Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/iNaBpyRDSlE2dhSrN2griDxvads.roa
File: iNaBpyRDSlE2dhSrN2griDxvads.roa (raw, json)
Hash identifier: fr7mwCTGLiQQgjxHo9Q5H/6H8wezZ251l7kpxDTIvNk=
Subject key identifier: 88:D6:81:A7:24:43:4A:51:36:76:14:AB:37:68:2B:88:3C:6F:69:DB
Certificate issuer: /CN=b87b766968716296e5bba0bce83856ae7165b8b8
Certificate serial: 018CC79531CDD591A632B29293CFB72ECF6B
Authority key identifier: B8:7B:76:69:68:71:62:96:E5:BB:A0:BC:E8:38:56:AE:71:65:B8:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/iNaBpyRDSlE2dhSrN2griDxvads.roa
Signing time: Tue 02 Jan 2024 00:31:32 +0000
ROA not before: Tue 02 Jan 2024 00:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 199.247.0.0/19 maxlen: 32
80.240.16.0/20 maxlen: 32
192.248.128.0/18 maxlen: 32
95.179.128.0/17 maxlen: 32
66.245.192.0/19 maxlen: 32
209.250.224.0/19 maxlen: 32
217.69.0.0/20 maxlen: 32
185.92.220.0/22 maxlen: 32
78.141.192.0/19 maxlen: 32
78.141.224.0/19 maxlen: 32
2a05:f480:3400::/38 maxlen: 38
2a05:f480:2c00::/38 maxlen: 38
2a05:f480:1000::/38 maxlen: 38
2a05:f480:3000::/38 maxlen: 38
2a05:f480:1400::/38 maxlen: 38
2a05:f480:1800::/38 maxlen: 38
2a05:f480:2400::/38 maxlen: 38
2a05:f480:1c00::/38 maxlen: 38
2a05:f480:2800::/38 maxlen: 38
2a05:f480:2000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:31:cd:d5:91:a6:32:b2:92:93:cf:b7:2e:cf:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b87b766968716296e5bba0bce83856ae7165b8b8
Validity
Not Before: Jan 2 00:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88d681a724434a51367614ab37682b883c6f69db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:63:a5:23:5e:55:91:0b:33:4b:ee:19:07:c6:
d5:c9:57:aa:af:9b:0e:c1:f0:56:01:6b:0e:6c:6b:
38:11:4f:74:8c:d5:9f:77:0a:d4:fd:6e:28:a5:04:
0b:da:b8:d2:90:98:a2:91:10:23:6b:40:5c:00:a3:
69:a0:5e:1c:68:15:4d:99:dc:bd:ea:30:27:9c:48:
43:e5:03:d8:5b:08:50:44:d9:04:24:c7:30:4f:0d:
59:9d:90:a8:1c:85:b9:71:cb:19:76:5c:4c:be:13:
a3:6c:2c:11:a7:8b:8d:91:30:cb:51:b9:b4:82:75:
63:35:f7:1d:d5:dd:3b:9b:23:a7:21:e2:0f:57:0f:
0f:cd:07:5b:ee:cf:74:6f:10:ff:cf:6f:92:a5:9b:
fc:34:24:99:b3:e8:ec:cf:c3:28:89:a3:56:02:fb:
0b:90:51:7c:51:68:6d:bf:85:ca:34:8b:86:76:6e:
27:27:12:49:27:4c:d6:75:dc:4d:67:7e:ca:f6:b6:
48:76:7f:ca:9a:5b:cd:a1:1a:c3:7d:b4:99:09:db:
09:14:cf:71:50:d2:0e:8a:c3:5b:aa:8c:f0:11:20:
fb:dd:d9:1d:26:c6:14:41:cc:cf:42:da:3d:d6:a3:
07:14:d4:90:8d:c0:49:96:15:7f:50:1c:24:5c:fd:
60:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:D6:81:A7:24:43:4A:51:36:76:14:AB:37:68:2B:88:3C:6F:69:DB
X509v3 Authority Key Identifier:
keyid:B8:7B:76:69:68:71:62:96:E5:BB:A0:BC:E8:38:56:AE:71:65:B8:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/iNaBpyRDSlE2dhSrN2griDxvads.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.245.192.0/19
78.141.192.0/18
80.240.16.0/20
