Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0580b2-f6a4-4de6-9103-a01d729b0a21/1/cQEuHBkLO8D0_QMoC-ko_9GFth4.roa
File: cQEuHBkLO8D0_QMoC-ko_9GFth4.roa (raw, json)
Hash identifier: kwP/A4DfPMsp1qlF7STjUO8IeTNSKK+yq2aA5SYwEIA=
Subject key identifier: 71:01:2E:1C:19:0B:3B:C0:F4:FD:03:28:0B:E9:28:FF:D1:85:B6:1E
Certificate issuer: /CN=9a3ce5c5a730cd8e2ff1f55d180f1a81b3000cc8
Certificate serial: 018CC8011B510DFD52C8EF1A7E67177706E9
Authority key identifier: 9A:3C:E5:C5:A7:30:CD:8E:2F:F1:F5:5D:18:0F:1A:81:B3:00:0C:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mjzlxacwzY4v8fVdGA8agbMADMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/0580b2-f6a4-4de6-9103-a01d729b0a21/1/cQEuHBkLO8D0_QMoC-ko_9GFth4.roa
Signing time: Tue 02 Jan 2024 02:29:24 +0000
ROA not before: Tue 02 Jan 2024 02:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6774
IP address blocks: 213.137.128.0/21 maxlen: 21
213.137.135.0/24 maxlen: 24
213.137.134.0/24 maxlen: 24
213.137.137.0/24 maxlen: 24
213.137.136.0/24 maxlen: 24
213.137.138.0/24 maxlen: 24
213.137.139.0/24 maxlen: 24
213.137.158.0/24 maxlen: 24
80.84.16.0/20 maxlen: 20
80.84.31.0/24 maxlen: 24
80.84.30.0/24 maxlen: 24
94.102.160.0/20 maxlen: 20
80.84.29.0/24 maxlen: 24
94.102.175.0/24 maxlen: 24
195.234.24.0/24 maxlen: 24
2001:9b8::/32 maxlen: 32
2001:9b8:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/0580b2-f6a4-4de6-9103-a01d729b0a21/1/mjzlxacwzY4v8fVdGA8agbMADMg.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/0580b2-f6a4-4de6-9103-a01d729b0a21/1/mjzlxacwzY4v8fVdGA8agbMADMg.mft
rsync://rpki.ripe.net/repository/DEFAULT/mjzlxacwzY4v8fVdGA8agbMADMg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1b:51:0d:fd:52:c8:ef:1a:7e:67:17:77:06:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a3ce5c5a730cd8e2ff1f55d180f1a81b3000cc8
Validity
Not Before: Jan 2 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71012e1c190b3bc0f4fd03280be928ffd185b61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:21:44:b1:b2:55:db:3a:dd:58:a6:29:18:b9:
41:3b:43:bb:53:dd:65:07:8e:0b:89:73:82:f2:dc:
3b:ab:10:af:bd:3a:5d:12:ca:2e:78:08:fb:17:e7:
c3:e0:f1:51:d5:88:81:b6:87:37:df:4d:2b:7b:d7:
7d:8e:5c:1e:b5:5c:88:ea:18:5a:e3:35:5e:12:7e:
81:0c:1c:ae:f3:cb:85:19:21:c2:3c:b1:f2:e9:ed:
a2:05:ae:b5:30:55:71:b5:9e:1c:72:4f:2c:1a:62:
80:ff:f5:66:1a:ea:39:92:46:5a:1c:f3:06:b0:28:
ad:a9:a2:1e:7a:e9:66:45:de:0a:a1:25:8f:00:e5:
34:8f:12:1d:8c:2f:1e:0c:c0:99:52:f4:f5:c0:56:
4e:f8:40:8c:66:25:db:a9:d5:12:3f:44:af:4c:ba:
57:76:60:2b:ac:64:7d:f8:0d:75:d0:98:07:24:12:
df:37:5c:9c:ea:ae:40:7b:8e:f4:7d:35:03:18:a7:
ea:9e:be:51:63:d1:19:2b:b0:25:3d:6e:53:28:1d:
ca:04:99:4a:9a:2c:9c:b0:b3:5b:5c:85:bb:9f:04:
8d:ea:14:69:44:bc:3f:b4:a8:cd:b5:8a:66:88:14:
85:a9:4e:0a:7e:01:dc:c8:82:a2:c5:bd:ac:8e:ce:
2b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:01:2E:1C:19:0B:3B:C0:F4:FD:03:28:0B:E9:28:FF:D1:85:B6:1E
X509v3 Authority Key Identifier:
