Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/vVHMmYgP-UK2BEmGJ7Lp_Ee34uQ.roa
File: vVHMmYgP-UK2BEmGJ7Lp_Ee34uQ.roa (raw, json)
Hash identifier: L0HRlWwh0xdIRRbX7KRby75XfpPpiFBsv0AM7f1MyJg=
Subject key identifier: BD:51:CC:99:88:0F:F9:42:B6:04:49:86:27:B2:E9:FC:47:B7:E2:E4
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 018CC424D5D5C0431BCBDFFB649ACCD5920F
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/vVHMmYgP-UK2BEmGJ7Lp_Ee34uQ.roa
Signing time: Mon 01 Jan 2024 08:29:57 +0000
ROA not before: Mon 01 Jan 2024 08:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39537
IP address blocks: 185.49.236.0/22 maxlen: 24
109.69.80.0/21 maxlen: 24
185.71.24.0/22 maxlen: 24
45.145.180.0/22 maxlen: 24
185.33.184.0/22 maxlen: 24
94.199.184.0/21 maxlen: 24
195.94.112.0/20 maxlen: 24
185.11.240.0/22 maxlen: 24
151.236.208.0/21 maxlen: 24
94.190.240.0/21 maxlen: 24
185.68.0.0/22 maxlen: 24
93.95.8.0/21 maxlen: 24
185.122.216.0/22 maxlen: 24
31.210.128.0/21 maxlen: 24
37.35.88.0/21 maxlen: 24
185.31.252.0/22 maxlen: 24
87.237.64.0/21 maxlen: 24
2a04:5ac0::/29 maxlen: 36
2a03:25e0::/32 maxlen: 36
2a00:e620::/32 maxlen: 36
2a0a:fd80::/29 maxlen: 36
2a01:500::/29 maxlen: 32
2a01:b280::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 22:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:d5:d5:c0:43:1b:cb:df:fb:64:9a:cc:d5:92:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 08:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd51cc99880ff942b604498627b2e9fc47b7e2e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:10:26:17:ac:07:26:3a:b7:e2:d9:f7:9c:6c:
af:5b:af:c3:6b:09:a8:54:d3:9b:45:8f:dc:f0:3d:
2b:ee:29:b1:f9:79:5a:38:a7:15:a4:d2:7d:bc:ac:
19:46:58:43:25:3f:17:78:5b:91:c1:fb:c0:82:67:
39:1b:0f:e1:eb:5c:b3:1c:89:2d:19:30:1f:c1:95:
4a:8d:54:2f:a9:0b:02:3c:49:9a:de:eb:e2:b8:c2:
7a:be:ee:76:17:c6:4c:21:5a:7a:de:f9:fd:9c:52:
0b:f5:dc:d7:bd:d1:4b:30:0f:a0:0a:3c:c2:50:d8:
77:43:cd:7c:ea:64:01:43:65:40:60:bc:df:44:f5:
f3:25:08:40:3e:cb:a0:1c:83:31:9c:26:b4:f8:96:
09:85:4f:1a:c8:5b:ee:d7:d9:94:88:8d:d5:54:9f:
3d:8c:7c:07:d6:bc:91:b4:0c:6f:40:73:60:eb:a7:
f3:f6:c4:e8:95:9a:13:d8:4f:33:bd:d1:08:c9:c2:
e6:0e:da:e0:3d:61:27:e7:74:a4:8d:09:52:af:c9:
68:40:74:ec:25:2d:db:db:8f:34:15:0d:ca:13:50:
91:f0:ca:4f:48:5c:8d:b3:01:f0:30:71:17:01:34:
6e:3a:a6:0e:9a:2d:a4:ef:38:a8:41:9a:35:e8:cb:
f9:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:51:CC:99:88:0F:F9:42:B6:04:49:86:27:B2:E9:FC:47:B7:E2:E4
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/vVHMmYgP-UK2BEmGJ7Lp_Ee34uQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.128.0/21
37.35.88.0/21
45.145.180.0/22
87.237.64.0/21
93.95.8.0/21
94.190.240.0/21
94.199.184.0/21
109.69.80.0/21
