Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/daiToo6XZVExNezwGVnwoKri1Nc.roa
File: daiToo6XZVExNezwGVnwoKri1Nc.roa (raw, json)
Hash identifier: Rb5Qfsh8ghcsBMhIUKiZKfhsWi8jaLQhwtg9QyxoJGw=
Subject key identifier: 75:A8:93:A2:8E:97:65:51:31:35:EC:F0:19:59:F0:A0:AA:E2:D4:D7
Certificate issuer: /CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Certificate serial: 018CC94E5C70A49ACBDB82542AD6DE5A2DC4
Authority key identifier: B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/daiToo6XZVExNezwGVnwoKri1Nc.roa
Signing time: Tue 02 Jan 2024 08:33:24 +0000
ROA not before: Tue 02 Jan 2024 08:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15547
IP address blocks: 81.88.176.0/21 maxlen: 21
81.88.176.0/20 maxlen: 20
213.230.56.0/21 maxlen: 21
213.230.52.0/22 maxlen: 22
92.240.96.0/19 maxlen: 19
185.17.176.0/22 maxlen: 22
31.31.48.0/20 maxlen: 20
213.221.128.0/19 maxlen: 19
195.162.160.0/22 maxlen: 22
195.162.164.0/23 maxlen: 23
185.44.196.0/22 maxlen: 22
195.162.167.0/24 maxlen: 24
195.162.168.0/21 maxlen: 21
195.162.176.0/20 maxlen: 20
178.237.80.0/20 maxlen: 20
95.215.60.0/22 maxlen: 22
185.55.216.0/22 maxlen: 22
194.12.16.0/20 maxlen: 20
86.111.128.0/20 maxlen: 20
185.50.220.0/22 maxlen: 22
92.62.176.0/20 maxlen: 20
192.162.24.0/22 maxlen: 22
81.13.128.0/17 maxlen: 17
78.155.0.0/19 maxlen: 19
77.242.160.0/20 maxlen: 20
178.157.84.0/22 maxlen: 22
188.239.160.0/20 maxlen: 20
213.238.0.0/19 maxlen: 19
185.17.108.0/22 maxlen: 22
217.79.192.0/20 maxlen: 20
2a03:4380::/32 maxlen: 32
2a02:26a0::/29 maxlen: 29
2001:14a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:5c:70:a4:9a:cb:db:82:54:2a:d6:de:5a:2d:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Validity
Not Before: Jan 2 08:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75a893a28e9765513135ecf01959f0a0aae2d4d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4e:36:97:b9:8f:f0:d0:cc:37:59:2c:a0:61:
73:5a:59:90:94:0a:5d:a2:96:3c:10:46:82:43:62:
df:5e:98:1c:6f:e9:bc:ec:5b:87:41:7f:fc:7c:2a:
29:1d:7c:c9:f9:d4:97:57:3e:e0:82:f2:88:79:cb:
24:27:2e:ed:90:82:be:0d:85:95:12:3a:ff:0b:12:
ac:cf:14:ae:5e:b9:1d:77:3b:1c:56:e2:51:8f:08:
db:ca:93:48:23:fd:31:a0:da:c1:c1:99:04:ea:53:
c7:51:f5:2b:39:5d:03:00:a2:28:49:48:c0:6e:fe:
72:8e:cd:c5:71:ae:ac:59:73:eb:b1:00:aa:30:82:
31:1b:d3:4d:e4:8d:12:ca:1a:7f:f9:8e:6d:9a:b9:
02:0d:cf:90:57:97:5c:43:24:00:87:f6:c3:9f:7a:
a8:b8:47:22:c2:a6:29:57:11:58:bc:d0:2d:f7:e2:
ca:24:ca:b6:51:c7:a2:5a:d6:d9:31:55:0d:b1:dc:
a9:ee:09:8b:02:28:ac:ec:fc:c4:d8:f4:46:b4:bb:
b5:17:5c:2b:6c:ad:c9:54:ed:e3:31:9f:ac:68:5d:
13:e1:d7:0a:60:f1:ab:0d:06:57:3f:c7:86:32:fb:
68:50:4d:82:33:d0:80:f1:9d:89:28:d6:be:2d:f0:
0d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A8:93:A2:8E:97:65:51:31:35:EC:F0:19:59:F0:A0:AA:E2:D4:D7
X509v3 Authority Key Identifier:
keyid:B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/daiToo6XZVExNezwGVnwoKri1Nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.48.0/20
77.242.160.0/20
78.155.0.0/19
81.13.128.0/17
81.88.176.0/20
86.111.128.0/20
92.62.176.0/20
