Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/46G76jCgJv3MpwGNc30cr7yuHpk.roa
File: 46G76jCgJv3MpwGNc30cr7yuHpk.roa (raw, json)
Hash identifier: mU9+M9SY+RTgi5Z1wSXcVsdlIZM1KLaDS9pl4hZXdDI=
Subject key identifier: E3:A1:BB:EA:30:A0:26:FD:CC:A7:01:8D:73:7D:1C:AF:BC:AE:1E:99
Certificate issuer: /CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Certificate serial: 018CC80115409B09955E54389E6C68E218E8
Authority key identifier: 9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/46G76jCgJv3MpwGNc30cr7yuHpk.roa
Signing time: Tue 02 Jan 2024 02:29:23 +0000
ROA not before: Tue 02 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31638
IP address blocks: 93.115.170.0/23 maxlen: 23
89.39.224.0/20 maxlen: 21
188.241.190.0/23 maxlen: 24
46.255.80.0/21 maxlen: 24
89.44.206.0/24 maxlen: 24
5.144.184.0/21 maxlen: 24
89.45.95.0/24 maxlen: 24
37.156.148.0/22 maxlen: 23
89.47.32.0/23 maxlen: 24
86.105.179.0/24 maxlen: 24
188.215.44.0/22 maxlen: 23
86.104.6.0/24 maxlen: 24
89.45.24.0/21 maxlen: 21
89.45.24.0/24 maxlen: 24
89.45.26.0/24 maxlen: 24
89.45.25.0/24 maxlen: 24
89.45.27.0/24 maxlen: 24
176.223.164.0/24 maxlen: 24
188.215.65.0/24 maxlen: 24
37.156.96.0/22 maxlen: 23
89.33.232.0/24 maxlen: 24
94.177.18.0/23 maxlen: 23
93.118.37.0/24 maxlen: 24
195.62.160.0/19 maxlen: 20
89.34.6.0/24 maxlen: 24
89.45.216.0/22 maxlen: 23
188.215.248.0/24 maxlen: 24
188.212.153.0/24 maxlen: 24
188.215.247.0/24 maxlen: 24
188.210.239.0/24 maxlen: 24
37.156.168.0/22 maxlen: 23
185.82.168.0/22 maxlen: 23
185.82.170.0/24 maxlen: 24
185.82.169.0/24 maxlen: 24
185.82.171.0/24 maxlen: 24
188.241.4.0/23 maxlen: 24
37.156.208.0/22 maxlen: 23
94.177.151.0/24 maxlen: 24
89.42.230.0/24 maxlen: 24
188.209.80.0/20 maxlen: 24
86.104.229.0/24 maxlen: 24
188.209.88.0/21 maxlen: 21
93.113.89.0/24 maxlen: 24
86.105.8.0/24 maxlen: 24
2a02:20d8::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.mft
rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:15:40:9b:09:95:5e:54:38:9e:6c:68:e2:18:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Validity
Not Before: Jan 2 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3a1bbea30a026fdcca7018d737d1cafbcae1e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:81:e2:1f:6f:c2:db:e7:fb:0d:fc:72:49:ae:
c7:81:30:f5:32:e2:1f:35:c5:70:15:90:e5:fc:96:
49:db:3a:91:04:6b:24:5e:3c:ae:c9:e1:8f:5d:a5:
3a:c0:a2:a0:c9:b7:90:aa:2c:54:8a:1e:51:5b:e2:
55:c2:f4:d0:2b:d3:a8:69:16:d4:54:94:04:ce:e7:
a5:21:a4:9a:3f:09:55:3f:df:83:d1:07:34:db:ce:
7a:39:b2:9b:56:f7:7e:3e:ef:25:b2:ec:af:42:5d:
83:8d:da:e8:80:9f:6e:a5:97:3a:75:bb:2a:1f:a6:
ca:58:fc:44:63:7b:52:1f:0f:12:d1:69:1f:f0:cb:
39:75:8e:22:df:9d:ce:61:b2:5b:77:69:17:ae:cf:
c3:e6:fd:c9:03:a5:0b:99:4c:4e:a6:78:93:0b:e3:
a2:83:d4:43:3d:17:ab:be:84:22:1e:a2:e6:8b:1e:
e4:0e:0f:fa:09:e0:5e:9d:7f:c9:99:41:1c:65:51:
0c:53:68:c8:f7:f3:23:89:6f:88:59:ff:cb:56:14:
11:b8:10:49:b5:99:c8:a6:1c:94:b9:92:50:96:b5:
56:c1:e0:b3:64:b4:55:1e:53:3e:59:25:b9:c6:c1:
30:0a:c2:09:87:e2:ea:1d:62:14:68:9f:c0:10:73:
f5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:A1:BB:EA:30:A0:26:FD:CC:A7:01:8D:73:7D:1C:AF:BC:AE:1E:99
X509v3 Authority Key Identifier:
keyid:9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/46G76jCgJv3MpwGNc30cr7yuHpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.184.0/21
