Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/S6hMDt_xtzbps5qC__5nlnhVq-s.roa
File: S6hMDt_xtzbps5qC__5nlnhVq-s.roa (raw, json)
Hash identifier: Th31g7mmxwd+ktvsBAgr9JBNfYWckLdkXB1LP+asPQM=
Subject key identifier: 4B:A8:4C:0E:DF:F1:B7:36:E9:B3:9A:82:FF:FE:67:96:78:55:AB:EB
Certificate issuer: /CN=115dbc00433e29f2adeb038fea2fbd7048fb632f
Certificate serial: 018F86098FAC0237B199ED90D3C1A01F0667
Authority key identifier: 11:5D:BC:00:43:3E:29:F2:AD:EB:03:8F:EA:2F:BD:70:48:FB:63:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/S6hMDt_xtzbps5qC__5nlnhVq-s.roa
Signing time: Fri 17 May 2024 10:12:04 +0000
ROA not before: Fri 17 May 2024 10:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 31.164.0.0/15 maxlen: 16
62.167.0.0/16 maxlen: 16
62.167.0.0/17 maxlen: 17
84.226.0.0/15 maxlen: 16
89.217.0.0/16 maxlen: 16
178.38.0.0/15 maxlen: 16
188.154.0.0/15 maxlen: 16
193.192.224.0/19 maxlen: 19
194.158.224.0/19 maxlen: 19
194.230.0.0/16 maxlen: 16
194.230.144.0/20 maxlen: 20
195.112.64.0/19 maxlen: 19
195.141.0.0/16 maxlen: 16
212.35.32.0/19 maxlen: 19
212.98.32.0/19 maxlen: 19
212.161.128.0/17 maxlen: 17
2001:1700::/27 maxlen: 27
2001:1700::/28 maxlen: 28
2001:1710::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.mft
rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:09:8f:ac:02:37:b1:99:ed:90:d3:c1:a0:1f:06:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=115dbc00433e29f2adeb038fea2fbd7048fb632f
Validity
Not Before: May 17 10:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ba84c0edff1b736e9b39a82fffe67967855abeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b9:05:99:84:5f:57:58:cd:ba:6b:7e:5a:b4:
a0:74:f3:7f:7a:59:80:c9:0d:78:a2:27:03:3c:cd:
73:45:0e:05:6c:dc:8d:98:3c:33:1b:66:de:24:21:
b6:3c:f0:d7:18:e9:ca:1d:b7:de:3e:c9:e0:ea:56:
cf:36:fc:6d:94:2a:86:f3:5b:87:0d:92:35:8e:8a:
22:03:ef:f1:83:6a:c4:76:45:ac:cc:2b:5a:52:23:
c5:3b:00:97:6e:5b:28:84:17:8e:f7:67:ba:5b:3b:
00:e4:42:76:fe:c9:20:ee:5c:8a:49:a1:7d:f7:f0:
a8:9a:dd:51:98:6e:cb:45:50:e4:79:80:b8:1b:57:
60:1a:43:01:6c:b7:b5:9b:f9:95:0f:f1:82:49:b9:
b0:6f:27:e8:ea:fe:01:0a:00:bc:74:35:8c:f4:ef:
fc:5b:af:1a:c5:ba:5b:1e:dc:6f:ee:8e:0b:c5:cb:
2a:85:3c:f1:4a:ad:27:91:8e:0e:bf:46:3e:e0:c2:
5d:d9:35:de:b2:fb:01:ec:2a:80:a0:4c:71:21:39:
11:3a:fe:29:19:02:de:5f:90:97:a3:92:01:c5:4a:
8d:14:9a:e5:53:a7:75:d9:40:94:f7:24:0b:f4:49:
4d:c5:30:cc:0f:42:24:33:33:c1:95:64:1b:83:80:
7c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A8:4C:0E:DF:F1:B7:36:E9:B3:9A:82:FF:FE:67:96:78:55:AB:EB
X509v3 Authority Key Identifier:
keyid:11:5D:BC:00:43:3E:29:F2:AD:EB:03:8F:EA:2F:BD:70:48:FB:63:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/S6hMDt_xtzbps5qC__5nlnhVq-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.164.0.0/15
62.167.0.0/16
84.226.0.0/15
89.217.0.0/16
178.38.0.0/15
188.154.0.0/15
