Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/xEQTNBRUBEfw6-rNz7s7PC4NcI0.roa
File: xEQTNBRUBEfw6-rNz7s7PC4NcI0.roa (raw, json)
Hash identifier: YchpiE+E4jk85eTM56jGn7Qkd3lN1liv6ICp30IunHw=
Subject key identifier: C4:44:13:34:14:54:04:47:F0:EB:EA:CD:CF:BB:3B:3C:2E:0D:70:8D
Certificate issuer: /CN=a7d85ade2b0d4ec1ca092a8e2703c19200c72f32
Certificate serial: 0190353EDE6810565E418CAE5BE16EC84B08
Authority key identifier: A7:D8:5A:DE:2B:0D:4E:C1:CA:09:2A:8E:27:03:C1:92:00:C7:2F:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p9ha3isNTsHKCSqOJwPBkgDHLzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/xEQTNBRUBEfw6-rNz7s7PC4NcI0.roa
Signing time: Thu 20 Jun 2024 10:43:50 +0000
ROA not before: Thu 20 Jun 2024 10:43:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200107
IP address blocks: 77.74.176.0/23 maxlen: 24
77.74.176.0/24 maxlen: 24
77.74.178.0/23 maxlen: 24
77.74.180.0/24 maxlen: 24
77.74.181.0/24 maxlen: 24
77.74.182.0/24 maxlen: 24
77.74.183.0/24 maxlen: 24
82.202.184.0/23 maxlen: 23
82.202.184.0/24 maxlen: 24
82.202.185.0/24 maxlen: 24
93.159.226.0/24 maxlen: 24
93.159.228.0/23 maxlen: 24
93.159.230.0/23 maxlen: 23
185.54.220.0/24 maxlen: 24
185.54.221.0/24 maxlen: 24
185.54.222.0/24 maxlen: 24
185.54.223.0/24 maxlen: 24
185.85.12.0/24 maxlen: 24
185.85.14.0/24 maxlen: 24
185.85.15.0/24 maxlen: 24
195.128.246.0/23 maxlen: 24
2a03:2480:68::/48 maxlen: 48
2a03:2480:69::/48 maxlen: 48
2a03:2480:70::/48 maxlen: 48
2a03:2480:80::/48 maxlen: 48
2a03:2480:8000::/48 maxlen: 48
2a03:2480:8010::/48 maxlen: 48
2a03:2480:8020::/48 maxlen: 48
2a03:2480:8021::/48 maxlen: 48
2a03:2480:8022::/48 maxlen: 48
2a03:2480:8023::/48 maxlen: 48
2a03:2480:8025::/48 maxlen: 48
2a03:2480:8026::/48 maxlen: 48
2a03:2480:8027::/48 maxlen: 48
2a03:2480:8028::/48 maxlen: 48
2a03:2480:8029::/48 maxlen: 48
2a03:2480:802a::/48 maxlen: 48
2a03:2480:802b::/48 maxlen: 48
2a03:2480:802d::/48 maxlen: 48
2a03:2480:802e::/48 maxlen: 48
2a03:2480:802f::/48 maxlen: 48
2a03:2480:8030::/48 maxlen: 48
2a03:2480:8031::/48 maxlen: 48
2a03:2480:8032::/48 maxlen: 48
2a03:2480:8033::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/p9ha3isNTsHKCSqOJwPBkgDHLzI.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/p9ha3isNTsHKCSqOJwPBkgDHLzI.mft
