1:11:48:02:20:
36:5a:03:86:3d:0e:2b:99:ed:ca:3e:34:86:8e:90:98:4b:f4:
4b:6a:c9:a8:57:bf:8a:bf:e8:fe:7a:98:f1:3e:20:71:00:f8:
11:33:a9:50:5f:fc:f6:f4:94:34:4d:f8:f1:e8:2d:76:21:92:
08:07:a4:b3:ad:c7:d3:63:f7:4d:f0:fd:c0:49:63:27:be:0c:
43:3c:7c:d4
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAY8UeQ3OaqDtwe+tpaTurVRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NzMyMGQwMzA5MzAxNzhlNmY3Y2VlZjkxZDJhYjg3ODRk
M2RjMTYwHhcNMjQwNDI1MDg1NzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTEzZWNmNGQxMjM0YTQ4ZTQ1ZDlhMDc2ZmUxZGE0NGUwMTRhN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinRZWFGiGukzdV9AjYxc67b3/uAZ
exdREvS0ntWX0Pv61Xp7Hk9+wR3yI/4uoTnrk6HZT44r9iiRGlkX1Cn/EOdhK9BD
gpSvMpXccQ4cVrRIXKr7q2oH4/jkWTe3qCwPSqk69KjXYiKOgQlQYlEunw6fRKRx
YvhOugLN9jpRYS4n3hIyHfDttLXywOr9YWnr3mrosHnFwQ8CguQ0YYSpxSbT7C2r
CA+HWlLAgiYaDddJdkQaozeqXnB6BjYdXLZqiJ51tlq+Q0LWAYS8mdk8maUSQ50s
CVanPhZPD4Zfv7NNsHzZ4lCMjdoFC16VBqS2xt8IL3oD8X8gX5+dySLdNwIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFLoT7PTRI0pI5F2aB2/h2kTgFKfpMB8GA1UdIwQY
MBaAFJRzINAwkwF45vfO75HSq4eE09wWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEt
OGFjNGEyMTkzOGI0LzEvdWhQczlORWpTa2prWFpvSGItSGFST0FVcC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84MmU4NzYtYzk5Ny00NjA1LTg3YWEtOGFjNGEyMTkzOGI0
LzEvbEhNZzBEQ1RBWGptOTg3dmtkS3JoNFRUM0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTByBAIAATBsAwQBLVbk
AwQALVbnAwQALYHHAwQAPmpCAwQATUhVAwQAW+vqAwQAW/LxAwQAkhOPAwQAkhP+
AwQBsHwgAwQAuScSAwQAuXs1AwQAwW14AwQBwcgQAwQBwj14AwQAwzagAwQA1C4m
AwQA1W3AMDcEAgACMDEwEgMHACoQH8AAAQMHACoQH8AABgMHACoQH8AACDASAwcA
KhAfwAALAwcAKhAfwAASMA0GCSqGSIb3DQEBCwUAA4IBAQCtJE5ex2iSIblyRj2S
4cUR16Ni7KMbfgduVZE+dSs08sIefL02UncWB/fgVDEaYyqYjA/zyB6aHgbgC+QC
uu44wjHCXFjcwtKwKZq+0UkeJ2khfKWeUau/DG9PNURDHudq7StFkwY0zInV/vDQ
TxJIlKBCY5sqqE5ZcFr2PzC2kU7PEf2+08p9chhHTV0AorYpgiylVrdPnRuQGVVZ
1iMzsAQyfLrZK0CRj/7sFvMG8RFIAiA2WgOGPQ4rme3KPjSGjpCYS/RLasmoV7+K
v+j+epjxPiBxAPgRM6lQX/z29JQ0Tfjx6C12IZIIB6SzrcfTY/dN8P3ASWMnvgxD
PHzU
-----END CERTIFICATE-----
Generated at Wed May 22 19:14:17 2024 by rpki-client on console-fra.rpki-client.org