Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/1Kg3AeuGUGI_7Hwt3W92yqbg3XE.roa
File: 1Kg3AeuGUGI_7Hwt3W92yqbg3XE.roa (raw, json)
Hash identifier: 0FcEOOj+7ppCrX6MlIXYh3NujiwAflPryGqTptT20gs=
Subject key identifier: D4:A8:37:01:EB:86:50:62:3F:EC:7C:2D:DD:6F:76:CA:A6:E0:DD:71
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018DACF34A293B86EC454BD856E7661E915D
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/1Kg3AeuGUGI_7Hwt3W92yqbg3XE.roa
Signing time: Thu 15 Feb 2024 13:27:21 +0000
ROA not before: Thu 15 Feb 2024 13:27:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200736
IP address blocks: 94.131.32.0/20 maxlen: 24
94.131.128.0/19 maxlen: 24
94.131.130.0/24 maxlen: 24
94.131.131.0/24 maxlen: 24
94.131.132.0/24 maxlen: 24
94.131.133.0/24 maxlen: 24
94.131.134.0/24 maxlen: 24
94.131.135.0/24 maxlen: 24
94.131.136.0/24 maxlen: 24
94.131.137.0/24 maxlen: 24
94.131.138.0/24 maxlen: 24
94.131.139.0/24 maxlen: 24
94.131.140.0/24 maxlen: 24
94.131.141.0/24 maxlen: 24
94.131.142.0/24 maxlen: 24
94.131.143.0/24 maxlen: 24
94.131.144.0/23 maxlen: 23
94.131.144.0/24 maxlen: 24
94.131.145.0/24 maxlen: 24
94.131.146.0/24 maxlen: 24
94.131.147.0/24 maxlen: 24
94.131.148.0/24 maxlen: 24
94.131.149.0/24 maxlen: 24
94.131.150.0/24 maxlen: 24
94.131.151.0/24 maxlen: 24
94.131.152.0/24 maxlen: 24
94.131.153.0/24 maxlen: 24
94.131.154.0/24 maxlen: 24
94.131.155.0/24 maxlen: 24
94.131.156.0/24 maxlen: 24
94.131.157.0/24 maxlen: 24
94.131.158.0/24 maxlen: 24
94.131.159.0/24 maxlen: 24
94.131.160.0/20 maxlen: 24
94.131.161.0/24 maxlen: 24
94.131.162.0/24 maxlen: 24
94.131.163.0/24 maxlen: 24
94.131.165.0/24 maxlen: 24
94.131.166.0/24 maxlen: 24
94.131.167.0/24 maxlen: 24
94.131.169.0/24 maxlen: 24
94.131.170.0/24 maxlen: 24
94.131.172.0/24 maxlen: 24
94.131.173.0/24 maxlen: 24
94.131.174.0/24 maxlen: 24
95.164.124.0/22 maxlen: 24
95.164.176.0/20 maxlen: 24
95.164.208.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:f3:4a:29:3b:86:ec:45:4b:d8:56:e7:66:1e:91:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Feb 15 13:27:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4a83701eb8650623fec7c2ddd6f76caa6e0dd71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a0:64:54:f2:43:05:00:07:b3:6c:03:73:d2:
f7:45:b1:42:bd:d6:2e:b3:2e:d4:5b:3c:d0:27:63:
ed:fd:18:26:d7:ca:50:cf:ab:4c:a5:a0:89:d6:c8:
03:80:2f:be:50:09:a3:40:ec:4d:fc:d5:b9:e5:3d:
b5:46:94:97:fa:76:04:dd:41:49:01:fc:d6:47:c6:
5a:7d:67:b1:6a:ab:9b:8e:28:d7:5e:21:05:b0:a9:
7e:77:af:e8:94:39:f4:45:20:ec:a8:77:ce:db:7b:
86:2e:f4:8b:52:6e:f3:c5:fc:ad:d9:55:6c:8f:8b:
44:ce:61:33:63:a1:66:89:fa:80:f2:4e:b9:94:a8:
17:2b:28:c8:36:2b:b8:5b:8a:78:3d:9f:58:1e:de:
03:37:b9:2f:7b:0b:54:ee:c4:16:a2:60:c3:a8:e3:
d3:f0:6c:0c:07:96:fc:33:a0:9c:b4:13:1d:eb:06:
aa:5f:23:e9:c2:9d:16:65:60:70:c4:8d:d5:52:cc:
82:ea:7d:91:5d:45:67:a0:67:72:50:98:09:ed:1f:
f3:a2:04:6a:b5:82:87:83:88:9e:2b:e5:22:83:82:
6b:a0:5a:8b:db:6d:d7:f1:3a:4d:13:13:bf:a1:12:
57:22:1b:a6:3e:76:3b:df:ac:41:98:28:c6:64:cd:
06:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:A8:37:01:EB:86:50:62:3F:EC:7C:2D:DD:6F:76:CA:A6:E0:DD:71
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/1Kg3AeuGUGI_7Hwt3W92yqbg3XE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.32.0/20
94.131.128.0-94.131.175.255
95.164.124.0/22
95.164.176.0/20
95.164.208.0/20
Signature Algorithm: sha256WithRSAEncryption
60:71:95:75:78:6a:cb:b6:5c:10:d4:49:73:c4:aa:cb:c6:8b:
5f:39:81:32:f5:61:fa:71:77:21:7e:83:03:95:0f:54:f4:e5:
60:f6:32:31:bb:cf:cd:25:21:50:fb:47:b7:2d:92:8f:0e:82:
16:f3:7b:85:1c:41:c4:c4:fd:e6:da:60:66:fb:b2:37:d6:41:
35:49:55:1e:6c:c7:74:a8:64:9d:10:dc:4f:c8:59:c1:66:90:
19:c4:5c:70:71:f1:5f:8f:e7:a8:8c:9e:83:54:6e:a4:d1:f9:
eb:88:41:bf:10:28:40:6f:aa:55:79:39:cf:87:6d:45:bd:18:
d1:8e:00:71:27:94:8c:ff:2f:99:18:36:e0:20:d4:76:20:29:
9a:c7:c3:ee:98:4e:a6:d5:f0:a6:5f:2c:71:9b:d5:9c:24:a2:
a8:a0:5b:58:f4:e3:7a:6e:11:b7:c1:7f:19:32:af:b0:26:11:
14:0d:fa:94:6b:30:cf:04:16:6b:04:af:ef:7e:84:bc:0c:e8:
19:6c:04:b3:99:29:10:31:95:dd:40:f5:e1:7d:89:32:34:21:
cc:83:a2:63:8c:b3:56:71:43:a8:ac:95:6c:15:df:c5:0a:5d:
dc:04:0f:5a:c8:cf:ce:4a:81:18:7b:2f:d7:5e:04:50:6a:d5:
42:04:fb:09
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY2s80opO4bsRUvYVudmHpFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMjE1MTMyNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGE4MzcwMWViODY1MDYyM2ZlYzdjMmRkZDZmNzZjYWE2ZTBkZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqBkVPJDBQAHs2wDc9L3RbFCvdYu
sy7UWzzQJ2Pt/Rgm18pQz6tMpaCJ1sgDgC++UAmjQOxN/NW55T21RpSX+nYE3UFJ
AfzWR8ZafWexaqubjijXXiEFsKl+d6/olDn0RSDsqHfO23uGLvSLUm7zxfyt2VVs
j4tEzmEzY6FmifqA8k65lKgXKyjINiu4W4p4PZ9YHt4DN7kvewtU7sQWomDDqOPT
8GwMB5b8M6CctBMd6waqXyPpwp0WZWBwxI3VUsyC6n2RXUVnoGdyUJgJ7R/zogRq
tYKHg4ieK+Uig4JroFqL223X8TpNExO/oRJXIhumPnY736xBmCjGZM0GywIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNSoNwHrhlBiP+x8Ld1vdsqm4N1xMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvMUtnM0FldUdVR0lfN0h3dDNXOTJ5cWJnM1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEXoMgMAwD
BAdeg4ADBAReg6ADBAJfpHwDBARfpLADBARfpNAwDQYJKoZIhvcNAQELBQADggEB
AGBxlXV4asu2XBDUSXPEqsvGi185gTL1YfpxdyF+gwOVD1T05WD2MjG7z80lIVD7
R7ctko8Oghbze4UcQcTE/ebaYGb7sjfWQTVJVR5sx3SoZJ0Q3E/IWcFmkBnEXHBx
8V+P56iMnoNUbqTR+euIQb8QKEBvqlV5Oc+HbUW9GNGOAHEnlIz/L5kYNuAg1HYg
KZrHw+6YTqbV8KZfLHGb1ZwkoqigW1j043puEbfBfxkyr7AmERQN+pRrMM8EFmsE
r+9+hLwM6BlsBLOZKRAxld1A9eF9iTI0IcyDomOMs1ZxQ6islWwV38UKXdwED1rI
z85KgRh7L9deBFBq1UIE+wk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:49:25 2024 by rpki-client on console-fra.rpki-client.org