Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/1-z0VFzM_9cX7udLeF8Djz6cbsgc.roa
File: 1-z0VFzM_9cX7udLeF8Djz6cbsgc.roa (raw, json)
Hash identifier: 83UoHtw8nDkwGide2JoUFtdknM1a/lgZvCtKE4bjRdQ=
Subject key identifier: FB:3D:15:17:33:3F:F5:C5:FB:B9:D2:DE:17:C0:E3:CF:A7:1B:B2:07
Certificate issuer: /CN=29c2103fd2417c8869145617de94fcc913b085ef
Certificate serial: 018CC8DFAFBB3BC43C9FF1C1D08F3BCD59ED
Authority key identifier: 29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/1-z0VFzM_9cX7udLeF8Djz6cbsgc.roa
Signing time: Tue 02 Jan 2024 06:32:31 +0000
ROA not before: Tue 02 Jan 2024 06:32:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48504
IP address blocks: 193.243.150.0/23 maxlen: 24
80.253.192.0/20 maxlen: 24
45.134.192.0/22 maxlen: 24
46.247.160.0/19 maxlen: 24
94.247.160.0/21 maxlen: 24
185.117.36.0/22 maxlen: 24
94.143.80.0/21 maxlen: 24
185.48.48.0/22 maxlen: 24
194.105.58.0/23 maxlen: 24
194.105.62.0/23 maxlen: 24
176.53.128.0/22 maxlen: 24
185.8.240.0/22 maxlen: 24
185.12.96.0/22 maxlen: 24
193.239.190.0/23 maxlen: 24
37.26.176.0/21 maxlen: 24
185.50.76.0/22 maxlen: 24
2a04:b440::/29 maxlen: 29
2a03:bd00::/32 maxlen: 48
2a01:aa60::/32 maxlen: 48
2a01:9720::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/KcIQP9JBfIhpFFYX3pT8yROwhe8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/KcIQP9JBfIhpFFYX3pT8yROwhe8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:af:bb:3b:c4:3c:9f:f1:c1:d0:8f:3b:cd:59:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c2103fd2417c8869145617de94fcc913b085ef
Validity
Not Before: Jan 2 06:32:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb3d1517333ff5c5fbb9d2de17c0e3cfa71bb207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d0:fa:c4:fc:42:86:b7:d2:fb:c3:9f:65:c0:
80:43:d3:17:db:6a:76:05:f6:e3:8b:3c:fe:5c:56:
06:db:7c:86:d4:3a:d3:f5:6f:70:73:98:41:18:5b:
65:2d:fe:03:2b:f7:d9:30:5b:7d:f4:85:b3:1b:ab:
e3:22:d6:f4:ca:5f:32:b2:14:19:de:63:12:10:ff:
56:d4:15:9d:65:bf:08:9b:b0:58:66:08:95:2d:26:
77:42:19:2f:5c:58:d2:c5:23:a2:a6:ae:7a:54:fa:
79:1c:41:11:be:4e:27:5a:91:0a:d0:cf:8b:c3:a5:
90:00:9b:ae:20:c6:d7:46:e1:2a:ff:57:24:d6:f1:
08:3e:2a:43:e7:69:74:71:88:ed:7f:4d:61:33:48:
76:48:c7:c4:44:75:5f:d1:42:bb:80:43:f3:92:e4:
b8:b2:9c:25:54:f9:90:a7:dd:fc:95:37:2b:83:60:
4b:fe:20:13:1c:18:e8:94:28:8b:58:2f:5d:95:3d:
c3:7a:9a:a2:9f:33:5d:1f:ba:40:59:c2:a2:e2:a3:
19:f3:ba:7c:59:97:b9:18:9c:ed:8f:d4:0d:57:74:
6c:2a:4e:1a:cd:a3:b6:62:2e:c2:00:8f:43:eb:0d:
45:98:57:f2:da:95:59:cb:f9:3d:da:ee:cf:ac:a5:
8a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:3D:15:17:33:3F:F5:C5:FB:B9:D2:DE:17:C0:E3:CF:A7:1B:B2:07
X509v3 Authority Key Identifier:
keyid:29:C2:10:3F:D2:41:7C:88:69:14:56:17:DE:94:FC:C9:13:B0:85:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcIQP9JBfIhpFFYX3pT8yROwhe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/1-z0VFzM_9cX7udLeF8Djz6cbsgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2b8d82-39fb-4a56-89c5-9d5657513e20/1/KcIQP9JBfIhpFFYX3pT8yROwhe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.176.0/21
45.134.192.0/22
