Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/64ShJzuHejRnC01X9C_XZBgLKUM.roa
File: 64ShJzuHejRnC01X9C_XZBgLKUM.roa (raw, json)
Hash identifier: xMW897PKs9Rp4bpEY9MGrJaYZEzps1ekxPRCNZ38jFw=
Subject key identifier: EB:84:A1:27:3B:87:7A:34:67:0B:4D:57:F4:2F:D7:64:18:0B:29:43
Certificate issuer: /CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Certificate serial: 018E13F97C90DD3C0EB3FE0DDD5751AD30DF
Authority key identifier: 97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/64ShJzuHejRnC01X9C_XZBgLKUM.roa
Signing time: Wed 06 Mar 2024 13:35:01 +0000
ROA not before: Wed 06 Mar 2024 13:35:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41833
IP address blocks: 46.227.248.0/21 maxlen: 21
46.227.248.0/24 maxlen: 24
46.227.249.0/24 maxlen: 24
46.227.251.0/24 maxlen: 24
46.227.252.0/24 maxlen: 24
46.227.253.0/24 maxlen: 24
46.227.254.0/24 maxlen: 24
46.227.255.0/24 maxlen: 24
89.249.208.0/20 maxlen: 20
89.249.208.0/24 maxlen: 24
89.249.209.0/24 maxlen: 24
89.249.210.0/24 maxlen: 24
89.249.211.0/24 maxlen: 24
89.249.212.0/24 maxlen: 24
89.249.212.0/28 maxlen: 28
89.249.213.0/24 maxlen: 24
89.249.214.0/24 maxlen: 24
89.249.215.0/24 maxlen: 24
89.249.216.0/24 maxlen: 24
89.249.217.0/24 maxlen: 24
89.249.218.0/24 maxlen: 24
89.249.219.0/24 maxlen: 24
89.249.220.0/24 maxlen: 24
89.249.221.0/24 maxlen: 24
89.249.221.80/29 maxlen: 29
89.249.222.0/24 maxlen: 24
89.249.223.0/24 maxlen: 24
93.185.224.0/20 maxlen: 20
93.185.224.0/24 maxlen: 24
93.185.225.0/24 maxlen: 24
93.185.226.0/24 maxlen: 24
93.185.227.0/24 maxlen: 24
93.185.228.0/24 maxlen: 24
93.185.229.0/24 maxlen: 24
93.185.229.0/30 maxlen: 30
93.185.230.0/24 maxlen: 24
93.185.231.0/24 maxlen: 24
93.185.231.0/29 maxlen: 29
93.185.232.0/24 maxlen: 24
93.185.233.0/24 maxlen: 24
93.185.235.0/24 maxlen: 24
93.185.236.0/24 maxlen: 24
93.185.236.136/29 maxlen: 29
93.185.237.0/24 maxlen: 24
93.185.238.0/24 maxlen: 24
93.185.239.0/24 maxlen: 24
95.141.48.0/20 maxlen: 20
95.141.48.0/24 maxlen: 24
95.141.49.0/24 maxlen: 24
95.141.55.0/24 maxlen: 24
95.141.56.0/24 maxlen: 24
95.141.57.0/24 maxlen: 24
95.141.58.0/24 maxlen: 24
95.141.59.0/24 maxlen: 24
95.141.60.0/24 maxlen: 24
95.141.61.0/24 maxlen: 24
95.141.62.0/24 maxlen: 24
95.141.63.0/24 maxlen: 24
141.138.176.0/20 maxlen: 20
141.138.176.0/24 maxlen: 24
141.138.177.0/24 maxlen: 24
141.138.178.0/24 maxlen: 24
141.138.179.0/24 maxlen: 24
