Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/x12UOYeWWQ2Gjn5TlVkmC-uRTOQ.roa
File: x12UOYeWWQ2Gjn5TlVkmC-uRTOQ.roa (raw, json)
Hash identifier: ND8a3doZjh5txUSVLTI7UhWUrfseni+UdjCgM1FBodg=
Subject key identifier: C7:5D:94:39:87:96:59:0D:86:8E:7E:53:95:59:26:0B:EB:91:4C:E4
Certificate issuer: /CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Certificate serial: 018CC424AED907EFC0E2A170E64015684D0D
Authority key identifier: 27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/x12UOYeWWQ2Gjn5TlVkmC-uRTOQ.roa
Signing time: Mon 01 Jan 2024 08:29:47 +0000
ROA not before: Mon 01 Jan 2024 08:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35432
IP address blocks: 164.215.0.0/19 maxlen: 24
91.184.192.0/19 maxlen: 24
195.179.96.0/20 maxlen: 24
185.7.156.0/22 maxlen: 24
64.59.208.0/20 maxlen: 24
69.6.0.0/19 maxlen: 24
213.140.192.0/19 maxlen: 24
85.132.224.0/19 maxlen: 24
80.244.16.0/20 maxlen: 24
212.50.96.0/19 maxlen: 24
109.110.224.0/19 maxlen: 24
77.83.248.0/22 maxlen: 24
66.205.64.0/19 maxlen: 24
213.133.80.0/20 maxlen: 24
65.18.208.0/20 maxlen: 24
185.162.16.0/22 maxlen: 24
185.42.32.0/22 maxlen: 24
69.94.112.0/20 maxlen: 24
194.233.16.0/22 maxlen: 24
139.138.192.0/19 maxlen: 24
194.233.24.0/22 maxlen: 24
216.241.128.0/19 maxlen: 24
194.233.60.0/22 maxlen: 24
46.251.96.0/19 maxlen: 24
194.64.144.0/22 maxlen: 24
2a02:540::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:ae:d9:07:ef:c0:e2:a1:70:e6:40:15:68:4d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27029a36fc0cca2e0a8d045f022dfc831a517308
Validity
Not Before: Jan 1 08:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c75d94398796590d868e7e539559260beb914ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:0a:bd:40:b2:46:78:ff:a9:bc:93:f6:c7:34:
1e:58:37:fe:b9:97:81:97:d2:d9:73:b1:b6:e8:7c:
09:11:3e:96:34:07:49:53:f1:20:b2:7b:eb:a1:31:
e1:b9:8e:a4:db:e8:87:ad:a1:4f:cd:e1:11:32:65:
19:76:25:b4:2d:51:aa:c1:51:2b:1b:c4:31:c6:6f:
fe:f7:a9:99:4a:90:b8:8a:13:8b:3e:b6:b4:93:26:
22:ef:39:a8:6a:f8:fc:3e:58:e3:17:a5:0b:4f:d4:
91:4e:e7:d2:ae:dd:bc:fa:78:ff:86:79:6c:bf:e9:
27:b9:d1:a8:c7:5c:80:7c:4a:85:df:71:a5:a3:ca:
06:a5:bb:d7:5f:82:96:8d:61:37:ed:b6:76:ae:19:
26:55:23:ce:f3:e7:bf:d0:ea:ee:d3:07:54:6b:a4:
e6:f7:58:af:0f:34:1c:bc:73:c8:57:7b:48:a5:91:
21:44:82:35:fd:4e:d4:b6:8d:43:d2:31:02:26:45:
8d:d8:44:0f:17:b9:d4:64:ce:de:42:12:79:a1:03:
f6:e1:8c:17:8c:4a:97:18:0d:8c:46:07:f1:78:10:
69:bb:f4:16:3b:ed:40:22:ac:8d:5f:d6:55:01:31:
2c:1d:1d:69:98:7c:c2:9c:a7:72:f8:15:42:33:70:
19:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5D:94:39:87:96:59:0D:86:8E:7E:53:95:59:26:0B:EB:91:4C:E4
X509v3 Authority Key Identifier:
keyid:27:02:9A:36:FC:0C:CA:2E:0A:8D:04:5F:02:2D:FC:83:1A:51:73:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JwKaNvwMyi4KjQRfAi38gxpRcwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/x12UOYeWWQ2Gjn5TlVkmC-uRTOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/53bb23-dfa8-4792-b317-50d0a5323641/1/JwKaNvwMyi4KjQRfAi38gxpRcwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.96.0/19
64.59.208.0/20
65.18.208.0/20
66.205.64.0/19
69.6.0.0/19
