Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/bBa0MdpvqFa-gva0WZoeKrRVYYc.roa
File: bBa0MdpvqFa-gva0WZoeKrRVYYc.roa (raw, json)
Hash identifier: yS450Ufo5bHV8Ya4e4plryxnsuW2Q/lR0xzbbCzTsHo=
Subject key identifier: 6C:16:B4:31:DA:6F:A8:56:BE:82:F6:B4:59:9A:1E:2A:B4:55:61:87
Certificate issuer: /CN=b011022187e3395a1524fa1a7541ea793285afc2
Certificate serial: 018CC348AFF4D46CBC68B006C1C134B1430E
Authority key identifier: B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/bBa0MdpvqFa-gva0WZoeKrRVYYc.roa
Signing time: Mon 01 Jan 2024 04:29:29 +0000
ROA not before: Mon 01 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39308
IP address blocks: 46.21.80.0/20 maxlen: 20
185.56.96.0/22 maxlen: 24
176.12.64.0/20 maxlen: 20
109.109.32.0/19 maxlen: 19
89.144.130.0/24 maxlen: 24
89.144.128.0/18 maxlen: 24
109.109.48.0/24 maxlen: 24
159.20.96.0/20 maxlen: 20
2a00:1570::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/sBECIYfjOVoVJPoadUHqeTKFr8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/sBECIYfjOVoVJPoadUHqeTKFr8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:af:f4:d4:6c:bc:68:b0:06:c1:c1:34:b1:43:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b011022187e3395a1524fa1a7541ea793285afc2
Validity
Not Before: Jan 1 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c16b431da6fa856be82f6b4599a1e2ab4556187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0c:39:5c:7e:09:e7:e7:2e:4f:8c:cb:79:da:
db:da:cb:a1:69:c6:47:a0:7d:e8:e2:4f:da:6f:ac:
f4:c8:d9:f9:e9:8d:c6:46:4f:98:bd:3f:68:fd:a2:
4b:c0:0f:9b:d0:ac:8f:e9:28:2a:7e:25:d3:2d:8d:
26:e1:38:db:6c:21:fd:80:ac:39:e8:83:cf:23:5a:
73:75:e3:a7:a8:19:1c:ef:0c:e1:a9:04:d5:d1:93:
57:58:1d:4d:0c:0d:25:7a:ab:97:a2:e9:3d:f0:d7:
41:ff:53:91:f7:e5:2f:09:5b:72:de:4d:77:17:3d:
39:58:62:cd:13:e7:d7:4a:9e:59:d9:c0:f7:be:ad:
de:76:9c:fa:d6:de:7c:5f:a0:16:a3:d5:97:fa:8a:
d5:2a:2b:d3:39:80:3f:b3:52:10:03:19:26:4a:5c:
12:54:90:d2:1c:a0:01:d3:0e:36:36:8c:56:28:0f:
33:b8:57:53:d8:52:b6:fe:d8:0c:20:a3:70:f9:7f:
34:75:7d:0d:fa:b2:d3:90:6b:b7:68:32:5d:48:4d:
ba:6a:8f:b6:46:5c:8f:72:62:12:05:08:3b:3a:cc:
5c:64:6e:24:1c:b0:27:e8:a4:6a:fe:50:f3:f0:8e:
c0:ad:20:6c:3e:a4:8e:d3:b9:b5:a8:f3:a4:6c:6d:
c8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:16:B4:31:DA:6F:A8:56:BE:82:F6:B4:59:9A:1E:2A:B4:55:61:87
X509v3 Authority Key Identifier:
keyid:B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/bBa0MdpvqFa-gva0WZoeKrRVYYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/sBECIYfjOVoVJPoadUHqeTKFr8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.80.0/20
89.144.128.0/18
109.109.32.0/19
159.20.96.0/20
176.12.64.0/20
185.56.96.0/22