46.247.160.0/19
80.253.192.0/20
94.143.80.0/21
94.247.160.0/21
176.53.128.0/22
185.8.240.0/22
185.12.96.0/22
185.48.48.0/22
185.50.76.0/22
185.117.36.0/22
193.239.190.0/23
193.243.150.0/23
194.105.58.0/23
194.105.62.0/23
IPv6:
2a01:9720::/32
2a01:aa60::/32
2a03:bd00::/32
2a04:b440::/29
Signature Algorithm: sha256WithRSAEncryption
21:a4:a6:22:d2:d8:c3:cb:4f:aa:3b:9f:a5:96:b1:17:a1:cf:
27:8f:a7:68:83:8f:3b:78:26:f6:c7:77:54:fc:1d:41:0f:61:
98:49:10:91:91:54:be:d6:f4:77:f6:86:13:0a:14:c3:b2:62:
37:83:9c:32:a0:79:e2:0b:ff:bd:7f:c2:52:e4:c3:88:09:fb:
cf:d5:d8:3c:0a:ae:13:71:ae:59:70:68:6a:19:76:4f:50:36:
f2:83:92:9c:bb:36:ab:33:77:9a:10:e9:ed:e6:c5:5c:61:4a:
c1:cd:80:82:4e:a0:3a:6d:cf:3e:03:00:6e:de:ee:ab:ab:4b:
57:39:e8:b6:54:a5:c5:be:5b:06:7e:2a:8e:0c:57:99:5f:f0:
1b:1d:a8:d0:27:58:dd:3f:fa:8e:26:3f:7c:5a:04:b8:3e:2f:
a6:81:24:b8:f7:cb:64:71:2c:c8:e4:a6:b3:24:f0:c4:9d:24:
4d:b1:16:cf:0f:58:ea:f7:d5:7f:d3:7b:c1:e6:e9:44:3d:1e:
d3:57:93:a3:06:78:59:d5:9d:3c:26:25:62:ba:1f:59:b7:36:
e8:06:b9:8a:48:51:95:09:d2:dd:39:b5:7a:35:73:b3:7f:51:
20:5f:9a:00:a0:73:7e:d4:8e:88:64:d1:82:9d:f7:b4:c1:3f:
55:21:49:60
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAYzI36+7O8Q8n/HB0I87zVntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzIxMDNmZDI0MTdjODg2OTE0NTYxN2RlOTRmY2M5MTNi
MDg1ZWYwHhcNMjQwMTAyMDYzMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjNkMTUxNzMzM2ZmNWM1ZmJiOWQyZGUxN2MwZTNjZmE3MWJiMjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9D6xPxChrfS+8OfZcCAQ9MX22p2
Bfbjizz+XFYG23yG1DrT9W9wc5hBGFtlLf4DK/fZMFt99IWzG6vjItb0yl8yshQZ
3mMSEP9W1BWdZb8Im7BYZgiVLSZ3QhkvXFjSxSOipq56VPp5HEERvk4nWpEK0M+L
w6WQAJuuIMbXRuEq/1ck1vEIPipD52l0cYjtf01hM0h2SMfERHVf0UK7gEPzkuS4
spwlVPmQp938lTcrg2BL/iATHBjolCiLWC9dlT3DepqinzNdH7pAWcKi4qMZ87p8
WZe5GJztj9QNV3RsKk4azaO2Yi7CAI9D6w1FmFfy2pVZy/k92u7PrKWKxQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFPs9FRczP/XF+7nS3hfA48+nG7IHMB8GA1UdIwQY
MBaAFCnCED/SQXyIaRRWF96U/MkTsIXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2NJUVA5SkJmSWhwRkZZWDNwVDh5Uk93aGU4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYjhkODItMzlmYi00YTU2LTg5YzUt
OWQ1NjU3NTEzZTIwLzEvMS16MFZGek1fOWNYN3VkTGVGOERqejZjYnNnYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvMmI4ZDgyLTM5ZmItNGE1Ni04OWM1LTlkNTY1NzUxM2Uy
MC8xL0tjSVFQOUpCZklocEZGWVgzcFQ4eVJPd2hlOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBnwYIKwYBBQUHAQcBAf8EgY8wgYwwZgQCAAEwYAMEAyUa
sAMEAi2GwAMEBS73oAMEBFD9wAMEA16PUAMEA173oAMEArA1gAMEArkI8AMEArkM
YAMEArkwMAMEArkyTAMEArl1JAMEAcHvvgMEAcHzlgMEAcJpOgMEAcJpPjAiBAIA
AjAcAwUAKgGXIAMFACoBqmADBQAqA70AAwUDKgS0QDANBgkqhkiG9w0BAQsFAAOC
AQEAIaSmItLYw8tPqjufpZaxF6HPJ4+naIOPO3gm9sd3VPwdQQ9hmEkQkZFUvtb0
d/aGEwoUw7JiN4OcMqB54gv/vX/CUuTDiAn7z9XYPAquE3GuWXBoahl2T1A28oOS
nLs2qzN3mhDp7ebFXGFKwc2Agk6gOm3PPgMAbt7uq6tLVznotlSlxb5bBn4qjgxX
mV/wGx2o0CdY3T/6jiY/fFoEuD4vpoEkuPfLZHEsyOSmsyTwxJ0kTbEWzw9Y6vfV
f9N7webpRD0e01eTowZ4WdWdPCYlYrofWbc26Aa5ikhRlQnS3Tm1ejVzs39RIF+a
AKBzftSOiGTRgp33tME/VSFJYA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:39:27 2024 by rpki-client on console-ams.rpki-client.org