Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/AN14bwW4EKx6ISjDFn7qyyP0Uu8.roa
File: AN14bwW4EKx6ISjDFn7qyyP0Uu8.roa (raw, json)
Hash identifier: q0f0gcyicZQh4z9qrat8Fnsx24KfAR94XCmUgaUHp/Y=
Subject key identifier: 00:DD:78:6F:05:B8:10:AC:7A:21:28:C3:16:7E:EA:CB:23:F4:52:EF
Certificate issuer: /CN=624c494f56193b4e9adf3db72e4f01978c587f18
Certificate serial: 018CCA99B7CA442332A7E806A3EF98CCA585
Authority key identifier: 62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/AN14bwW4EKx6ISjDFn7qyyP0Uu8.roa
Signing time: Tue 02 Jan 2024 14:35:20 +0000
ROA not before: Tue 02 Jan 2024 14:35:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204720
IP address blocks: 185.31.113.0/24 maxlen: 24
91.231.238.0/24 maxlen: 24
91.238.111.0/24 maxlen: 24
151.236.110.0/24 maxlen: 24
151.236.108.0/24 maxlen: 24
151.236.112.0/24 maxlen: 24
151.236.118.0/24 maxlen: 24
151.236.117.0/24 maxlen: 24
151.236.116.0/24 maxlen: 24
151.236.115.0/24 maxlen: 24
151.236.114.0/24 maxlen: 24
151.236.124.0/24 maxlen: 24
151.236.121.0/24 maxlen: 24
151.236.120.0/24 maxlen: 24
151.236.119.0/24 maxlen: 24
151.236.127.0/24 maxlen: 24
151.236.126.0/24 maxlen: 24
151.236.71.0/24 maxlen: 24
151.236.69.0/24 maxlen: 24
151.236.68.0/24 maxlen: 24
151.236.66.0/24 maxlen: 24
151.236.82.0/24 maxlen: 24
151.236.79.0/24 maxlen: 24
151.236.98.0/24 maxlen: 24
151.236.97.0/24 maxlen: 24
151.236.92.0/24 maxlen: 24
151.236.105.0/24 maxlen: 24
151.236.104.0/24 maxlen: 24
151.236.103.0/24 maxlen: 24
151.236.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:b7:ca:44:23:32:a7:e8:06:a3:ef:98:cc:a5:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624c494f56193b4e9adf3db72e4f01978c587f18
Validity
Not Before: Jan 2 14:35:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00dd786f05b810ac7a2128c3167eeacb23f452ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:21:46:9f:16:35:3b:d5:11:f4:9f:f7:29:eb:
a4:07:d0:78:f7:85:38:17:30:e7:ef:1a:ee:85:be:
48:48:e4:58:9c:3f:f1:e0:85:96:e2:3b:25:df:fd:
47:d2:9d:ff:66:e4:db:0f:de:41:33:44:fe:17:2e:
53:9c:71:51:8f:f1:2f:c8:9c:74:ff:f9:f9:ba:03:
59:49:45:8c:d9:eb:36:05:7c:1a:aa:cf:6e:f4:d8:
23:83:49:36:55:51:ea:31:b3:08:02:83:86:85:2a:
15:1c:42:44:b6:4a:b2:2c:63:ac:ed:ba:b2:24:c2:
84:57:72:80:f7:de:38:26:d2:33:ef:0a:2d:54:47:
dd:22:82:1f:bd:68:c6:c9:d8:9d:f2:a1:0e:aa:c6:
d8:a0:7e:fc:83:ec:7f:96:60:7b:a7:0a:22:7b:1a:
41:5c:a6:15:17:7b:1e:47:39:1e:1a:e7:0e:e7:b3:
16:09:0f:2f:bd:66:70:bb:b4:ab:de:ba:91:ab:e1:
60:c3:89:c5:d7:ed:b7:19:29:da:94:50:ea:77:f3:
95:fc:88:42:1e:6d:00:34:b2:5d:4a:2a:e9:2c:ff:
f8:fd:1f:27:b1:60:ef:b3:f5:7a:67:a8:36:e8:4c:
57:63:81:fb:6a:c3:59:88:1b:00:7c:7a:02:20:ae:
76:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:DD:78:6F:05:B8:10:AC:7A:21:28:C3:16:7E:EA:CB:23:F4:52:EF
X509v3 Authority Key Identifier:
keyid:62:4C:49:4F:56:19:3B:4E:9A:DF:3D:B7:2E:4F:01:97:8C:58:7F:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkxJT1YZO06a3z23Lk8Bl4xYfxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/AN14bwW4EKx6ISjDFn7qyyP0Uu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/0988af-8d7f-4c29-b5cc-7aab6ef955a1/1/YkxJT1YZO06a3z23Lk8Bl4xYfxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.238.0/24
