Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/F60vtpgNmtjkHeHLnYFN7x0aAlQ.roa
File: F60vtpgNmtjkHeHLnYFN7x0aAlQ.roa (raw, json)
Hash identifier: Y/ilWTVSlvu99oTrlMT0LMRg/mXKKtRCWXIO7lHpCbg=
Subject key identifier: 17:AD:2F:B6:98:0D:9A:D8:E4:1D:E1:CB:9D:81:4D:EF:1D:1A:02:54
Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial: 018CC5DC0E67ACC856FCE7100DABBAF61BF3
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/F60vtpgNmtjkHeHLnYFN7x0aAlQ.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24651
IP address blocks: 188.92.16.0/24 maxlen: 32
188.92.16.0/21 maxlen: 32
82.193.64.0/19 maxlen: 32
46.23.32.0/20 maxlen: 32
89.221.122.0/23 maxlen: 23
89.221.122.0/24 maxlen: 24
89.221.123.0/24 maxlen: 24
89.221.121.0/24 maxlen: 24
89.221.124.0/23 maxlen: 24
89.221.124.0/24 maxlen: 24
89.221.125.0/24 maxlen: 24
185.31.44.0/22 maxlen: 32
89.221.126.0/23 maxlen: 24
89.221.127.0/24 maxlen: 24
109.73.96.0/20 maxlen: 32
217.195.48.0/20 maxlen: 32
85.158.72.0/21 maxlen: 24
82.193.67.0/24 maxlen: 27
82.193.83.0/24 maxlen: 32
185.141.52.0/22 maxlen: 32
83.99.167.0/24 maxlen: 24
83.99.167.0/26 maxlen: 27
77.93.0.0/19 maxlen: 32
185.75.236.0/22 maxlen: 32
83.99.128.0/17 maxlen: 32
212.142.64.0/18 maxlen: 32
89.221.112.0/20 maxlen: 24
82.193.67.0/27 maxlen: 27
2a01:4e0::/32 maxlen: 32
2a01:4e1:cc1::/64 maxlen: 64
2a04:4e00::/29 maxlen: 29
2a01:4e1:460:1::/64 maxlen: 64
2a01:4e0::/29 maxlen: 29
2a01:4e1:1745::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0e:67:ac:c8:56:fc:e7:10:0d:ab:ba:f6:1b:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17ad2fb6980d9ad8e41de1cb9d814def1d1a0254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:42:75:f0:b7:8d:2a:91:b1:70:8d:4d:93:45:
e0:13:65:39:a9:44:c2:97:a7:06:ab:87:96:e7:b2:
02:a1:23:75:7b:d1:6c:49:45:15:d1:55:26:06:e3:
f9:4d:c9:54:e4:b8:e2:41:e0:74:f4:03:d7:c6:17:
97:70:d7:f6:97:a8:dc:97:f5:0e:41:f2:16:b1:8d:
fa:fc:2d:a0:e9:db:19:18:c2:4f:b1:38:5f:89:33:
66:ca:9c:92:c7:6d:19:9c:f8:1a:9e:f1:82:f7:59:
91:af:a7:f9:b8:7c:d0:67:f0:68:b7:98:28:19:f0:
76:e5:d0:ae:e2:ba:c3:cb:a5:1e:19:3b:36:60:0b:
85:0c:d2:8f:70:1d:22:8f:3c:86:19:2e:a0:8d:96:
d9:b5:5b:36:a5:cc:36:a3:b7:83:64:88:76:59:93:
8a:61:63:f3:48:e7:99:40:4e:49:eb:7c:f8:0c:f8:
cf:81:36:62:63:a8:b7:81:df:60:5a:db:cf:d1:78:
01:63:6c:c8:f0:d4:8d:46:f8:5a:c6:70:cd:c7:3e:
74:a2:17:5d:d8:36:11:17:f5:5c:1d:16:cd:3c:a6:
e4:96:b2:2b:d4:92:08:dc:4d:b8:50:4e:43:0b:20:
b5:cb:40:e6:4c:35:c9:4e:02:53:c7:f1:11:da:69:
9f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:AD:2F:B6:98:0D:9A:D8:E4:1D:E1:CB:9D:81:4D:EF:1D:1A:02:54
X509v3 Authority Key Identifier:
keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/F60vtpgNmtjkHeHLnYFN7x0aAlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.32.0/20
