Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/PW2l62gIjChnLshhpVuG3zZpKXE.roa
File: PW2l62gIjChnLshhpVuG3zZpKXE.roa (raw, json)
Hash identifier: Y8YmkV9UVCvt/2MH8WNFDQ167oSpsbzkJB4fjYkty1k=
Subject key identifier: 3D:6D:A5:EB:68:08:8C:28:67:2E:C8:61:A5:5B:86:DF:36:69:29:71
Certificate issuer: /CN=0d69e3ee55dd862674d458661ba34908b0617fa1
Certificate serial: 0191B72BBD4E47F8BD8AE4745C656B9EA8B0
Authority key identifier: 0D:69:E3:EE:55:DD:86:26:74:D4:58:66:1B:A3:49:08:B0:61:7F:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/PW2l62gIjChnLshhpVuG3zZpKXE.roa
Signing time: Tue 03 Sep 2024 09:16:22 +0000
ROA not before: Tue 03 Sep 2024 09:16:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60294
IP address blocks: 46.245.216.0/21 maxlen: 21
94.31.64.0/18 maxlen: 18
94.31.67.0/24 maxlen: 24
94.31.68.0/22 maxlen: 22
94.31.72.0/22 maxlen: 22
94.31.80.0/20 maxlen: 20
94.31.92.0/23 maxlen: 23
94.31.94.0/23 maxlen: 23
94.31.96.0/20 maxlen: 20
94.31.108.0/22 maxlen: 22
94.31.112.0/23 maxlen: 23
94.31.114.0/23 maxlen: 23
94.31.116.0/22 maxlen: 22
150.5.0.0/18 maxlen: 24
185.7.196.0/22 maxlen: 22
185.22.44.0/22 maxlen: 22
185.22.44.0/24 maxlen: 24
185.22.45.0/24 maxlen: 24
185.22.140.0/22 maxlen: 22
185.113.120.0/22 maxlen: 22
185.158.40.0/22 maxlen: 22
185.158.41.0/24 maxlen: 24
2a00:6020::/32 maxlen: 32
2a00:6020:0:21::/64 maxlen: 64
2a00:61e0::/32 maxlen: 32
2a03:fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:2b:bd:4e:47:f8:bd:8a:e4:74:5c:65:6b:9e:a8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d69e3ee55dd862674d458661ba34908b0617fa1
Validity
Not Before: Sep 3 09:16:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d6da5eb68088c28672ec861a55b86df36692971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:cf:7c:6a:40:7b:50:d3:b1:b2:53:68:b1:f5:
1a:36:5c:2d:7f:f7:25:eb:ee:c8:c4:ee:c1:9b:3d:
ff:64:7a:ea:18:94:65:40:21:6e:a4:c6:9e:d8:76:
25:7d:b8:68:ee:85:48:b3:9f:6d:e0:62:e3:d1:47:
1f:51:66:00:bf:88:12:c9:2f:e0:07:06:07:96:e9:
2d:3c:b1:78:8e:ca:b9:d6:3d:0c:b1:0e:f8:74:5a:
a3:21:f3:ec:f9:8b:85:ef:e7:ef:be:46:6e:c6:63:
81:eb:f6:f0:5f:ad:63:84:4f:69:97:51:2a:78:dc:
f6:7b:9f:7d:74:fa:72:8b:48:c5:46:e6:81:3d:fd:
0f:e2:c4:33:f2:20:be:bd:af:a7:59:6d:a8:c2:1e:
b4:19:51:45:7e:40:3b:c6:5f:98:99:b8:76:33:99:
6a:e1:7c:2e:a1:61:67:34:e4:cf:4c:b4:3d:22:61:
32:c5:93:e3:38:98:46:c5:d6:0d:e4:0b:1e:78:65:
ea:64:8e:ca:d3:31:1a:91:29:f6:f0:32:dd:f6:b4:
f2:f2:5d:84:c8:9d:12:6b:a0:af:66:92:28:ff:4e:
a2:2a:5a:0f:a1:e2:b0:a2:15:d5:14:7d:66:a1:a4:
2b:d1:43:af:da:6c:c6:f0:bd:3e:57:72:22:0b:6c:
42:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6D:A5:EB:68:08:8C:28:67:2E:C8:61:A5:5B:86:DF:36:69:29:71
X509v3 Authority Key Identifier:
keyid:0D:69:E3:EE:55:DD:86:26:74:D4:58:66:1B:A3:49:08:B0:61:7F:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/PW2l62gIjChnLshhpVuG3zZpKXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.216.0/21