141.138.180.0/24 maxlen: 24
141.138.181.0/24 maxlen: 24
141.138.182.0/24 maxlen: 24
141.138.183.0/24 maxlen: 24
141.138.184.0/24 maxlen: 24
141.138.185.0/24 maxlen: 24
141.138.186.0/24 maxlen: 24
141.138.186.96/29 maxlen: 29
141.138.186.144/29 maxlen: 29
141.138.187.0/24 maxlen: 24
141.138.188.0/24 maxlen: 24
141.138.189.0/24 maxlen: 24
141.138.191.0/24 maxlen: 24
185.58.200.0/22 maxlen: 22
185.58.200.0/24 maxlen: 24
185.58.201.0/24 maxlen: 24
185.58.202.0/24 maxlen: 24
2a02:f50::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:f9:7c:90:dd:3c:0e:b3:fe:0d:dd:57:51:ad:30:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97429de8bcc3be474abbda2be2a89d0f3208c385
Validity
Not Before: Mar 6 13:35:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb84a1273b877a34670b4d57f42fd764180b2943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7b:37:69:c5:f4:1d:ba:ca:69:2b:ab:ba:c2:
8c:27:6c:14:c7:83:c9:2e:fc:55:ce:e0:81:08:10:
b9:8b:3d:85:b5:c1:06:2a:cf:73:0c:63:d1:5c:d6:
9d:c3:e3:9f:5a:d6:2a:bd:42:77:0c:c3:20:1a:3a:
be:a3:95:02:2e:08:4e:8f:52:ca:10:ee:d5:22:fa:
33:8c:7e:42:6e:ed:dc:24:6c:fe:6d:80:1d:a9:08:
6e:7c:17:ae:1d:f4:85:c4:1c:34:b0:33:3a:f3:cf:
36:5f:8d:be:68:83:8f:dc:1b:f4:84:1d:26:28:67:
5e:26:e8:c1:20:ba:b3:fe:58:5c:75:04:56:1a:bd:
df:75:69:22:bc:ee:28:8e:be:9d:dc:a2:99:3f:18:
8c:df:a3:03:05:21:15:8c:54:9a:04:8b:41:d5:91:
8a:6c:88:cb:37:2d:03:87:40:b4:bb:a4:81:e0:e8:
dd:16:81:0c:e9:93:b2:f9:0f:aa:e8:4a:da:ae:fa:
42:d7:20:89:62:eb:b8:91:a2:85:5a:36:58:06:17:
7d:da:03:24:66:d8:88:bc:50:78:84:91:6e:3e:b3:
a8:3d:28:90:33:9f:a4:1c:3f:5a:f7:e2:54:18:37:
04:8c:66:48:4e:9c:3d:f0:f7:31:f6:ae:74:22:4c:
12:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:84:A1:27:3B:87:7A:34:67:0B:4D:57:F4:2F:D7:64:18:0B:29:43
X509v3 Authority Key Identifier:
keyid:97:42:9D:E8:BC:C3:BE:47:4A:BB:DA:2B:E2:A8:9D:0F:32:08:C3:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0Kd6LzDvkdKu9or4qidDzIIw4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/64ShJzuHejRnC01X9C_XZBgLKUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/9911ac-4cf2-4ee5-8d63-049bdc6b8ef3/1/l0Kd6LzDvkdKu9or4qidDzIIw4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.248.0/21
89.249.208.0/20
93.185.224.0/20
95.141.48.0/20
141.138.176.0/20
185.58.200.0/22
IPv6:
2a02:f50::/32
Signature Algorithm: sha256WithRSAEncryption
26:e0:4b:17:b8:4d:79:15:07:56:ea:72:4a:6b:72:2b:56:18:
27:26:88:ba:be:2b:d1:37:21:9a:28:30:3b:75:e4:b1:9b:68:
91:a7:e2:6a:39:63:ee:76:89:65:49:84:bd:f9:be:14:da:2b:
df:c2:5b:4d:b7:5f:fc:ee:42:40:6f:02:92:49:18:57:ba:cf:
07:81:01:2e:fc:79:8c:da:a8:5c:b6:2c:6f:cb:30:2d:ba:91:
5e:24:2b:1c:e2:7e:f2:fb:56:e2:d4:37:ab:ab:49:3e:88:18:
e6:f9:a8:5d:ba:b6:48:65:61:95:27:2b:5d:a5:79:87:ea:e2:
e7:cc:f6:a2:8e:c3:60:3f:3c:a3:81:b1:72:3f:c0:6a:d2:09:
4b:5b:c7:51:3a:f8:8e:03:9c:cf:87:6e:9b:93:23:20:21:9a:
fd:b9:dc:d3:f7:98:eb:69:fa:52:c9:8f:c1:30:25:44:04:b9:
62:0e:16:c3:66:66:9d:2b:45:ea:2f:e1:ad:ce:2c:54:39:d3:
51:ef:2f:4f:37:ef:9c:2f:a9:cb:d8:b9:5f:f4:c9:61:24:07:
63:7c:f7:7c:5b:03:d5:76:66:ec:f6:a4:64:cc:d5:eb:67:02:
54:37:e8:4b:cd:e9:d7:32:b6:81:13:bb:97:e3:96:27:06:bc:
a3:23:5a:84
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY4T+XyQ3TwOs/4N3VdRrTDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDI5ZGU4YmNjM2JlNDc0YWJiZGEyYmUyYTg5ZDBmMzIw
OGMzODUwHhcNMjQwMzA2MTMzNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjg0YTEyNzNiODc3YTM0NjcwYjRkNTdmNDJmZDc2NDE4MGIyOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHs3acX0HbrKaSurusKMJ2wUx4PJ
LvxVzuCBCBC5iz2FtcEGKs9zDGPRXNadw+OfWtYqvUJ3DMMgGjq+o5UCLghOj1LK
EO7VIvozjH5Cbu3cJGz+bYAdqQhufBeuHfSFxBw0sDM68882X42+aIOP3Bv0hB0m
KGdeJujBILqz/lhcdQRWGr3fdWkivO4ojr6d3KKZPxiM36MDBSEVjFSaBItB1ZGK
bIjLNy0Dh0C0u6SB4OjdFoEM6ZOy+Q+q6ErarvpC1yCJYuu4kaKFWjZYBhd92gMk
ZtiIvFB4hJFuPrOoPSiQM5+kHD9a9+JUGDcEjGZITpw98Pcx9q50IkwSRQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOuEoSc7h3o0ZwtNV/Qv12QYCylDMB8GA1UdIwQY
MBaAFJdCnei8w75HSrvaK+KonQ8yCMOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMt
MDQ5YmRjNmI4ZWYzLzEvNjRTaEp6dUhlalJuQzAxWDlDX1haQmdMS1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC85OTExYWMtNGNmMi00ZWU1LThkNjMtMDQ5YmRjNmI4ZWYz
LzEvbDBLZDZMekR2a2RLdTlvcjRxaWREeklJdzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLuP4AwQE
WfnQAwQEXbngAwQEX40wAwQEjYqwAwQCuTrIMA0EAgACMAcDBQAqAg9QMA0GCSqG
SIb3DQEBCwUAA4IBAQAm4EsXuE15FQdW6nJKa3IrVhgnJoi6vivRNyGaKDA7deSx
m2iRp+JqOWPudollSYS9+b4U2ivfwltNt1/87kJAbwKSSRhXus8HgQEu/HmM2qhc
tixvyzAtupFeJCsc4n7y+1bi1Derq0k+iBjm+ahdurZIZWGVJytdpXmH6uLnzPai
jsNgPzyjgbFyP8Bq0glLW8dROviOA5zPh26bkyMgIZr9udzT95jrafpSyY/BMCVE
BLliDhbDZmadK0XqL+GtzixUOdNR7y9PN++cL6nL2Llf9MlhJAdjfPd8WwPVdmbs
9qRkzNXrZwJUN+hLzenXMraBE7uX45YnBryjI1qE
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:48:15 2024 by rpki-client on console-fra.rpki-client.org