77.93.0.0/19
82.193.64.0/19
83.99.128.0/17
85.158.72.0/21
89.221.112.0/20
109.73.96.0/20
185.31.44.0/22
185.75.236.0/22
185.141.52.0/22
188.92.16.0/21
212.142.64.0/18
217.195.48.0/20
IPv6:
2a01:4e0::/29
2a04:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
12:57:b3:38:8d:41:11:a5:88:54:60:1b:4b:e3:ff:6d:01:cd:
fe:4c:a3:35:44:e5:2b:9c:66:da:54:4f:a0:a1:c2:0f:07:22:
8c:f9:66:36:40:59:13:de:ea:56:11:5d:23:df:32:08:49:50:
96:2d:c4:99:0d:0a:06:1b:12:6e:f3:b2:78:63:17:24:3b:a6:
fa:99:b5:2d:20:f4:b3:1d:25:ec:df:f4:db:15:a6:8b:ca:8b:
62:ec:c2:0d:24:bf:9c:9a:f8:a9:3a:43:d9:ec:2c:c8:26:ff:
ab:97:70:97:c6:fd:f8:bd:8e:9d:89:00:f4:43:53:e0:86:b1:
cc:e9:43:cd:d2:3a:68:0f:c9:8a:be:bb:8a:e1:86:e6:56:5c:
94:d6:db:a9:50:01:a3:af:ee:e2:a2:cd:7d:d4:c4:41:f7:f0:
97:13:74:6f:25:6d:18:a6:c6:d6:da:50:af:52:19:53:ee:26:
d0:93:6b:2a:aa:1a:13:c9:e9:38:8c:46:41:99:ef:db:d4:39:
f0:2a:4b:2a:98:80:da:4a:a0:a4:b2:22:5a:94:e0:63:56:47:
66:d0:51:0a:11:14:a5:d2:e8:76:42:f9:a4:a9:d8:af:53:ab:
9d:0b:27:53:76:01:79:0d:87:64:07:07:56:7a:9d:e5:c0:a0:
17:49:82:bc
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYzF3A5nrMhW/OcQDau69hvzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz
NzQ5ZTIwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2FkMmZiNjk4MGQ5YWQ4ZTQxZGUxY2I5ZDgxNGRlZjFkMWEwMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEJ18LeNKpGxcI1Nk0XgE2U5qUTC
l6cGq4eW57ICoSN1e9FsSUUV0VUmBuP5TclU5LjiQeB09APXxheXcNf2l6jcl/UO
QfIWsY36/C2g6dsZGMJPsThfiTNmypySx20ZnPganvGC91mRr6f5uHzQZ/Bot5go
GfB25dCu4rrDy6UeGTs2YAuFDNKPcB0ijzyGGS6gjZbZtVs2pcw2o7eDZIh2WZOK
YWPzSOeZQE5J63z4DPjPgTZiY6i3gd9gWtvP0XgBY2zI8NSNRvhaxnDNxz50ohdd
2DYRF/VcHRbNPKbklrIr1JII3E24UE5DCyC1y0DmTDXJTgJTx/ER2mmfJQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFBetL7aYDZrY5B3hy52BTe8dGgJUMB8GA1UdIwQY
MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt
YzVlNmQyM2Y4YjA5LzEvRjYwdnRwZ05tdGprSGVITG5ZRk43eDBhQWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5
LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQELhcgAwQF
TV0AAwQFUsFAAwQHU2OAAwQDVZ5IAwQEWd1wAwQEbUlgAwQCuR8sAwQCuUvsAwQC
uY00AwQDvFwQAwQG1I5AAwQE2cMwMBQEAgACMA4DBQMqAQTgAwUDKgROADANBgkq
hkiG9w0BAQsFAAOCAQEAElezOI1BEaWIVGAbS+P/bQHN/kyjNUTlK5xm2lRPoKHC
DwcijPlmNkBZE97qVhFdI98yCElQli3EmQ0KBhsSbvOyeGMXJDum+pm1LSD0sx0l
7N/02xWmi8qLYuzCDSS/nJr4qTpD2ewsyCb/q5dwl8b9+L2OnYkA9ENT4IaxzOlD
zdI6aA/Jir67iuGG5lZclNbbqVABo6/u4qLNfdTEQffwlxN0byVtGKbG1tpQr1IZ
U+4m0JNrKqoaE8npOIxGQZnv29Q58CpLKpiA2kqgpLIiWpTgY1ZHZtBRChEUpdLo
dkL5pKnYr1OrnQsnU3YBeQ2HZAcHVnqd5cCgF0mCvA==
-----END CERTIFICATE-----
Generated at Fri May 10 03:09:18 2024 by rpki-client on console-ams.rpki-client.org