Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/1K3B5rbX4nps7u-Kb9wVzKLAen4.roa
File: 1K3B5rbX4nps7u-Kb9wVzKLAen4.roa (raw, json)
Hash identifier: WlT2J4k87tA5ZuVb4JgmuhcY4SejCTWpRU7OUdDZFcQ=
Subject key identifier: D4:AD:C1:E6:B6:D7:E2:7A:6C:EE:EF:8A:6F:DC:15:CC:A2:C0:7A:7E
Certificate issuer: /CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Certificate serial: 018F716E9D54B7468555A03168C5BF2A16C0
Authority key identifier: 38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/1K3B5rbX4nps7u-Kb9wVzKLAen4.roa
Signing time: Mon 13 May 2024 10:10:25 +0000
ROA not before: Mon 13 May 2024 10:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56329
IP address blocks: 46.227.144.0/21 maxlen: 21
78.143.192.0/19 maxlen: 19
82.163.144.0/20 maxlen: 20
82.163.184.0/21 maxlen: 21
82.163.252.0/22 maxlen: 22
83.151.200.0/21 maxlen: 21
88.202.128.0/19 maxlen: 19
88.202.192.0/20 maxlen: 20
88.202.232.0/22 maxlen: 22
88.202.240.0/20 maxlen: 20
88.212.164.0/22 maxlen: 22
88.212.168.0/21 maxlen: 21
88.212.176.0/21 maxlen: 21
88.212.184.0/22 maxlen: 22
185.82.156.0/22 maxlen: 22
185.111.224.0/22 maxlen: 22
185.147.88.0/22 maxlen: 22
188.95.40.0/21 maxlen: 21
194.233.152.0/21 maxlen: 21
194.233.152.0/23 maxlen: 23
194.233.154.0/23 maxlen: 23
194.233.224.0/20 maxlen: 20
195.180.16.0/20 maxlen: 20
195.180.32.0/21 maxlen: 21
195.180.32.0/23 maxlen: 23
195.180.34.0/23 maxlen: 23
195.180.48.0/20 maxlen: 20
212.132.32.0/19 maxlen: 19
212.237.220.0/22 maxlen: 22
213.18.128.0/18 maxlen: 18
216.213.128.0/18 maxlen: 18
2a00:d200::/29 maxlen: 29
2a02:fb8::/32 maxlen: 32
2a06:61c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 07:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:71:6e:9d:54:b7:46:85:55:a0:31:68:c5:bf:2a:16:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Validity
Not Before: May 13 10:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4adc1e6b6d7e27a6ceeef8a6fdc15cca2c07a7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ae:a5:c7:5d:09:56:0e:76:07:e8:01:b9:09:
fd:25:51:ac:f9:1f:28:db:f8:e2:d9:f6:ea:ca:b6:
5c:a3:42:8b:3a:cf:a1:17:0f:02:36:d7:98:0a:c8:
3b:a2:ec:7f:13:91:c6:74:96:73:24:26:7d:ca:38:
58:01:99:06:fd:12:d8:7a:b8:68:d6:c8:29:20:70:
70:f2:53:14:45:cc:10:e2:b6:62:b7:f8:40:28:71:
dd:fa:18:d5:fc:27:d8:c7:7c:be:63:01:72:23:8a:
fb:62:67:45:b2:11:7f:cf:fe:8d:bb:d8:5e:c9:53:
06:34:9b:b4:87:17:82:a3:93:92:d2:49:5e:ac:5d:
3e:c3:df:b3:b1:a2:4f:c1:15:b9:85:ef:d6:d0:a3:
14:48:ce:fb:17:9a:73:7e:f0:cf:5f:5a:24:94:d3:
22:fa:61:5f:f1:14:9d:05:c5:3e:ef:11:56:18:60:
08:d9:da:9a:a2:41:df:c1:dd:90:6e:26:52:4d:75:
9c:5e:25:cf:81:11:66:07:fe:13:49:31:8d:d6:ac:
46:4a:c2:af:e6:29:4b:29:12:53:94:6e:f0:d5:7f:
44:e6:cd:46:18:e1:9f:df:e2:49:4a:51:f7:9b:44:
90:7d:3d:b4:0f:56:fa:4f:84:f2:e6:1b:c9:0a:bb:
5b:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AD:C1:E6:B6:D7:E2:7A:6C:EE:EF:8A:6F:DC:15:CC:A2:C0:7A:7E
X509v3 Authority Key Identifier:
keyid:38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/1K3B5rbX4nps7u-Kb9wVzKLAen4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.144.0/21
78.143.192.0/19