92.240.96.0/19
95.215.60.0/22
178.157.84.0/22
178.237.80.0/20
185.17.108.0/22
185.17.176.0/22
185.44.196.0/22
185.50.220.0/22
185.55.216.0/22
188.239.160.0/20
192.162.24.0/22
194.12.16.0/20
195.162.160.0-195.162.165.255
195.162.167.0-195.162.191.255
213.221.128.0/19
213.230.52.0-213.230.63.255
213.238.0.0/19
217.79.192.0/20
IPv6:
2001:14a8::/32
2a02:26a0::/29
2a03:4380::/32
Signature Algorithm: sha256WithRSAEncryption
2d:df:3c:39:a5:e8:98:7b:8a:90:5e:c6:22:7e:09:cb:42:b5:
a5:42:c5:31:55:20:41:70:77:cf:3c:ba:27:94:6e:29:a6:e1:
22:d3:15:44:31:68:b4:f9:c5:37:cc:1a:5c:cb:7c:fd:60:d6:
d8:d5:71:b3:c9:27:94:82:94:9c:53:25:96:c9:32:8e:b4:54:
ac:72:ed:5e:51:95:79:c9:a2:79:e7:50:57:9f:01:17:3e:bd:
ce:fe:c6:11:b5:78:ff:b5:c8:13:de:99:fc:96:5d:f5:47:a4:
33:22:b9:b0:fe:2e:33:03:77:42:98:61:25:3e:b1:85:0b:13:
9e:af:71:0a:7f:33:64:37:b3:71:75:2b:53:ba:cc:c8:80:48:
07:81:3f:7f:08:e4:86:ba:37:54:96:d2:b2:46:c6:80:41:ee:
92:3d:a7:8b:64:a7:95:94:7c:cc:3c:5c:96:29:40:3e:a0:b6:
f3:db:e3:28:8f:0d:13:64:5f:a9:21:e9:1e:91:d9:c9:24:c7:
47:60:6e:b7:c1:82:3b:be:50:00:77:35:ea:ff:13:ea:a7:b4:
d9:46:11:9e:68:05:76:d1:ad:f6:88:ab:bf:f6:08:39:02:b7:
3d:ae:2e:65:8f:2f:ce:37:f6:10:1e:2c:82:1f:29:36:fd:2c:
09:b1:5a:55
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYzJTlxwpJrL24JUKtbeWi3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTY3ZmNiMGJkYzYwMDFkOGNmNzA3M2M2NDllYjk4MTlm
YzVlYjgwHhcNMjQwMTAyMDgzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWE4OTNhMjhlOTc2NTUxMzEzNWVjZjAxOTU5ZjBhMGFhZTJkNGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk42l7mP8NDMN1ksoGFzWlmQlApd
opY8EEaCQ2LfXpgcb+m87FuHQX/8fCopHXzJ+dSXVz7ggvKIecskJy7tkIK+DYWV
Ejr/CxKszxSuXrkddzscVuJRjwjbypNII/0xoNrBwZkE6lPHUfUrOV0DAKIoSUjA
bv5yjs3Fca6sWXPrsQCqMIIxG9NN5I0Syhp/+Y5tmrkCDc+QV5dcQyQAh/bDn3qo
uEciwqYpVxFYvNAt9+LKJMq2UceiWtbZMVUNsdyp7gmLAiis7PzE2PRGtLu1F1wr
bK3JVO3jMZ+saF0T4dcKYPGrDQZXP8eGMvtoUE2CM9CA8Z2JKNa+LfANqQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFHWok6KOl2VRMTXs8BlZ8KCq4tTXMB8GA1UdIwQY
MBaAFLnmf8sL3GAB2M9wc8ZJ65gZ/F64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEt
ZmE3MWFlMDVkYzNmLzEvZGFpVG9vNlhaVkV4TmV6d0dWbndvS3JpMU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEtZmE3MWFlMDVkYzNm
LzEvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBtQQCAAEwga4DBAQf
HzADBARN8qADBAVOmwADBAdRDYADBARRWLADBARWb4ADBARcPrADBAVc8GADBAJf
1zwDBAKynVQDBASy7VADBAK5EWwDBAK5EbADBAK5LMQDBAK5MtwDBAK5N9gDBAS8
76ADBALAohgDBATCDBAwDAMEBcOioAMEAcOipDAMAwQAw6KnAwQGw6KAAwQF1d2A
MAwDBALV5jQDBAbV5gADBAXV7gADBATZT8AwGwQCAAIwFQMFACABFKgDBQMqAiag
AwUAKgNDgDANBgkqhkiG9w0BAQsFAAOCAQEALd88OaXomHuKkF7GIn4Jy0K1pULF
MVUgQXB3zzy6J5RuKabhItMVRDFotPnFN8waXMt8/WDW2NVxs8knlIKUnFMllsky
jrRUrHLtXlGVecmieedQV58BFz69zv7GEbV4/7XIE96Z/JZd9UekMyK5sP4uMwN3
QphhJT6xhQsTnq9xCn8zZDezcXUrU7rMyIBIB4E/fwjkhro3VJbSskbGgEHukj2n
i2SnlZR8zDxclilAPqC289vjKI8NE2RfqSHpHpHZySTHR2But8GCO75QAHc16v8T
6qe02UYRnmgFdtGt9oirv/YIOQK3Pa4uZY8vzjf2EB4sgh8pNv0sCbFaVQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:40 2024 by rpki-client on console-fra.rpki-client.org