Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/77HNHD5RH4f4W0WDzEbSdXLKttM.roa
File: 77HNHD5RH4f4W0WDzEbSdXLKttM.roa (raw, json)
Hash identifier: o26A3OQoo932ud8XnOt2DTYHTbzEVnBxbjygQR/CLfs=
Subject key identifier: EF:B1:CD:1C:3E:51:1F:87:F8:5B:45:83:CC:46:D2:75:72:CA:B6:D3
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018EE3A9E9DCC3DC219D3F123EC70B2C592F
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/77HNHD5RH4f4W0WDzEbSdXLKttM.roa
Signing time: Mon 15 Apr 2024 21:29:07 +0000
ROA not before: Mon 15 Apr 2024 21:29:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8772
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.0.0/24 maxlen: 24
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.124.0/24 maxlen: 24
94.131.127.0/24 maxlen: 24
95.164.15.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.92.0/22 maxlen: 22
95.164.120.0/24 maxlen: 24
95.164.123.0/24 maxlen: 24
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
95.164.248.0/23 maxlen: 23
95.164.251.0/24 maxlen: 24
195.214.208.0/21 maxlen: 21
195.214.208.0/22 maxlen: 22
195.214.210.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:3b::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e3:a9:e9:dc:c3:dc:21:9d:3f:12:3e:c7:0b:2c:59:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Apr 15 21:29:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efb1cd1c3e511f87f85b4583cc46d27572cab6d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:33:f5:32:e7:40:f6:d4:0f:d4:bd:da:0d:6e:
fb:8e:4f:9d:c0:23:5a:57:7a:25:6e:d5:0d:c6:e4:
24:74:76:85:47:69:cc:97:dd:61:0e:93:aa:0d:cc:
a6:49:7e:eb:5f:91:b0:bb:11:9d:7b:4b:c1:94:89:
c1:ff:c2:c6:4b:7a:35:1a:80:14:fa:f5:6e:c0:1b:
b2:2d:6f:4f:c4:ca:7d:c7:c4:86:71:26:60:c4:7e:
a1:07:8c:79:58:19:98:a7:f3:4e:4b:ea:90:81:d2:
3c:8b:64:f7:53:ac:fa:8b:e4:72:4d:1c:21:f2:d0:
b0:6f:f2:8f:17:4c:69:be:72:d1:18:3c:29:73:0e:
04:fc:72:56:7b:72:36:b5:73:d2:cf:b7:ac:90:d2:
ee:0f:b2:a7:b6:ee:f9:f3:a1:c1:3f:b1:2c:6c:9f:
22:9d:78:6e:c2:25:1e:96:30:67:38:fb:c0:ce:63:
66:1b:e7:b3:22:a4:8c:d7:54:95:75:5b:d3:ab:8a:
67:4c:cc:9b:b0:f3:27:43:46:04:d0:34:9d:74:dc:
fe:28:34:05:1a:d7:54:bc:3e:d1:f0:6a:de:c5:59:
79:4c:26:b5:2c:ef:3b:b6:03:b0:1b:d2:47:5d:c0:
9f:93:39:f3:3e:da:ba:29:23:43:ac:38:0d:78:73:
d0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B1:CD:1C:3E:51:1F:87:F8:5B:45:83:CC:46:D2:75:72:CA:B6:D3
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/77HNHD5RH4f4W0WDzEbSdXLKttM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
94.131.124.0/24
94.131.127.0/24
95.164.15.0/24