keyid:9A:3C:E5:C5:A7:30:CD:8E:2F:F1:F5:5D:18:0F:1A:81:B3:00:0C:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mjzlxacwzY4v8fVdGA8agbMADMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0580b2-f6a4-4de6-9103-a01d729b0a21/1/cQEuHBkLO8D0_QMoC-ko_9GFth4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0580b2-f6a4-4de6-9103-a01d729b0a21/1/mjzlxacwzY4v8fVdGA8agbMADMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.16.0/20
94.102.160.0/20
195.234.24.0/24
213.137.128.0-213.137.139.255
213.137.158.0/24
IPv6:
2001:9b8::/32
Signature Algorithm: sha256WithRSAEncryption
3e:b0:5d:b8:f2:20:7f:b6:79:b4:6f:d3:d1:76:56:b6:b9:e0:
b2:be:37:7e:f5:0f:54:31:a3:7f:29:0c:44:35:8c:64:dd:a2:
ef:dd:6a:c8:5f:3e:ce:6b:ad:20:cd:a6:1e:cc:15:01:e6:d6:
cb:4b:9b:27:6c:1d:2a:ad:07:46:92:18:80:17:1f:ad:36:a7:
25:11:67:0f:6d:4a:28:f1:9d:ad:04:b4:ea:e4:df:c8:24:2a:
1f:6f:3e:dd:2a:21:49:24:67:55:90:25:d0:42:33:8d:19:27:
19:02:76:c9:f6:ad:be:6b:43:bc:06:d9:ea:1e:ec:13:d0:65:
61:e7:7b:96:ee:a2:5b:61:df:f8:b8:fd:5b:fc:1d:5f:27:74:
62:64:50:9c:49:ce:1b:fa:e7:96:ca:bb:a9:21:3c:da:31:8d:
2e:b1:a8:36:6a:2e:6e:e6:a8:4e:85:b1:1b:fa:81:a7:72:6b:
bc:92:94:06:fb:aa:89:b4:3e:3a:8a:98:68:0c:71:de:3d:8d:
5f:c6:15:57:c9:2e:05:66:f4:59:1d:07:d4:72:85:ca:66:c7:
ba:e1:a3:f8:a8:b9:78:a4:e5:f5:08:f8:d3:93:2f:fd:bc:ec:
81:41:b4:16:a7:c3:5b:91:5f:32:bb:ef:42:e3:bd:e1:5b:c0:
00:a9:61:72
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzIARtRDf1SyO8afmcXdwbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhM2NlNWM1YTczMGNkOGUyZmYxZjU1ZDE4MGYxYTgxYjMw
MDBjYzgwHhcNMjQwMTAyMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTAxMmUxYzE5MGIzYmMwZjRmZDAzMjgwYmU5MjhmZmQxODViNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyFEsbJV2zrdWKYpGLlBO0O7U91l
B44LiXOC8tw7qxCvvTpdEsoueAj7F+fD4PFR1YiBtoc3300re9d9jlwetVyI6hha
4zVeEn6BDByu88uFGSHCPLHy6e2iBa61MFVxtZ4cck8sGmKA//VmGuo5kkZaHPMG
sCitqaIeeulmRd4KoSWPAOU0jxIdjC8eDMCZUvT1wFZO+ECMZiXbqdUSP0SvTLpX
dmArrGR9+A110JgHJBLfN1yc6q5Ae470fTUDGKfqnr5RY9EZK7AlPW5TKB3KBJlK
miycsLNbXIW7nwSN6hRpRLw/tKjNtYpmiBSFqU4KfgHcyIKixb2sjs4r2QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHEBLhwZCzvA9P0DKAvpKP/RhbYeMB8GA1UdIwQY
MBaAFJo85cWnMM2OL/H1XRgPGoGzAAzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWp6bHhhY3d6WTR2OGZWZEdBOGFnYk1BRE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wNTgwYjItZjZhNC00ZGU2LTkxMDMt
YTAxZDcyOWIwYTIxLzEvY1FFdUhCa0xPOEQwX1FNb0Mta29fOUdGdGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8wNTgwYjItZjZhNC00ZGU2LTkxMDMtYTAxZDcyOWIwYTIx
LzEvbWp6bHhhY3d6WTR2OGZWZEdBOGFnYk1BRE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQEUFQQAwQE
XmagAwQAw+oYMAwDBAfViYADBALViYgDBADViZ4wDQQCAAIwBwMFACABCbgwDQYJ
KoZIhvcNAQELBQADggEBAD6wXbjyIH+2ebRv09F2Vra54LK+N371D1Qxo38pDEQ1
jGTdou/dashfPs5rrSDNph7MFQHm1stLmydsHSqtB0aSGIAXH602pyURZw9tSijx
na0EtOrk38gkKh9vPt0qIUkkZ1WQJdBCM40ZJxkCdsn2rb5rQ7wG2eoe7BPQZWHn
e5buolth3/i4/Vv8HV8ndGJkUJxJzhv655bKu6khPNoxjS6xqDZqLm7mqE6FsRv6
gadya7ySlAb7qom0PjqKmGgMcd49jV/GFVfJLgVm9FkdB9Ryhcpmx7rho/iouXik
5fUI+NOTL/287IFBtBanw1uRXzK770LjveFbwACpYXI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:55 2024 by rpki-client on console-ams.rpki-client.org