193.192.224.0/19
194.158.224.0/19
194.230.0.0/16
195.112.64.0/19
195.141.0.0/16
212.35.32.0/19
212.98.32.0/19
212.161.128.0/17
IPv6:
2001:1700::/27
Signature Algorithm: sha256WithRSAEncryption
5d:7a:30:c9:01:7c:15:d7:9d:db:6d:c5:9d:32:28:2c:f4:36:
41:20:6e:7c:79:83:49:7e:b4:d0:ec:71:0d:e5:19:02:08:af:
e6:19:a3:ef:e1:cf:ee:f0:d4:fc:36:a6:52:e3:89:65:f5:30:
fa:85:c2:88:e1:8a:72:a4:dc:6f:8a:24:f4:71:e7:e5:78:d4:
8d:07:a7:33:7a:10:c4:f5:84:3d:12:9d:43:a1:76:4d:ef:2f:
5a:69:2c:f7:fa:2d:f9:0e:73:64:7c:4d:65:f2:fe:72:ce:85:
1f:cc:ef:65:76:07:1c:e7:96:da:e4:ae:72:df:d7:8e:f2:b0:
05:65:34:77:eb:46:66:dc:5a:0f:cd:47:bd:9f:dd:84:66:cb:
3f:34:37:47:ae:07:49:2e:3b:a8:7a:17:52:bc:a6:51:7c:67:
ae:68:fb:2c:28:4d:41:e0:03:e4:c7:88:26:f5:ef:5a:96:4f:
25:b3:b4:57:c2:f3:5f:74:7c:39:f6:07:58:30:e9:03:82:5a:
7a:7e:8f:48:10:ab:b0:3a:d5:0c:d0:62:ad:01:de:39:ec:b0:
e7:d4:17:a7:ff:b6:c0:cd:24:13:b7:8e:2b:d5:0d:69:c6:6f:
5d:cd:25:bf:39:2e:2e:e6:5e:04:fe:17:7f:bb:99:53:0b:94:
00:69:9d:11
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAY+GCY+sAjexme2Q08GgHwZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNWRiYzAwNDMzZTI5ZjJhZGViMDM4ZmVhMmZiZDcwNDhm
YjYzMmYwHhcNMjQwNTE3MTAxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmE4NGMwZWRmZjFiNzM2ZTliMzlhODJmZmZlNjc5Njc4NTVhYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7kFmYRfV1jNumt+WrSgdPN/elmA
yQ14oicDPM1zRQ4FbNyNmDwzG2beJCG2PPDXGOnKHbfePsng6lbPNvxtlCqG81uH
DZI1jooiA+/xg2rEdkWszCtaUiPFOwCXblsohBeO92e6WzsA5EJ2/skg7lyKSaF9
9/Comt1RmG7LRVDkeYC4G1dgGkMBbLe1m/mVD/GCSbmwbyfo6v4BCgC8dDWM9O/8
W68axbpbHtxv7o4LxcsqhTzxSq0nkY4Ov0Y+4MJd2TXesvsB7CqAoExxITkROv4p
GQLeX5CXo5IBxUqNFJrlU6d12UCU9yQL9ElNxTDMD0IkMzPBlWQbg4B8dwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFEuoTA7f8bc26bOagv/+Z5Z4VavrMB8GA1UdIwQY
MBaAFBFdvABDPinyresDj+ovvXBI+2MvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVYyOEFFTS1LZkt0NndPUDZpLTljRWo3WXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC82NWE3MWQtMDIzNi00NGQ1LThjZTkt
MjI5YjRhZTc0MmRlLzEvUzZoTUR0X3h0emJwczVxQ19fNW5sbmhWcS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC82NWE3MWQtMDIzNi00NGQ1LThjZTktMjI5YjRhZTc0MmRl
LzEvRVYyOEFFTS1LZkt0NndPUDZpLTljRWo3WXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwMBH6QDAwA+
pwMDAVTiAwMAWdkDAwGyJgMDAbyaAwQFwcDgAwQFwp7gAwMAwuYDBAXDcEADAwDD
jQMEBdQjIAMEBdRiIAMEB9ShgDANBAIAAjAHAwUFIAEXADANBgkqhkiG9w0BAQsF
AAOCAQEAXXowyQF8Fded223FnTIoLPQ2QSBufHmDSX600OxxDeUZAgiv5hmj7+HP
7vDU/DamUuOJZfUw+oXCiOGKcqTcb4ok9HHn5XjUjQenM3oQxPWEPRKdQ6F2Te8v
Wmks9/ot+Q5zZHxNZfL+cs6FH8zvZXYHHOeW2uSuct/XjvKwBWU0d+tGZtxaD81H
vZ/dhGbLPzQ3R64HSS47qHoXUrymUXxnrmj7LChNQeAD5MeIJvXvWpZPJbO0V8Lz
X3R8OfYHWDDpA4Jaen6PSBCrsDrVDNBirQHeOeyw59QXp/+2wM0kE7eOK9UNacZv
Xc0lvzkuLuZeBP4Xf7uZUwuUAGmdEQ==
-----END CERTIFICATE-----
Generated at Sun Jun 2 23:10:05 2024 by rpki-client on console-fra.rpki-client.org