Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/rqM-tH9CRtOIcdNjftMBTu78Pw4.roa
File: rqM-tH9CRtOIcdNjftMBTu78Pw4.roa (raw, json)
Hash identifier: ZAMJodv72g8XiWSF4wUQnTtrCONZ6KJUk6hLK7lyOEI=
Subject key identifier: AE:A3:3E:B4:7F:42:46:D3:88:71:D3:63:7E:D3:01:4E:EE:FC:3F:0E
Certificate issuer: /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial: 018CC3B7283A47F86BADB717CE43FEBC4396
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/rqM-tH9CRtOIcdNjftMBTu78Pw4.roa
Signing time: Mon 01 Jan 2024 06:30:09 +0000
ROA not before: Mon 01 Jan 2024 06:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29405
IP address blocks: 185.176.72.0/22 maxlen: 22
46.229.230.0/24 maxlen: 24
81.89.48.0/20 maxlen: 24
86.110.224.0/19 maxlen: 24
176.109.56.0/21 maxlen: 24
86.110.229.0/24 maxlen: 24
92.240.230.0/24 maxlen: 24
92.240.229.0/24 maxlen: 24
92.240.228.0/24 maxlen: 24
92.240.231.0/24 maxlen: 24
92.240.234.0/24 maxlen: 24
92.240.237.0/24 maxlen: 24
92.240.236.0/24 maxlen: 24
92.240.235.0/24 maxlen: 24
92.240.241.0/24 maxlen: 24
92.240.244.0/24 maxlen: 24
92.240.242.0/24 maxlen: 24
92.240.245.0/24 maxlen: 24
92.240.253.0/24 maxlen: 24
92.240.249.0/24 maxlen: 24
92.240.254.0/24 maxlen: 24
217.73.16.0/24 maxlen: 24
217.73.16.0/20 maxlen: 24
217.73.17.0/24 maxlen: 24
93.184.64.0/20 maxlen: 24
46.229.224.0/20 maxlen: 24
109.74.144.0/20 maxlen: 24
2a01:390::/32 maxlen: 64
2a00:10d8::/32 maxlen: 64
2a00:10d8:10::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:28:3a:47:f8:6b:ad:b7:17:ce:43:fe:bc:43:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Validity
Not Before: Jan 1 06:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aea33eb47f4246d38871d3637ed3014eeefc3f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:60:a3:97:30:70:97:45:0a:96:dc:22:56:cb:
af:5d:0e:e6:90:45:01:6a:c1:4f:dc:37:9b:5e:7a:
37:86:22:a4:c3:b5:32:23:9b:93:03:67:57:4b:2e:
4e:2a:86:4e:bd:f1:4c:49:73:84:56:02:9f:08:94:
98:8f:6c:8c:b4:94:dc:ad:eb:0b:0d:d6:16:0e:7b:
fb:94:41:84:0b:28:b5:14:f3:a2:2e:da:b5:48:bf:
df:ad:27:90:d4:de:e9:78:b3:0b:68:9c:ac:31:97:
ea:9e:36:41:57:45:64:fe:fe:6d:da:f2:71:47:af:
c1:44:41:a6:57:48:f2:97:3e:37:d7:34:05:fa:1b:
01:b8:aa:ff:5a:87:c1:92:5a:64:6c:47:04:88:ba:
6d:f2:3b:a6:32:d4:3a:6f:20:8e:66:35:c9:b7:29:
ae:2b:d4:f6:57:bf:04:94:66:34:e9:b6:50:51:cf:
8c:e8:50:6e:9e:2b:58:07:a7:46:09:38:a9:c2:8f:
08:0e:bd:54:85:a2:2e:64:64:4d:ca:bf:31:45:3a:
d9:eb:ca:29:71:2b:41:d4:a2:02:77:ad:60:02:72:
31:3d:6f:53:2f:71:8a:8b:03:7c:e1:dd:49:ed:09:
18:70:41:82:85:6c:77:3c:d4:b5:e4:71:d4:74:38:
6c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A3:3E:B4:7F:42:46:D3:88:71:D3:63:7E:D3:01:4E:EE:FC:3F:0E
