Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/RvpKbI8x-yYCjPQZqpyJsK8t3Co.roa
File: RvpKbI8x-yYCjPQZqpyJsK8t3Co.roa (raw, json)
Hash identifier: xh3+pFsXpbnNCnvxohTy0aSmb2flguzy3/jSq4CXgAw=
Subject key identifier: 46:FA:4A:6C:8F:31:FB:26:02:8C:F4:19:AA:9C:89:B0:AF:2D:DC:2A
Certificate issuer: /CN=8d842656177b4267ab55e4ba165a5ec00f5084bc
Certificate serial: 018CC5012C11D166A7EEC8032765FB7B83F5
Authority key identifier: 8D:84:26:56:17:7B:42:67:AB:55:E4:BA:16:5A:5E:C0:0F:50:84:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYQmVhd7QmerVeS6FlpewA9QhLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/RvpKbI8x-yYCjPQZqpyJsK8t3Co.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39156
IP address blocks: 80.76.225.0/24 maxlen: 24
80.76.226.0/24 maxlen: 24
80.76.224.0/20 maxlen: 20
80.76.230.0/24 maxlen: 24
80.76.231.0/24 maxlen: 24
80.76.232.0/24 maxlen: 24
80.76.233.0/24 maxlen: 24
80.76.227.0/24 maxlen: 24
80.76.228.0/24 maxlen: 24
80.76.229.0/24 maxlen: 24
80.76.237.0/24 maxlen: 24
80.76.238.0/24 maxlen: 24
80.76.239.0/24 maxlen: 24
80.76.234.0/24 maxlen: 24
80.76.235.0/24 maxlen: 24
80.76.236.0/24 maxlen: 24
109.235.208.0/21 maxlen: 21
109.235.211.0/24 maxlen: 24
2a03:5200:1::/48 maxlen: 48
2a03:5200:2::/48 maxlen: 48
2a03:5200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/jYQmVhd7QmerVeS6FlpewA9QhLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/jYQmVhd7QmerVeS6FlpewA9QhLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/jYQmVhd7QmerVeS6FlpewA9QhLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2c:11:d1:66:a7:ee:c8:03:27:65:fb:7b:83:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d842656177b4267ab55e4ba165a5ec00f5084bc
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46fa4a6c8f31fb26028cf419aa9c89b0af2ddc2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fc:e7:20:3b:36:1d:fc:fd:b0:65:32:29:74:
96:c2:42:87:21:ce:08:ee:49:af:93:74:5d:0f:cb:
dc:95:5a:6d:3b:5b:0c:22:eb:a5:a8:9d:61:75:01:
fd:c8:b8:51:ce:fe:49:62:92:fa:2e:50:1c:55:48:
b6:36:fd:45:8e:b4:5c:d6:45:40:5a:6c:9c:1d:77:
3e:6c:b8:55:6f:88:f1:cb:5c:bb:98:a0:df:1b:0a:
56:8e:65:2a:66:4a:cc:47:e7:99:5e:6d:46:8c:da:
df:fa:22:96:a3:a1:6d:57:43:c0:93:21:02:f5:55:
7a:02:33:35:fc:99:6b:d5:2f:68:d5:49:01:71:2a:
e7:d8:43:ca:bd:e4:e1:3b:3f:1e:08:07:46:28:0e:
ce:fa:36:39:f1:73:e7:be:c7:52:ac:12:39:9b:57:
d9:0f:7c:c2:5e:a1:88:b6:83:69:12:5a:4f:7e:36:
1b:c7:19:20:2d:82:c8:f5:b0:08:e2:ac:b5:d8:98:
89:a3:ef:f2:a4:68:61:c7:95:40:14:53:1d:3a:c8:
10:dc:cf:af:97:40:cd:41:e4:28:a4:5b:34:fa:a7:
69:b1:9a:02:78:9d:d1:f6:3c:db:98:bf:a2:c4:fb:
e5:7e:65:6a:d8:0f:9d:de:2f:ed:ef:e9:1a:f7:c0:
5a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:FA:4A:6C:8F:31:FB:26:02:8C:F4:19:AA:9C:89:B0:AF:2D:DC:2A
X509v3 Authority Key Identifier:
