Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/eQYVtjAZbrNPd8Su4IDqaA4MPLU.roa
File: eQYVtjAZbrNPd8Su4IDqaA4MPLU.roa (raw, json)
Hash identifier: 4LznGGQPfQOcpNCbsdN2zArjUxAJRXW/F4ZhMcpWgfM=
Subject key identifier: 79:06:15:B6:30:19:6E:B3:4F:77:C4:AE:E0:80:EA:68:0E:0C:3C:B5
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 019078795F9144CCD878592D689C5409A34F
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/eQYVtjAZbrNPd8Su4IDqaA4MPLU.roa
Signing time: Wed 03 Jul 2024 12:02:18 +0000
ROA not before: Wed 03 Jul 2024 12:02:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43519
IP address blocks: 149.20.120.0/24 maxlen: 24
149.20.121.0/24 maxlen: 24
149.20.122.0/24 maxlen: 24
149.20.123.0/24 maxlen: 24
213.248.200.0/24 maxlen: 24
213.248.201.0/24 maxlen: 24
213.248.202.0/24 maxlen: 24
213.248.203.0/24 maxlen: 24
213.248.204.0/24 maxlen: 24
213.248.205.0/24 maxlen: 24
213.248.206.0/24 maxlen: 24
213.248.207.0/24 maxlen: 24
213.248.216.0/24 maxlen: 24
213.248.217.0/24 maxlen: 24
213.248.218.0/24 maxlen: 24
213.248.219.0/24 maxlen: 24
213.248.220.0/24 maxlen: 24
213.248.221.0/24 maxlen: 24
213.248.222.0/24 maxlen: 24
213.248.223.0/24 maxlen: 24
213.248.254.0/24 maxlen: 24
2a01:618:200::/48 maxlen: 48
2a01:618:2ff::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:402::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:618:407::/48 maxlen: 48
2a01:618:408::/48 maxlen: 48
2a01:618:409::/48 maxlen: 48
2a01:618:4ff::/48 maxlen: 48
2a01:61e:1::/48 maxlen: 48
2a01:61e:2::/48 maxlen: 48
2a01:61e:3::/48 maxlen: 48
2a01:61e:4::/48 maxlen: 48
2a01:61e:5::/48 maxlen: 48
2a01:61e:6::/48 maxlen: 48
2a01:61e:fffc::/48 maxlen: 48
2a01:61e:fffd::/48 maxlen: 48
2a01:61e:fffe::/48 maxlen: 48
2a01:61e:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:78:79:5f:91:44:cc:d8:78:59:2d:68:9c:54:09:a3:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Jul 3 12:02:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=790615b630196eb34f77c4aee080ea680e0c3cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d4:b8:b8:f3:e1:77:98:2a:3f:f3:a8:a1:44:
34:f4:66:60:f3:d3:4f:9e:64:a1:3a:57:e4:ad:e1:
fa:7c:2b:85:63:77:5d:e4:3e:40:ad:6c:1f:50:f8:
7c:98:9c:f1:05:a0:02:1d:00:da:85:f2:f1:6d:f5:
62:a1:e3:6f:4f:25:f2:7b:86:f1:cc:0f:de:8f:ba:
e7:4c:f8:a7:c1:a3:55:88:8d:56:08:a2:15:a9:0a:
8e:5a:5d:6e:ba:9f:ff:b3:c4:f9:cf:f1:55:dd:92:
68:0b:f1:c6:b4:b1:49:91:1e:4a:81:a4:32:e9:83:
ce:f7:f4:7a:a3:f0:68:f7:a1:0f:62:02:90:66:44:
9a:ab:ba:3d:7f:40:b4:52:38:6b:1f:25:47:3d:80:
ae:39:c1:e7:d0:22:ee:23:f5:8a:4e:01:30:ce:75:
ab:90:57:35:5f:25:a0:d3:67:43:f3:0f:da:83:15:
00:62:8d:e2:e8:94:19:05:21:3b:69:aa:a0:bb:9d:
8f:0b:19:61:de:cc:73:a2:3d:af:27:a6:95:81:aa:
7a:50:20:ba:e5:04:6d:98:72:e9:1b:f9:8a:28:b4:
e0:89:e8:4d:07:19:ab:93:4b:7b:cd:a0:1b:94:0e:
86:8d:7b:77:b0:37:5e:e7:4e:f4:13:98:17:59:5b:
7f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:06:15:B6:30:19:6E:B3:4F:77:C4:AE:E0:80:EA:68:0E:0C:3C:B5
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/eQYVtjAZbrNPd8Su4IDqaA4MPLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.120.0/22
213.248.200.0/21
213.248.216.0/21
213.248.254.0/24
IPv6:
2a01:618:200::/48
2a01:618:2ff::/48
2a01:618:400::-2a01:618:409:ffff:ffff:ffff:ffff:ffff
2a01:618:4ff::/48
2a01:61e:1::-2a01:61e:6:ffff:ffff:ffff:ffff:ffff
2a01:61e:fffc::/46
Signature Algorithm: sha256WithRSAEncryption
84:be:05:11:88:d5:7a:28:87:a5:a0:73:a8:b1:43:f1:35:1b:
0e:33:07:00:8c:d6:92:d1:88:b3:47:a1:19:62:92:c2:b3:a2:
94:dd:05:04:84:25:98:3f:f0:e0:97:4b:91:96:47:ea:6f:cd:
43:76:01:f8:49:74:56:15:11:24:d9:3c:0f:d1:12:38:e7:b8:
e2:79:21:4e:33:a8:b1:7d:b5:fb:7c:27:cb:74:ab:7b:84:ab:
b1:ca:09:b5:f3:3c:42:b6:32:0b:2a:1d:6f:ad:12:a6:45:2b:
e6:0c:55:32:b0:bf:cd:b3:f6:64:52:eb:2c:d9:6a:6f:71:eb:
69:0c:7b:ae:18:fc:6c:0a:5c:60:8e:75:a5:ab:26:a3:7b:c6:
21:23:ee:27:7e:55:d5:86:04:22:cd:f5:ac:79:dd:66:94:c6:
7e:80:e1:07:e2:c6:16:4b:08:50:45:b5:19:24:16:29:e9:79:
bb:c0:84:81:b4:15:4e:92:38:d5:00:25:b7:2c:15:2a:f3:1f:
e1:8e:3d:cd:88:7c:57:94:c4:2a:8a:39:f7:b2:d9:9a:ac:39:
48:c7:33:f1:4f:79:08:50:15:04:af:29:c0:65:51:df:20:1a:
a7:39:ba:cc:2c:57:1b:c2:1c:0e:d1:a4:da:f7:81:eb:99:c0:
95:9c:68:ea
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZB4eV+RRMzYeFktaJxUCaNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjQwNzAzMTIwMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTA2MTViNjMwMTk2ZWIzNGY3N2M0YWVlMDgwZWE2ODBlMGMzY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9S4uPPhd5gqP/OooUQ09GZg89NP
nmShOlfkreH6fCuFY3dd5D5ArWwfUPh8mJzxBaACHQDahfLxbfVioeNvTyXye4bx
zA/ej7rnTPinwaNViI1WCKIVqQqOWl1uup//s8T5z/FV3ZJoC/HGtLFJkR5KgaQy
6YPO9/R6o/Bo96EPYgKQZkSaq7o9f0C0UjhrHyVHPYCuOcHn0CLuI/WKTgEwznWr
kFc1XyWg02dD8w/agxUAYo3i6JQZBSE7aaqgu52PCxlh3sxzoj2vJ6aVgap6UCC6
5QRtmHLpG/mKKLTgiehNBxmrk0t7zaAblA6GjXt3sDde5070E5gXWVt/5wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFHkGFbYwGW6zT3fEruCA6mgODDy1MB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvZVFZVnRqQVpick5QZDhTdTRJRHFhQTRNUExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwHgQCAAEwGAMEApUUeAME
A9X4yAMEA9X42AMEANX4/jBRBAIAAjBLAwcAKgEGGAIAAwcAKgEGGAL/MBEDBgIq
AQYYBAMHASoBBhgECAMHACoBBhgE/zASAwcAKgEGHgABAwcAKgEGHgAGAwcCKgEG
Hv/8MA0GCSqGSIb3DQEBCwUAA4IBAQCEvgURiNV6KIeloHOosUPxNRsOMwcAjNaS
0YizR6EZYpLCs6KU3QUEhCWYP/Dgl0uRlkfqb81DdgH4SXRWFREk2TwP0RI457ji
eSFOM6ixfbX7fCfLdKt7hKuxygm18zxCtjILKh1vrRKmRSvmDFUysL/Ns/ZkUuss
2WpvcetpDHuuGPxsClxgjnWlqyaje8YhI+4nflXVhgQizfWsed1mlMZ+gOEH4sYW
SwhQRbUZJBYp6Xm7wISBtBVOkjjVACW3LBUq8x/hjj3NiHxXlMQqijn3stmarDlI
xzPxT3kIUBUErynAZVHfIBqnObrMLFcbwhwO0aTa94HrmcCVnGjq
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:02:43 2024 by rpki-client on console-ams.rpki-client.org