94.31.64.0/18
150.5.0.0/18
185.7.196.0/22
185.22.44.0/22
185.22.140.0/22
185.113.120.0/22
185.158.40.0/22
IPv6:
2a00:6020::/32
2a00:61e0::/32
2a03:fc0::/32
Signature Algorithm: sha256WithRSAEncryption
bb:70:84:92:ed:b7:44:05:f3:19:fd:20:c4:e3:83:fc:d5:30:
d3:f9:3c:6d:d9:9f:96:15:e3:3a:5a:7c:d7:db:c4:8a:65:06:
22:ac:67:5c:d4:04:20:de:f0:ae:39:35:c7:84:54:ba:63:f1:
c9:ca:b6:9a:c8:95:83:20:8d:88:05:23:b0:4d:69:d5:87:f9:
c8:b3:1f:03:d5:f9:40:fa:c2:d1:54:9b:07:fa:44:a3:b8:8f:
c0:db:d7:f8:5b:c4:0c:57:b4:81:7a:42:a9:eb:79:21:9a:97:
bb:83:df:92:66:03:e9:f6:18:92:f6:49:07:df:94:ca:5e:16:
1d:c1:d9:44:5b:13:cf:df:82:6d:00:03:4a:0d:d8:eb:b4:b9:
a3:18:fb:c4:36:82:80:39:47:d4:76:bc:27:55:5d:c7:a9:3b:
5c:0b:9d:a7:47:3f:f3:79:db:b0:09:14:23:0f:5f:be:a5:82:
c0:55:b2:0d:61:97:70:2d:f5:05:c7:01:15:e4:83:90:e6:b7:
98:52:52:88:24:ee:3c:56:8c:ac:93:c9:d2:8b:5e:3b:9e:bb:
57:43:52:a6:19:b0:51:58:42:49:97:fe:63:50:7c:b0:2f:42:
f9:9b:ca:ca:42:3c:12:e8:c4:58:5b:a3:6c:35:62:eb:4e:bc:
2b:c8:a5:b2
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZG3K71OR/i9iuR0XGVrnqiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNjllM2VlNTVkZDg2MjY3NGQ0NTg2NjFiYTM0OTA4YjA2
MTdmYTEwHhcNMjQwOTAzMDkxNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDZkYTVlYjY4MDg4YzI4NjcyZWM4NjFhNTViODZkZjM2NjkyOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAys98akB7UNOxslNosfUaNlwtf/cl
6+7IxO7Bmz3/ZHrqGJRlQCFupMae2HYlfbho7oVIs59t4GLj0UcfUWYAv4gSyS/g
BwYHluktPLF4jsq51j0MsQ74dFqjIfPs+YuF7+fvvkZuxmOB6/bwX61jhE9pl1Eq
eNz2e599dPpyi0jFRuaBPf0P4sQz8iC+va+nWW2owh60GVFFfkA7xl+Ymbh2M5lq
4XwuoWFnNOTPTLQ9ImEyxZPjOJhGxdYN5AseeGXqZI7K0zEakSn28DLd9rTy8l2E
yJ0Sa6CvZpIo/06iKloPoeKwohXVFH1moaQr0UOv2mzG8L0+V3IiC2xClQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFD1tpetoCIwoZy7IYaVbht82aSlxMB8GA1UdIwQY
MBaAFA1p4+5V3YYmdNRYZhujSQiwYX+hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFduajdsWGRoaVowMUZobUc2TkpDTEJoZjZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xZDJlZjgtYTg2ZS00NDZmLThjMzUt
YjgzM2JkOWUwYjNhLzEvUFcybDYyZ0lqQ2huTHNoaHBWdUczelpwS1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xZDJlZjgtYTg2ZS00NDZmLThjMzUtYjgzM2JkOWUwYjNh
LzEvRFduajdsWGRoaVowMUZobUc2TkpDTEJoZjZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA2BAIAATAwAwQDLvXYAwQG
Xh9AAwQGlgUAAwQCuQfEAwQCuRYsAwQCuRaMAwQCuXF4AwQCuZ4oMBsEAgACMBUD
BQAqAGAgAwUAKgBh4AMFACoDD8AwDQYJKoZIhvcNAQELBQADggEBALtwhJLtt0QF
8xn9IMTjg/zVMNP5PG3Zn5YV4zpafNfbxIplBiKsZ1zUBCDe8K45NceEVLpj8cnK
tprIlYMgjYgFI7BNadWH+cizHwPV+UD6wtFUmwf6RKO4j8Db1/hbxAxXtIF6Qqnr
eSGal7uD35JmA+n2GJL2SQfflMpeFh3B2URbE8/fgm0AA0oN2Ou0uaMY+8Q2goA5
R9R2vCdVXcepO1wLnadHP/N527AJFCMPX76lgsBVsg1hl3At9QXHARXkg5Dmt5hS
Uogk7jxWjKyTydKLXjueu1dDUqYZsFFYQkmX/mNQfLAvQvmbyspCPBLoxFhbo2w1
YutOvCvIpbI=
-----END CERTIFICATE-----
Generated at Fri Sep 20 18:33:12 2024 by rpki-client on console-ams.rpki-client.org