Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/c17237-a134-4b11-ab12-9fb6b60bd69a/1/L6k5F-1W4EDImOZGY55GSn-FyG0.roa
File: L6k5F-1W4EDImOZGY55GSn-FyG0.roa (raw, json)
Hash identifier: kNgjh1Qem2EOpGhM3wCxmgidnzmk+TlCS6QEko1MZHo=
Subject key identifier: 2F:A9:39:17:ED:56:E0:40:C8:98:E6:46:63:9E:46:4A:7F:85:C8:6D
Certificate issuer: /CN=92c71c2078a91e76c0e5a6d30096872c922c9cdc
Certificate serial: 018F80CE77952C2C66A4ACF2D8D420222A37
Authority key identifier: 92:C7:1C:20:78:A9:1E:76:C0:E5:A6:D3:00:96:87:2C:92:2C:9C:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ksccIHipHnbA5abTAJaHLJIsnNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/c17237-a134-4b11-ab12-9fb6b60bd69a/1/L6k5F-1W4EDImOZGY55GSn-FyG0.roa
Signing time: Thu 16 May 2024 09:49:25 +0000
ROA not before: Thu 16 May 2024 09:49:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50564
IP address blocks: 45.131.28.0/22 maxlen: 22
45.131.28.0/24 maxlen: 24
45.131.29.0/24 maxlen: 24
45.131.30.0/24 maxlen: 24
45.131.31.0/24 maxlen: 24
94.158.252.0/22 maxlen: 22
94.158.252.0/24 maxlen: 24
94.158.253.0/24 maxlen: 24
94.158.255.0/24 maxlen: 24
185.44.24.0/22 maxlen: 22
185.44.24.0/24 maxlen: 24
185.44.25.0/24 maxlen: 24
185.44.26.0/24 maxlen: 24
185.44.27.0/24 maxlen: 24
185.95.124.0/22 maxlen: 22
185.95.124.0/24 maxlen: 24
185.95.125.0/24 maxlen: 24
185.95.126.0/24 maxlen: 24
185.95.127.0/24 maxlen: 24
185.104.236.0/22 maxlen: 22
185.104.236.0/24 maxlen: 24
185.104.237.0/24 maxlen: 24
185.104.238.0/24 maxlen: 24
185.104.239.0/24 maxlen: 24
185.143.136.0/22 maxlen: 22
185.143.136.0/24 maxlen: 24
185.143.137.0/24 maxlen: 24
185.143.138.0/24 maxlen: 24
185.143.139.0/24 maxlen: 24
185.182.124.0/22 maxlen: 22
185.182.124.0/24 maxlen: 24
185.182.125.0/24 maxlen: 24
185.182.126.0/24 maxlen: 24
185.182.127.0/24 maxlen: 24
185.184.0.0/22 maxlen: 22
185.184.0.0/24 maxlen: 24
185.184.1.0/24 maxlen: 24
185.184.2.0/24 maxlen: 24
185.184.3.0/24 maxlen: 24
185.208.20.0/22 maxlen: 22
185.208.20.0/24 maxlen: 24
185.208.21.0/24 maxlen: 24
185.208.22.0/24 maxlen: 24
185.208.23.0/24 maxlen: 24
185.213.48.0/22 maxlen: 22
185.213.48.0/24 maxlen: 24
185.213.49.0/24 maxlen: 24
185.213.50.0/24 maxlen: 24
185.213.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/c17237-a134-4b11-ab12-9fb6b60bd69a/1/ksccIHipHnbA5abTAJaHLJIsnNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/c17237-a134-4b11-ab12-9fb6b60bd69a/1/ksccIHipHnbA5abTAJaHLJIsnNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ksccIHipHnbA5abTAJaHLJIsnNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:ce:77:95:2c:2c:66:a4:ac:f2:d8:d4:20:22:2a:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92c71c2078a91e76c0e5a6d30096872c922c9cdc
Validity
Not Before: May 16 09:49:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fa93917ed56e040c898e646639e464a7f85c86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a3:a7:ec:fb:ef:8f:f4:4a:57:c6:d5:b9:c6:
9e:0b:f3:53:3b:14:0c:a7:46:e6:cc:85:7c:12:d9:
20:dc:49:b9:a9:41:61:3b:db:69:0f:ff:c0:63:89:
87:14:8b:f4:dd:3b:26:c6:a2:46:40:43:2e:b7:f5:
4d:4e:d6:3a:f8:81:fd:9e:02:3d:ac:b7:c2:97:b1:
6f:77:65:83:69:81:58:cd:54:06:41:6e:bc:ef:72:
90:d8:3f:b5:1f:14:23:12:11:26:27:98:dc:d6:0d:
a6:90:d2:b9:d1:ef:6a:82:7d:bb:54:2c:6c:17:3d:
58:4e:4a:ee:e3:65:cc:0a:4d:84:1c:3c:8c:ee:c7:
e4:c1:21:6f:01:3d:9e:70:fe:90:11:f6:7f:70:e0:
d0:1b:60:17:41:e2:06:56:4f:cd:6c:5d:01:f5:d1:
6e:49:7c:67:bb:00:a4:3e:5f:4d:a8:c8:8c:5a:cd:
c5:48:e4:9e:39:a8:25:73:a3:32:11:6e:40:ae:82:
3a:ff:bc:55:78:42:1c:df:98:f1:f4:a8:17:62:c9:
a2:fd:2c:f8:c5:e5:d1:c0:49:2d:c3:69:dd:fe:e3:
28:86:e8:cb:bf:2f:8b:e5:26:cd:53:34:1e:b3:c0:
75:48:41:89:7a:1a:8c:90:3a:7e:63:57:38:2d:6a:
61:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A9:39:17:ED:56:E0:40:C8:98:E6:46:63:9E:46:4A:7F:85:C8:6D
X509v3 Authority Key Identifier:
keyid:92:C7:1C:20:78:A9:1E:76:C0:E5:A6:D3:00:96:87:2C:92:2C:9C:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksccIHipHnbA5abTAJaHLJIsnNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c17237-a134-4b11-ab12-9fb6b60bd69a/1/L6k5F-1W4EDImOZGY55GSn-FyG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c17237-a134-4b11-ab12-9fb6b60bd69a/1/ksccIHipHnbA5abTAJaHLJIsnNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.28.0/22
94.158.252.0/22
185.44.24.0/22
185.95.124.0/22
185.104.236.0/22
185.143.136.0/22
185.182.124.0/22
185.184.0.0/22
185.208.20.0/22
185.213.48.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:d0:17:84:e5:1d:d5:73:d3:e6:f9:45:8c:e3:95:77:98:d7:
41:a8:61:07:ce:83:8c:11:98:d4:13:d8:6a:f4:7f:36:bf:d7:
93:04:63:de:b7:5e:b7:77:e5:26:c9:fe:03:71:6b:10:0e:ba:
8f:02:f2:c8:b8:d1:ab:0b:60:89:51:9d:03:ef:60:4a:f6:a3:
a7:2e:48:15:b2:c3:82:b6:f1:7b:29:96:e2:a8:5e:bb:f9:e4:
0a:7a:50:9f:d0:a3:00:bf:de:9d:1a:b4:45:f5:16:06:4e:52:
59:06:9a:f4:6f:3e:67:46:19:3f:8c:45:8c:fb:47:cc:db:fb:
be:08:76:76:0e:5a:13:92:e1:e4:29:a3:02:dc:a3:ab:d1:f3:
66:4c:d3:3c:28:fe:ed:11:76:26:23:87:04:61:a2:90:a8:a0:
79:cd:01:55:29:b9:38:f6:c0:5e:1a:ed:7a:13:1f:81:37:44:
8a:69:4a:c2:36:2e:9f:d7:a2:c5:3f:e7:42:97:9c:e1:1c:2c:
87:6e:ff:51:a0:73:a4:17:81:dc:10:bc:ca:05:a7:e5:a4:ef:
bd:dc:c1:d0:59:20:15:b8:30:39:e5:50:13:c3:95:3c:3e:e4:
1c:01:60:f7:54:06:34:14:1d:75:15:cb:f1:db:c4:7d:2d:54:
8e:36:ab:e6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY+AzneVLCxmpKzy2NQgIio3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyYzcxYzIwNzhhOTFlNzZjMGU1YTZkMzAwOTY4NzJjOTIy
YzljZGMwHhcNMjQwNTE2MDk0OTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmE5MzkxN2VkNTZlMDQwYzg5OGU2NDY2MzllNDY0YTdmODVjODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6On7Pvvj/RKV8bVucaeC/NTOxQM
p0bmzIV8Etkg3Em5qUFhO9tpD//AY4mHFIv03TsmxqJGQEMut/VNTtY6+IH9ngI9
rLfCl7Fvd2WDaYFYzVQGQW6873KQ2D+1HxQjEhEmJ5jc1g2mkNK50e9qgn27VCxs
Fz1YTkru42XMCk2EHDyM7sfkwSFvAT2ecP6QEfZ/cODQG2AXQeIGVk/NbF0B9dFu
SXxnuwCkPl9NqMiMWs3FSOSeOaglc6MyEW5AroI6/7xVeEIc35jx9KgXYsmi/Sz4
xeXRwEktw2nd/uMohujLvy+L5SbNUzQes8B1SEGJehqMkDp+Y1c4LWphjQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFC+pORftVuBAyJjmRmOeRkp/hchtMB8GA1UdIwQY
MBaAFJLHHCB4qR52wOWm0wCWhyySLJzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3NjY0lIaXBIbmJBNWFiVEFKYUhMSklzbk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9jMTcyMzctYTEzNC00YjExLWFiMTIt
OWZiNmI2MGJkNjlhLzEvTDZrNUYtMVc0RURJbU9aR1k1NUdTbi1GeUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9jMTcyMzctYTEzNC00YjExLWFiMTItOWZiNmI2MGJkNjlh
LzEva3NjY0lIaXBIbmJBNWFiVEFKYUhMSklzbk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLYMcAwQC
Xp78AwQCuSwYAwQCuV98AwQCuWjsAwQCuY+IAwQCubZ8AwQCubgAAwQCudAUAwQC
udUwMA0GCSqGSIb3DQEBCwUAA4IBAQAP0BeE5R3Vc9Pm+UWM45V3mNdBqGEHzoOM
EZjUE9hq9H82v9eTBGPet163d+Umyf4DcWsQDrqPAvLIuNGrC2CJUZ0D72BK9qOn
LkgVssOCtvF7KZbiqF67+eQKelCf0KMAv96dGrRF9RYGTlJZBpr0bz5nRhk/jEWM
+0fM2/u+CHZ2DloTkuHkKaMC3KOr0fNmTNM8KP7tEXYmI4cEYaKQqKB5zQFVKbk4
9sBeGu16Ex+BN0SKaUrCNi6f16LFP+dCl5zhHCyHbv9RoHOkF4HcELzKBaflpO+9
3MHQWSAVuDA55VATw5U8PuQcAWD3VAY0FB11Fcvx28R9LVSONqvm
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:48:08 2024 by rpki-client on console-ams.rpki-client.org