Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/VG0iL6yXn8YW1DsmmbJgJB8nj3c.roa
File: VG0iL6yXn8YW1DsmmbJgJB8nj3c.roa (raw, json)
Hash identifier: 0/4bjsEa6FyzdjvxMgLOdUvPxtnwgXz7+x/sNX9+i1Q=
Subject key identifier: 54:6D:22:2F:AC:97:9F:C6:16:D4:3B:26:99:B2:60:24:1F:27:8F:77
Certificate issuer: /CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Certificate serial: 018CC8DE536B7522F8CBD0F513574893EFD0
Authority key identifier: 30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/VG0iL6yXn8YW1DsmmbJgJB8nj3c.roa
Signing time: Tue 02 Jan 2024 06:31:02 +0000
ROA not before: Tue 02 Jan 2024 06:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57395
IP address blocks: 176.98.165.0/24 maxlen: 24
176.98.166.0/24 maxlen: 24
176.98.160.0/24 maxlen: 24
176.98.161.0/24 maxlen: 24
176.98.162.0/24 maxlen: 24
176.98.163.0/24 maxlen: 24
176.98.164.0/24 maxlen: 24
176.98.167.0/24 maxlen: 24
5.183.48.0/22 maxlen: 22
185.254.0.0/24 maxlen: 24
185.254.1.0/24 maxlen: 24
185.181.170.0/24 maxlen: 24
185.181.171.0/24 maxlen: 24
185.181.168.0/24 maxlen: 24
193.150.64.0/24 maxlen: 24
2a0b:33c0:114::/48 maxlen: 48
2a0e:d200::/29 maxlen: 29
2a0b:33c0:118::/48 maxlen: 48
2a0b:33c0:113::/48 maxlen: 48
2a0b:33c0:51::/48 maxlen: 48
2a0b:33c0:107::/48 maxlen: 48
2a0b:33c0:2::/48 maxlen: 48
2a0b:33c0:10::/48 maxlen: 48
2a0b:33c0:50::/48 maxlen: 48
2a0b:33c0:6::/48 maxlen: 48
2a0b:33c0:3::/48 maxlen: 48
2a0b:33c0:1::/48 maxlen: 48
2a0b:33c0:117::/48 maxlen: 48
2a0b:33c0:112::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:53:6b:75:22:f8:cb:d0:f5:13:57:48:93:ef:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=301a648725ee26a460cb9b1cbcd9c9c832c449af
Validity
Not Before: Jan 2 06:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=546d222fac979fc616d43b2699b260241f278f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:31:eb:e1:39:6e:8a:b0:c3:85:d6:d9:c9:5b:
67:2f:44:7d:24:e2:8a:4e:dd:c2:60:90:e0:07:fd:
d9:20:a5:63:1a:70:50:03:61:bb:7b:4d:b8:38:79:
af:ac:9e:27:a6:cd:7f:60:82:7a:f8:b0:c3:49:fd:
dd:19:0d:30:f3:50:55:95:2a:a0:3d:fe:4d:31:08:
69:1c:c7:e2:d1:02:76:23:1c:46:bb:03:f1:ba:50:
74:51:d2:5f:bc:9c:c6:84:bd:eb:47:bc:72:6e:1b:
66:3f:1a:02:a5:b5:bb:00:c8:68:79:c9:8c:2f:b6:
06:bc:69:4a:9c:62:74:64:03:73:c7:65:a9:2d:e7:
f4:0a:f0:a2:42:f3:d2:a0:cc:10:d4:e5:e9:3c:8e:
17:5d:2f:d0:63:4d:2f:97:51:31:4b:6a:14:0b:6c:
b1:a5:e2:d2:c2:a2:83:90:06:ca:4f:42:0a:83:d2:
a8:cb:c6:ae:b3:99:8f:50:04:bf:d8:2a:2f:87:96:
d6:29:eb:33:3a:9e:6a:28:06:d4:eb:0b:14:1e:e4:
0f:d1:ee:39:16:29:5e:46:e3:4f:ab:1c:98:05:e2:
94:f2:6d:ec:a4:6d:f8:58:6b:66:d0:ae:87:dc:93:
1b:c1:9b:f3:e7:19:25:56:b6:53:15:00:2d:a3:3b:
ce:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6D:22:2F:AC:97:9F:C6:16:D4:3B:26:99:B2:60:24:1F:27:8F:77
X509v3 Authority Key Identifier:
keyid:30:1A:64:87:25:EE:26:A4:60:CB:9B:1C:BC:D9:C9:C8:32:C4:49:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBpkhyXuJqRgy5scvNnJyDLESa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/VG0iL6yXn8YW1DsmmbJgJB8nj3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/024f0f-20c5-4828-b332-a5b2d09e05cf/1/MBpkhyXuJqRgy5scvNnJyDLESa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.48.0/22
