Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/e1PYF8UI-q6Wd15IXSgSUgOOgM0.roa
File: e1PYF8UI-q6Wd15IXSgSUgOOgM0.roa (raw, json)
Hash identifier: uR8XcEj/6dGZ1UeHd84IiofMQFMaoTXhieU+WbbxBEs=
Subject key identifier: 7B:53:D8:17:C5:08:FA:AE:96:77:5E:48:5D:28:12:52:03:8E:80:CD
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 018CC86F1E73B0CB7A7B302B16E65CA651BC
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/e1PYF8UI-q6Wd15IXSgSUgOOgM0.roa
Signing time: Tue 02 Jan 2024 04:29:34 +0000
ROA not before: Tue 02 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 80.231.202.0/24 maxlen: 24
5.23.0.0/19 maxlen: 19
80.231.216.0/24 maxlen: 24
80.231.235.0/24 maxlen: 24
195.219.204.0/24 maxlen: 24
80.231.176.0/21 maxlen: 21
195.219.232.0/24 maxlen: 24
195.219.235.0/24 maxlen: 24
195.219.238.0/24 maxlen: 24
195.219.240.0/24 maxlen: 24
195.219.246.0/24 maxlen: 24
80.231.187.0/24 maxlen: 24
195.219.248.0/21 maxlen: 21
195.219.253.0/24 maxlen: 24
195.219.40.0/24 maxlen: 24
80.231.0.0/16 maxlen: 16
80.231.8.0/21 maxlen: 21
80.231.11.0/24 maxlen: 24
80.231.22.0/24 maxlen: 24
195.219.0.0/16 maxlen: 16
195.219.22.0/24 maxlen: 24
80.231.93.0/24 maxlen: 24
80.231.94.0/24 maxlen: 24
80.231.96.0/21 maxlen: 21
195.219.168.0/23 maxlen: 23
80.231.112.0/21 maxlen: 21
80.231.56.0/24 maxlen: 24
80.231.71.0/24 maxlen: 24
2a01:3e0::/32 maxlen: 32
2a01:3e0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:1e:73:b0:cb:7a:7b:30:2b:16:e6:5c:a6:51:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 2 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b53d817c508faae96775e485d281252038e80cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6d:37:9b:d0:ce:e1:0b:2a:0b:93:cb:4e:40:
6f:8f:01:94:b3:e6:c1:02:30:d8:c4:e2:53:34:4e:
ef:98:0d:0d:7c:b4:50:26:cb:c7:c0:85:f7:16:8f:
cb:29:41:30:18:8b:5c:0f:32:b7:85:df:a6:60:49:
ba:9e:c9:c2:1d:77:ea:4b:33:e9:98:eb:b5:f1:1a:
19:33:3d:58:c0:19:6f:bd:b8:89:86:80:63:d9:92:
8c:13:6f:d3:f6:1b:60:18:7f:d9:f6:2a:0b:66:1c:
63:da:39:70:20:32:fd:f3:c8:45:2b:fc:5b:aa:aa:
79:ad:59:94:b0:2b:b7:3d:ae:53:47:ef:cd:57:ef:
b7:40:5a:90:44:90:f5:4d:61:11:93:ab:d2:80:46:
1e:0e:59:b6:71:a5:da:c1:90:e7:4f:f9:8f:f3:9d:
93:b8:9d:da:d7:c0:ff:4e:70:9d:1b:70:24:4f:5f:
2f:ce:e9:27:9d:a8:90:62:31:de:1d:68:0b:70:e7:
78:91:de:0f:39:99:5e:e5:a8:a0:67:33:83:4e:d5:
9c:bd:e2:1a:f7:c1:85:85:a4:b5:ad:95:f5:60:58:
22:3a:16:6a:0d:81:d3:84:fc:5e:42:17:2f:78:00:
4f:f9:b6:f8:5a:09:0c:1a:14:91:b0:f4:4d:1e:88:
62:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:53:D8:17:C5:08:FA:AE:96:77:5E:48:5D:28:12:52:03:8E:80:CD
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/e1PYF8UI-q6Wd15IXSgSUgOOgM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.0.0/19
80.231.0.0/16
195.219.0.0/16
IPv6:
2a01:3e0::/29
Signature Algorithm: sha256WithRSAEncryption
09:5e:da:db:ea:85:68:11:ea:68:68:12:c4:f1:b8:45:9a:81:
5b:1c:0e:32:1b:c4:5b:6d:f2:f8:f1:1f:ac:9a:2d:6a:43:28:
88:fc:45:39:7f:a4:26:d3:79:69:cc:fe:ad:58:c5:e7:26:0c:
06:31:04:92:59:9f:35:8c:2b:ed:2e:80:20:16:0c:3a:14:58:
33:22:ef:cb:71:8b:fd:46:ac:5c:02:25:69:fe:e6:f6:7c:74:
49:e5:72:d4:d2:f7:4d:6e:53:77:48:20:de:b5:f9:6d:46:9d:
4d:3e:8e:d1:da:be:e8:6d:40:cd:3d:a7:a9:db:0f:01:27:e8:
65:6a:f0:bc:55:9f:d3:2b:f4:05:c5:38:05:40:80:46:3b:2d:
e6:84:7c:2e:3b:c7:06:d4:4d:22:1b:0e:fc:a5:43:9b:72:92:
5a:cd:42:7f:4b:be:b7:3c:04:94:5c:a5:b8:6f:24:c5:78:23:
12:5d:5b:bc:9f:04:df:d6:35:85:57:76:ea:b3:4b:b6:99:48:
7f:5d:48:07:82:33:07:68:44:16:68:de:64:72:6d:31:29:f0:
8a:cb:77:0d:a4:df:9a:ae:62:f1:d0:51:f8:18:4c:5a:94:24:
fb:c2:10:39:1b:7f:56:03:c0:5d:25:20:f7:1c:d7:ce:18:ae:
7c:48:7c:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzIbx5zsMt6ezArFuZcplG8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjQwMTAyMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjUzZDgxN2M1MDhmYWFlOTY3NzVlNDg1ZDI4MTI1MjAzOGU4MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr203m9DO4QsqC5PLTkBvjwGUs+bB
AjDYxOJTNE7vmA0NfLRQJsvHwIX3Fo/LKUEwGItcDzK3hd+mYEm6nsnCHXfqSzPp
mOu18RoZMz1YwBlvvbiJhoBj2ZKME2/T9htgGH/Z9ioLZhxj2jlwIDL988hFK/xb
qqp5rVmUsCu3Pa5TR+/NV++3QFqQRJD1TWERk6vSgEYeDlm2caXawZDnT/mP852T
uJ3a18D/TnCdG3AkT18vzuknnaiQYjHeHWgLcOd4kd4POZle5aigZzODTtWcveIa
98GFhaS1rZX1YFgiOhZqDYHThPxeQhcveABP+bb4WgkMGhSRsPRNHohiBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHtT2BfFCPqulndeSF0oElIDjoDNMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvZTFQWUY4VUktcTZXZDE1SVhTZ1NVZ09PZ00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAWBAIAATAQAwQFBRcAAwMA
UOcDAwDD2zANBAIAAjAHAwUDKgED4DANBgkqhkiG9w0BAQsFAAOCAQEACV7a2+qF
aBHqaGgSxPG4RZqBWxwOMhvEW23y+PEfrJotakMoiPxFOX+kJtN5acz+rVjF5yYM
BjEEklmfNYwr7S6AIBYMOhRYMyLvy3GL/UasXAIlaf7m9nx0SeVy1NL3TW5Td0gg
3rX5bUadTT6O0dq+6G1AzT2nqdsPASfoZWrwvFWf0yv0BcU4BUCARjst5oR8LjvH
BtRNIhsO/KVDm3KSWs1Cf0u+tzwElFyluG8kxXgjEl1bvJ8E39Y1hVd26rNLtplI
f11IB4IzB2hEFmjeZHJtMSnwist3DaTfmq5i8dBR+BhMWpQk+8IQORt/VgPAXSUg
9xzXzhiufEh8RQ==
-----END CERTIFICATE-----
Generated at Mon May 20 15:09:46 2024 by rpki-client on console-ams.rpki-client.org