Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/1bvVBacUwjknhmYOFYksG5spJyY.roa
File: 1bvVBacUwjknhmYOFYksG5spJyY.roa (raw, json)
Hash identifier: Mne4+MDtA0MtX2AtTvK2Gox4F0llaM2wG+vv4tKWTFU=
Subject key identifier: D5:BB:D5:05:A7:14:C2:39:27:86:66:0E:15:89:2C:1B:9B:29:27:26
Certificate issuer: /CN=9f5646f7d8afc0a933fb33333f37013d83a04d00
Certificate serial: 018CC5010C0CEA1AEEC4DA2F65E9E79614C1
Authority key identifier: 9F:56:46:F7:D8:AF:C0:A9:33:FB:33:33:3F:37:01:3D:83:A0:4D:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1ZG99ivwKkz-zMzPzcBPYOgTQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/1bvVBacUwjknhmYOFYksG5spJyY.roa
Signing time: Mon 01 Jan 2024 12:30:29 +0000
ROA not before: Mon 01 Jan 2024 12:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6855
IP address blocks: 178.41.128.0/17 maxlen: 17
95.103.0.0/18 maxlen: 18
78.98.0.0/15 maxlen: 15
195.146.136.0/24 maxlen: 24
195.91.0.0/17 maxlen: 17
213.81.197.0/24 maxlen: 24
95.102.0.0/15 maxlen: 15
213.160.160.0/19 maxlen: 19
213.81.128.0/17 maxlen: 17
84.47.0.0/17 maxlen: 17
212.5.192.0/19 maxlen: 19
91.127.0.0/16 maxlen: 16
194.154.224.0/19 maxlen: 19
185.19.72.0/22 maxlen: 22
195.146.128.0/19 maxlen: 19
87.197.0.0/16 maxlen: 16
178.40.0.0/15 maxlen: 15
95.103.64.0/18 maxlen: 18
95.102.128.0/17 maxlen: 17
2a00:12a8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/n1ZG99ivwKkz-zMzPzcBPYOgTQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/n1ZG99ivwKkz-zMzPzcBPYOgTQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/n1ZG99ivwKkz-zMzPzcBPYOgTQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0c:0c:ea:1a:ee:c4:da:2f:65:e9:e7:96:14:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5646f7d8afc0a933fb33333f37013d83a04d00
Validity
Not Before: Jan 1 12:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5bbd505a714c2392786660e15892c1b9b292726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:63:04:71:f7:eb:5d:96:67:69:13:90:af:fc:
74:4a:a1:46:de:24:13:70:2c:60:2d:b8:d4:68:0a:
05:d0:45:41:86:9a:e2:e6:ce:c6:44:1d:87:35:29:
39:7e:ce:a5:d8:62:a1:fa:2b:eb:8e:d1:57:15:72:
b7:c6:86:91:8b:4a:ec:19:f7:18:a4:7b:a6:8e:93:
a1:e2:38:8b:cd:03:d8:1a:6f:f0:b7:93:9f:49:b8:
5e:28:84:ae:81:8a:fa:0d:d2:09:db:74:33:f9:5c:
cc:13:96:d7:e8:21:33:94:f5:8a:15:b3:9e:1c:ab:
ee:ee:ed:b9:1c:0d:bc:f2:92:33:c3:b1:40:0b:ce:
8d:06:c3:45:ae:2c:ac:3d:9b:3b:e0:68:fa:d1:f9:
9d:e1:72:9d:20:ba:56:d1:0d:0a:84:b0:29:fd:a9:
43:90:b5:66:1f:82:ef:74:3f:21:25:07:1e:9d:f5:
a1:a8:1d:4c:17:c2:dc:63:8c:dc:0d:bd:06:41:6e:
45:65:0e:4f:13:f1:dd:c9:0e:29:19:b4:02:ac:cd:
fa:e9:9d:8e:bd:97:5b:a9:14:a7:9d:d9:3b:ed:a9:
77:0d:9d:a1:69:47:43:a7:ea:47:a6:5d:1e:db:0c:
de:67:8e:0b:e1:2c:34:7a:39:22:15:ec:b7:32:2a:
df:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BB:D5:05:A7:14:C2:39:27:86:66:0E:15:89:2C:1B:9B:29:27:26
X509v3 Authority Key Identifier:
keyid:9F:56:46:F7:D8:AF:C0:A9:33:FB:33:33:3F:37:01:3D:83:A0:4D:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1ZG99ivwKkz-zMzPzcBPYOgTQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/1bvVBacUwjknhmYOFYksG5spJyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/n1ZG99ivwKkz-zMzPzcBPYOgTQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.98.0.0/15
