Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/rrrUpuF1KgCnBLS04KnBxBRy79Q.roa
File: rrrUpuF1KgCnBLS04KnBxBRy79Q.roa (raw, json)
Hash identifier: muuWoE+d6svWm07AqWJWBhEb054J9EDK5vuaywS1rxc=
Subject key identifier: AE:BA:D4:A6:E1:75:2A:00:A7:04:B4:B4:E0:A9:C1:C4:14:72:EF:D4
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018E77F84EB81F4DD45249F995441E912D59
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/rrrUpuF1KgCnBLS04KnBxBRy79Q.roa
Signing time: Mon 25 Mar 2024 23:35:45 +0000
ROA not before: Mon 25 Mar 2024 23:35:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29632
IP address blocks: 62.205.128.0/19 maxlen: 20
62.205.128.0/20 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.152.0/24 maxlen: 24
62.205.159.0/24 maxlen: 24
94.131.0.0/23 maxlen: 23
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
95.164.20.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.52.0/22 maxlen: 22
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.92.0/22 maxlen: 22
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
195.214.208.0/21 maxlen: 21
195.214.208.0/22 maxlen: 22
195.214.210.0/24 maxlen: 24
195.214.212.0/22 maxlen: 22
2a01:d0::/32 maxlen: 32
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:317::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 06:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:77:f8:4e:b8:1f:4d:d4:52:49:f9:95:44:1e:91:2d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Mar 25 23:35:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aebad4a6e1752a00a704b4b4e0a9c1c41472efd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:11:db:91:64:b6:af:f8:e7:96:3c:08:c0:85:
43:1c:c7:b3:90:c2:9c:ab:f4:ea:07:af:91:6d:5b:
ae:7c:8f:d6:fa:6c:74:42:90:74:fe:74:25:c5:ef:
34:f2:8b:92:67:19:e5:00:21:6c:99:73:15:8c:09:
39:57:a8:9e:51:fe:4e:7d:96:de:ea:22:1e:a7:5b:
e6:3d:37:f4:6b:be:86:91:a4:9b:28:32:e1:a1:cb:
f3:87:a1:40:a0:44:a5:f4:e8:cf:8b:26:19:a6:dc:
a2:3c:4e:77:d8:45:cd:80:a5:82:da:83:dd:2a:98:
77:06:b9:a6:d4:e0:c2:96:51:e1:58:3f:92:c0:d5:
85:bd:ac:02:13:45:59:7d:d6:8d:6e:76:fc:97:34:
2d:f1:f6:da:f6:a3:73:fc:72:2d:45:52:35:31:01:
83:63:44:77:21:d6:eb:cc:ab:7f:e8:bf:4f:73:8f:
fe:34:68:d0:94:60:fb:c2:98:46:2f:97:77:6d:98:
c6:c4:2b:c1:a7:e2:ea:d7:84:a4:ea:73:58:97:1c:
45:f6:ee:bc:85:cb:70:b8:af:99:84:42:2f:9c:40:
55:97:76:32:c7:c0:4a:c3:66:eb:65:bc:75:bd:61:
58:d1:ff:a8:53:d1:62:08:14:c5:d7:6c:4a:ff:bb:
ff:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BA:D4:A6:E1:75:2A:00:A7:04:B4:B4:E0:A9:C1:C4:14:72:EF:D4
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/rrrUpuF1KgCnBLS04KnBxBRy79Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
