Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/1vtsNBXxjHxuFB986u-a-Qai2xk.roa
File: 1vtsNBXxjHxuFB986u-a-Qai2xk.roa (raw, json)
Hash identifier: VhS2AmG5HNy9rj6U9NWORkZQc7plpX64k1TFzVsyBX0=
Subject key identifier: D6:FB:6C:34:15:F1:8C:7C:6E:14:1F:7C:EA:EF:9A:F9:06:A2:DB:19
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 018F70EB41C48337A3F1DE8AE9DD64F2BB3E
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/1vtsNBXxjHxuFB986u-a-Qai2xk.roa
Signing time: Mon 13 May 2024 07:46:56 +0000
ROA not before: Mon 13 May 2024 07:46:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12334
IP address blocks: 77.26.0.0/18 maxlen: 18
77.26.64.0/18 maxlen: 18
77.26.128.0/18 maxlen: 18
77.26.192.0/18 maxlen: 18
77.27.0.0/18 maxlen: 18
77.27.64.0/18 maxlen: 18
77.27.128.0/18 maxlen: 18
77.27.192.0/18 maxlen: 18
83.165.0.0/18 maxlen: 18
83.165.64.0/18 maxlen: 18
83.165.128.0/18 maxlen: 18
83.165.192.0/18 maxlen: 18
91.116.64.0/18 maxlen: 18
91.116.128.0/18 maxlen: 18
91.116.192.0/18 maxlen: 18
91.117.0.0/18 maxlen: 18
91.117.64.0/18 maxlen: 18
91.117.128.0/18 maxlen: 18
91.117.192.0/18 maxlen: 18
92.53.192.0/19 maxlen: 19
178.60.0.0/18 maxlen: 18
178.60.128.0/18 maxlen: 18
178.60.192.0/18 maxlen: 18
212.51.32.0/19 maxlen: 19
213.60.0.0/18 maxlen: 18
213.60.64.0/18 maxlen: 18
213.60.128.0/18 maxlen: 18
213.60.192.0/18 maxlen: 18
2a00:bec0::/40 maxlen: 40
2a00:bec0:c800::/40 maxlen: 40
2a00:bec0:d000::/40 maxlen: 40
2a00:bec0:d800::/40 maxlen: 40
2a00:bec0:e000::/40 maxlen: 40
2a00:bec0:e800::/40 maxlen: 40
2a00:bec0:f000::/40 maxlen: 40
2a00:bec0:f800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.mft
rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:70:eb:41:c4:83:37:a3:f1:de:8a:e9:dd:64:f2:bb:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: May 13 07:46:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6fb6c3415f18c7c6e141f7ceaef9af906a2db19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:52:8d:1c:50:bc:ad:37:7b:3c:e9:5e:0e:d1:
45:2c:c9:5c:c4:bc:67:0b:db:c0:ac:c6:c7:88:20:
85:ad:91:4e:22:09:cc:ff:59:90:89:69:7c:0d:4c:
63:40:52:c4:12:b1:e1:75:3b:44:c7:ed:20:e4:19:
7d:bc:d3:98:a8:fc:88:28:e0:fc:3b:aa:71:d5:80:
ea:76:58:52:19:b2:9e:6b:ca:fc:83:38:be:4e:6d:
8f:30:a7:ee:5e:0b:ad:c5:23:46:6a:5d:f6:fc:77:
31:50:8c:c9:40:db:6d:e9:47:52:6b:9e:50:3f:05:
f5:2b:0b:e1:17:25:e6:22:b1:3a:19:87:53:58:67:
37:17:59:5a:96:26:0d:4d:37:d4:f8:62:bc:ce:0c:
33:38:22:a8:68:b7:4e:77:9e:2a:40:df:5c:6f:90:
1b:5b:0d:82:49:21:7f:8d:14:c8:21:a5:de:95:52:
75:7e:9b:89:5e:63:d9:d0:a7:b4:cc:6b:09:27:12:
9c:60:1e:01:2d:fe:6c:1e:52:57:8f:ef:3f:28:81:
01:c8:55:2f:04:1c:d1:d5:7f:3a:44:f0:8b:c3:d4:
43:db:a7:05:dc:76:55:9a:bf:7f:46:c5:41:16:c4:
87:5f:0c:23:ab:0d:42:b3:97:2e:c7:5f:9b:31:87:
6d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:FB:6C:34:15:F1:8C:7C:6E:14:1F:7C:EA:EF:9A:F9:06:A2:DB:19
