Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/Rn9pZ4xv41anbx0Kxx4lfybWAF0.roa
File: Rn9pZ4xv41anbx0Kxx4lfybWAF0.roa (raw, json)
Hash identifier: bef951PVhMH1mux7U8lqg7AvMKCii3QS7Jomu7kfJ94=
Subject key identifier: 46:7F:69:67:8C:6F:E3:56:A7:6F:1D:0A:C7:1E:25:7F:26:D6:00:5D
Certificate issuer: /CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Certificate serial: 018CC348D94F2014C07E8746EF35FACB4C43
Authority key identifier: EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/Rn9pZ4xv41anbx0Kxx4lfybWAF0.roa
Signing time: Mon 01 Jan 2024 04:29:40 +0000
ROA not before: Mon 01 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15763
IP address blocks: 185.151.100.0/22 maxlen: 24
156.67.58.0/24 maxlen: 24
85.22.48.0/24 maxlen: 24
85.22.53.0/24 maxlen: 24
85.22.54.0/24 maxlen: 24
85.22.55.0/24 maxlen: 24
85.22.52.0/24 maxlen: 24
85.22.60.0/24 maxlen: 24
85.22.64.0/24 maxlen: 24
85.22.74.0/24 maxlen: 24
85.22.75.0/24 maxlen: 24
85.22.0.0/20 maxlen: 20
85.22.0.0/16 maxlen: 16
85.22.16.0/20 maxlen: 20
85.22.148.0/23 maxlen: 23
85.22.156.0/24 maxlen: 24
85.22.158.0/24 maxlen: 24
85.22.172.0/24 maxlen: 24
85.22.173.0/24 maxlen: 24
85.22.174.0/24 maxlen: 24
85.22.175.0/24 maxlen: 24
85.22.84.0/22 maxlen: 22
85.22.96.0/20 maxlen: 20
212.29.32.0/24 maxlen: 24
212.29.33.0/24 maxlen: 24
212.29.34.0/24 maxlen: 24
212.29.32.0/19 maxlen: 19
212.29.42.0/24 maxlen: 24
212.29.39.0/24 maxlen: 24
85.22.112.0/20 maxlen: 20
85.22.128.0/22 maxlen: 22
2a03:f580::/32 maxlen: 48
2a03:f580:2::/48 maxlen: 48
2a03:f580:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d9:4f:20:14:c0:7e:87:46:ef:35:fa:cb:4c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Validity
Not Before: Jan 1 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=467f69678c6fe356a76f1d0ac71e257f26d6005d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b7:a1:d0:ee:bf:93:b3:06:db:90:ee:79:dd:
e3:65:ad:46:65:d2:16:7f:d5:a4:53:3f:c9:d5:99:
d6:66:56:06:9c:4e:d4:4a:7e:c0:7e:5f:47:a2:4d:
2c:2d:84:2f:89:1e:b5:3f:1a:db:ac:61:f6:43:79:
aa:10:c3:9d:1d:f2:87:85:7c:68:f8:89:cf:f5:c5:
aa:6b:a4:1f:0d:81:d0:f2:93:d6:07:c3:c3:7e:c5:
b9:9e:e3:13:74:d3:cd:3c:8e:87:80:a3:c0:2f:d2:
d8:db:b4:6c:d0:0e:aa:be:e4:dc:e1:0a:1b:67:c9:
7e:e6:03:f8:36:a0:ef:d4:26:b0:ea:39:34:8a:cb:
d5:6f:0b:f8:a0:e7:9d:0e:e1:1a:0a:be:ca:a8:f1:
58:38:4b:77:96:f7:35:76:f4:cc:45:c0:ed:a3:a0:
74:3c:06:eb:75:78:dc:2d:c0:8b:8d:0f:ca:0c:8c:
41:9b:a4:00:cd:3a:9d:f2:6a:b0:a2:fa:60:08:b5:
ad:31:07:07:93:01:0d:1b:b9:c6:e3:1b:55:69:16:
de:47:ed:8a:9d:d8:cb:5a:cb:8e:21:fb:79:69:4a:
a5:a0:38:0a:f3:4e:bb:d0:f8:e0:7d:4a:ab:6e:b3:
a6:8e:e1:39:6a:80:b4:8a:97:49:a7:54:cf:ea:cf:
6d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:7F:69:67:8C:6F:E3:56:A7:6F:1D:0A:C7:1E:25:7F:26:D6:00:5D