151.236.208.0/21
185.11.240.0/22
185.31.252.0/22
185.33.184.0/22
185.49.236.0/22
185.68.0.0/22
185.71.24.0/22
185.122.216.0/22
195.94.112.0/20
IPv6:
2a00:e620::/32
2a01:500::/29
2a01:b280::/29
2a03:25e0::/32
2a04:5ac0::/29
2a0a:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
4a:0b:c8:1f:e5:25:76:ea:e4:99:d5:6c:05:05:e7:f7:22:54:
01:aa:49:09:fe:d9:f9:75:eb:4c:65:5f:bc:be:fb:09:61:23:
ee:eb:b7:0b:a3:34:90:50:2d:63:2e:21:ba:35:c9:7c:d1:e8:
59:d8:31:ca:54:f9:df:8b:9a:48:5a:0b:ef:ac:79:e2:7a:c4:
0d:c3:bc:81:0a:39:5a:94:cc:2d:77:74:b4:e0:79:b5:54:29:
77:52:7d:3e:3f:b8:e1:e2:d8:96:b0:42:8e:ee:66:01:39:14:
33:0b:79:fd:ce:9c:a6:66:00:22:5e:d5:32:aa:91:43:a2:50:
12:ba:2d:bd:ce:96:b8:39:64:c4:38:22:1c:03:1a:47:9a:a8:
5e:72:9c:5f:2f:5b:37:c8:31:95:0b:32:45:46:46:b7:8c:3b:
90:38:07:f2:5a:68:5c:11:2f:e4:02:4c:ca:d7:40:ca:6f:ae:
c9:d3:75:c1:99:9b:e7:70:f8:15:d9:85:aa:2a:3f:51:05:64:
f8:36:16:19:a1:a8:a7:a0:da:a1:03:a5:d8:92:63:fd:8a:b5:
b7:d8:34:7c:5f:aa:eb:82:33:32:be:72:4c:98:a8:2e:87:45:
a3:aa:82:e3:ff:78:98:c9:18:46:32:54:4d:6e:0b:ad:16:82:
3e:13:c3:2f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAYzEJNXVwEMby9/7ZJrM1ZIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjQwMTAxMDgyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDUxY2M5OTg4MGZmOTQyYjYwNDQ5ODYyN2IyZTlmYzQ3YjdlMmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxAmF6wHJjq34tn3nGyvW6/Dawmo
VNObRY/c8D0r7imx+XlaOKcVpNJ9vKwZRlhDJT8XeFuRwfvAgmc5Gw/h61yzHIkt
GTAfwZVKjVQvqQsCPEma3uviuMJ6vu52F8ZMIVp63vn9nFIL9dzXvdFLMA+gCjzC
UNh3Q8186mQBQ2VAYLzfRPXzJQhAPsugHIMxnCa0+JYJhU8ayFvu19mUiI3VVJ89
jHwH1ryRtAxvQHNg66fz9sTolZoT2E8zvdEIycLmDtrgPWEn53SkjQlSr8loQHTs
JS3b2480FQ3KE1CR8MpPSFyNswHwMHEXATRuOqYOmi2k7zioQZo16Mv5/wIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFL1RzJmID/lCtgRJhiey6fxHt+LkMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvdlZITW1ZZ1AtVUsyQkVtR0o3THBfRWUzNHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGItYzI1Nzc5MmRhZGM0
LzEveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDBsBAIAATBmAwQDH9KA
AwQDJSNYAwQCLZG0AwQDV+1AAwQDXV8IAwQDXr7wAwQDXse4AwQDbUVQAwQDl+zQ
AwQCuQvwAwQCuR/8AwQCuSG4AwQCuTHsAwQCuUQAAwQCuUcYAwQCuXrYAwQEw15w
MDAEAgACMCoDBQAqAOYgAwUDKgEFAAMFAyoBsoADBQAqAyXgAwUDKgRawAMFAyoK
/YAwDQYJKoZIhvcNAQELBQADggEBAEoLyB/lJXbq5JnVbAUF5/ciVAGqSQn+2fl1
60xlX7y++wlhI+7rtwujNJBQLWMuIbo1yXzR6FnYMcpU+d+LmkhaC++seeJ6xA3D
vIEKOVqUzC13dLTgebVUKXdSfT4/uOHi2JawQo7uZgE5FDMLef3OnKZmACJe1TKq
kUOiUBK6Lb3Olrg5ZMQ4IhwDGkeaqF5ynF8vWzfIMZULMkVGRreMO5A4B/JaaFwR
L+QCTMrXQMpvrsnTdcGZm+dw+BXZhaoqP1EFZPg2FhmhqKeg2qEDpdiSY/2KtbfY
NHxfquuCMzK+ckyYqC6HRaOqguP/eJjJGEYyVE1uC60Wgj4Twy8=
-----END CERTIFICATE-----
Generated at Tue Jun 4 02:45:13 2024 by rpki-client on console-fra.rpki-client.org