Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/IZaPYvTesVE0tYjL5YFOj7nacdo.roa
File: IZaPYvTesVE0tYjL5YFOj7nacdo.roa (raw, json)
Hash identifier: Xu46UHZwpVXLH09TXOqPyjRznj2Cb4IXhUr1cSYvv+s=
Subject key identifier: 21:96:8F:62:F4:DE:B1:51:34:B5:88:CB:E5:81:4E:8F:B9:DA:71:DA
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018F39D7378E9ECB8BF88DC88F7D02581C1C
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/IZaPYvTesVE0tYjL5YFOj7nacdo.roa
Signing time: Thu 02 May 2024 15:05:56 +0000
ROA not before: Thu 02 May 2024 15:05:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34450
IP address blocks: 85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.37.136.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
89.43.45.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.43.73.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
93.113.203.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 06:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:d7:37:8e:9e:cb:8b:f8:8d:c8:8f:7d:02:58:1c:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: May 2 15:05:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21968f62f4deb15134b588cbe5814e8fb9da71da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:ee:7e:76:5c:0d:af:27:0d:c1:3f:14:7e:
3e:37:1e:38:91:72:14:ff:ca:18:20:bd:95:25:b3:
23:46:15:83:2b:94:bd:c7:39:e7:ab:d3:c3:12:d1:
70:80:44:52:b7:1d:14:c2:17:e3:f1:cd:cd:56:31:
56:77:9e:98:ab:aa:ab:b5:65:b6:ea:d5:b7:9b:3c:
9b:69:09:49:75:a0:4e:1a:1c:85:23:0c:85:b7:cb:
64:4c:36:3a:dd:dc:91:84:1a:5f:18:97:ec:8e:83:
dc:3e:7a:45:3a:3f:db:4b:2d:63:ec:37:69:7f:e6:
b9:a6:10:62:6b:87:70:af:69:53:08:35:0a:c2:90:
ca:9e:a9:f2:86:93:7c:25:b2:80:ef:41:32:59:47:
9d:df:0f:89:16:90:f4:28:98:d5:54:a5:47:3a:7c:
ec:6c:be:68:ed:ec:c4:5f:29:75:7f:b2:22:20:3d:
86:18:99:89:0b:1f:01:33:34:07:dd:1c:71:25:11:
a6:27:bb:46:2f:30:b9:a9:ed:28:d1:33:46:54:c0:
26:e2:74:11:22:1e:65:f5:64:56:06:62:40:ce:e5:
b5:c4:7f:9b:c2:48:81:77:19:62:c9:35:88:69:98:
41:ac:03:e1:90:e5:37:e2:35:5a:40:28:22:8d:ec:
0c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:96:8F:62:F4:DE:B1:51:34:B5:88:CB:E5:81:4E:8F:B9:DA:71:DA
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/IZaPYvTesVE0tYjL5YFOj7nacdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
86.106.104.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.45.0-89.43.46.255
89.43.73.0/24
89.44.209.0/24
93.113.158.0/24
93.113.203.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
36:dc:14:12:b0:fd:68:01:03:9c:35:51:dd:29:83:80:59:74:
53:7f:20:3a:39:48:c9:27:e0:29:89:e8:6b:3f:8f:cf:1d:3a:
f7:8e:1e:e8:08:b9:e1:07:05:5c:b7:ee:b2:22:c7:3b:b1:8a:
5f:f6:20:82:c7:a2:7b:da:34:0b:ff:1b:f9:a3:17:ef:20:40:
90:73:4a:19:ec:53:1f:e6:af:8b:21:f1:39:1f:e0:f3:76:84:
40:88:0d:4b:2e:23:0f:d0:e9:33:05:bf:af:20:48:ae:f7:7a:
a4:91:46:3c:b6:92:e2:84:22:8d:33:75:ea:df:b6:a4:cf:4f:
1d:3d:84:af:0d:af:37:46:92:ec:41:d0:04:59:26:4e:17:01:
9b:d5:66:78:58:f2:7f:cd:62:72:fe:00:52:f4:06:ae:17:7a:
b7:56:76:81:e5:04:9d:0e:db:ca:cb:94:9e:0b:08:a8:24:03:
05:bb:c9:98:fb:18:7d:34:2f:de:27:5f:08:af:8b:8f:7e:5d:
65:7b:d5:c9:2f:6e:24:9c:7a:6d:63:ee:24:cc:61:3d:e9:6e:
ec:99:6a:59:9e:8a:03:ad:b5:b1:69:86:e6:cd:c8:a3:ad:39:
ec:a1:46:34:d2:6c:2b:45:50:11:85:08:53:af:0e:c5:d1:41:
82:27:0b:b7
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY851zeOnsuL+I3Ij30CWBwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwNTAyMTUwNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTk2OGY2MmY0ZGViMTUxMzRiNTg4Y2JlNTgxNGU4ZmI5ZGE3MWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovbufnZcDa8nDcE/FH4+Nx44kXIU
/8oYIL2VJbMjRhWDK5S9xznnq9PDEtFwgERStx0Uwhfj8c3NVjFWd56Yq6qrtWW2
6tW3mzybaQlJdaBOGhyFIwyFt8tkTDY63dyRhBpfGJfsjoPcPnpFOj/bSy1j7Ddp
f+a5phBia4dwr2lTCDUKwpDKnqnyhpN8JbKA70EyWUed3w+JFpD0KJjVVKVHOnzs
bL5o7ezEXyl1f7IiID2GGJmJCx8BMzQH3RxxJRGmJ7tGLzC5qe0o0TNGVMAm4nQR
Ih5l9WRWBmJAzuW1xH+bwkiBdxliyTWIaZhBrAPhkOU34jVaQCgijewMdwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFCGWj2L03rFRNLWIy+WBTo+52nHaMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvSVphUFl2VGVzVkUwdFlqTDVZRk9qN25hY2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBgAQCAAEwegMEAFXM
fQMEAFXMfwMEAFZqUAMEAFZqaAMEAFkhowMEA1kiCAMEAFkliAMEAFkn/DAMAwQA
WSstAwQAWSsuAwQAWStJAwQAWSzRAwQAXXGeAwQAXXHLAwQAXXI3AwQAXXJjAwQA
XXKrAwQAvNUSAwQBvNdIAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcN
AQELBQADggEBADbcFBKw/WgBA5w1Ud0pg4BZdFN/IDo5SMkn4CmJ6Gs/j88dOveO
HugIueEHBVy37rIixzuxil/2IILHonvaNAv/G/mjF+8gQJBzShnsUx/mr4sh8Tkf
4PN2hECIDUsuIw/Q6TMFv68gSK73eqSRRjy2kuKEIo0zderftqTPTx09hK8NrzdG
kuxB0ARZJk4XAZvVZnhY8n/NYnL+AFL0Bq4XerdWdoHlBJ0O28rLlJ4LCKgkAwW7
yZj7GH00L94nXwivi49+XWV71ckvbiScem1j7iTMYT3pbuyZalmeigOttbFphubN
yKOtOeyhRjTSbCtFUBGFCFOvDsXRQYInC7c=
-----END CERTIFICATE-----
Generated at Mon May 20 15:12:29 2024 by rpki-client on console-ams.rpki-client.org