95.164.20.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.52.0-95.164.59.255
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.92.0/22
95.164.170.0-95.164.175.255
195.214.208.0/21
IPv6:
2a01:d0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:67:33:87:34:4d:c2:89:af:de:61:71:1f:03:6c:4b:57:67:
51:b7:56:80:3b:d0:2d:7b:e8:ba:e5:1d:0d:18:30:10:94:c9:
b6:60:ad:b3:d3:90:43:97:d8:01:4a:3e:26:25:d6:69:a2:40:
5b:20:11:5f:e3:fa:b8:1f:fd:a4:4c:33:29:8e:b9:26:a0:11:
e0:0e:f1:e7:b6:f3:9c:ef:8b:91:4c:c6:78:c2:76:dc:ac:be:
1f:f6:1a:de:1e:f7:02:09:75:c1:e7:f2:3a:bf:66:d0:ad:29:
bd:ef:eb:15:62:51:58:dc:dd:2a:cf:24:40:95:d3:e8:d8:05:
2d:71:57:35:85:c7:a0:f8:9c:74:76:b5:1b:1b:25:a9:4b:04:
48:68:a7:d7:3a:43:8a:eb:2c:da:38:aa:7e:23:15:a9:82:34:
2f:ce:3f:2a:56:15:78:44:a7:3b:9c:b7:c3:b8:0e:c3:6f:00:
73:55:5e:79:4a:c5:67:91:4e:44:93:ab:3d:c1:60:a7:ff:6a:
30:4f:5d:b6:2c:60:0a:57:97:6d:b2:30:4b:d0:69:8e:69:28:
74:24:ff:e9:a1:47:54:89:05:7a:97:0e:9f:52:58:d0:c9:88:
0d:87:2b:ef:75:01:e6:c2:fc:75:cd:09:5f:84:6c:09:c0:a2:
f0:3c:38:1a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY53+E64H03UUkn5lUQekS1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMzI1MjMzNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWJhZDRhNmUxNzUyYTAwYTcwNGI0YjRlMGE5YzFjNDE0NzJlZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhHbkWS2r/jnljwIwIVDHMezkMKc
q/TqB6+RbVuufI/W+mx0QpB0/nQlxe808ouSZxnlACFsmXMVjAk5V6ieUf5OfZbe
6iIep1vmPTf0a76GkaSbKDLhocvzh6FAoESl9OjPiyYZptyiPE532EXNgKWC2oPd
Kph3Brmm1ODCllHhWD+SwNWFvawCE0VZfdaNbnb8lzQt8fba9qNz/HItRVI1MQGD
Y0R3IdbrzKt/6L9Pc4/+NGjQlGD7wphGL5d3bZjGxCvBp+Lq14Sk6nNYlxxF9u68
hctwuK+ZhEIvnEBVl3Yyx8BKw2brZbx1vWFY0f+oU9FiCBTF12xK/7v/FwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFK661KbhdSoApwS0tOCpwcQUcu/UMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvcnJyVXB1RjFLZ0NuQkxTMDRLbkJ4QlJ5NzlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQFPs2A
AwQBXoMAAwQAXoMEAwQBXoMGAwQAX6QUAwQCX6QoMAwDBABfpDEDBABfpDIwDAME
Al+kNAMEAl+kODAMAwQDX6RIAwQAX6RMAwQCX6RQAwQCX6RcMAwDBAFfpKoDBARf
pKADBAPD1tAwDQQCAAIwBwMFACoBANAwDQYJKoZIhvcNAQELBQADggEBAF5nM4c0
TcKJr95hcR8DbEtXZ1G3VoA70C176LrlHQ0YMBCUybZgrbPTkEOX2AFKPiYl1mmi
QFsgEV/j+rgf/aRMMymOuSagEeAO8ee285zvi5FMxnjCdtysvh/2Gt4e9wIJdcHn
8jq/ZtCtKb3v6xViUVjc3SrPJECV0+jYBS1xVzWFx6D4nHR2tRsbJalLBEhop9c6
Q4rrLNo4qn4jFamCNC/OPypWFXhEpzuct8O4DsNvAHNVXnlKxWeRTkSTqz3BYKf/
ajBPXbYsYApXl22yMEvQaY5pKHQk/+mhR1SJBXqXDp9SWNDJiA2HK+91AebC/HXN
CV+EbAnAovA8OBo=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:39:05 2024 by rpki-client on console-ams.rpki-client.org