Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/evKBUN2_OYObOP7Rz2GKzNu_kg8.roa
File: evKBUN2_OYObOP7Rz2GKzNu_kg8.roa (raw, json)
Hash identifier: 1jYsKAKCRmXXLIY9YmZS4TImmjpP2+LOqiSfhQvGCFo=
Subject key identifier: 7A:F2:81:50:DD:BF:39:83:9B:38:FE:D1:CF:61:8A:CC:DB:BF:92:0F
Certificate issuer: /CN=b155daddb871b9d6a53cd6b47f776250837f7774
Certificate serial: 018CC26D09F30D4A968B8B61555B443D45B6
Authority key identifier: B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/evKBUN2_OYObOP7Rz2GKzNu_kg8.roa
Signing time: Mon 01 Jan 2024 00:29:35 +0000
ROA not before: Mon 01 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9145
IP address blocks: 92.252.0.0/17 maxlen: 24
212.95.96.0/19 maxlen: 24
212.6.64.0/18 maxlen: 24
85.16.0.0/16 maxlen: 24
95.33.0.0/16 maxlen: 24
85.8.64.0/18 maxlen: 24
213.252.128.0/18 maxlen: 24
37.138.0.0/16 maxlen: 24
82.149.160.0/19 maxlen: 24
90.153.0.0/17 maxlen: 24
89.166.128.0/17 maxlen: 24
80.66.0.0/19 maxlen: 24
213.168.192.0/19 maxlen: 24
62.89.160.0/19 maxlen: 24
213.183.160.0/19 maxlen: 24
91.96.0.0/15 maxlen: 24
31.150.0.0/16 maxlen: 24
80.228.0.0/16 maxlen: 24
87.245.0.0/18 maxlen: 24
89.233.64.0/19 maxlen: 24
31.184.0.0/18 maxlen: 24
213.182.96.0/19 maxlen: 24
91.248.0.0/15 maxlen: 24
31.187.112.0/20 maxlen: 24
213.170.160.0/19 maxlen: 24
178.142.0.0/16 maxlen: 24
188.118.128.0/18 maxlen: 24
2a02:8020::/30 maxlen: 48
2a02:8200::/27 maxlen: 48
2a00:1470::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:09:f3:0d:4a:96:8b:8b:61:55:5b:44:3d:45:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155daddb871b9d6a53cd6b47f776250837f7774
Validity
Not Before: Jan 1 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7af28150ddbf39839b38fed1cf618accdbbf920f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:91:7b:8c:7c:20:ee:cd:55:58:02:8b:ad:c7:
44:31:bc:21:07:5b:ad:7c:6c:83:6a:5c:65:f9:b6:
38:94:c6:44:00:2c:1d:1c:d0:31:ba:bf:6f:ec:41:
ac:1a:0b:de:3f:8b:e3:ed:dc:63:fc:bf:e0:f4:1c:
fc:a9:64:34:ef:f9:5e:3e:8b:b3:40:cc:4e:36:0d:
14:ce:ea:63:7c:ca:9e:e5:24:44:ad:c3:2d:7e:54:
ab:81:18:1a:46:c7:f0:d7:8d:61:21:c0:16:b1:9c:
78:bb:da:1b:41:32:ef:7f:d0:02:16:9b:36:bf:2a:
5e:6c:0a:a2:bb:46:76:8f:b6:74:1a:c1:55:fb:e2:
12:31:32:75:60:b4:23:68:0d:2a:3f:08:a0:ce:71:
f4:00:52:6d:0a:3f:90:b6:6c:e2:89:1c:33:70:b7:
d5:57:7c:b7:2f:ab:34:d1:47:4f:11:e0:65:6b:93:
22:2e:ee:8b:68:ea:0b:50:b8:79:be:16:17:5c:a6:
93:de:9f:ef:bc:19:1f:db:72:1e:da:8c:5e:dc:9e:
e2:52:9e:60:42:2f:e7:51:89:b1:58:cf:72:47:1e:
53:22:f1:8d:2a:d0:14:6c:d8:a6:ed:11:d0:71:e1:
5b:6d:ca:75:d4:96:ba:c5:73:8e:c2:09:46:22:38:
68:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F2:81:50:DD:BF:39:83:9B:38:FE:D1:CF:61:8A:CC:DB:BF:92:0F
X509v3 Authority Key Identifier:
keyid:B1:55:DA:DD:B8:71:B9:D6:A5:3C:D6:B4:7F:77:62:50:83:7F:77:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVXa3bhxudalPNa0f3diUIN_d3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/evKBUN2_OYObOP7Rz2GKzNu_kg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/8fd6e7-496f-47cf-80fb-5468b2cf0a77/1/sVXa3bhxudalPNa0f3diUIN_d3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.150.0.0/16
