Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Po69f-KQr3bInlHXMKKO1uJ0zFs.roa
File: Po69f-KQr3bInlHXMKKO1uJ0zFs.roa (raw, json)
Hash identifier: N7PEEx2FQ4eDG6ZDMvAqMbxJr23ZsKb4tEvV0JwnszI=
Subject key identifier: 3E:8E:BD:7F:E2:90:AF:76:C8:9E:51:D7:30:A2:8E:D6:E2:74:CC:5B
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018EE1A6771E2AB79803EBB4E1FA1448F12B
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Po69f-KQr3bInlHXMKKO1uJ0zFs.roa
Signing time: Mon 15 Apr 2024 12:06:06 +0000
ROA not before: Mon 15 Apr 2024 12:06:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206576
IP address blocks: 5.181.72.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
83.150.252.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
2a0a:f480::/29 maxlen: 48
2a0d:7680::/29 maxlen: 48
2a0d:bf80::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:a6:77:1e:2a:b7:98:03:eb:b4:e1:fa:14:48:f1:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Apr 15 12:06:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e8ebd7fe290af76c89e51d730a28ed6e274cc5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:15:f4:96:87:14:a7:39:39:e3:88:69:2b:ae:
0c:ab:e6:ac:37:d0:4b:58:46:32:ff:a7:50:8d:f2:
51:1e:f4:a1:74:d0:6f:90:9a:49:76:f5:8d:d0:38:
3c:4c:9d:f9:3b:32:3c:51:8c:01:1f:a6:be:74:a4:
fd:06:64:44:ec:60:d0:17:ac:fe:df:e1:24:49:7f:
cf:5d:5d:f0:77:ac:1e:06:64:f2:45:9a:77:08:3d:
af:5b:cd:a9:21:38:b5:90:0d:a8:4b:50:84:25:9d:
1f:f7:9f:bc:4e:08:67:05:cc:f6:4e:f6:9b:61:1f:
e1:bb:42:32:f2:fa:cc:cf:17:3d:4d:22:c4:0f:5e:
f3:1c:4f:b0:a3:13:d2:eb:d7:dd:f7:b9:85:e0:0c:
9b:15:ca:46:db:c9:06:d3:75:f6:21:6c:cf:71:13:
73:c1:82:98:4a:d8:b4:d6:33:7b:e3:3b:f1:92:de:
0b:88:14:37:7e:26:ce:70:9b:de:3f:73:be:fc:7a:
45:da:78:3c:31:e6:e3:26:f1:ed:b9:29:c3:4b:ba:
bf:76:6e:97:64:3d:e7:bf:28:57:57:ba:e0:78:96:
91:f5:40:60:86:ee:c5:12:ac:6d:b1:89:ab:2f:51:
78:de:b3:c7:ae:36:7c:96:e8:77:7d:c1:61:b6:f4:
c4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:8E:BD:7F:E2:90:AF:76:C8:9E:51:D7:30:A2:8E:D6:E2:74:CC:5B
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Po69f-KQr3bInlHXMKKO1uJ0zFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.72.0/22
45.137.44.0/22
83.150.252.0/22
185.90.0.0/22
185.182.200.0/23
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/24
185.248.254.0/24
IPv6:
2a0a:f480::/29
2a0d:7680::/29
2a0d:bf80::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
b8:52:48:ee:47:f5:80:37:b1:cc:16:f8:0f:9f:59:c6:2f:0b:
52:56:0a:f7:51:70:93:1c:88:1c:b9:4f:99:d1:2f:2b:d0:fb:
91:0d:58:fa:df:ad:47:55:55:ea:db:ef:5c:13:96:c1:c2:31:
54:2d:eb:dd:06:26:9f:1c:b7:33:4a:67:98:1c:24:96:1e:91:
8a:8c:63:25:86:37:bc:e1:04:fc:42:15:29:5d:7f:07:89:6a:
fc:cd:ac:9a:66:9b:85:3a:21:4c:b0:78:a9:64:63:44:4e:dd:
98:96:32:1f:ab:80:1d:04:02:9a:f3:09:ac:4f:2c:a9:d1:14:
45:20:a1:2b:b5:94:98:99:ca:1a:2f:2b:7b:08:c3:98:58:26:
c4:26:22:53:03:1d:24:38:cb:23:08:3a:22:63:fc:2a:fb:48:
e9:da:72:1b:43:2f:79:92:40:9d:66:c7:28:c3:79:6f:2e:3d:
3a:80:42:b7:28:e8:c6:eb:94:5a:ac:b2:ca:65:ff:8e:96:c7:
04:3a:93:74:f4:f7:1a:bd:45:f8:d1:f3:91:1e:b1:6e:1d:ad:
1a:ed:9d:86:98:3e:d9:c2:0a:ef:42:64:71:6e:08:47:30:f5:
90:82:0a:ee:19:ed:d1:ed:5a:1c:13:e5:5a:85:11:63:f5:15:
5d:5a:aa:57
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY7hpnceKreYA+u04foUSPErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwNDE1MTIwNjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZThlYmQ3ZmUyOTBhZjc2Yzg5ZTUxZDczMGEyOGVkNmUyNzRjYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxX0locUpzk544hpK64Mq+asN9BL
WEYy/6dQjfJRHvShdNBvkJpJdvWN0Dg8TJ35OzI8UYwBH6a+dKT9BmRE7GDQF6z+
3+EkSX/PXV3wd6weBmTyRZp3CD2vW82pITi1kA2oS1CEJZ0f95+8TghnBcz2Tvab
YR/hu0Iy8vrMzxc9TSLED17zHE+woxPS69fd97mF4AybFcpG28kG03X2IWzPcRNz
wYKYSti01jN74zvxkt4LiBQ3fibOcJveP3O+/HpF2ng8MebjJvHtuSnDS7q/dm6X
ZD3nvyhXV7rgeJaR9UBghu7FEqxtsYmrL1F43rPHrjZ8luh3fcFhtvTE5QIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFD6OvX/ikK92yJ5R1zCijtbidMxbMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvUG82OWYtS1FyM2JJbmxIWE1LS08xdUowekZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBCBAIAATA8AwQCBbVIAwQC
LYksAwQCU5b8AwQCuVoAAwQBubbIAwQCueUEAwQCufaEAwQCuffIAwQAufj8AwQA
ufj+MCIEAgACMBwDBQMqCvSAAwUDKg12gAMFAyoNv4ADBQMqDqHAMA0GCSqGSIb3
DQEBCwUAA4IBAQC4UkjuR/WAN7HMFvgPn1nGLwtSVgr3UXCTHIgcuU+Z0S8r0PuR
DVj6361HVVXq2+9cE5bBwjFULevdBiafHLczSmeYHCSWHpGKjGMlhje84QT8QhUp
XX8HiWr8zayaZpuFOiFMsHipZGNETt2YljIfq4AdBAKa8wmsTyyp0RRFIKErtZSY
mcoaLyt7CMOYWCbEJiJTAx0kOMsjCDoiY/wq+0jp2nIbQy95kkCdZscow3lvLj06
gEK3KOjG65RarLLKZf+OlscEOpN09PcavUX40fORHrFuHa0a7Z2GmD7ZwgrvQmRx
bghHMPWQggruGe3R7VocE+VahRFj9RVdWqpX
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:33 2024 by rpki-client on console-fra.rpki-client.org