rsync://rpki.ripe.net/repository/DEFAULT/p9ha3isNTsHKCSqOJwPBkgDHLzI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:3e:de:68:10:56:5e:41:8c:ae:5b:e1:6e:c8:4b:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7d85ade2b0d4ec1ca092a8e2703c19200c72f32
Validity
Not Before: Jun 20 10:43:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c444133414540447f0ebeacdcfbb3b3c2e0d708d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:78:f2:42:11:6b:96:84:ff:9c:70:e7:ad:93:
44:c8:43:d6:cf:5d:24:30:8e:89:b7:1e:56:48:ba:
91:1d:34:a6:e3:8e:22:3c:a2:29:6e:ef:28:06:41:
b9:4c:77:05:15:d1:2a:40:df:5a:a3:06:bd:e1:57:
72:a2:33:66:eb:84:53:0f:de:74:03:17:bb:be:36:
d8:f0:e1:63:87:d8:7f:a1:6b:9b:86:ce:8e:31:4d:
34:c7:16:9b:75:e4:16:71:4e:b1:de:a8:d4:fa:82:
a1:8a:d7:2d:5f:55:f5:ef:f9:22:1b:85:2a:94:55:
3d:56:c6:9c:c8:8f:07:6a:98:93:0d:3c:bf:39:89:
eb:25:b3:23:2f:f7:45:49:ca:0e:6f:af:73:c3:3a:
a3:0a:92:3f:27:c2:cf:37:fc:1c:2f:1f:be:da:bb:
60:e2:bd:25:78:52:86:f2:5c:c9:ad:b7:b1:70:dd:
46:2a:72:1a:1f:0f:c5:3a:54:a8:29:95:c6:ee:ef:
a3:d3:6c:8a:3d:df:9e:a8:95:a8:50:46:ca:a4:9d:
d7:5b:52:0a:f0:cc:0c:55:1a:c6:6f:f2:7a:17:c6:
ec:1c:44:e2:d5:28:69:a1:11:2e:cf:84:e0:7b:3f:
e3:ad:9b:3d:30:31:c6:21:1b:43:6f:ea:32:c7:75:
ec:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:44:13:34:14:54:04:47:F0:EB:EA:CD:CF:BB:3B:3C:2E:0D:70:8D
X509v3 Authority Key Identifier:
keyid:A7:D8:5A:DE:2B:0D:4E:C1:CA:09:2A:8E:27:03:C1:92:00:C7:2F:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p9ha3isNTsHKCSqOJwPBkgDHLzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/xEQTNBRUBEfw6-rNz7s7PC4NcI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/403142-dcfc-4fb5-ae1f-04b0bf60b9b7/1/p9ha3isNTsHKCSqOJwPBkgDHLzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.176.0/21
82.202.184.0/23
93.159.226.0/24
93.159.228.0/22
185.54.220.0/22
185.85.12.0/24
185.85.14.0/23
195.128.246.0/23
IPv6:
2a03:2480:68::/47
2a03:2480:70::/48
2a03:2480:80::/48
2a03:2480:8000::/48
2a03:2480:8010::/48
2a03:2480:8020::/46
2a03:2480:8025::-2a03:2480:802b:ffff:ffff:ffff:ffff:ffff
2a03:2480:802d::-2a03:2480:8033:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
77:7d:b6:b1:d2:56:48:33:96:d5:62:86:85:8a:fc:4a:f8:9c:
bf:3d:78:29:a5:06:ca:cb:dc:cd:21:ae:3c:ee:72:f2:63:61:
cb:00:6b:66:2c:5a:6d:bc:fe:a2:dc:3c:d8:75:f5:0c:43:b2:
9c:72:ab:8c:fd:6e:74:a8:2a:13:d7:b6:82:61:72:e3:9c:67:
53:6a:b2:30:98:b0:0b:4c:4b:64:19:20:63:0c:08:7a:16:83:
ae:ba:73:08:e4:9d:83:5c:fb:55:ee:c3:eb:13:4b:bf:4a:e2:
bc:e9:85:5b:f6:fc:86:57:4f:f8:ab:78:33:7a:d0:61:e8:eb:
0b:14:29:6d:47:f9:19:86:7d:c2:b5:08:e2:8e:df:5b:a6:9e:
08:80:56:3c:97:9c:44:01:03:48:fc:8a:ca:ba:ef:91:53:bd:
2b:7e:19:c2:42:80:c6:e3:30:b2:79:0a:a6:49:75:e6:b3:e7:
df:9c:44:aa:19:8c:5a:cc:b6:5a:6c:74:f6:ec:b4:f7:39:e8:
0c:d8:e8:36:6a:0b:27:50:a5:ed:07:bd:ce:30:da:23:c3:36:
5b:2b:7f:51:ca:5a:2a:bc:9b:85:2e:1d:91:fd:2a:52:a6:52:
71:eb:01:0c:eb:69:8c:fa:cf:2b:7d:eb:cd:a0:b9:a0:68:80:
b0:47:01:e3
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZA1Pt5oEFZeQYyuW+FuyEsIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZDg1YWRlMmIwZDRlYzFjYTA5MmE4ZTI3MDNjMTkyMDBj
NzJmMzIwHhcNMjQwNjIwMTA0MzUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ0MTMzNDE0NTQwNDQ3ZjBlYmVhY2RjZmJiM2IzYzJlMGQ3MDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXjyQhFrloT/nHDnrZNEyEPWz10k
MI6Jtx5WSLqRHTSm444iPKIpbu8oBkG5THcFFdEqQN9aowa94VdyojNm64RTD950
Axe7vjbY8OFjh9h/oWubhs6OMU00xxabdeQWcU6x3qjU+oKhitctX1X17/kiG4Uq
lFU9VsacyI8HapiTDTy/OYnrJbMjL/dFScoOb69zwzqjCpI/J8LPN/wcLx++2rtg
4r0leFKG8lzJrbexcN1GKnIaHw/FOlSoKZXG7u+j02yKPd+eqJWoUEbKpJ3XW1IK
8MwMVRrGb/J6F8bsHETi1ShpoREuz4Tgez/jrZs9MDHGIRtDb+oyx3XsYQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFMREEzQUVARH8Ovqzc+7OzwuDXCNMB8GA1UdIwQY
MBaAFKfYWt4rDU7BygkqjicDwZIAxy8yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDloYTNpc05Uc0hLQ1NxT0p3UEJrZ0RITHpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80MDMxNDItZGNmYy00ZmI1LWFlMWYt
MDRiMGJmNjBiOWI3LzEveEVRVE5CUlVCRWZ3Ni1yTno3czdQQzROY0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS80MDMxNDItZGNmYy00ZmI1LWFlMWYtMDRiMGJmNjBiOWI3
LzEvcDloYTNpc05Uc0hLQ1NxT0p3UEJrZ0RITHpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjA2BAIAATAwAwQDTUqw
AwQBUsq4AwQAXZ/iAwQCXZ/kAwQCuTbcAwQAuVUMAwQBuVUOAwQBw4D2MGQEAgAC
MF4DBwEqAySAAGgDBwAqAySAAHADBwAqAySAAIADBwAqAySAgAADBwAqAySAgBAD
BwIqAySAgCAwEgMHACoDJICAJQMHAioDJICAKDASAwcAKgMkgIAtAwcCKgMkgIAw
MA0GCSqGSIb3DQEBCwUAA4IBAQB3fbax0lZIM5bVYoaFivxK+Jy/PXgppQbKy9zN
Ia487nLyY2HLAGtmLFptvP6i3DzYdfUMQ7KccquM/W50qCoT17aCYXLjnGdTarIw
mLALTEtkGSBjDAh6FoOuunMI5J2DXPtV7sPrE0u/SuK86YVb9vyGV0/4q3gzetBh
6OsLFCltR/kZhn3CtQjijt9bpp4IgFY8l5xEAQNI/IrKuu+RU70rfhnCQoDG4zCy
eQqmSXXms+ffnESqGYxazLZabHT27LT3OegM2Og2agsnUKXtB73OMNojwzZbK39R
yloqvJuFLh2R/SpSplJx6wEM62mM+s8rfevNoLmgaICwRwHj
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:04:13 2024 by rpki-client on console-ams.rpki-client.org