82.163.144.0/20
82.163.184.0/21
82.163.252.0/22
83.151.200.0/21
88.202.128.0/19
88.202.192.0/20
88.202.232.0/22
88.202.240.0/20
88.212.164.0-88.212.187.255
185.82.156.0/22
185.111.224.0/22
185.147.88.0/22
188.95.40.0/21
194.233.152.0/21
194.233.224.0/20
195.180.16.0-195.180.39.255
195.180.48.0/20
212.132.32.0/19
212.237.220.0/22
213.18.128.0/18
216.213.128.0/18
IPv6:
2a00:d200::/29
2a02:fb8::/32
2a06:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
53:21:41:c7:cc:a2:13:22:44:27:9a:95:57:4e:19:d1:ca:2f:
a4:93:37:a8:1e:a7:e8:37:26:fb:00:62:7c:a6:ca:7a:c8:37:
15:96:46:ee:67:40:55:33:f6:fa:44:b5:b4:65:a6:26:f9:93:
73:83:41:c7:18:4a:d3:df:82:93:48:5f:08:27:8e:3d:75:53:
f9:fb:80:8d:d1:03:49:8f:49:ae:13:34:c1:35:e8:de:b8:a3:
47:a1:82:1e:47:86:eb:4c:03:7e:ef:4d:50:ca:ba:62:33:29:
6e:b0:30:b5:c8:76:31:52:1a:b1:77:81:34:55:3e:fa:8f:4f:
34:4b:ac:88:25:e7:a4:d6:03:92:24:c8:e7:31:93:d8:5c:fe:
bb:c9:45:97:65:a2:dc:4f:38:5c:d0:6c:62:a9:ed:ec:a1:d7:
1b:41:d0:b4:ba:00:4b:ba:64:1d:63:50:a0:16:8a:ac:87:30:
ef:64:f1:4d:df:9e:53:6c:27:de:99:74:c2:84:01:4e:ed:c5:
31:a1:ce:d5:6b:53:9c:62:6c:11:f0:21:61:6c:bf:ff:15:d0:
ca:61:40:0b:a2:f1:58:41:63:02:d3:00:e7:6f:91:0b:5e:cc:
3b:70:99:32:bb:b7:19:10:84:62:88:14:92:c2:7f:f4:0b:32:
8a:ed:63:e1
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAY9xbp1Ut0aFVaAxaMW/KhbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDg3MmU4MTdiM2E0NWY5OGQ0YjE1YjY1ZGQ0NTJiNWRh
MmQ2MTEwHhcNMjQwNTEzMTAxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGFkYzFlNmI2ZDdlMjdhNmNlZWVmOGE2ZmRjMTVjY2EyYzA3YTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvK6lx10JVg52B+gBuQn9JVGs+R8o
2/ji2fbqyrZco0KLOs+hFw8CNteYCsg7oux/E5HGdJZzJCZ9yjhYAZkG/RLYerho
1sgpIHBw8lMURcwQ4rZit/hAKHHd+hjV/CfYx3y+YwFyI4r7YmdFshF/z/6Nu9he
yVMGNJu0hxeCo5OS0klerF0+w9+zsaJPwRW5he/W0KMUSM77F5pzfvDPX1oklNMi
+mFf8RSdBcU+7xFWGGAI2dqaokHfwd2QbiZSTXWcXiXPgRFmB/4TSTGN1qxGSsKv
5ilLKRJTlG7w1X9E5s1GGOGf3+JJSlH3m0SQfT20D1b6T4Ty5hvJCrtbwwIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFNStwea21+J6bO7vim/cFcyiwHp+MB8GA1UdIwQY
MBaAFDhIcugXs6RfmNSxW2XdRStdotYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjIt
YmZiZTFiYzE1ZmMyLzEvMUszQjVyYlg0bnBzN3UtS2I5d1Z6S0xBZW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjItYmZiZTFiYzE1ZmMy
LzEvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBoQQCAAEwgZoDBAMu
45ADBAVOj8ADBARSo5ADBANSo7gDBAJSo/wDBANTl8gDBAVYyoADBARYysADBAJY
yugDBARYyvAwDAMEAljUpAMEAljUuAMEArlSnAMEArlv4AMEArmTWAMEA7xfKAME
A8LpmAMEBMLp4DAMAwQEw7QQAwQDw7QgAwQEw7QwAwQF1IQgAwQC1O3cAwQG1RKA
AwQG2NWAMBsEAgACMBUDBQMqANIAAwUAKgIPuAMFAyoGYcAwDQYJKoZIhvcNAQEL
BQADggEBAFMhQcfMohMiRCealVdOGdHKL6STN6gep+g3JvsAYnymynrINxWWRu5n
QFUz9vpEtbRlpib5k3ODQccYStPfgpNIXwgnjj11U/n7gI3RA0mPSa4TNME16N64
o0ehgh5HhutMA37vTVDKumIzKW6wMLXIdjFSGrF3gTRVPvqPTzRLrIgl56TWA5Ik
yOcxk9hc/rvJRZdlotxPOFzQbGKp7eyh1xtB0LS6AEu6ZB1jUKAWiqyHMO9k8U3f
nlNsJ96ZdMKEAU7txTGhztVrU5xibBHwIWFsv/8V0MphQAui8VhBYwLTAOdvkQte
zDtwmTK7txkQhGKIFJLCf/QLMortY+E=
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:11:55 2024 by rpki-client on console-ams.rpki-client.org