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.92.0/22
95.164.120.0/24
95.164.123.0/24
95.164.170.0-95.164.175.255
95.164.248.0/23
95.164.251.0/24
195.214.208.0/21
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
98:12:49:f4:31:8c:9e:ec:a9:cd:a7:91:95:3e:46:1b:cd:b1:
cb:2d:56:26:97:8a:8d:b4:06:d1:f2:1a:e3:b2:58:f9:3b:1f:
e4:e1:54:9e:3d:9c:12:16:17:0f:ae:dd:43:e3:97:4a:2d:46:
1c:f1:b6:c9:91:d3:f4:8e:99:ba:0a:21:9f:27:3d:27:2c:63:
70:9d:25:5f:7d:c4:f5:23:51:e3:de:52:6e:1b:17:63:f0:b4:
10:f8:89:79:1d:0f:19:c3:14:b0:7c:d9:67:9f:7c:43:bb:a2:
99:04:cf:5e:ec:14:00:78:a5:92:38:63:35:d5:45:90:8f:8f:
f6:9b:fd:c7:48:5f:9c:ef:ec:e7:ba:54:94:5a:b3:80:a6:d6:
b7:84:98:96:b2:e8:6c:85:3a:09:b0:86:9a:1b:9c:5c:ac:22:
b1:25:0d:85:df:74:5a:de:29:38:2d:1a:e8:f7:0b:96:f2:6a:
0d:f2:fb:db:e3:af:9b:43:96:be:f8:c9:3e:87:3b:f6:90:b3:
b6:de:ca:fd:14:bd:89:be:20:9f:57:9b:39:48:c6:5f:ff:35:
15:e1:9c:f6:ea:d0:26:36:67:6c:7f:6f:89:69:d5:e9:33:a1:
d0:32:8f:32:c2:b2:27:9d:d7:9f:29:08:07:6f:69:c6:39:29:
d4:c3:37:3d
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAY7jqencw9whnT8SPscLLFkvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwNDE1MjEyOTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmIxY2QxYzNlNTExZjg3Zjg1YjQ1ODNjYzQ2ZDI3NTcyY2FiNmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzP1MudA9tQP1L3aDW77jk+dwCNa
V3olbtUNxuQkdHaFR2nMl91hDpOqDcymSX7rX5GwuxGde0vBlInB/8LGS3o1GoAU
+vVuwBuyLW9PxMp9x8SGcSZgxH6hB4x5WBmYp/NOS+qQgdI8i2T3U6z6i+RyTRwh
8tCwb/KPF0xpvnLRGDwpcw4E/HJWe3I2tXPSz7eskNLuD7Kntu7586HBP7EsbJ8i
nXhuwiUeljBnOPvAzmNmG+ezIqSM11SVdVvTq4pnTMybsPMnQ0YE0DSddNz+KDQF
GtdUvD7R8GrexVl5TCa1LO87tgOwG9JHXcCfkznzPtq6KSNDrDgNeHPQyQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFO+xzRw+UR+H+FtFg8xG0nVyyrbTMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvNzdITkhENVJINGY0VzBXRHpFYlNkWExLdHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAU+
zYADBAFegwADBABegwQDBAFegwYDBABeg3wDBABeg38DBABfpA8DBABfpBQDBAJf
pCgwDAMEAF+kMQMEAF+kMjAMAwQCX6Q0AwQCX6Q4MAwDBANfpEgDBABfpEwDBAJf
pFADBAJfpFwDBABfpHgDBABfpHswDAMEAV+kqgMEBF+koAMEAV+k+AMEAF+k+wME
A8PW0DANBAIAAjAHAwUAKgEA0DANBgkqhkiG9w0BAQsFAAOCAQEAmBJJ9DGMnuyp
zaeRlT5GG82xyy1WJpeKjbQG0fIa47JY+Tsf5OFUnj2cEhYXD67dQ+OXSi1GHPG2
yZHT9I6Zugohnyc9JyxjcJ0lX33E9SNR495SbhsXY/C0EPiJeR0PGcMUsHzZZ598
Q7uimQTPXuwUAHilkjhjNdVFkI+P9pv9x0hfnO/s57pUlFqzgKbWt4SYlrLobIU6
CbCGmhucXKwisSUNhd90Wt4pOC0a6PcLlvJqDfL72+Ovm0OWvvjJPoc79pCztt7K
/RS9ib4gn1ebOUjGX/81FeGc9urQJjZnbH9viWnV6TOh0DKPMsKyJ53XnykIB29p
xjkp1MM3PQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:22:44 2024 by rpki-client on console-fra.rpki-client.org