69.94.112.0/20
77.83.248.0/22
80.244.16.0/20
85.132.224.0/19
91.184.192.0/19
109.110.224.0/19
139.138.192.0/19
164.215.0.0/19
185.7.156.0/22
185.42.32.0/22
185.162.16.0/22
194.64.144.0/22
194.233.16.0/22
194.233.24.0/22
194.233.60.0/22
195.179.96.0/20
212.50.96.0/19
213.133.80.0/20
213.140.192.0/19
216.241.128.0/19
IPv6:
2a02:540::/32
Signature Algorithm: sha256WithRSAEncryption
42:4a:22:e5:60:fd:62:a7:a6:0b:44:9f:a8:a8:a7:cd:2a:c8:
75:ab:d9:3c:ce:84:16:43:7f:68:e5:1f:d9:8d:4d:c3:bc:0e:
22:89:83:0c:b9:f7:7c:94:45:e0:cf:95:30:b5:bf:b1:e4:2a:
b0:4a:05:40:5e:e8:a5:c3:c3:9d:08:fb:8b:4e:95:f6:90:9f:
22:cd:e0:64:c1:e6:41:90:39:ec:42:69:6c:c6:56:a3:41:9a:
84:57:7d:6c:3f:aa:d4:43:04:2c:11:98:5d:16:d9:5c:13:18:
af:57:c5:b4:2e:bf:42:37:76:d5:b2:9b:b0:6c:09:8e:2d:03:
8d:d6:fa:b1:68:a8:9b:44:25:61:d0:36:4e:d7:14:1e:f2:07:
fa:ae:3d:66:22:9e:e2:c3:3b:28:1e:fa:3a:72:f4:84:74:89:
97:32:23:92:65:23:69:71:f2:36:ba:2e:9a:ba:6b:d4:70:a7:
af:45:14:fd:de:ec:f4:36:7c:35:76:27:38:90:ec:e8:0b:88:
35:53:d6:d4:38:18:d2:ab:0d:36:73:13:0f:bd:35:dd:06:e3:
0e:eb:89:dd:6e:cb:cf:5a:b1:cb:ac:e8:1e:55:73:aa:a8:d5:
bf:2b:3c:e5:c3:99:16:f8:ed:ab:af:e6:8f:cd:6e:0c:6e:aa:
cd:c8:99:c0
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYzEJK7ZB+/A4qFw5kAVaE0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MDI5YTM2ZmMwY2NhMmUwYThkMDQ1ZjAyMmRmYzgzMWE1
MTczMDgwHhcNMjQwMTAxMDgyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzVkOTQzOTg3OTY1OTBkODY4ZTdlNTM5NTU5MjYwYmViOTE0Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAq9QLJGeP+pvJP2xzQeWDf+uZeB
l9LZc7G26HwJET6WNAdJU/EgsnvroTHhuY6k2+iHraFPzeERMmUZdiW0LVGqwVEr
G8Qxxm/+96mZSpC4ihOLPra0kyYi7zmoavj8PljjF6ULT9SRTufSrt28+nj/hnls
v+knudGox1yAfEqF33Glo8oGpbvXX4KWjWE37bZ2rhkmVSPO8+e/0Oru0wdUa6Tm
91ivDzQcvHPIV3tIpZEhRII1/U7Uto1D0jECJkWN2EQPF7nUZM7eQhJ5oQP24YwX
jEqXGA2MRgfxeBBpu/QWO+1AIqyNX9ZVATEsHR1pmHzCnKdy+BVCM3AZQQIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFMddlDmHllkNho5+U5VZJgvrkUzkMB8GA1UdIwQY
MBaAFCcCmjb8DMouCo0EXwIt/IMaUXMIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSndLYU52d015aTRLalFSZkFpMzhneHBSY3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS81M2JiMjMtZGZhOC00NzkyLWIzMTct
NTBkMGE1MzIzNjQxLzEveDEyVU9ZZVdXUTJHam41VGxWa21DLXVSVE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS81M2JiMjMtZGZhOC00NzkyLWIzMTctNTBkMGE1MzIzNjQx
LzEvSndLYU52d015aTRLalFSZkFpMzhneHBSY3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAUu
+2ADBARAO9ADBARBEtADBAVCzUADBAVFBgADBARFXnADBAJNU/gDBARQ9BADBAVV
hOADBAVbuMADBAVtbuADBAWLisADBAWk1wADBAK5B5wDBAK5KiADBAK5ohADBALC
QJADBALC6RADBALC6RgDBALC6TwDBATDs2ADBAXUMmADBATVhVADBAXVjMADBAXY
8YAwDQQCAAIwBwMFACoCBUAwDQYJKoZIhvcNAQELBQADggEBAEJKIuVg/WKnpgtE
n6iop80qyHWr2TzOhBZDf2jlH9mNTcO8DiKJgwy593yUReDPlTC1v7HkKrBKBUBe
6KXDw50I+4tOlfaQnyLN4GTB5kGQOexCaWzGVqNBmoRXfWw/qtRDBCwRmF0W2VwT
GK9XxbQuv0I3dtWym7BsCY4tA43W+rFoqJtEJWHQNk7XFB7yB/quPWYinuLDOyge
+jpy9IR0iZcyI5JlI2lx8ja6Lpq6a9Rwp69FFP3e7PQ2fDV2JziQ7OgLiDVT1tQ4
GNKrDTZzEw+9Nd0G4w7rid1uy89ascus6B5Vc6qo1b8rPOXDmRb47auv5o/Nbgxu
qs3ImcA=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:06:16 2024 by rpki-client on console-fra.rpki-client.org