176.98.160.0/21
185.181.168.0/24
185.181.170.0/23
185.254.0.0/23
193.150.64.0/24
IPv6:
2a0b:33c0:1::-2a0b:33c0:3:ffff:ffff:ffff:ffff:ffff
2a0b:33c0:6::/48
2a0b:33c0:10::/48
2a0b:33c0:50::/47
2a0b:33c0:107::/48
2a0b:33c0:112::-2a0b:33c0:114:ffff:ffff:ffff:ffff:ffff
2a0b:33c0:117::-2a0b:33c0:118:ffff:ffff:ffff:ffff:ffff
2a0e:d200::/29
Signature Algorithm: sha256WithRSAEncryption
8f:30:b2:ac:8d:64:b5:fb:fe:aa:49:57:03:a0:f4:50:d4:da:
be:5f:7c:1d:7a:ce:b0:37:67:4d:cf:06:26:f0:41:85:3e:b7:
a7:f6:28:df:84:11:72:91:c9:a7:d1:03:8f:1e:db:84:93:14:
4b:2d:d9:a2:ca:b1:5d:66:a5:6b:3c:7d:5a:69:e3:5e:b5:0c:
49:66:1a:b3:6e:f2:b4:e9:6e:b8:b0:0b:2c:fd:60:52:cc:a0:
c1:38:f0:f7:cd:90:fd:5a:75:68:06:d7:55:4e:0b:7f:d4:b4:
d4:fe:fe:d5:1c:f7:da:28:3c:94:02:7d:fa:13:00:c5:70:30:
37:05:8e:70:1f:37:a8:44:1c:1b:79:68:f0:f1:e1:f7:b3:ed:
38:2b:09:dd:31:55:f3:f2:66:e0:23:41:33:ad:82:1d:8a:67:
c0:85:03:00:e7:52:73:6b:a4:38:40:8a:ef:9a:08:38:8b:ab:
7a:8b:52:78:9a:b9:a0:0a:37:43:c8:7c:87:bf:a7:6d:d1:80:
ed:75:81:a0:c6:14:57:64:a6:2d:20:d2:7d:c9:99:63:a9:96:
1c:d8:78:b9:67:44:44:f2:3f:2a:47:85:40:74:83:e8:6e:e5:
65:79:e2:b4:be:9d:6a:d6:58:79:de:7b:96:c0:5b:23:fe:8a:
cd:ee:69:0a
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYzI3lNrdSL4y9D1E1dIk+/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMWE2NDg3MjVlZTI2YTQ2MGNiOWIxY2JjZDljOWM4MzJj
NDQ5YWYwHhcNMjQwMTAyMDYzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDZkMjIyZmFjOTc5ZmM2MTZkNDNiMjY5OWIyNjAyNDFmMjc4Zjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjHr4TluirDDhdbZyVtnL0R9JOKK
Tt3CYJDgB/3ZIKVjGnBQA2G7e024OHmvrJ4nps1/YIJ6+LDDSf3dGQ0w81BVlSqg
Pf5NMQhpHMfi0QJ2IxxGuwPxulB0UdJfvJzGhL3rR7xybhtmPxoCpbW7AMhoecmM
L7YGvGlKnGJ0ZANzx2WpLef0CvCiQvPSoMwQ1OXpPI4XXS/QY00vl1ExS2oUC2yx
peLSwqKDkAbKT0IKg9Koy8aus5mPUAS/2Covh5bWKeszOp5qKAbU6wsUHuQP0e45
FileRuNPqxyYBeKU8m3spG34WGtm0K6H3JMbwZvz5xklVrZTFQAtozvOgwIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFFRtIi+sl5/GFtQ7JpmyYCQfJ493MB8GA1UdIwQY
MBaAFDAaZIcl7iakYMubHLzZycgyxEmvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzIt
YTViMmQwOWUwNWNmLzEvVkcwaUw2eVhuOFlXMURzbW1iSmdKQjhuajNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wMjRmMGYtMjBjNS00ODI4LWIzMzItYTViMmQwOWUwNWNm
LzEvTUJwa2h5WHVKcVJneTVzY3ZObkp5RExFU2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzAqBAIAATAkAwQCBbcw
AwQDsGKgAwQAubWoAwQBubWqAwQBuf4AAwQAwZZAMG0EAgACMGcwEgMHACoLM8AA
AQMHAioLM8AAAAMHACoLM8AABgMHACoLM8AAEAMHASoLM8AAUAMHACoLM8ABBzAS
AwcBKgszwAESAwcAKgszwAEUMBIDBwAqCzPAARcDBwAqCzPAARgDBQMqDtIAMA0G
CSqGSIb3DQEBCwUAA4IBAQCPMLKsjWS1+/6qSVcDoPRQ1Nq+X3wdes6wN2dNzwYm
8EGFPren9ijfhBFykcmn0QOPHtuEkxRLLdmiyrFdZqVrPH1aaeNetQxJZhqzbvK0
6W64sAss/WBSzKDBOPD3zZD9WnVoBtdVTgt/1LTU/v7VHPfaKDyUAn36EwDFcDA3
BY5wHzeoRBwbeWjw8eH3s+04KwndMVXz8mbgI0EzrYIdimfAhQMA51Jza6Q4QIrv
mgg4i6t6i1J4mrmgCjdDyHyHv6dt0YDtdYGgxhRXZKYtINJ9yZljqZYc2Hi5Z0RE
8j8qR4VAdIPobuVleeK0vp1q1lh53nuWwFsj/orN7mkK
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:09:18 2024 by rpki-client on console-fra.rpki-client.org