Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/s4eZiJhx3e58g-FsLMxZRi0QBI4.roa
File: s4eZiJhx3e58g-FsLMxZRi0QBI4.roa (raw, json)
Hash identifier: pCPZtdWwlspwh91m+B20BzOdymHPgRVGuCs0pyHwdEM=
Subject key identifier: B3:87:99:88:98:71:DD:EE:7C:83:E1:6C:2C:CC:59:46:2D:10:04:8E
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018DC1F2098629A0CE39D0E5D97A489E0AF0
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/s4eZiJhx3e58g-FsLMxZRi0QBI4.roa
Signing time: Mon 19 Feb 2024 15:18:01 +0000
ROA not before: Mon 19 Feb 2024 15:18:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15694
IP address blocks: 46.229.144.0/20 maxlen: 20
77.79.192.0/18 maxlen: 18
77.79.206.0/24 maxlen: 24
77.79.210.0/24 maxlen: 24
77.79.215.0/24 maxlen: 24
77.79.221.0/24 maxlen: 24
85.232.224.0/19 maxlen: 19
85.232.254.0/24 maxlen: 24
194.145.228.0/24 maxlen: 24
195.167.144.0/20 maxlen: 20
195.167.150.0/24 maxlen: 24
195.167.155.0/24 maxlen: 24
195.167.158.0/24 maxlen: 24
206.252.224.0/19 maxlen: 19
206.252.250.0/24 maxlen: 24
212.91.4.0/22 maxlen: 22
212.91.10.0/24 maxlen: 24
212.91.11.0/24 maxlen: 24
212.91.12.0/24 maxlen: 24
212.91.13.0/24 maxlen: 24
212.91.14.0/24 maxlen: 24
212.91.16.0/20 maxlen: 20
213.189.32.0/19 maxlen: 19
213.189.32.0/24 maxlen: 24
213.189.42.0/24 maxlen: 24
213.189.50.0/24 maxlen: 24
217.17.32.0/20 maxlen: 20
217.149.240.0/20 maxlen: 20
2001:1a68::/32 maxlen: 32
2001:1a68:0:13::/64 maxlen: 64
2001:1a68:0:1d::/64 maxlen: 64
2001:1a68:0:21::/64 maxlen: 64
2001:1a68:18::/48 maxlen: 48
2001:1a68:2e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jul 2024 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:f2:09:86:29:a0:ce:39:d0:e5:d9:7a:48:9e:0a:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Feb 19 15:18:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b38799889871ddee7c83e16c2ccc59462d10048e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:27:b5:36:92:7c:b2:b8:3f:5c:9c:f5:ee:41:
70:ba:7e:bd:fd:97:c4:27:34:38:3f:5c:5f:e7:9d:
c3:35:33:70:22:f0:1b:8b:83:88:aa:56:0a:9d:bb:
9e:15:24:93:5f:c8:51:f0:5d:5c:e8:2f:54:eb:99:
88:dd:dc:b5:55:2b:a1:e9:ba:66:6b:6a:76:c9:31:
e6:92:a1:a2:94:fc:14:49:64:dd:99:b0:fc:a1:05:
49:cb:95:d7:3b:e0:b4:7c:77:af:57:54:64:89:01:
01:ee:e5:6a:97:37:8c:63:3c:11:a3:b6:d9:09:76:
be:b2:91:a4:23:07:3d:64:21:0d:d2:91:7f:94:27:
8c:db:27:a9:8e:92:7f:d6:1c:b4:b6:00:42:21:78:
0d:b8:1d:3c:46:97:96:69:2f:50:16:35:1f:20:87:
35:01:e4:a9:36:c3:5b:6c:62:86:f3:e9:12:e8:38:
1f:af:14:ff:21:f0:2d:db:01:c8:92:06:9a:a7:9c:
25:70:77:e8:c3:f2:70:5e:c6:f7:d6:a7:de:90:e4:
71:ec:d8:68:3c:19:a7:15:db:4a:18:06:4b:f4:ae:
48:ef:85:6b:5a:61:09:fd:36:23:17:20:de:52:a0:
7e:49:35:62:7e:34:67:05:c2:d8:b2:34:47:5d:ef:
44:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:87:99:88:98:71:DD:EE:7C:83:E1:6C:2C:CC:59:46:2D:10:04:8E
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/s4eZiJhx3e58g-FsLMxZRi0QBI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.144.0/20
77.79.192.0/18
85.232.224.0/19
194.145.228.0/24
195.167.144.0/20
206.252.224.0/19
212.91.4.0/22
212.91.10.0-212.91.14.255
212.91.16.0/20
213.189.32.0/19
217.17.32.0/20
217.149.240.0/20
IPv6:
2001:1a68::/32
Signature Algorithm: sha256WithRSAEncryption
5e:e3:68:9a:b4:6e:f7:11:1b:11:30:e5:49:ef:84:c3:4b:67:
90:6d:e4:55:fa:c7:e3:94:d8:16:7b:2b:78:3d:7f:bd:b0:7d:
66:43:24:f1:81:26:58:28:1c:b2:fc:af:51:aa:54:09:2b:a3:
2f:f5:59:6c:f8:a0:12:54:29:4b:1a:d0:37:5c:37:02:ae:48:
cf:87:59:ea:a6:7a:6d:dd:1f:38:19:27:5d:89:72:aa:0e:5a:
4f:d9:92:9a:19:86:d4:28:5f:e7:66:19:c9:01:24:27:2a:51:
6e:38:8c:e2:52:3b:fd:39:c3:6b:69:4b:73:91:b0:c7:5b:63:
53:ee:6e:17:a3:e2:9a:7a:98:87:e3:45:a3:40:7c:fb:8e:75:
be:29:06:a1:13:5c:24:97:a1:22:b3:60:ac:40:10:1d:7a:2c:
fe:16:0f:ac:95:3f:7b:a9:94:b9:60:9e:b9:86:71:f5:a4:84:
e9:a5:ed:c1:ff:cb:2c:d3:1f:b4:08:5a:bc:83:66:c2:da:f5:
e1:aa:d1:66:36:5c:a9:d3:53:f5:c1:cf:d4:2f:24:cb:dc:93:
3e:10:2f:d3:39:b1:92:f2:61:9b:21:9f:2e:c2:d3:11:46:0a:
e9:69:d6:bd:81:b6:d0:23:8f:d7:3c:a2:f1:5c:b5:53:0f:b7:
28:f7:a9:c7
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAY3B8gmGKaDOOdDl2XpIngrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjQwMjE5MTUxODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzg3OTk4ODk4NzFkZGVlN2M4M2UxNmMyY2NjNTk0NjJkMTAwNDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyie1NpJ8srg/XJz17kFwun69/ZfE
JzQ4P1xf553DNTNwIvAbi4OIqlYKnbueFSSTX8hR8F1c6C9U65mI3dy1VSuh6bpm
a2p2yTHmkqGilPwUSWTdmbD8oQVJy5XXO+C0fHevV1RkiQEB7uVqlzeMYzwRo7bZ
CXa+spGkIwc9ZCEN0pF/lCeM2yepjpJ/1hy0tgBCIXgNuB08RpeWaS9QFjUfIIc1
AeSpNsNbbGKG8+kS6DgfrxT/IfAt2wHIkgaap5wlcHfow/JwXsb31qfekORx7Nho
PBmnFdtKGAZL9K5I74VrWmEJ/TYjFyDeUqB+STVifjRnBcLYsjRHXe9EFwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFLOHmYiYcd3ufIPhbCzMWUYtEASOMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvczRlWmlKaHgzZTU4Zy1Gc0xNeFpSaTBRQkk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQELuWQAwQG
TU/AAwQFVejgAwQAwpHkAwQEw6eQAwQFzvzgAwQC1FsEMAwDBAHUWwoDBADUWw4D
BATUWxADBAXVvSADBATZESADBATZlfAwDQQCAAIwBwMFACABGmgwDQYJKoZIhvcN
AQELBQADggEBAF7jaJq0bvcRGxEw5UnvhMNLZ5Bt5FX6x+OU2BZ7K3g9f72wfWZD
JPGBJlgoHLL8r1GqVAkroy/1WWz4oBJUKUsa0DdcNwKuSM+HWeqmem3dHzgZJ12J
cqoOWk/ZkpoZhtQoX+dmGckBJCcqUW44jOJSO/05w2tpS3ORsMdbY1Pubhej4pp6
mIfjRaNAfPuOdb4pBqETXCSXoSKzYKxAEB16LP4WD6yVP3uplLlgnrmGcfWkhOml
7cH/yyzTH7QIWryDZsLa9eGq0WY2XKnTU/XBz9QvJMvckz4QL9M5sZLyYZshny7C
0xFGCulp1r2BttAjj9c8ovFctVMPtyj3qcc=
-----END CERTIFICATE-----
Generated at Wed Jul 3 09:33:59 2024 by rpki-client on console-fra.rpki-client.org