95.179.128.0/17
185.92.220.0/22
192.248.128.0/18
199.247.0.0/19
209.250.224.0/19
217.69.0.0/20
IPv6:
2a05:f480:1000::-2a05:f480:37ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0e:29:96:c6:bc:6f:f8:1f:df:77:19:48:21:b8:fd:4d:83:a0:
ab:fc:99:0b:65:bf:ad:19:61:f7:9f:f7:c5:38:fe:b2:ce:cd:
ed:dd:2e:dc:a5:ab:a8:4f:0d:63:d1:29:57:be:67:d6:58:b0:
9a:fc:5d:af:6f:cc:dc:06:31:a8:21:b6:3b:fc:7a:04:b3:ef:
23:91:6f:07:80:22:a7:29:1b:f5:75:1d:c1:f2:b9:3f:5e:05:
ee:cd:f4:44:a2:65:61:5f:1b:9a:75:ad:03:26:49:a7:86:48:
62:73:f3:1b:ce:ce:fd:eb:e0:21:cb:68:c9:8e:d8:f2:49:c8:
fd:6d:d9:fe:4a:bc:53:18:0a:ad:3a:20:a3:3c:66:c6:2f:9b:
b3:cd:86:06:2e:77:9f:ed:88:c8:93:2d:79:bc:d9:15:ed:49:
51:29:c2:49:e9:1a:28:12:ec:3f:85:d8:49:ef:23:f7:c6:f9:
00:c9:10:01:ac:92:11:69:eb:f7:2e:8d:2b:93:80:82:a9:b9:
d2:e8:f2:31:92:7e:2f:09:7f:8b:ea:f4:aa:c9:04:44:6e:0d:
8c:83:3d:eb:e7:ce:ad:94:fc:6a:b8:6b:75:d3:19:c6:00:f3:
ba:b7:cc:1b:88:20:e8:c3:41:ca:fd:2c:08:80:8b:6c:17:f6:
58:c6:35:53
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYzHlTHN1ZGmMrKSk8+3Ls9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2I3NjY5Njg3MTYyOTZlNWJiYTBiY2U4Mzg1NmFlNzE2
NWI4YjgwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQ2ODFhNzI0NDM0YTUxMzY3NjE0YWIzNzY4MmI4ODNjNmY2OWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8WOlI15VkQszS+4ZB8bVyVeqr5sO
wfBWAWsObGs4EU90jNWfdwrU/W4opQQL2rjSkJiikRAja0BcAKNpoF4caBVNmdy9
6jAnnEhD5QPYWwhQRNkEJMcwTw1ZnZCoHIW5ccsZdlxMvhOjbCwRp4uNkTDLUbm0
gnVjNfcd1d07myOnIeIPVw8PzQdb7s90bxD/z2+SpZv8NCSZs+jsz8MoiaNWAvsL
kFF8UWhtv4XKNIuGdm4nJxJJJ0zWddxNZ37K9rZIdn/KmlvNoRrDfbSZCdsJFM9x
UNIOisNbqozwESD73dkdJsYUQczPQto91qMHFNSQjcBJlhV/UBwkXP1gyQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFIjWgackQ0pRNnYUqzdoK4g8b2nbMB8GA1UdIwQY
MBaAFLh7dmlocWKW5bugvOg4Vq5xZbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUh0MmFXaHhZcGJsdTZDODZEaFdybkZsdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9hM2VkZTYtYmMzMS00ZDAwLTkyNWMt
M2Q2MTJmMzI0OTk2LzEvaU5hQnB5UkRTbEUyZGhTck4yZ3JpRHh2YWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9hM2VkZTYtYmMzMS00ZDAwLTkyNWMtM2Q2MTJmMzI0OTk2
LzEvdUh0MmFXaHhZcGJsdTZDODZEaFdybkZsdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDA8BAIAATA2AwQFQvXAAwQG
To3AAwQEUPAQAwQHX7OAAwQCuVzcAwQGwPiAAwQFx/cAAwQF0frgAwQE2UUAMBgE
AgACMBIwEAMGBCoF9IAQAwYDKgX0gDAwDQYJKoZIhvcNAQELBQADggEBAA4plsa8
b/gf33cZSCG4/U2DoKv8mQtlv60ZYfef98U4/rLOze3dLtylq6hPDWPRKVe+Z9ZY
sJr8Xa9vzNwGMaghtjv8egSz7yORbweAIqcpG/V1HcHyuT9eBe7N9ESiZWFfG5p1
rQMmSaeGSGJz8xvOzv3r4CHLaMmO2PJJyP1t2f5KvFMYCq06IKM8ZsYvm7PNhgYu
d5/tiMiTLXm82RXtSVEpwknpGigS7D+F2EnvI/fG+QDJEAGskhFp6/cujSuTgIKp
udLo8jGSfi8Jf4vq9KrJBERuDYyDPevnzq2U/Gq4a3XTGcYA87q3zBuIIOjDQcr9
LAiAi2wX9ljGNVM=
-----END CERTIFICATE-----
Generated at Sun May 5 03:53:46 2024 by rpki-client on console-ams.rpki-client.org