84.47.0.0/17
87.197.0.0/16
91.127.0.0/16
95.102.0.0/15
178.40.0.0/15
185.19.72.0/22
194.154.224.0/19
195.91.0.0/17
195.146.128.0/19
212.5.192.0/19
213.81.128.0/17
213.160.160.0/19
IPv6:
2a00:12a8::/29
Signature Algorithm: sha256WithRSAEncryption
5c:fc:84:88:c7:41:db:59:31:2e:70:74:20:19:aa:3c:cd:c0:
84:75:f6:a6:25:3e:49:cc:81:37:72:05:04:2d:9d:7c:38:be:
e7:9c:0b:a0:c3:0a:de:c4:5b:2a:bf:ff:e0:6f:56:08:a6:87:
0e:c2:95:6c:f2:8f:0c:5c:95:73:e0:24:51:cf:19:9d:72:fc:
66:02:e4:d7:76:0f:e3:6b:76:5f:38:a6:01:50:4a:66:cc:fd:
79:cc:a5:44:36:87:87:ca:b3:41:ec:00:ba:71:74:7c:3b:04:
47:4e:ec:f6:cc:2e:6b:c0:3a:96:49:2c:f0:00:48:41:14:96:
f1:cc:00:b5:64:64:2e:cb:94:ed:11:d9:28:b7:76:8f:2b:52:
d7:28:bb:12:bb:13:f3:bc:f9:8b:4b:96:b1:e3:9d:c2:9e:80:
73:36:72:6a:e6:a2:cb:cb:28:11:ab:74:43:29:6c:59:4e:3a:
56:91:70:0c:3f:7c:8a:94:fc:64:93:b1:c2:13:44:b0:1a:d4:
db:f5:17:8c:41:56:94:57:99:45:98:e5:36:dc:3e:22:3c:1f:
bf:00:b0:5c:0f:6a:32:75:14:fe:2a:f1:fb:79:ee:05:98:4a:
87:91:91:e3:dc:f1:8d:b2:09:c7:59:35:41:ca:aa:a6:64:2c:
7d:a1:96:3d
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzFAQwM6hruxNovZennlhTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNTY0NmY3ZDhhZmMwYTkzM2ZiMzMzMzNmMzcwMTNkODNh
MDRkMDAwHhcNMjQwMTAxMTIzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWJiZDUwNWE3MTRjMjM5Mjc4NjY2MGUxNTg5MmMxYjliMjkyNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWMEcffrXZZnaROQr/x0SqFG3iQT
cCxgLbjUaAoF0EVBhpri5s7GRB2HNSk5fs6l2GKh+ivrjtFXFXK3xoaRi0rsGfcY
pHumjpOh4jiLzQPYGm/wt5OfSbheKISugYr6DdIJ23Qz+VzME5bX6CEzlPWKFbOe
HKvu7u25HA288pIzw7FAC86NBsNFriysPZs74Gj60fmd4XKdILpW0Q0KhLAp/alD
kLVmH4LvdD8hJQcenfWhqB1MF8LcY4zcDb0GQW5FZQ5PE/HdyQ4pGbQCrM366Z2O
vZdbqRSnndk77al3DZ2haUdDp+pHpl0e2wzeZ44L4Sw0ejkiFey3MirfiwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFNW71QWnFMI5J4ZmDhWJLBubKScmMB8GA1UdIwQY
MBaAFJ9WRvfYr8CpM/szMz83AT2DoE0AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFaRzk5aXZ3S2t6LXpNelB6Y0JQWU9nVFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85MTY5MTctODhjNS00ZTdiLTgxMWUt
N2QzMmNhMDY1YjY2LzEvMWJ2VkJhY1V3amtuaG1ZT0ZZa3NHNXNwSnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85MTY5MTctODhjNS00ZTdiLTgxMWUtN2QzMmNhMDY1YjY2
LzEvbjFaRzk5aXZ3S2t6LXpNelB6Y0JQWU9nVFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJAwMBTmIDBAdU
LwADAwBXxQMDAFt/AwMBX2YDAwGyKAMEArkTSAMEBcKa4AMEB8NbAAMEBcOSgAME
BdQFwAMEB9VRgAMEBdWgoDANBAIAAjAHAwUDKgASqDANBgkqhkiG9w0BAQsFAAOC
AQEAXPyEiMdB21kxLnB0IBmqPM3AhHX2piU+ScyBN3IFBC2dfDi+55wLoMMK3sRb
Kr//4G9WCKaHDsKVbPKPDFyVc+AkUc8ZnXL8ZgLk13YP42t2XzimAVBKZsz9ecyl
RDaHh8qzQewAunF0fDsER07s9swua8A6lkks8ABIQRSW8cwAtWRkLsuU7RHZKLd2
jytS1yi7ErsT87z5i0uWseOdwp6AczZyauaiy8soEat0QylsWU46VpFwDD98ipT8
ZJOxwhNEsBrU2/UXjEFWlFeZRZjlNtw+IjwfvwCwXA9qMnUU/irx+3nuBZhKh5GR
49zxjbIJx1k1QcqqpmQsfaGWPQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:24:39 2024 by rpki-client on console-ams.rpki-client.org