Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/b_8bewjH8sZQua7pcvR8xe4Hu_w.roa
File: b_8bewjH8sZQua7pcvR8xe4Hu_w.roa (raw, json)
Hash identifier: kBQS1JWXwyTLKND8+sNF+6l99Qs5WkRFFJvCPv1+xYg=
Subject key identifier: 6F:FF:1B:7B:08:C7:F2:C6:50:B9:AE:E9:72:F4:7C:C5:EE:07:BB:FC
Certificate issuer: /CN=d04265fb11c2a220bc350718673e0704d1edadde
Certificate serial: 018FBAADC9F901010073ED9F9CB6D85AFCEA
Authority key identifier: D0:42:65:FB:11:C2:A2:20:BC:35:07:18:67:3E:07:04:D1:ED:AD:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EJl-xHCoiC8NQcYZz4HBNHtrd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/b_8bewjH8sZQua7pcvR8xe4Hu_w.roa
Signing time: Mon 27 May 2024 15:31:42 +0000
ROA not before: Mon 27 May 2024 15:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48678
IP address blocks: 45.11.96.0/24 maxlen: 24
45.11.97.0/24 maxlen: 24
45.11.98.0/24 maxlen: 24
45.11.99.0/24 maxlen: 24
62.106.94.0/24 maxlen: 24
79.110.234.0/24 maxlen: 24
134.255.199.0/24 maxlen: 24
149.3.171.0/24 maxlen: 24
188.93.141.0/24 maxlen: 24
2a0c:6d40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/0EJl-xHCoiC8NQcYZz4HBNHtrd4.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/0EJl-xHCoiC8NQcYZz4HBNHtrd4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0EJl-xHCoiC8NQcYZz4HBNHtrd4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ba:ad:c9:f9:01:01:00:73:ed:9f:9c:b6:d8:5a:fc:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04265fb11c2a220bc350718673e0704d1edadde
Validity
Not Before: May 27 15:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fff1b7b08c7f2c650b9aee972f47cc5ee07bbfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:c9:fe:fb:9a:95:b5:7a:c7:4a:48:94:b2:
62:33:b7:dd:83:94:57:61:bf:0c:d4:80:1b:31:e8:
21:f0:62:05:fc:54:c1:f5:21:7b:2d:c8:75:e5:1a:
37:ee:47:66:47:bb:d4:c2:29:c9:6c:fa:1e:8f:a7:
b1:f1:b9:36:37:45:bb:f7:72:ea:d5:b6:50:c7:f8:
e1:c9:9e:70:b0:4a:ac:19:ad:4b:9c:61:8b:52:fd:
08:6f:10:3e:fb:2d:86:a5:e4:52:07:36:ef:c9:56:
a5:59:d5:d1:03:a2:61:bf:22:e7:38:35:a4:f6:bd:
78:0f:bd:ac:e0:5d:71:1a:9c:53:5a:42:2d:82:44:
3f:44:87:75:af:6b:55:99:4c:20:24:53:d9:c3:68:
d9:be:71:4f:f7:26:be:f3:42:92:6c:a3:ef:4c:95:
30:bf:94:9e:91:82:c3:52:22:50:cb:fd:41:40:0d:
6d:78:66:51:6e:71:eb:9e:e8:dd:6e:34:7a:5a:6a:
1c:57:c5:ad:aa:77:9a:c8:dc:46:78:7d:10:fa:12:
63:5b:ee:91:df:6a:c5:17:6f:b6:c2:3d:91:9e:7d:
54:96:54:37:8f:05:eb:42:a5:08:b5:a3:7b:0a:2c:
18:76:c9:12:24:7f:9f:c3:91:13:e3:9a:18:77:51:
0b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:FF:1B:7B:08:C7:F2:C6:50:B9:AE:E9:72:F4:7C:C5:EE:07:BB:FC
X509v3 Authority Key Identifier:
keyid:D0:42:65:FB:11:C2:A2:20:BC:35:07:18:67:3E:07:04:D1:ED:AD:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EJl-xHCoiC8NQcYZz4HBNHtrd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/b_8bewjH8sZQua7pcvR8xe4Hu_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/fa73f8-33e0-4032-84ec-a96ef6f6435c/1/0EJl-xHCoiC8NQcYZz4HBNHtrd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.96.0/22
