Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/x_6Y5VMdqgw_H1J-edkEmvIJdS0.roa
File: x_6Y5VMdqgw_H1J-edkEmvIJdS0.roa (raw, json)
Hash identifier: GhQDGG/3k0WR17GfJj0PtGCVipoxlwZCTWTDyTqVyvU=
Subject key identifier: C7:FE:98:E5:53:1D:AA:0C:3F:1F:52:7E:79:D9:04:9A:F2:09:75:2D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 018F2E615A24C6AD1027AC5442A43C362EBF
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/x_6Y5VMdqgw_H1J-edkEmvIJdS0.roa
Signing time: Tue 30 Apr 2024 09:41:22 +0000
ROA not before: Tue 30 Apr 2024 09:41:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12586
IP address blocks: 5.83.128.0/20 maxlen: 32
5.83.151.0/24 maxlen: 32
5.175.128.0/17 maxlen: 32
5.175.255.0/24 maxlen: 32
5.230.0.0/15 maxlen: 32
5.230.6.0/24 maxlen: 32
5.230.11.0/24 maxlen: 32
5.230.102.0/24 maxlen: 32
5.230.224.0/24 maxlen: 32
5.231.233.0/24 maxlen: 32
77.90.0.0/18 maxlen: 32
83.243.80.0/21 maxlen: 32
85.93.0.0/19 maxlen: 32
85.93.20.0/24 maxlen: 32
85.118.160.0/21 maxlen: 32
87.239.128.0/21 maxlen: 32
89.106.64.0/19 maxlen: 32
89.144.0.0/18 maxlen: 32
94.103.160.0/20 maxlen: 32
94.249.128.0/17 maxlen: 32
95.215.32.0/22 maxlen: 32
178.18.144.0/20 maxlen: 32
178.18.151.0/24 maxlen: 32
185.13.156.0/22 maxlen: 32
185.47.140.0/24 maxlen: 32
185.47.141.0/24 maxlen: 32
185.121.71.0/24 maxlen: 32
193.28.251.0/24 maxlen: 32
195.110.14.0/23 maxlen: 32
217.69.160.0/20 maxlen: 32
2a00:12d8::/29 maxlen: 128
2a00:19d0::/29 maxlen: 128
2a00:cdc0::/32 maxlen: 128
2a01:bd40::/29 maxlen: 128
2a02:7a0::/29 maxlen: 128
2a02:2fc0::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:61:5a:24:c6:ad:10:27:ac:54:42:a4:3c:36:2e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 30 09:41:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7fe98e5531daa0c3f1f527e79d9049af209752d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ca:45:51:45:be:30:c0:d7:e9:20:9c:42:99:
de:69:e7:d1:cf:26:6c:fb:aa:56:72:7d:d5:6d:c6:
5e:40:9e:16:b6:58:eb:9d:ec:0e:4f:05:99:1c:aa:
a0:76:99:e7:6a:92:1d:0e:4e:58:6d:f8:b1:14:01:
b7:15:03:12:e1:18:97:20:c0:bd:6a:0b:1c:e1:41:
54:44:fb:c7:23:9a:9b:44:4a:82:79:66:19:a3:27:
d4:90:07:67:82:54:bf:f6:5f:38:0d:33:96:8f:b9:
26:58:f9:d1:7d:02:0a:dd:b9:82:69:04:41:5e:f3:
80:b2:4c:ac:9a:12:f2:f9:8f:54:68:a9:1b:62:07:
84:a3:b0:91:4d:4e:d0:62:a1:0e:7a:fc:65:f9:4e:
62:4a:19:b9:b3:e3:c0:8f:7a:e6:a6:77:c3:30:26:
f4:ba:c0:91:70:b3:f9:ac:73:66:df:24:c0:f5:cd:
f1:23:e6:2d:15:71:9a:ee:a4:25:81:bd:7e:63:b2:
5d:4c:a5:f8:85:71:00:03:2b:b7:1d:e8:02:f3:3c:
2d:eb:89:80:79:88:ef:2d:46:ea:9e:0b:08:fb:5b:
36:b6:1b:b2:f6:ca:8b:55:a9:7b:22:d2:ee:b7:24:
dd:27:75:df:7f:22:fc:14:7f:ff:69:5e:1d:e1:7c:
72:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FE:98:E5:53:1D:AA:0C:3F:1F:52:7E:79:D9:04:9A:F2:09:75:2D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/x_6Y5VMdqgw_H1J-edkEmvIJdS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/20
