Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/tsNsIwRlVdII_oba6pbBhmVIOzQ.roa
File: tsNsIwRlVdII_oba6pbBhmVIOzQ.roa (raw, json)
Hash identifier: l4Dl93e1GJ1Jd+HK6PytNy3/QB7O0bTvtohCJLWRa10=
Subject key identifier: B6:C3:6C:23:04:65:55:D2:08:FE:86:DA:EA:96:C1:86:65:48:3B:34
Certificate issuer: /CN=822b30d89b1bcff699f641f88026942d16a72bcc
Certificate serial: 018CC3491FC391FD1D4C3BA42C52C7DC1E91
Authority key identifier: 82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/tsNsIwRlVdII_oba6pbBhmVIOzQ.roa
Signing time: Mon 01 Jan 2024 04:29:58 +0000
ROA not before: Mon 01 Jan 2024 04:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3243
IP address blocks: 85.240.0.0/13 maxlen: 24
37.189.0.0/16 maxlen: 24
213.13.0.0/16 maxlen: 24
144.64.0.0/16 maxlen: 24
198.56.128.0/17 maxlen: 24
2.80.0.0/14 maxlen: 24
188.80.0.0/14 maxlen: 24
194.65.0.0/16 maxlen: 24
81.193.0.0/16 maxlen: 24
185.2.84.0/22 maxlen: 24
212.55.128.0/19 maxlen: 24
82.154.0.0/15 maxlen: 24
188.250.0.0/15 maxlen: 24
176.78.0.0/15 maxlen: 24
168.182.128.0/17 maxlen: 24
2001:8a0:4000::/34 maxlen: 34
2001:8a0:c000::/34 maxlen: 34
2001:8a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.mft
rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1f:c3:91:fd:1d:4c:3b:a4:2c:52:c7:dc:1e:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=822b30d89b1bcff699f641f88026942d16a72bcc
Validity
Not Before: Jan 1 04:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6c36c23046555d208fe86daea96c18665483b34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d8:a3:5b:28:ec:1f:68:e3:92:65:d6:00:e5:
5a:a1:bf:27:51:07:7d:a0:e2:4f:65:a7:bc:f1:a8:
2a:74:1d:f3:65:60:44:cf:75:1e:d0:b0:d0:c0:c9:
7a:97:36:dc:8d:85:13:d2:f3:86:de:e7:ff:02:f1:
35:c8:3f:08:06:1d:db:a4:53:e4:e9:cd:50:86:15:
6f:c6:5d:37:9a:bd:52:ed:da:c1:5b:c9:d2:27:eb:
e0:0e:e1:92:6c:37:b6:87:93:d7:69:cb:ae:8b:8b:
90:14:5c:67:61:ce:b0:58:42:38:8d:f1:21:17:44:
6f:a0:b3:d9:83:be:c7:60:b0:74:5b:dc:d4:60:9e:
37:f7:49:5d:00:56:7e:3d:2a:0d:00:79:82:3a:c1:
47:a4:1d:7e:32:75:ed:fd:f5:5a:2c:5e:4f:ca:97:
a7:74:fc:64:c1:e6:79:b0:d3:d1:59:59:7c:98:03:
f2:fb:ad:e8:e4:e4:4d:26:4c:04:b0:af:5e:90:14:
c6:65:1f:91:cb:82:27:d1:6b:c2:53:7d:8f:f0:79:
e1:f1:08:24:31:cc:80:aa:79:4c:c4:56:d4:27:0c:
50:09:d0:39:50:69:82:ae:2c:40:33:a1:63:dd:15:
78:be:f8:0c:10:38:b9:a8:97:30:f4:4f:59:8e:12:
59:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C3:6C:23:04:65:55:D2:08:FE:86:DA:EA:96:C1:86:65:48:3B:34
X509v3 Authority Key Identifier:
keyid:82:2B:30:D8:9B:1B:CF:F6:99:F6:41:F8:80:26:94:2D:16:A7:2B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gisw2Jsbz_aZ9kH4gCaULRanK8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/tsNsIwRlVdII_oba6pbBhmVIOzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/e68770-edf2-4358-b821-914d5dc5197f/1/gisw2Jsbz_aZ9kH4gCaULRanK8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.80.0.0/14