37.156.96.0/22
37.156.148.0/22
37.156.168.0/22
37.156.208.0/22
46.255.80.0/21
86.104.6.0/24
86.104.229.0/24
86.105.8.0/24
86.105.179.0/24
89.33.232.0/24
89.34.6.0/24
89.39.224.0/20
89.42.230.0/24
89.44.206.0/24
89.45.24.0/21
89.45.95.0/24
89.45.216.0/22
89.47.32.0/23
93.113.89.0/24
93.115.170.0/23
93.118.37.0/24
94.177.18.0/23
94.177.151.0/24
176.223.164.0/24
185.82.168.0/22
188.209.80.0/20
188.210.239.0/24
188.212.153.0/24
188.215.44.0/22
188.215.65.0/24
188.215.247.0-188.215.248.255
188.241.4.0/23
188.241.190.0/23
195.62.160.0/19
IPv6:
2a02:20d8::/29
Signature Algorithm: sha256WithRSAEncryption
a5:23:8a:f6:e4:11:16:df:68:59:f2:db:27:8e:bc:48:b0:a3:
e3:6e:67:d5:f9:0d:1e:fb:14:ce:a5:2a:b3:20:91:89:18:4d:
d7:07:77:ed:4e:76:73:a3:af:6b:19:11:dc:5e:9c:64:fe:ba:
41:3f:3e:bc:eb:9f:03:df:eb:13:11:3f:75:59:aa:7a:23:76:
43:cc:b9:65:f6:4b:18:a8:37:0a:11:e5:39:1f:9b:1a:61:23:
54:6d:e2:a4:b2:d6:9c:6a:04:14:91:01:03:86:e6:de:d1:4e:
f2:77:35:0d:3c:7c:1b:8c:7c:1a:37:15:00:91:8e:b6:2b:ce:
b3:81:ec:08:fd:b7:0c:e3:e6:97:81:fe:86:a9:f3:22:d7:63:
b8:41:d0:a1:48:67:c0:06:e0:c8:46:58:23:1e:47:af:b8:44:
e6:30:36:61:4b:94:b5:7c:b0:c6:81:4a:39:0a:f0:8f:f4:ef:
b3:9b:68:12:21:c8:af:7e:92:17:74:57:36:1f:36:14:59:ba:
96:58:2b:8f:52:30:ef:5d:fb:0d:95:67:43:76:be:84:d0:80:
f3:ce:7e:a2:8d:5d:e1:de:7d:db:b5:4a:34:f9:ec:9f:da:91:
05:60:5e:b9:41:1c:bb:5d:d3:a0:9e:17:a3:4e:37:d0:a9:14:
82:55:de:c6
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYzIARVAmwmVXlQ4nmxo4hjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMjAwZDBlN2FkM2NlZjcyMjM4YjUxNjRjNGIyY2RkZTIz
YTZhMWUwHhcNMjQwMTAyMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2ExYmJlYTMwYTAyNmZkY2NhNzAxOGQ3MzdkMWNhZmJjYWUxZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIHiH2/C2+f7DfxySa7HgTD1MuIf
NcVwFZDl/JZJ2zqRBGskXjyuyeGPXaU6wKKgybeQqixUih5RW+JVwvTQK9OoaRbU
VJQEzuelIaSaPwlVP9+D0Qc02856ObKbVvd+Pu8lsuyvQl2DjdrogJ9upZc6dbsq
H6bKWPxEY3tSHw8S0Wkf8Ms5dY4i353OYbJbd2kXrs/D5v3JA6ULmUxOpniTC+Oi
g9RDPRervoQiHqLmix7kDg/6CeBenX/JmUEcZVEMU2jI9/MjiW+IWf/LVhQRuBBJ
tZnIphyUuZJQlrVWweCzZLRVHlM+WSW5xsEwCsIJh+LqHWIUaJ/AEHP1mQIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFOOhu+owoCb9zKcBjXN9HK+8rh6ZMB8GA1UdIwQY
MBaAFJsgDQ560873Iji1FkxLLN3iOmoeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2Mt
YTRmMDhkYmI4NWE1LzEvNDZHNzZqQ2dKdjNNcHdHTmMzMGNyN3l1SHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2MtYTRmMDhkYmI4NWE1
LzEvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgeEEAgABMIHaAwQD
BZC4AwQCJZxgAwQCJZyUAwQCJZyoAwQCJZzQAwQDLv9QAwQAVmgGAwQAVmjlAwQA
VmkIAwQAVmmzAwQAWSHoAwQAWSIGAwQEWSfgAwQAWSrmAwQAWSzOAwQDWS0YAwQA
WS1fAwQCWS3YAwQBWS8gAwQAXXFZAwQBXXOqAwQAXXYlAwQBXrESAwQAXrGXAwQA
sN+kAwQCuVKoAwQEvNFQAwQAvNLvAwQAvNSZAwQCvNcsAwQAvNdBMAwDBAC81/cD
BAC81/gDBAG88QQDBAG88b4DBAXDPqAwDQQCAAIwBwMFAyoCINgwDQYJKoZIhvcN
AQELBQADggEBAKUjivbkERbfaFny2yeOvEiwo+NuZ9X5DR77FM6lKrMgkYkYTdcH
d+1OdnOjr2sZEdxenGT+ukE/PrzrnwPf6xMRP3VZqnojdkPMuWX2SxioNwoR5Tkf
mxphI1Rt4qSy1pxqBBSRAQOG5t7RTvJ3NQ08fBuMfBo3FQCRjrYrzrOB7Aj9twzj
5peB/oap8yLXY7hB0KFIZ8AG4MhGWCMeR6+4ROYwNmFLlLV8sMaBSjkK8I/077Ob
aBIhyK9+khd0VzYfNhRZupZYK49SMO9d+w2VZ0N2voTQgPPOfqKNXeHefdu1SjT5
7J/akQVgXrlBHLtd06CeF6NON9CpFIJV3sY=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:07:01 2024 by rpki-client on console-fra.rpki-client.org