X509v3 Authority Key Identifier:
keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/rqM-tH9CRtOIcdNjftMBTu78Pw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.224.0/20
81.89.48.0/20
86.110.224.0/19
92.240.228.0/22
92.240.234.0-92.240.237.255
92.240.241.0-92.240.242.255
92.240.244.0/23
92.240.249.0/24
92.240.253.0-92.240.254.255
93.184.64.0/20
109.74.144.0/20
176.109.56.0/21
185.176.72.0/22
217.73.16.0/20
IPv6:
2a00:10d8::/32
2a01:390::/32
Signature Algorithm: sha256WithRSAEncryption
8d:0c:a8:3c:f5:d6:b6:f9:67:57:ac:7a:d3:f9:05:6a:1c:8f:
3c:17:4b:87:c2:f7:b1:25:f2:a5:eb:4c:74:f2:fa:ef:49:6b:
c6:42:fd:9e:86:8e:a7:70:be:6a:bb:d7:ae:f1:01:ef:ed:67:
c6:12:03:4e:7b:ab:dc:97:c9:9c:df:d3:55:32:04:5a:70:db:
79:d8:f5:9c:8d:37:7f:dd:5d:3b:0b:c5:3d:53:d7:e5:29:21:
ac:92:a7:f4:d6:9c:41:de:ec:49:3d:06:90:15:0d:b1:b0:e7:
44:96:40:05:75:17:3b:21:af:f4:87:58:9c:34:13:82:e4:31:
d9:af:d1:0b:31:42:5f:3c:2b:0e:27:88:7d:75:d9:d3:80:d6:
e8:62:28:bc:af:07:90:b7:2b:d5:87:e0:6d:34:8e:aa:03:ec:
88:07:3a:16:cd:1b:4c:6b:c1:19:7e:f0:a2:a6:25:0b:68:e2:
d7:98:18:23:6c:52:78:f0:51:43:e3:bd:ee:f1:18:11:60:97:
12:2b:03:6c:a1:6d:9e:5c:eb:7b:48:f9:dc:fc:85:99:08:ab:
8d:45:0d:9d:da:69:95:77:92:aa:ec:12:68:14:a0:2d:3c:6f:
f0:37:6e:d9:ae:d7:06:48:e1:34:1a:a4:2b:8b:01:f6:26:d8:
5e:a3:a4:52
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYzDtyg6R/hrrbcXzkP+vEOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjQwMTAxMDYzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWEzM2ViNDdmNDI0NmQzODg3MWQzNjM3ZWQzMDE0ZWVlZmMzZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWCjlzBwl0UKltwiVsuvXQ7mkEUB
asFP3DebXno3hiKkw7UyI5uTA2dXSy5OKoZOvfFMSXOEVgKfCJSYj2yMtJTcresL
DdYWDnv7lEGECyi1FPOiLtq1SL/frSeQ1N7peLMLaJysMZfqnjZBV0Vk/v5t2vJx
R6/BREGmV0jylz431zQF+hsBuKr/WofBklpkbEcEiLpt8jumMtQ6byCOZjXJtymu
K9T2V78ElGY06bZQUc+M6FBunitYB6dGCTipwo8IDr1UhaIuZGRNyr8xRTrZ68op
cStB1KICd61gAnIxPW9TL3GKiwN84d1J7QkYcEGChWx3PNS15HHUdDhs3wIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFK6jPrR/QkbTiHHTY37TAU7u/D8OMB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvcnFNLXRIOUNSdE9JY2ROamZ0TUJUdTc4UHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
jQyoPPXWtvlnV6x60/kFahyPPBdLh8L3sSXypetMdPL670lrxkL9noaOp3C+arvX
rvEB7+1nxhIDTnur3JfJnN/TVTIEWnDbedj1nI03f91dOwvFPVPX5SkhrJKn9Nac
Qd7sST0GkBUNsbDnRJZABXUXOyGv9IdYnDQTguQx2a/RCzFCXzwrDieIfXXZ04DW
6GIovK8HkLcr1YfgbTSOqgPsiAc6Fs0bTGvBGX7woqYlC2ji15gYI2xSePBRQ+O9
7vEYEWCXEisDbKFtnlzre0j53PyFmQirjUUNndpplXeSquwSaBSgLTxv8Ddu2a7X
BkjhNBqkK4sB9ibYXqOkUg==
-----END CERTIFICATE-----
Generated at Mon May 20 17:34:55 2024 by rpki-client on console-fra.rpki-client.org