IPv6:
2a00:1570::/32
Signature Algorithm: sha256WithRSAEncryption
10:d8:5c:a3:fb:07:cd:56:db:e4:cd:04:4c:80:9d:f4:0c:b8:
cd:48:2a:a3:58:90:a6:b7:b5:e6:87:93:fa:38:c4:d7:e0:70:
ed:10:0f:5e:11:8c:36:76:50:46:d1:7c:c1:6b:8c:39:ff:ab:
f7:1e:86:9e:ad:a4:9c:c6:06:59:44:e4:93:d8:3a:e2:f0:5c:
64:ad:61:80:b6:e7:77:38:2f:64:11:af:f9:ad:55:ad:f6:a3:
8c:e8:ec:cf:fd:3d:81:2d:4b:4f:43:87:2b:e7:3f:d2:fb:db:
5b:4d:57:27:39:fb:f7:93:14:11:5b:d3:81:5f:91:45:ea:bc:
2b:9f:bc:1e:c5:ee:e8:b1:c6:9c:30:04:bf:21:b3:44:7b:69:
63:ad:55:e0:a7:c2:d2:41:49:73:b6:9b:fc:02:7f:74:5d:05:
22:df:40:3c:fe:1e:e0:2f:da:27:e0:d6:e0:5e:55:c3:7c:71:
c4:53:f2:ac:36:b8:14:e1:6d:bc:05:11:5a:99:2a:13:78:38:
bf:86:31:ee:26:fe:b0:bc:69:d2:6a:09:d0:9e:86:1f:03:cb:
ac:fc:25:b5:92:4f:65:b1:19:10:d1:b2:3b:3d:d5:7a:fe:e5:
29:98:d6:8c:19:24:ce:e6:61:19:fc:de:67:c0:04:f5:81:3c:
cc:c7:2d:8d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzDSK/01Gy8aLAGwcE0sUMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMTEwMjIxODdlMzM5NWExNTI0ZmExYTc1NDFlYTc5MzI4
NWFmYzIwHhcNMjQwMTAxMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzE2YjQzMWRhNmZhODU2YmU4MmY2YjQ1OTlhMWUyYWI0NTU2MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAw5XH4J5+cuT4zLedrb2suhacZH
oH3o4k/ab6z0yNn56Y3GRk+YvT9o/aJLwA+b0KyP6SgqfiXTLY0m4TjbbCH9gKw5
6IPPI1pzdeOnqBkc7wzhqQTV0ZNXWB1NDA0lequXouk98NdB/1OR9+UvCVty3k13
Fz05WGLNE+fXSp5Z2cD3vq3edpz61t58X6AWo9WX+orVKivTOYA/s1IQAxkmSlwS
VJDSHKAB0w42NoxWKA8zuFdT2FK2/tgMIKNw+X80dX0N+rLTkGu3aDJdSE26ao+2
RlyPcmISBQg7OsxcZG4kHLAn6KRq/lDz8I7ArSBsPqSO07m1qPOkbG3IKQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGwWtDHab6hWvoL2tFmaHiq0VWGHMB8GA1UdIwQY
MBaAFLARAiGH4zlaFST6GnVB6nkyha/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0JFQ0lZZmpPVm9WSlBvYWRVSHFlVEtGcjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lOGJiZDItMTM2MS00MWEzLTkwZjAt
NTMzNGU2YjhjNWZlLzEvYkJhME1kcHZxRmEtZ3ZhMFdab2VLclJWWVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9lOGJiZDItMTM2MS00MWEzLTkwZjAtNTMzNGU2YjhjNWZl
LzEvc0JFQ0lZZmpPVm9WSlBvYWRVSHFlVEtGcjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQELhVQAwQG
WZCAAwQFbW0gAwQEnxRgAwQEsAxAAwQCuThgMA0EAgACMAcDBQAqABVwMA0GCSqG
SIb3DQEBCwUAA4IBAQAQ2Fyj+wfNVtvkzQRMgJ30DLjNSCqjWJCmt7Xmh5P6OMTX
4HDtEA9eEYw2dlBG0XzBa4w5/6v3HoaeraScxgZZROST2Dri8FxkrWGAtud3OC9k
Ea/5rVWt9qOM6OzP/T2BLUtPQ4cr5z/S+9tbTVcnOfv3kxQRW9OBX5FF6rwrn7we
xe7oscacMAS/IbNEe2ljrVXgp8LSQUlztpv8An90XQUi30A8/h7gL9on4NbgXlXD
fHHEU/KsNrgU4W28BRFamSoTeDi/hjHuJv6wvGnSagnQnoYfA8us/CW1kk9lsRkQ
0bI7PdV6/uUpmNaMGSTO5mEZ/N5nwAT1gTzMxy2N
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:40:22 2024 by rpki-client on console-fra.rpki-client.org