5.83.151.0/24
5.175.128.0/17
5.230.0.0/15
77.90.0.0/18
83.243.80.0/21
85.93.0.0/19
85.118.160.0/21
87.239.128.0/21
89.106.64.0/19
89.144.0.0/18
94.103.160.0/20
94.249.128.0/17
95.215.32.0/22
178.18.144.0/20
185.13.156.0/22
185.47.140.0/23
185.121.71.0/24
193.28.251.0/24
195.110.14.0/23
217.69.160.0/20
IPv6:
2a00:12d8::/29
2a00:19d0::/29
2a00:cdc0::/32
2a01:bd40::/29
2a02:7a0::/29
2a02:2fc0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:7f:7e:e8:e1:79:f8:bc:e5:40:0c:b6:3b:14:ca:a9:8e:6b:
77:bf:7f:7c:88:cd:6a:1b:59:26:92:a7:c9:e1:c5:59:10:1c:
02:6d:36:84:c0:d1:d3:4a:20:28:2c:af:69:c2:63:5e:a3:10:
b3:3e:8a:61:96:b6:0a:2f:dd:ac:94:64:57:c3:9a:e0:76:56:
bb:3e:08:c6:b3:89:5b:ca:5f:3c:4f:d8:41:c5:12:21:d6:75:
0e:2a:cd:bd:2f:74:c4:9b:cc:6b:d8:fa:94:30:c9:e4:fa:36:
43:93:e8:fc:89:ce:24:bc:4c:4e:eb:05:7a:a2:66:ba:bd:3e:
79:9f:73:65:b2:d5:fd:b0:3d:a3:2b:fb:c0:51:f9:0c:b5:29:
6e:bd:b1:99:c7:53:8c:20:b1:a8:32:02:d9:87:7c:e0:58:e3:
a5:b3:d8:77:1f:a3:ea:34:6c:7f:80:dd:66:12:c0:b3:5b:b3:
8a:2f:d1:62:3d:b4:7e:86:4c:6e:12:83:c8:60:75:a1:16:3e:
0d:c7:0a:a0:55:10:e3:59:8f:85:43:0b:a2:9d:a9:5f:43:5e:
ee:f8:a7:bb:0b:07:51:90:91:31:09:7d:5f:03:ef:53:fe:1d:
f2:6a:fc:20:90:05:16:a6:67:97:56:04:8b:12:e0:31:39:57:
b9:3a:04:af
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAY8uYVokxq0QJ6xUQqQ8Ni6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwNDMwMDk0MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2ZlOThlNTUzMWRhYTBjM2YxZjUyN2U3OWQ5MDQ5YWYyMDk3NTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58pFUUW+MMDX6SCcQpneaefRzyZs
+6pWcn3VbcZeQJ4WtljrnewOTwWZHKqgdpnnapIdDk5YbfixFAG3FQMS4RiXIMC9
agsc4UFURPvHI5qbREqCeWYZoyfUkAdnglS/9l84DTOWj7kmWPnRfQIK3bmCaQRB
XvOAskysmhLy+Y9UaKkbYgeEo7CRTU7QYqEOevxl+U5iShm5s+PAj3rmpnfDMCb0
usCRcLP5rHNm3yTA9c3xI+YtFXGa7qQlgb1+Y7JdTKX4hXEAAyu3HegC8zwt64mA
eYjvLUbqngsI+1s2thuy9sqLVal7ItLutyTdJ3XffyL8FH//aV4d4Xxy7QIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFMf+mOVTHaoMPx9SfnnZBJryCXUtMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEveF82WTVWTWRxZ3dfSDFKLWVka0VtdklKZFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBgwQCAAEwfQMEBAVT
gAMEAAVTlwMEBwWvgAMDAQXmAwQGTVoAAwQDU/NQAwQFVV0AAwQDVXagAwQDV++A
AwQFWWpAAwQGWZAAAwQEXmegAwQHXvmAAwQCX9cgAwQEshKQAwQCuQ2cAwQBuS+M
AwQAuXlHAwQAwRz7AwQBw24OAwQE2UWgMDAEAgACMCoDBQMqABLYAwUDKgAZ0AMF
ACoAzcADBQMqAb1AAwUDKgIHoAMFAyoCL8AwDQYJKoZIhvcNAQELBQADggEBAIt/
fujhefi85UAMtjsUyqmOa3e/f3yIzWobWSaSp8nhxVkQHAJtNoTA0dNKICgsr2nC
Y16jELM+imGWtgov3ayUZFfDmuB2Vrs+CMaziVvKXzxP2EHFEiHWdQ4qzb0vdMSb
zGvY+pQwyeT6NkOT6PyJziS8TE7rBXqiZrq9Pnmfc2Wy1f2wPaMr+8BR+Qy1KW69
sZnHU4wgsagyAtmHfOBY46Wz2Hcfo+o0bH+A3WYSwLNbs4ov0WI9tH6GTG4Sg8hg
daEWPg3HCqBVEONZj4VDC6KdqV9DXu74p7sLB1GQkTEJfV8D71P+HfJq/CCQBRam
Z5dWBIsS4DE5V7k6BK8=
-----END CERTIFICATE-----
Generated at Sun May 19 21:00:14 2024 by rpki-client on console-ams.rpki-client.org