Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/k8Fobcva8dlnrqRENPHXZ84XW9c.roa
File: k8Fobcva8dlnrqRENPHXZ84XW9c.roa (raw, json)
Hash identifier: YfjBg6PsaZc0c4+O66CfSprEoTHLJ8wkVz9hlATIcEU=
Subject key identifier: 93:C1:68:6D:CB:DA:F1:D9:67:AE:A4:44:34:F1:D7:67:CE:17:5B:D7
Certificate issuer: /CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Certificate serial: 018CC5DBE971D3B8804521F695DC31165025
Authority key identifier: 52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/k8Fobcva8dlnrqRENPHXZ84XW9c.roa
Signing time: Mon 01 Jan 2024 16:29:32 +0000
ROA not before: Mon 01 Jan 2024 16:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15895
IP address blocks: 81.23.16.0/24 maxlen: 24
81.23.16.0/20 maxlen: 20
85.223.128.0/17 maxlen: 17
37.229.0.0/16 maxlen: 16
176.8.0.0/16 maxlen: 16
188.163.0.0/17 maxlen: 17
212.109.32.0/19 maxlen: 19
188.163.0.0/16 maxlen: 16
46.185.0.0/17 maxlen: 17
134.249.0.0/16 maxlen: 16
94.153.0.0/16 maxlen: 16
212.82.192.0/19 maxlen: 19
62.64.64.0/18 maxlen: 18
77.247.216.0/21 maxlen: 21
109.162.0.0/17 maxlen: 17
193.239.128.0/23 maxlen: 23
94.153.164.0/22 maxlen: 22
94.27.0.0/17 maxlen: 17
46.118.0.0/15 maxlen: 15
83.170.192.0/18 maxlen: 18
193.41.60.0/23 maxlen: 23
193.41.60.0/22 maxlen: 22
193.41.62.0/23 maxlen: 23
89.162.128.0/17 maxlen: 17
5.248.0.0/16 maxlen: 16
37.115.0.0/16 maxlen: 16
46.211.0.0/16 maxlen: 16
178.137.0.0/16 maxlen: 16
2a02:2378::/32 maxlen: 32
2a02:8a8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e9:71:d3:b8:80:45:21:f6:95:dc:31:16:50:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Validity
Not Before: Jan 1 16:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93c1686dcbdaf1d967aea44434f1d767ce175bd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c7:c9:b3:22:a3:c5:c4:6c:96:8f:33:66:0f:
c0:b3:c3:2a:b6:54:3e:71:a3:bc:b4:de:af:f3:ad:
c0:44:6d:89:17:9e:de:38:c8:07:63:c5:7e:99:37:
43:1d:94:cc:a4:2a:76:29:7a:14:d0:87:b0:df:8c:
33:c9:0b:8c:a1:86:25:25:e7:5e:ba:b2:8f:82:9d:
1f:c5:df:52:19:79:cd:92:ed:43:cb:e3:47:01:27:
79:ce:33:82:73:6e:31:91:75:c9:4c:4b:10:53:5b:
da:59:25:53:57:ad:df:ef:89:e1:49:97:ea:d7:b3:
4a:b9:68:bf:31:7e:2d:8b:81:a7:15:c9:a0:b9:5a:
7e:82:89:7a:9b:10:57:eb:4f:21:39:fe:a0:af:bc:
b4:f7:ff:2a:f7:78:56:9e:08:bf:6d:5f:f8:ff:ac:
8f:29:f6:f4:11:db:32:1f:f4:fb:92:8f:b9:91:82:
e5:c4:07:90:c4:4b:16:46:27:48:f9:ea:75:d8:29:
ee:ac:31:a9:a1:ae:df:72:27:01:7b:5f:85:3f:7f:
43:8a:0d:63:00:15:7d:57:22:54:69:82:2a:3a:ad:
49:c3:26:fd:0a:47:1c:ec:87:08:04:0c:ef:4e:07:
4a:02:58:06:3d:6b:d2:a3:3a:d1:d6:b3:11:98:62:
41:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:C1:68:6D:CB:DA:F1:D9:67:AE:A4:44:34:F1:D7:67:CE:17:5B:D7
X509v3 Authority Key Identifier:
keyid:52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/k8Fobcva8dlnrqRENPHXZ84XW9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.248.0.0/16
37.115.0.0/16
37.229.0.0/16
46.118.0.0/15
46.185.0.0/17