keyid:8D:84:26:56:17:7B:42:67:AB:55:E4:BA:16:5A:5E:C0:0F:50:84:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYQmVhd7QmerVeS6FlpewA9QhLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/RvpKbI8x-yYCjPQZqpyJsK8t3Co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/9360ec-9cd1-4c00-8668-94c2f8269e9c/1/jYQmVhd7QmerVeS6FlpewA9QhLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.224.0/20
109.235.208.0/21
IPv6:
2a03:5200::-2a03:5200:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7f:9b:50:52:3d:f3:d4:14:84:de:f5:dc:38:fe:1e:72:4a:f1:
29:76:c6:04:a0:d7:7c:79:33:c2:34:99:47:c9:57:4c:90:ad:
e3:70:c0:cb:99:b4:00:4d:82:79:44:32:bf:27:63:cd:90:90:
1f:98:24:bb:16:dc:9b:72:44:fa:4a:a3:5f:82:2c:91:89:57:
4f:75:0b:e0:f0:90:cf:7a:83:74:73:2f:9b:42:a3:f1:a1:36:
89:e0:23:43:14:21:4c:e8:de:f0:da:da:17:f8:15:81:64:6f:
36:48:70:59:05:f3:02:33:b4:88:2e:87:48:71:17:e0:d0:99:
8e:b8:39:11:0c:97:84:d3:a9:c4:76:53:ee:91:54:a8:5a:21:
17:04:d7:12:4a:90:17:df:92:c4:33:02:97:5d:9f:e2:fa:e8:
c2:08:8a:fe:56:c7:c2:8b:e9:39:06:ef:3f:0e:0a:58:8c:49:
61:2a:6b:5f:7c:3b:f4:08:96:57:2e:95:50:18:b6:9a:5f:6a:
a1:2b:b5:45:71:be:28:d4:35:84:5f:c5:12:8f:ad:e7:76:af:
10:0c:3d:e4:d2:d0:1a:76:ae:5b:fe:3e:31:87:ec:5d:94:12:
08:57:05:c8:b7:d4:65:7a:d6:5f:52:04:b6:98:12:86:a1:d3:
4d:05:b6:b8
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzFASwR0Wan7sgDJ2X7e4P1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQyNjU2MTc3YjQyNjdhYjU1ZTRiYTE2NWE1ZWMwMGY1
MDg0YmMwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmZhNGE2YzhmMzFmYjI2MDI4Y2Y0MTlhYTljODliMGFmMmRkYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivznIDs2Hfz9sGUyKXSWwkKHIc4I
7kmvk3RdD8vclVptO1sMIuulqJ1hdQH9yLhRzv5JYpL6LlAcVUi2Nv1FjrRc1kVA
WmycHXc+bLhVb4jxy1y7mKDfGwpWjmUqZkrMR+eZXm1GjNrf+iKWo6FtV0PAkyEC
9VV6AjM1/Jlr1S9o1UkBcSrn2EPKveThOz8eCAdGKA7O+jY58XPnvsdSrBI5m1fZ
D3zCXqGItoNpElpPfjYbxxkgLYLI9bAI4qy12JiJo+/ypGhhx5VAFFMdOsgQ3M+v
l0DNQeQopFs0+qdpsZoCeJ3R9jzbmL+ixPvlfmVq2A+d3i/t7+ka98BarQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFEb6SmyPMfsmAoz0GaqcibCvLdwqMB8GA1UdIwQY
MBaAFI2EJlYXe0Jnq1XkuhZaXsAPUIS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallRbVZoZDdRbWVyVmVTNkZscGV3QTlRaEx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS85MzYwZWMtOWNkMS00YzAwLTg2Njgt
OTRjMmY4MjY5ZTljLzEvUnZwS2JJOHgteVlDalBRWnFweUpzSzh0M0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS85MzYwZWMtOWNkMS00YzAwLTg2NjgtOTRjMmY4MjY5ZTlj
LzEvallRbVZoZDdRbWVyVmVTNkZscGV3QTlRaEx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQEUEzgAwQD
bevQMBcEAgACMBEwDwMEASoDUgMHACoDUgAAAjANBgkqhkiG9w0BAQsFAAOCAQEA
f5tQUj3z1BSE3vXcOP4eckrxKXbGBKDXfHkzwjSZR8lXTJCt43DAy5m0AE2CeUQy
vydjzZCQH5gkuxbcm3JE+kqjX4IskYlXT3UL4PCQz3qDdHMvm0Kj8aE2ieAjQxQh
TOje8NraF/gVgWRvNkhwWQXzAjO0iC6HSHEX4NCZjrg5EQyXhNOpxHZT7pFUqFoh
FwTXEkqQF9+SxDMCl12f4vrowgiK/lbHwovpOQbvPw4KWIxJYSprX3w79AiWVy6V
UBi2ml9qoSu1RXG+KNQ1hF/FEo+t53avEAw95NLQGnauW/4+MYfsXZQSCFcFyLfU
ZXrWX1IEtpgShqHTTQW2uA==
-----END CERTIFICATE-----
Generated at Tue Jul 2 22:02:57 2024 by rpki-client on console-fra.rpki-client.org