91.238.111.0/24
151.236.66.0/24
151.236.68.0/23
151.236.71.0/24
151.236.79.0/24
151.236.82.0/24
151.236.92.0/24
151.236.97.0-151.236.98.255
151.236.101.0/24
151.236.103.0-151.236.105.255
151.236.108.0/24
151.236.110.0/24
151.236.112.0/24
151.236.114.0-151.236.121.255
151.236.124.0/24
151.236.126.0/23
185.31.113.0/24
Signature Algorithm: sha256WithRSAEncryption
82:44:a7:84:99:2c:17:08:fc:e1:05:08:9a:01:73:07:1a:87:
c3:36:63:01:df:11:ad:f5:fb:42:dd:23:da:ed:92:47:d8:2e:
29:bc:37:aa:bc:3e:ce:11:ae:95:ce:37:ef:e3:02:cc:7e:b9:
bb:05:8b:35:3e:0d:59:54:be:d0:df:05:54:df:7f:41:dc:be:
73:23:5a:89:aa:a1:cf:10:de:4c:77:28:2e:95:0f:bb:a5:77:
4b:bc:81:37:d6:d7:b3:cb:2c:73:83:96:ad:03:9b:8d:66:37:
e1:92:53:ea:19:77:98:9d:a6:90:cf:0c:56:2e:70:f8:b7:17:
50:46:29:5d:77:2d:a5:e9:f1:df:a2:64:d8:82:a5:08:f4:3d:
ac:01:af:f0:60:02:e2:99:d2:07:0f:15:3b:bf:6c:ac:9f:14:
e6:23:e2:4a:89:26:8f:50:6c:69:18:2a:89:92:dd:cf:6c:76:
60:4e:49:f0:1a:36:5a:43:6f:75:e4:fd:19:e4:4c:5c:7f:47:
91:e4:80:35:b0:58:e1:27:e4:1d:ed:c5:88:f3:5c:71:73:1d:
eb:9e:aa:b7:7f:be:37:45:c2:54:cb:4c:be:d6:b9:1a:83:f1:
8d:0d:d1:a4:70:9d:fb:1a:de:1f:2f:e3:ef:e8:32:25:f6:3d:
af:56:cd:a3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYzKmbfKRCMyp+gGo++YzKWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGM0OTRmNTYxOTNiNGU5YWRmM2RiNzJlNGYwMTk3OGM1
ODdmMTgwHhcNMjQwMTAyMTQzNTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGRkNzg2ZjA1YjgxMGFjN2EyMTI4YzMxNjdlZWFjYjIzZjQ1MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiFGnxY1O9UR9J/3KeukB9B494U4
FzDn7xruhb5ISORYnD/x4IWW4jsl3/1H0p3/ZuTbD95BM0T+Fy5TnHFRj/EvyJx0
//n5ugNZSUWM2es2BXwaqs9u9Ngjg0k2VVHqMbMIAoOGhSoVHEJEtkqyLGOs7bqy
JMKEV3KA9944JtIz7wotVEfdIoIfvWjGydid8qEOqsbYoH78g+x/lmB7pwoiexpB
XKYVF3seRzkeGucO57MWCQ8vvWZwu7Sr3rqRq+Fgw4nF1+23GSnalFDqd/OV/IhC
Hm0ANLJdSirpLP/4/R8nsWDvs/V6Z6g26ExXY4H7asNZiBsAfHoCIK528QIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFADdeG8FuBCseiEowxZ+6ssj9FLvMB8GA1UdIwQY
MBaAFGJMSU9WGTtOmt89ty5PAZeMWH8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2Mt
N2FhYjZlZjk1NWExLzEvQU4xNGJ3VzRFS3g2SVNqREZuN3F5eVAwVXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8wOTg4YWYtOGQ3Zi00YzI5LWI1Y2MtN2FhYjZlZjk1NWEx
LzEvWWt4SlQxWVpPMDZhM3oyM0xrOEJsNHhZZnhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBABb
5+4DBABb7m8DBACX7EIDBAGX7EQDBACX7EcDBACX7E8DBACX7FIDBACX7FwwDAME
AJfsYQMEAJfsYgMEAJfsZTAMAwQAl+xnAwQBl+xoAwQAl+xsAwQAl+xuAwQAl+xw
MAwDBAGX7HIDBAGX7HgDBACX7HwDBAGX7H4DBAC5H3EwDQYJKoZIhvcNAQELBQAD
ggEBAIJEp4SZLBcI/OEFCJoBcwcah8M2YwHfEa31+0LdI9rtkkfYLim8N6q8Ps4R
rpXON+/jAsx+ubsFizU+DVlUvtDfBVTff0HcvnMjWomqoc8Q3kx3KC6VD7uld0u8
gTfW17PLLHODlq0Dm41mN+GSU+oZd5idppDPDFYucPi3F1BGKV13LaXp8d+iZNiC
pQj0PawBr/BgAuKZ0gcPFTu/bKyfFOYj4kqJJo9QbGkYKomS3c9sdmBOSfAaNlpD
b3Xk/RnkTFx/R5HkgDWwWOEn5B3txYjzXHFzHeueqrd/vjdFwlTLTL7WuRqD8Y0N
0aRwnfsa3h8v4+/oMiX2Pa9WzaM=
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:27:03 2024 by rpki-client on console-fra.rpki-client.org