Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/1-FEsyCCKC-THsxUS3G-t-8xY7uA.roa
File: 1-FEsyCCKC-THsxUS3G-t-8xY7uA.roa (raw, json)
Hash identifier: ML2u9z7fs4n8f198DL2xYwK4PBrwD/CwFZb1wd6ZyJg=
Subject key identifier: F8:51:2C:C8:20:8A:0B:E4:C7:B3:15:12:DC:6F:AD:FB:CC:58:EE:E0
Certificate issuer: /CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Certificate serial: 018EAE6E176F39972A485E267248D395C239
Authority key identifier: 01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/1-FEsyCCKC-THsxUS3G-t-8xY7uA.roa
Signing time: Fri 05 Apr 2024 13:23:54 +0000
ROA not before: Fri 05 Apr 2024 13:23:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16839
IP address blocks: 37.98.232.0/21 maxlen: 21
37.98.232.0/22 maxlen: 22
37.98.232.0/23 maxlen: 23
37.98.232.0/24 maxlen: 24
37.98.233.0/24 maxlen: 24
37.98.234.0/23 maxlen: 23
37.98.234.0/24 maxlen: 24
37.98.235.0/24 maxlen: 24
37.98.236.0/22 maxlen: 22
37.98.236.0/23 maxlen: 23
37.98.236.0/24 maxlen: 24
37.98.237.0/24 maxlen: 24
37.98.238.0/23 maxlen: 23
37.98.238.0/24 maxlen: 24
37.98.239.0/24 maxlen: 24
136.242.128.0/17 maxlen: 17
138.12.128.0/17 maxlen: 17
148.139.0.0/16 maxlen: 16
148.139.0.0/24 maxlen: 24
148.139.1.0/24 maxlen: 24
148.139.2.0/24 maxlen: 24
148.139.3.0/24 maxlen: 24
148.139.4.0/22 maxlen: 22
148.139.8.0/22 maxlen: 22
148.139.12.0/22 maxlen: 22
148.139.16.0/22 maxlen: 22
148.139.28.0/24 maxlen: 24
148.139.29.0/24 maxlen: 24
148.139.30.0/24 maxlen: 24
148.139.32.0/20 maxlen: 20
148.139.48.0/20 maxlen: 20
148.139.64.0/20 maxlen: 20
148.139.80.0/20 maxlen: 20
148.139.96.0/22 maxlen: 22
148.139.100.0/22 maxlen: 22
148.139.104.0/24 maxlen: 24
148.139.105.0/24 maxlen: 24
148.139.108.0/22 maxlen: 22
148.139.112.0/22 maxlen: 22
148.139.116.0/22 maxlen: 22
148.139.120.0/22 maxlen: 22
148.139.124.0/24 maxlen: 24
148.139.125.0/24 maxlen: 24
148.139.160.0/20 maxlen: 20
148.139.176.0/20 maxlen: 20
157.5.128.0/17 maxlen: 17
157.70.0.0/17 maxlen: 17
163.120.128.0/17 maxlen: 17
165.171.0.0/17 maxlen: 17
2a04:37c0::/29 maxlen: 48
2a04:37c0:3110::/48 maxlen: 48
2a04:37c0:3120::/48 maxlen: 48
2a04:37c0:3510::/48 maxlen: 48
2a04:37c0:3520::/48 maxlen: 48
2a04:37c0:4110::/48 maxlen: 48
2a04:37c0:4120::/48 maxlen: 48
2a04:37c0:4410::/48 maxlen: 48
2a04:37c0:4420::/48 maxlen: 48
2a04:37c0:4430::/48 maxlen: 48
2a04:37c0:4910::/48 maxlen: 48
2a04:37c0:4920::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:6e:17:6f:39:97:2a:48:5e:26:72:48:d3:95:c2:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c38a06a39b20b8da40009237d76acdd28e71a5
Validity
Not Before: Apr 5 13:23:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8512cc8208a0be4c7b31512dc6fadfbcc58eee0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:72:54:f6:e7:0b:18:dc:a4:52:36:87:21:34:
3a:f9:de:f1:1f:b4:e9:fc:67:2b:fa:87:38:25:95:
27:82:3f:08:9e:ae:fd:aa:4b:e4:ac:02:7c:77:74:
b9:f0:15:52:39:83:94:ea:a3:6d:15:d1:51:35:d3:
a7:b4:b6:36:ac:f7:fb:a6:90:b7:b7:2c:7c:da:64:
1e:12:c8:9b:9c:8b:07:11:2e:70:3a:ed:19:36:1b:
e4:5c:d6:1d:81:7b:b5:ba:46:be:bd:1b:27:f6:a0:
26:ba:24:f7:9a:48:13:23:06:90:30:d1:f3:cd:fa:
16:d3:91:a0:cd:4c:70:9a:40:64:2a:5d:32:b8:01:
12:05:3b:16:a1:a9:44:2e:da:8b:ea:d4:ad:5a:07:
e6:a1:8a:21:0b:d3:a0:9f:9b:bb:9e:98:70:84:4f:
c2:f9:d7:b2:02:b5:ea:92:26:0f:af:fb:8f:c1:a8:
78:ea:f9:56:99:79:00:f2:fb:3d:44:bb:09:12:5e:
86:9c:fd:c9:9e:af:3b:b8:b5:9f:b9:2f:14:76:01:
71:1b:c3:06:ca:6f:41:5b:89:49:8a:59:e1:fa:9b:
31:a6:a0:9b:f6:fa:4c:2d:f5:ca:b0:4a:b8:d9:d5:
5f:91:77:04:11:12:07:e3:a4:ee:53:a0:2e:db:ce:
fc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:51:2C:C8:20:8A:0B:E4:C7:B3:15:12:DC:6F:AD:FB:CC:58:EE:E0
X509v3 Authority Key Identifier:
keyid:01:C3:8A:06:A3:9B:20:B8:DA:40:00:92:37:D7:6A:CD:D2:8E:71:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcOKBqObILjaQACSN9dqzdKOcaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/1-FEsyCCKC-THsxUS3G-t-8xY7uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6a8e5e-39b6-47e3-bbb0-b29f10cc0328/1/AcOKBqObILjaQACSN9dqzdKOcaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.232.0/21
136.242.128.0/17
138.12.128.0/17
148.139.0.0/16
157.5.128.0/17
157.70.0.0/17
163.120.128.0/17
165.171.0.0/17
IPv6:
2a04:37c0::/29
Signature Algorithm: sha256WithRSAEncryption
0d:f6:30:b1:e0:ce:eb:59:be:59:f8:39:da:d1:e9:24:44:26:
b1:d4:79:98:6e:2e:e0:cc:c4:80:23:2b:53:60:18:e3:bf:e0:
2f:23:a1:28:ca:06:d3:96:aa:8e:b3:55:b5:3a:1c:e8:47:64:
24:7a:50:71:aa:8c:68:a1:43:1f:a0:73:77:69:4b:1b:a9:ca:
7e:45:f4:de:a4:52:ef:96:18:30:c9:e5:5e:47:45:ce:b3:ce:
c6:e7:c6:a8:e1:9a:fd:31:a2:76:9a:32:63:04:35:88:cf:34:
5d:30:0a:b5:51:c5:c1:dd:2e:7a:95:2d:12:e5:be:90:6b:7b:
fd:cc:94:21:0d:c7:46:62:0e:45:ca:89:39:b1:7a:83:48:1a:
e0:7d:cb:36:db:65:09:9d:7a:bd:84:09:0b:b2:08:a0:bf:95:
d8:38:58:c1:f8:57:2d:bd:2a:9c:d5:20:5a:e2:23:ac:80:64:
fc:ee:2c:74:7d:d7:5b:72:a8:21:9c:88:5e:bf:6d:c8:d8:67:
b7:c0:db:6b:a7:7e:84:0b:a0:8e:9e:97:cf:c8:4a:59:d7:14:
53:89:fe:ef:08:9f:81:cd:70:3a:4b:57:6b:77:3b:31:4f:55:
26:46:04:b8:db:03:67:2f:a6:a2:2d:88:58:84:55:63:bb:e6:
d8:14:66:d3
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAY6ubhdvOZcqSF4mckjTlcI5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzM4YTA2YTM5YjIwYjhkYTQwMDA5MjM3ZDc2YWNkZDI4
ZTcxYTUwHhcNMjQwNDA1MTMyMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODUxMmNjODIwOGEwYmU0YzdiMzE1MTJkYzZmYWRmYmNjNThlZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnJU9ucLGNykUjaHITQ6+d7xH7Tp
/Gcr+oc4JZUngj8Inq79qkvkrAJ8d3S58BVSOYOU6qNtFdFRNdOntLY2rPf7ppC3
tyx82mQeEsibnIsHES5wOu0ZNhvkXNYdgXu1uka+vRsn9qAmuiT3mkgTIwaQMNHz
zfoW05GgzUxwmkBkKl0yuAESBTsWoalELtqL6tStWgfmoYohC9Ogn5u7nphwhE/C
+deyArXqkiYPr/uPwah46vlWmXkA8vs9RLsJEl6GnP3Jnq87uLWfuS8UdgFxG8MG
ym9BW4lJilnh+psxpqCb9vpMLfXKsEq42dVfkXcEERIH46TuU6Au28781wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFPhRLMggigvkx7MVEtxvrfvMWO7gMB8GA1UdIwQY
MBaAFAHDigajmyC42kAAkjfXas3SjnGlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNPS0JxT2JJTGphUUFDU045ZHF6ZEtPY2FVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS82YThlNWUtMzliNi00N2UzLWJiYjAt
YjI5ZjEwY2MwMzI4LzEvMS1GRXN5Q0NLQy1USHN4VVMzRy10LTh4WTd1QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvNmE4ZTVlLTM5YjYtNDdlMy1iYmIwLWIyOWYxMGNjMDMy
OC8xL0FjT0tCcU9iSUxqYVFBQ1NOOWRxemRLT2NhVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBXBggrBgEFBQcBBwEB/wRIMEYwNQQCAAEwLwMEAyVi6AME
B4jygAMEB4oMgAMDAJSLAwQHnQWAAwQHnUYAAwQHo3iAAwQHpasAMA0EAgACMAcD
BQMqBDfAMA0GCSqGSIb3DQEBCwUAA4IBAQAN9jCx4M7rWb5Z+Dna0ekkRCax1HmY
bi7gzMSAIytTYBjjv+AvI6EoygbTlqqOs1W1OhzoR2QkelBxqoxooUMfoHN3aUsb
qcp+RfTepFLvlhgwyeVeR0XOs87G58ao4Zr9MaJ2mjJjBDWIzzRdMAq1UcXB3S56
lS0S5b6Qa3v9zJQhDcdGYg5Fyok5sXqDSBrgfcs222UJnXq9hAkLsgigv5XYOFjB
+FctvSqc1SBa4iOsgGT87ix0fddbcqghnIhev23I2Ge3wNtrp36EC6COnpfPyEpZ
1xRTif7vCJ+BzXA6S1drdzsxT1UmRgS42wNnL6aiLYhYhFVju+bYFGbT
-----END CERTIFICATE-----
Generated at Mon May 20 23:51:20 2024 by rpki-client on console-ams.rpki-client.org