37.189.0.0/16
81.193.0.0/16
82.154.0.0/15
85.240.0.0/13
144.64.0.0/16
168.182.128.0/17
176.78.0.0/15
185.2.84.0/22
188.80.0.0/14
188.250.0.0/15
194.65.0.0/16
198.56.128.0/17
212.55.128.0/19
213.13.0.0/16
IPv6:
2001:8a0::/32
Signature Algorithm: sha256WithRSAEncryption
42:b9:e6:c3:df:bc:2f:c9:4c:03:c2:3b:4c:51:4c:53:a1:36:
29:03:04:d5:e7:b1:0c:14:ec:8a:bd:bb:19:09:5a:da:e5:00:
74:7c:62:95:cb:aa:2a:f5:6a:57:c3:cd:4b:33:37:e2:7e:20:
70:1b:67:fb:00:ac:cf:9f:09:6a:a3:c0:54:75:bb:fe:37:6a:
29:75:7f:d2:3d:d7:98:09:2e:87:21:d9:ce:b9:f9:99:61:1b:
73:1b:c5:06:c6:22:8c:cc:41:2a:9b:08:db:30:82:be:ee:1c:
80:68:26:1f:c2:4a:64:51:57:7f:c4:0e:34:24:26:54:83:42:
d1:7a:55:a1:a4:83:9a:91:f6:05:90:26:e8:35:ef:c3:05:19:
86:98:c5:9d:db:2c:f3:9b:9f:78:d9:47:05:ec:4d:4a:84:56:
c4:76:b4:f9:00:9d:f5:80:f1:13:03:8b:d5:a8:e3:d8:37:fb:
0f:da:80:51:2b:a3:a5:ad:33:d0:ce:9b:97:8d:49:23:88:84:
94:83:a9:d6:40:34:11:c2:e5:7b:79:8a:b8:d3:c9:ed:12:b6:
7e:27:9e:c6:60:9a:33:fb:e2:8c:f9:40:52:53:af:b4:f8:97:
59:8e:38:15:8d:ae:d1:59:7d:ef:f0:cf:9c:44:0b:d1:dd:cc:
76:a7:1b:79
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYzDSR/Dkf0dTDukLFLH3B6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMmIzMGQ4OWIxYmNmZjY5OWY2NDFmODgwMjY5NDJkMTZh
NzJiY2MwHhcNMjQwMTAxMDQyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmMzNmMyMzA0NjU1NWQyMDhmZTg2ZGFlYTk2YzE4NjY1NDgzYjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidijWyjsH2jjkmXWAOVaob8nUQd9
oOJPZae88agqdB3zZWBEz3Ue0LDQwMl6lzbcjYUT0vOG3uf/AvE1yD8IBh3bpFPk
6c1QhhVvxl03mr1S7drBW8nSJ+vgDuGSbDe2h5PXacuui4uQFFxnYc6wWEI4jfEh
F0RvoLPZg77HYLB0W9zUYJ4390ldAFZ+PSoNAHmCOsFHpB1+MnXt/fVaLF5Pypen
dPxkweZ5sNPRWVl8mAPy+63o5ORNJkwEsK9ekBTGZR+Ry4In0WvCU32P8Hnh8Qgk
McyAqnlMxFbUJwxQCdA5UGmCrixAM6Fj3RV4vvgMEDi5qJcw9E9ZjhJZNwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFLbDbCMEZVXSCP6G2uqWwYZlSDs0MB8GA1UdIwQY
MBaAFIIrMNibG8/2mfZB+IAmlC0WpyvMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEt
OTE0ZDVkYzUxOTdmLzEvdHNOc0l3UmxWZElJX29iYTZwYkJobVZJT3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lNjg3NzAtZWRmMi00MzU4LWI4MjEtOTE0ZDVkYzUxOTdm
LzEvZ2lzdzJKc2J6X2FaOWtINGdDYVVMUmFuSzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBVBAIAATBPAwMCAlADAwAl
vQMDAFHBAwMBUpoDAwNV8AMDAJBAAwQHqLaAAwMBsE4DBAK5AlQDAwK8UAMDAbz6
AwMAwkEDBAfGOIADBAXUN4ADAwDVDTANBAIAAjAHAwUAIAEIoDANBgkqhkiG9w0B
AQsFAAOCAQEAQrnmw9+8L8lMA8I7TFFMU6E2KQME1eexDBTsir27GQla2uUAdHxi
lcuqKvVqV8PNSzM34n4gcBtn+wCsz58JaqPAVHW7/jdqKXV/0j3XmAkuhyHZzrn5
mWEbcxvFBsYijMxBKpsI2zCCvu4cgGgmH8JKZFFXf8QONCQmVINC0XpVoaSDmpH2
BZAm6DXvwwUZhpjFndss85ufeNlHBexNSoRWxHa0+QCd9YDxEwOL1ajj2Df7D9qA
USujpa0z0M6bl41JI4iElIOp1kA0EcLle3mKuNPJ7RK2fieexmCaM/vijPlAUlOv
tPiXWY44FY2u0Vl97/DPnEQL0d3MdqcbeQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:30:40 2024 by rpki-client on console-ams.rpki-client.org