X509v3 Authority Key Identifier:
keyid:EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/Rn9pZ4xv41anbx0Kxx4lfybWAF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.22.0.0/16
156.67.58.0/24
185.151.100.0/22
212.29.32.0/19
IPv6:
2a03:f580::/32
Signature Algorithm: sha256WithRSAEncryption
2a:2f:e0:99:b1:b9:1e:4e:aa:b8:a2:4e:5a:c6:5e:20:00:bb:
72:48:d0:54:df:ff:22:8e:14:80:94:34:77:35:bf:35:8c:fa:
d1:d5:9f:f0:c6:f7:f4:74:c7:9c:00:c2:c5:6e:28:35:57:e6:
06:3f:55:12:c3:99:67:9d:3e:13:72:3a:08:30:62:5e:bc:86:
41:ed:a5:73:8a:41:5e:8e:a6:67:ca:0c:1d:79:fd:c7:9f:aa:
d8:44:90:f6:23:49:1d:e5:12:0e:1e:be:f0:9d:cd:9f:25:50:
be:16:3a:ee:85:a3:86:3b:55:60:33:8e:3e:a5:15:34:67:be:
96:bb:3c:11:cd:ab:be:f1:5e:19:e0:f5:b3:7a:28:7d:3a:60:
89:dd:2a:34:31:27:89:a1:d4:54:d1:f0:95:18:10:71:41:3d:
42:20:d9:4b:df:d3:29:19:89:55:92:b4:bf:17:59:0b:25:fa:
e9:b9:26:0b:42:1c:7f:6b:0d:3a:08:74:66:9d:20:05:54:a5:
cf:40:02:13:68:ed:bb:93:8c:7d:6f:da:49:ed:2c:d8:8a:56:
98:58:a1:62:e8:88:b1:b0:cb:c0:c5:c0:7e:c5:63:00:9e:9b:
8c:70:f8:d2:0a:a9:93:c7:a5:c3:43:bf:ca:e2:b7:d1:8c:dc:
91:5a:c0:04
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzDSNlPIBTAfodG7zX6y0xDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWY5NWY4YzRjNTU0ODI2ZGU4ZjM4YWQ2YmJhOWZiNzQ4
MDI4MjQwHhcNMjQwMTAxMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjdmNjk2NzhjNmZlMzU2YTc2ZjFkMGFjNzFlMjU3ZjI2ZDYwMDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbeh0O6/k7MG25Dued3jZa1GZdIW
f9WkUz/J1ZnWZlYGnE7USn7Afl9Hok0sLYQviR61PxrbrGH2Q3mqEMOdHfKHhXxo
+InP9cWqa6QfDYHQ8pPWB8PDfsW5nuMTdNPNPI6HgKPAL9LY27Rs0A6qvuTc4Qob
Z8l+5gP4NqDv1Caw6jk0isvVbwv4oOedDuEaCr7KqPFYOEt3lvc1dvTMRcDto6B0
PAbrdXjcLcCLjQ/KDIxBm6QAzTqd8mqwovpgCLWtMQcHkwENG7nG4xtVaRbeR+2K
ndjLWsuOIft5aUqloDgK80670PjgfUqrbrOmjuE5aoC0ipdJp1TP6s9t3wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEZ/aWeMb+NWp28dCsceJX8m1gBdMB8GA1UdIwQY
MBaAFOvvlfjExVSCbejzita7qft0gCgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUt
OWEzNTBmZDFhNGFkLzEvUm45cFo0eHY0MWFuYngwS3h4NGxmeWJXQUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUtOWEzNTBmZDFhNGFk
LzEvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAVRYDBACc
QzoDBAK5l2QDBAXUHSAwDQQCAAIwBwMFACoD9YAwDQYJKoZIhvcNAQELBQADggEB
ACov4JmxuR5OqriiTlrGXiAAu3JI0FTf/yKOFICUNHc1vzWM+tHVn/DG9/R0x5wA
wsVuKDVX5gY/VRLDmWedPhNyOggwYl68hkHtpXOKQV6OpmfKDB15/cefqthEkPYj
SR3lEg4evvCdzZ8lUL4WOu6Fo4Y7VWAzjj6lFTRnvpa7PBHNq77xXhng9bN6KH06
YIndKjQxJ4mh1FTR8JUYEHFBPUIg2Uvf0ykZiVWStL8XWQsl+um5JgtCHH9rDToI
dGadIAVUpc9AAhNo7buTjH1v2kntLNiKVphYoWLoiLGwy8DFwH7FYwCem4xw+NIK
qZPHpcNDv8rit9GM3JFawAQ=
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:53:01 2024 by rpki-client on console-ams.rpki-client.org