62.106.94.0/24
79.110.234.0/24
134.255.199.0/24
149.3.171.0/24
188.93.141.0/24
IPv6:
2a0c:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
16:36:b7:c0:92:10:80:39:78:33:cd:05:a8:75:dd:f1:aa:f0:
f4:47:c1:fb:de:bd:eb:b3:d0:d0:ce:56:60:b3:0b:8f:e6:0d:
e4:74:68:86:8f:c5:81:37:9e:2c:02:8c:1f:f9:e2:22:b3:49:
0a:9c:46:be:e6:d4:27:ff:41:0b:1a:6b:82:20:a1:70:53:55:
e3:ca:ab:ca:96:3f:5e:86:8d:02:55:ae:7e:d0:88:25:63:c9:
42:24:92:f5:ef:3c:9a:a1:be:98:06:18:70:36:cf:39:a0:01:
a7:c1:9f:2d:35:d7:18:b5:5a:a4:e7:a0:ec:c9:1e:54:d3:5b:
9e:b8:db:f9:cd:20:2e:9d:8d:cf:4c:79:91:e9:b6:8c:ed:07:
a8:de:1f:b6:e9:f6:a4:13:56:7d:63:9b:a4:e6:b5:42:ca:2b:
f7:0a:f1:42:a0:62:b8:12:7b:06:ff:04:c5:f8:f0:d7:74:e6:
d2:ca:6e:59:05:e1:27:f7:1a:16:37:8a:42:f8:5c:7d:2c:6d:
f1:1d:b5:37:6c:18:83:6c:ef:23:f7:79:f6:fa:2f:7e:de:9d:
e2:90:24:f3:11:d9:4b:9a:93:37:0c:6b:9d:85:7a:ff:47:fc:
03:b6:9f:01:2e:fa:96:16:02:f8:0b:4f:88:a6:f4:c3:c5:14:
90:a1:67:36
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY+6rcn5AQEAc+2fnLbYWvzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDI2NWZiMTFjMmEyMjBiYzM1MDcxODY3M2UwNzA0ZDFl
ZGFkZGUwHhcNMjQwNTI3MTUzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmZmMWI3YjA4YzdmMmM2NTBiOWFlZTk3MmY0N2NjNWVlMDdiYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1LJ/vualbV6x0pIlLJiM7fdg5RX
Yb8M1IAbMegh8GIF/FTB9SF7Lch15Ro37kdmR7vUwinJbPoej6ex8bk2N0W793Lq
1bZQx/jhyZ5wsEqsGa1LnGGLUv0IbxA++y2GpeRSBzbvyValWdXRA6JhvyLnODWk
9r14D72s4F1xGpxTWkItgkQ/RId1r2tVmUwgJFPZw2jZvnFP9ya+80KSbKPvTJUw
v5SekYLDUiJQy/1BQA1teGZRbnHrnujdbjR6WmocV8WtqneayNxGeH0Q+hJjW+6R
32rFF2+2wj2Rnn1UllQ3jwXrQqUItaN7CiwYdskSJH+fw5ET45oYd1ELbwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFG//G3sIx/LGULmu6XL0fMXuB7v8MB8GA1UdIwQY
MBaAFNBCZfsRwqIgvDUHGGc+BwTR7a3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVKbC14SENvaUM4TlFjWVp6NEhCTkh0cmQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mYTczZjgtMzNlMC00MDMyLTg0ZWMt
YTk2ZWY2ZjY0MzVjLzEvYl84YmV3akg4c1pRdWE3cGN2Ujh4ZTRIdV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mYTczZjgtMzNlMC00MDMyLTg0ZWMtYTk2ZWY2ZjY0MzVj
LzEvMEVKbC14SENvaUM4TlFjWVp6NEhCTkh0cmQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLQtgAwQA
PmpeAwQAT27qAwQAhv/HAwQAlQOrAwQAvF2NMA0EAgACMAcDBQMqDG1AMA0GCSqG
SIb3DQEBCwUAA4IBAQAWNrfAkhCAOXgzzQWodd3xqvD0R8H73r3rs9DQzlZgswuP
5g3kdGiGj8WBN54sAowf+eIis0kKnEa+5tQn/0ELGmuCIKFwU1XjyqvKlj9eho0C
Va5+0IglY8lCJJL17zyaob6YBhhwNs85oAGnwZ8tNdcYtVqk56DsyR5U01ueuNv5
zSAunY3PTHmR6baM7Qeo3h+26fakE1Z9Y5uk5rVCyiv3CvFCoGK4EnsG/wTF+PDX
dObSym5ZBeEn9xoWN4pC+Fx9LG3xHbU3bBiDbO8j93n2+i9+3p3ikCTzEdlLmpM3
DGudhXr/R/wDtp8BLvqWFgL4C0+IpvTDxRSQoWc2
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:13:23 2024 by rpki-client on console-fra.rpki-client.org