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/1vtsNBXxjHxuFB986u-a-Qai2xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.26.0.0/15
83.165.0.0/16
91.116.64.0-91.117.255.255
92.53.192.0/19
178.60.0.0/18
178.60.128.0/17
212.51.32.0/19
213.60.0.0/16
IPv6:
2a00:bec0::/40
2a00:bec0:c800::/40
2a00:bec0:d000::/40
2a00:bec0:d800::/40
2a00:bec0:e000::/40
2a00:bec0:e800::/40
2a00:bec0:f000::/40
2a00:bec0:f800::/40
Signature Algorithm: sha256WithRSAEncryption
2d:6a:d2:1b:d8:e5:2f:9e:80:5c:22:ec:6f:3b:a9:89:f8:87:
28:8d:3b:d8:7e:72:ba:87:69:e1:1f:9b:e4:27:fe:2d:16:bd:
15:f5:c3:9f:3d:bb:18:e0:8e:4b:40:32:83:45:1b:47:2b:e4:
65:ec:23:00:3c:a1:e7:7a:c9:79:33:27:63:d2:f7:1e:85:2c:
6d:8d:60:58:50:65:db:3f:ac:41:40:18:60:ba:82:c6:53:ab:
32:63:47:47:2b:e5:80:c8:bf:1c:6c:91:c2:a1:c7:6e:fe:c6:
8f:7a:47:e8:a6:ff:bb:45:08:9d:a5:31:77:9f:ad:94:35:c3:
da:b8:de:d1:6e:16:f3:d5:3b:37:3b:b7:ae:b2:1b:37:5b:d1:
5d:84:9a:d6:16:7a:25:04:4b:3a:ad:b0:7f:ed:69:db:69:52:
e4:bc:14:fd:9d:98:23:c2:f5:de:6c:d4:fb:7c:29:3e:41:24:
6a:85:d7:86:9c:bb:b0:a2:72:b8:8d:0c:7a:bc:22:73:f0:9e:
a6:55:bc:ee:2d:3f:9d:85:01:58:77:f0:44:7c:29:a4:07:80:
6a:56:95:de:7a:67:95:d2:84:8d:15:5d:f7:32:ac:00:a7:8c:
95:29:d4:f1:2b:4a:44:37:71:91:73:59:1d:4a:9a:69:6b:0a:
77:b6:0d:4a
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAY9w60HEgzej8d6K6d1k8rs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjQwNTEzMDc0NjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmZiNmMzNDE1ZjE4YzdjNmUxNDFmN2NlYWVmOWFmOTA2YTJkYjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklKNHFC8rTd7POleDtFFLMlcxLxn
C9vArMbHiCCFrZFOIgnM/1mQiWl8DUxjQFLEErHhdTtEx+0g5Bl9vNOYqPyIKOD8
O6px1YDqdlhSGbKea8r8gzi+Tm2PMKfuXgutxSNGal32/HcxUIzJQNtt6UdSa55Q
PwX1KwvhFyXmIrE6GYdTWGc3F1laliYNTTfU+GK8zgwzOCKoaLdOd54qQN9cb5Ab
Ww2CSSF/jRTIIaXelVJ1fpuJXmPZ0Ke0zGsJJxKcYB4BLf5sHlJXj+8/KIEByFUv
BBzR1X86RPCLw9RD26cF3HZVmr9/RsVBFsSHXwwjqw1Cs5cux1+bMYdtHwIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFNb7bDQV8Yx8bhQffOrvmvkGotsZMB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEvMXZ0c05CWHhqSHh1RkI5ODZ1LWEtUWFpMnhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYtNTEwMGEyNmQyNzRi
LzEvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDA6BAIAATA0AwMBTRoD
AwBTpTALAwQGW3RAAwMBW3QDBAVcNcADBAayPAADBAeyPIADBAXUMyADAwDVPDBG
BAIAAjBAAwYAKgC+wAADBgAqAL7AyAMGACoAvsDQAwYAKgC+wNgDBgAqAL7A4AMG
ACoAvsDoAwYAKgC+wPADBgAqAL7A+DANBgkqhkiG9w0BAQsFAAOCAQEALWrSG9jl
L56AXCLsbzupifiHKI072H5yuodp4R+b5Cf+LRa9FfXDnz27GOCOS0Ayg0UbRyvk
ZewjADyh53rJeTMnY9L3HoUsbY1gWFBl2z+sQUAYYLqCxlOrMmNHRyvlgMi/HGyR
wqHHbv7Gj3pH6Kb/u0UInaUxd5+tlDXD2rje0W4W89U7Nzu3rrIbN1vRXYSa1hZ6
JQRLOq2wf+1p22lS5LwU/Z2YI8L13mzU+3wpPkEkaoXXhpy7sKJyuI0Merwic/Ce
plW87i0/nYUBWHfwRHwppAeAalaV3npnldKEjRVd9zKsAKeMlSnU8StKRDdxkXNZ
HUqaaWsKd7YNSg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:47:45 2024 by rpki-client on console-fra.rpki-client.org