31.184.0.0/18
31.187.112.0/20
37.138.0.0/16
62.89.160.0/19
80.66.0.0/19
80.228.0.0/16
82.149.160.0/19
85.8.64.0/18
85.16.0.0/16
87.245.0.0/18
89.166.128.0/17
89.233.64.0/19
90.153.0.0/17
91.96.0.0/15
91.248.0.0/15
92.252.0.0/17
95.33.0.0/16
178.142.0.0/16
188.118.128.0/18
212.6.64.0/18
212.95.96.0/19
213.168.192.0/19
213.170.160.0/19
213.182.96.0/19
213.183.160.0/19
213.252.128.0/18
IPv6:
2a00:1470::/32
2a02:8020::/30
2a02:8200::/27
Signature Algorithm: sha256WithRSAEncryption
26:09:5e:b3:7e:90:c3:09:f6:20:90:2b:10:3b:ac:d3:cb:c1:
2e:ff:84:9e:b5:88:32:00:78:19:32:e4:d3:87:55:e7:83:cb:
de:00:03:e4:53:da:4a:af:e9:56:6d:12:95:0f:90:3f:2c:ce:
72:cd:d2:07:06:03:79:74:51:84:8d:02:8f:a9:85:a3:05:50:
4f:b4:76:39:4c:dd:b3:0e:80:c2:1b:d8:ee:65:f3:a1:06:2f:
f6:fa:84:0b:e0:05:66:e2:78:cd:49:f3:5e:8e:f2:9c:df:be:
a9:1a:4c:09:80:51:0b:40:e9:4e:da:e5:c7:a7:f7:55:db:21:
6b:79:8a:3a:cb:7e:7e:5c:97:c3:ef:9f:1d:4f:2a:77:5b:b5:
6e:3e:45:4f:0e:ee:c1:66:69:ed:34:d3:93:97:c8:00:4c:04:
73:2e:cb:0b:ff:39:7a:33:61:71:a1:fd:0c:29:ce:af:dc:47:
09:af:59:6c:8d:14:70:99:d3:55:d6:26:21:84:49:28:6a:2c:
cf:78:ba:2a:c4:08:9b:95:e8:5b:48:01:76:fc:42:bc:e2:51:
69:9b:29:65:ad:1c:95:31:e8:20:c9:02:ca:0d:86:11:b4:a5:
4a:fe:e0:c7:9b:4a:4d:ea:ba:28:4f:ea:f9:37:f0:e9:1a:12:
ce:69:ef:5f
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYzCbQnzDUqWi4thVVtEPUW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTVkYWRkYjg3MWI5ZDZhNTNjZDZiNDdmNzc2MjUwODM3
Zjc3NzQwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWYyODE1MGRkYmYzOTgzOWIzOGZlZDFjZjYxOGFjY2RiYmY5MjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpF7jHwg7s1VWAKLrcdEMbwhB1ut
fGyDalxl+bY4lMZEACwdHNAxur9v7EGsGgveP4vj7dxj/L/g9Bz8qWQ07/lePouz
QMxONg0UzupjfMqe5SRErcMtflSrgRgaRsfw141hIcAWsZx4u9obQTLvf9ACFps2
vypebAqiu0Z2j7Z0GsFV++ISMTJ1YLQjaA0qPwigznH0AFJtCj+QtmziiRwzcLfV
V3y3L6s00UdPEeBla5MiLu6LaOoLULh5vhYXXKaT3p/vvBkf23Ie2oxe3J7iUp5g
Qi/nUYmxWM9yRx5TIvGNKtAUbNim7RHQceFbbcp11Ja6xXOOwglGIjhonwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFHrygVDdvzmDmzj+0c9hiszbv5IPMB8GA1UdIwQY
MBaAFLFV2t24cbnWpTzWtH93YlCDf3d0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmIt
NTQ2OGIyY2YwYTc3LzEvZXZLQlVOMl9PWU9iT1A3UnoyR0t6TnVfa2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84ZmQ2ZTctNDk2Zi00N2NmLTgwZmItNTQ2OGIyY2YwYTc3
LzEvc1ZYYTNiaHh1ZGFsUE5hMGYzZGlVSU5fZDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBoQQCAAEwgZoDAwAf
lgMEBh+4AAMEBB+7cAMDACWKAwQFPlmgAwQFUEIAAwMAUOQDBAVSlaADBAZVCEAD
AwBVEAMEBlf1AAMEB1mmgAMEBVnpQAMEB1qZAAMDAVtgAwMBW/gDBAdc/AADAwBf
IQMDALKOAwQGvHaAAwQG1AZAAwQF1F9gAwQF1ajAAwQF1aqgAwQF1bZgAwQF1beg
AwQG1fyAMBsEAgACMBUDBQAqABRwAwUCKgKAIAMFBSoCggAwDQYJKoZIhvcNAQEL
BQADggEBACYJXrN+kMMJ9iCQKxA7rNPLwS7/hJ61iDIAeBky5NOHVeeDy94AA+RT
2kqv6VZtEpUPkD8sznLN0gcGA3l0UYSNAo+phaMFUE+0djlM3bMOgMIb2O5l86EG
L/b6hAvgBWbieM1J816O8pzfvqkaTAmAUQtA6U7a5cen91XbIWt5ijrLfn5cl8Pv
nx1PKndbtW4+RU8O7sFmae0005OXyABMBHMuywv/OXozYXGh/Qwpzq/cRwmvWWyN
FHCZ01XWJiGESShqLM94uirECJuV6FtIAXb8QrziUWmbKWWtHJUx6CDJAsoNhhG0
pUr+4MebSk3quihP6vk38OkaEs5p718=
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:58:11 2024 by rpki-client on console-fra.rpki-client.org