46.211.0.0/16
62.64.64.0/18
77.247.216.0/21
81.23.16.0/20
83.170.192.0/18
85.223.128.0/17
89.162.128.0/17
94.27.0.0/17
94.153.0.0/16
109.162.0.0/17
134.249.0.0/16
176.8.0.0/16
178.137.0.0/16
188.163.0.0/16
193.41.60.0/22
193.239.128.0/23
212.82.192.0/19
212.109.32.0/19
IPv6:
2a02:8a8::/32
2a02:2378::/32
Signature Algorithm: sha256WithRSAEncryption
62:91:d7:ac:53:14:dd:75:3c:45:25:f8:0f:a1:81:e9:de:80:
a1:5e:14:90:c2:88:9f:30:1d:66:66:cd:c2:74:8e:d2:e6:26:
a5:37:6a:73:93:58:f6:63:3b:2c:98:ae:5c:c5:fa:c2:ec:6d:
fc:45:1d:d3:87:a1:f1:6f:c4:a3:13:91:8a:16:b2:55:dc:9c:
f3:e7:0b:d6:b5:92:de:58:f5:82:6f:28:85:b9:b9:36:dc:7c:
d6:b9:e7:1f:5b:0c:60:cc:83:e6:47:8a:cc:24:c4:0a:30:3b:
08:04:d5:3f:a7:37:dc:26:84:11:75:f5:17:20:4e:c7:72:55:
b9:90:4d:e1:36:a8:e4:44:c2:56:05:7a:c6:42:f6:fa:d8:f7:
70:e1:40:0f:c9:b7:ef:7b:4d:a4:60:63:fb:7e:4b:57:ab:a7:
36:98:b9:ab:8b:d4:08:af:ee:f1:6e:f3:fc:87:4c:c9:fc:3b:
de:28:6b:f1:31:f4:2e:40:be:e0:8d:e6:8d:3f:b1:dd:eb:bb:
4b:70:fc:0a:97:c1:ed:57:b6:17:06:48:93:b5:d1:5f:c2:80:
d7:0e:b3:56:98:42:b5:5a:e0:ac:09:a1:e0:9b:21:70:d2:10:
a0:4c:f5:a6:c5:7d:95:1f:1d:6c:25:15:55:09:b8:63:10:d8:
77:32:6a:12
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYzF2+lx07iARSH2ldwxFlAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYjliOWUyNTY1ODBjNDM0NGJiMjQxNDQ1YjRkNTJlNTRm
ZGQ1MGIwHhcNMjQwMTAxMTYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2MxNjg2ZGNiZGFmMWQ5NjdhZWE0NDQzNGYxZDc2N2NlMTc1YmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcfJsyKjxcRslo8zZg/As8MqtlQ+
caO8tN6v863ARG2JF57eOMgHY8V+mTdDHZTMpCp2KXoU0Iew34wzyQuMoYYlJede
urKPgp0fxd9SGXnNku1Dy+NHASd5zjOCc24xkXXJTEsQU1vaWSVTV63f74nhSZfq
17NKuWi/MX4ti4GnFcmguVp+gol6mxBX608hOf6gr7y09/8q93hWngi/bV/4/6yP
Kfb0EdsyH/T7ko+5kYLlxAeQxEsWRidI+ep12CnurDGpoa7fcicBe1+FP39Dig1j
ABV9VyJUaYIqOq1Jwyb9Ckcc7IcIBAzvTgdKAlgGPWvSozrR1rMRmGJBJQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFJPBaG3L2vHZZ66kRDTx12fOF1vXMB8GA1UdIwQY
MBaAFFK5ueJWWAxDRLskFEW01S5U/dULMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAt
ZGUwNWM1NDA0NWJiLzEvazhGb2JjdmE4ZGxucnFSRU5QSFhaODRYVzljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAtZGUwNWM1NDA0NWJi
LzEvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBhwQCAAEwgYADAwAF
+AMDACVzAwMAJeUDAwEudgMEBy65AAMDAC7TAwQGPkBAAwQDTffYAwQEURcQAwQG
U6rAAwQHVd+AAwQHWaKAAwQHXhsAAwMAXpkDBAdtogADAwCG+QMDALAIAwMAsokD
AwC8owMEAsEpPAMEAcHvgAMEBdRSwAMEBdRtIDAUBAIAAjAOAwUAKgIIqAMFACoC
I3gwDQYJKoZIhvcNAQELBQADggEBAGKR16xTFN11PEUl+A+hgenegKFeFJDCiJ8w
HWZmzcJ0jtLmJqU3anOTWPZjOyyYrlzF+sLsbfxFHdOHofFvxKMTkYoWslXcnPPn
C9a1kt5Y9YJvKIW5uTbcfNa55x9bDGDMg+ZHiswkxAowOwgE1T+nN9wmhBF19Rcg
TsdyVbmQTeE2qOREwlYFesZC9vrY93DhQA/Jt+97TaRgY/t+S1erpzaYuauL1Aiv
7vFu8/yHTMn8O94oa/Ex9C5AvuCN5o0/sd3ru0tw/AqXwe1XthcGSJO10V/CgNcO
s1aYQrVa4KwJoeCbIXDSEKBM9abFfZUfHWwlFVUJuGMQ2HcyahI=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:31:26 2024 by rpki-client on console-ams.rpki-client.org