Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vKUfMXH0x-HB_BZafKGXI9qdQzE.roa
File: vKUfMXH0x-HB_BZafKGXI9qdQzE.roa (raw, json)
Hash identifier: NFv7dFuP8K7+6z9XjS6Bmi2gCSvXBLBB+IkIhkgQa4Q=
Subject key identifier: BC:A5:1F:31:71:F4:C7:E1:C1:FC:16:5A:7C:A1:97:23:DA:9D:43:31
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01934B3392DCD5B27E85C24EC8DA9B28FF6C
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vKUfMXH0x-HB_BZafKGXI9qdQzE.roa
Signing time: Wed 20 Nov 2024 20:11:31 +0000
ROA not before: Wed 20 Nov 2024 20:11:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.70.0/24 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0d:77c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4b:33:92:dc:d5:b2:7e:85:c2:4e:c8:da:9b:28:ff:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Nov 20 20:11:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bca51f3171f4c7e1c1fc165a7ca19723da9d4331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:79:8d:bd:37:a4:7a:d2:e3:b5:17:8a:9a:b0:
61:f3:e4:96:f8:6a:74:d3:62:de:c7:fa:9c:de:9f:
8b:a1:c0:59:81:e4:c5:57:82:33:3b:dc:99:47:42:
3a:c8:9f:55:12:88:48:23:77:b9:6e:93:f5:c5:62:
18:22:d5:96:ae:fb:1b:ff:ae:f9:3f:31:1d:a3:6c:
06:16:8e:c2:6d:04:f0:8b:0c:97:37:9f:87:92:a1:
a5:8c:22:6b:06:58:22:53:ad:64:74:7e:7d:4f:c5:
25:c5:72:cb:69:76:09:22:47:4a:26:da:42:f1:97:
ab:1c:96:15:61:ae:e6:37:33:0b:69:45:cd:f7:99:
52:2a:e5:36:44:46:5e:cb:c6:53:f9:48:75:f0:9a:
8f:7f:6a:91:b7:e5:dd:ca:a8:34:35:1b:63:cc:ce:
41:30:ed:d5:ea:f6:d8:6c:75:6e:bb:82:36:c5:66:
03:15:b5:7f:b9:21:81:38:fd:5b:dc:ce:7b:5b:1d:
d5:10:4a:e5:c8:c8:96:96:40:7c:6d:61:8b:38:17:
5a:a4:64:7a:b7:2a:35:3c:e5:15:14:f3:52:87:13:
b5:60:39:7b:45:40:25:9b:d2:bc:8e:f0:87:6a:12:
d2:02:b7:26:e3:61:13:4f:db:fe:cf:b5:bc:31:d2:
0f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A5:1F:31:71:F4:C7:E1:C1:FC:16:5A:7C:A1:97:23:DA:9D:43:31
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/vKUfMXH0x-HB_BZafKGXI9qdQzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
50:94:68:fd:bf:fc:d0:5a:3f:47:8a:1c:d4:bb:5d:66:09:ed:
69:b5:a8:59:77:15:de:e5:fe:3a:97:14:84:51:61:18:75:ad:
a6:53:67:87:51:f6:32:b7:56:08:0e:e4:19:a4:ff:17:85:35:
fa:00:0b:a0:bd:3d:38:3c:d4:92:f5:c1:fb:92:0d:d7:15:b3:
2e:d6:77:ba:da:46:89:39:90:20:01:21:fe:d9:03:15:75:b6:
74:cb:30:37:d9:4a:ca:5f:d6:43:0c:54:3d:e7:3a:9a:89:bb:
76:18:11:98:84:3f:39:2a:ed:ee:19:05:18:c2:22:ef:6d:84:
3f:fc:c4:70:37:b8:68:dc:1a:38:42:b7:ef:0a:58:a1:9b:38:
95:34:af:23:c2:0b:d7:6b:d2:42:5a:c2:15:3d:73:7b:9e:71:
e0:44:ce:55:b9:fd:e2:a0:84:d7:57:88:c3:75:62:8c:cb:66:
4f:40:72:ac:a4:1c:ab:77:af:55:f5:0d:8f:5e:02:10:d3:c6:
20:93:3e:81:c0:04:2e:b1:05:9c:e4:e0:14:1e:ca:70:18:f9:
21:37:bd:08:7b:42:3d:5a:dc:f1:ed:b8:01:de:45:ef:76:7d:
80:21:63:b9:89:20:26:ab:b7:70:39:00:c9:f0:12:b2:97:7d:
13:95:55:00
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgISAZNLM5Lc1bJ+hcJOyNqbKP9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQxMTIwMjAxMTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2E1MWYzMTcxZjRjN2UxYzFmYzE2NWE3Y2ExOTcyM2RhOWQ0MzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3mNvTeketLjtReKmrBh8+SW+Gp0
02Lex/qc3p+LocBZgeTFV4IzO9yZR0I6yJ9VEohII3e5bpP1xWIYItWWrvsb/675
PzEdo2wGFo7CbQTwiwyXN5+HkqGljCJrBlgiU61kdH59T8UlxXLLaXYJIkdKJtpC
8ZerHJYVYa7mNzMLaUXN95lSKuU2REZey8ZT+Uh18JqPf2qRt+Xdyqg0NRtjzM5B
MO3V6vbYbHVuu4I2xWYDFbV/uSGBOP1b3M57Wx3VEErlyMiWlkB8bWGLOBdapGR6
tyo1POUVFPNShxO1YDl7RUAlm9K8jvCHahLSArcm42ETT9v+z7W8MdIPjQIDAQAB
o4IDAjCCAv4wHQYDVR0OBBYEFLylHzFx9MfhwfwWWnyhlyPanUMxMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdktVZk1YSDB4LUhCX0JaYWZLR1hJOXFkUXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFgYIKwYBBQUHAQcBAf8EggEFMIIBATCBiwQCAAEwgYQD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBALB3cADBALCMhADBALCOOADBALUawwwcQQCAAIwawMHBCoL
C4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8SAwcAKgsLh/+0AwcAKgsLh//S
AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAAD
BQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQBQlGj9v/zQWj9HihzUu11mCe1ptahZ
dxXe5f46lxSEUWEYda2mU2eHUfYyt1YIDuQZpP8XhTX6AAugvT04PNSS9cH7kg3X
FbMu1ne62kaJOZAgASH+2QMVdbZ0yzA32UrKX9ZDDFQ95zqaibt2GBGYhD85Ku3u
GQUYwiLvbYQ//MRwN7ho3Bo4QrfvClihmziVNK8jwgvXa9JCWsIVPXN7nnHgRM5V
uf3ioITXV4jDdWKMy2ZPQHKspByrd69V9Q2PXgIQ08Ygkz6BwAQusQWc5OAUHspw
GPkhN70Ie0I9Wtzx7bgB3kXvdn2AIWO5iSAmq7dwOQDJ8BKyl30TlVUA
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:35:10 2024 by rpki-client on console-fra.rpki-client.org