Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/UF9j9XzAnhGVPmDgpr257bUsu3Q.roa
File: UF9j9XzAnhGVPmDgpr257bUsu3Q.roa (raw, json)
Hash identifier: 30nN25rRl9Llz2+MSER2T8pHZptxBkax/HAAy2FBhBk=
Subject key identifier: 50:5F:63:F5:7C:C0:9E:11:95:3E:60:E0:A6:BD:B9:ED:B5:2C:BB:74
Certificate issuer: /CN=84f2ce71c6ffce87560d565ee5ccda31e01b9c15
Certificate serial: 018CC5001E3437108BBBC2AD67CECAC12B8D
Authority key identifier: 84:F2:CE:71:C6:FF:CE:87:56:0D:56:5E:E5:CC:DA:31:E0:1B:9C:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPLOccb_zodWDVZe5czaMeAbnBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/UF9j9XzAnhGVPmDgpr257bUsu3Q.roa
Signing time: Mon 01 Jan 2024 12:29:28 +0000
ROA not before: Mon 01 Jan 2024 12:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13036
IP address blocks: 194.149.96.0/19 maxlen: 19
62.141.0.0/19 maxlen: 19
195.144.96.0/19 maxlen: 19
46.13.0.0/16 maxlen: 16
37.48.0.0/18 maxlen: 18
78.80.0.0/16 maxlen: 16
91.139.0.0/17 maxlen: 17
62.209.192.0/18 maxlen: 18
194.213.32.0/19 maxlen: 19
62.77.64.0/18 maxlen: 18
194.212.0.0/16 maxlen: 16
195.47.0.0/17 maxlen: 17
194.213.192.0/19 maxlen: 19
212.47.0.0/19 maxlen: 19
213.210.128.0/18 maxlen: 18
62.168.0.0/18 maxlen: 18
195.70.128.0/19 maxlen: 19
194.108.0.0/16 maxlen: 16
195.22.32.0/19 maxlen: 19
195.39.0.0/17 maxlen: 17
62.84.128.0/19 maxlen: 19
213.29.0.0/16 maxlen: 16
212.65.192.0/18 maxlen: 18
193.86.0.0/16 maxlen: 16
193.85.0.0/16 maxlen: 16
89.24.0.0/16 maxlen: 16
193.179.0.0/16 maxlen: 16
2001:1ae8::/29 maxlen: 29
2001:af0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/hPLOccb_zodWDVZe5czaMeAbnBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/hPLOccb_zodWDVZe5czaMeAbnBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hPLOccb_zodWDVZe5czaMeAbnBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 09:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1e:34:37:10:8b:bb:c2:ad:67:ce:ca:c1:2b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f2ce71c6ffce87560d565ee5ccda31e01b9c15
Validity
Not Before: Jan 1 12:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=505f63f57cc09e11953e60e0a6bdb9edb52cbb74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f3:00:96:f9:ce:03:b1:76:3d:90:15:94:13:
78:09:05:8a:e8:12:94:21:d1:b4:80:03:56:cc:b2:
0d:a2:16:4c:ba:4b:4f:c1:32:dd:9c:c1:75:66:af:
c1:4f:2c:23:c3:7a:ec:02:3f:8c:47:d3:76:74:65:
83:7a:06:e2:cc:ae:a2:5c:40:c3:b8:ed:97:b7:cb:
28:a5:84:3a:52:65:1b:20:00:e8:86:75:84:7a:1f:
5c:0d:a0:4d:8a:a8:6e:7d:07:bc:68:69:e2:f0:8f:
83:c6:b9:b3:79:12:bd:77:8c:a2:12:61:9a:c1:b8:
3e:6f:3f:e9:26:a9:93:e5:22:9c:d0:53:4e:f0:b8:
4d:d8:7d:7a:8b:04:01:d5:07:9a:83:ff:f4:88:8f:
04:a3:45:17:a4:81:3b:74:0f:33:22:38:2f:f1:39:
56:33:2e:31:cf:d1:e9:28:6e:ac:e7:57:30:70:f2:
80:c7:2d:8e:d0:5d:46:72:55:14:09:a9:ce:04:ba:
c2:c8:90:87:60:b1:2a:90:f5:4e:f5:fe:7d:43:e7:
dc:9e:bc:6c:cd:1f:a7:25:7b:6d:b0:df:3d:d2:9c:
6d:94:16:f0:17:f7:c3:d4:2d:da:88:e4:d6:32:cc:
64:d9:a5:80:76:09:10:5a:e5:3e:dc:7f:30:69:2c:
53:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5F:63:F5:7C:C0:9E:11:95:3E:60:E0:A6:BD:B9:ED:B5:2C:BB:74
X509v3 Authority Key Identifier:
keyid:84:F2:CE:71:C6:FF:CE:87:56:0D:56:5E:E5:CC:DA:31:E0:1B:9C:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPLOccb_zodWDVZe5czaMeAbnBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/UF9j9XzAnhGVPmDgpr257bUsu3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/2ac980-2259-46fd-a428-7b98c7462a7e/1/hPLOccb_zodWDVZe5czaMeAbnBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.48.0.0/18
46.13.0.0/16
62.77.64.0/18
62.84.128.0/19
62.141.0.0/19
62.168.0.0/18
62.209.192.0/18
78.80.0.0/16
89.24.0.0/16
91.139.0.0/17
193.85.0.0-193.86.255.255
193.179.0.0/16
194.108.0.0/16
194.149.96.0/19
194.212.0.0/16
194.213.32.0/19
194.213.192.0/19
195.22.32.0/19
195.39.0.0/17
195.47.0.0/17
195.70.128.0/19
195.144.96.0/19
212.47.0.0/19
212.65.192.0/18
213.29.0.0/16
213.210.128.0/18
IPv6:
2001:af0::/32
2001:1ae8::/29
Signature Algorithm: sha256WithRSAEncryption
8a:fb:a3:3e:4c:b5:b0:ee:55:48:c5:0c:d3:32:07:8c:ab:3d:
f2:ff:81:d4:15:c8:53:f2:2f:7a:55:5e:0f:03:c6:86:e8:24:
61:d2:e7:75:0b:e2:98:91:37:61:2f:4a:f7:23:81:ad:0f:27:
12:04:70:35:85:d2:1c:03:27:0a:b9:b7:c1:7c:0b:6e:6c:7a:
91:50:5e:5a:24:eb:a5:d6:55:7a:fd:c4:ce:92:e4:84:38:eb:
0e:dc:05:1f:a6:68:71:7a:0c:50:3b:83:41:c5:80:0f:a1:c2:
9b:96:b4:8c:1d:46:77:72:75:4d:3a:b2:36:88:27:07:0e:be:
5d:36:96:b8:47:55:da:9c:a8:e9:f6:b8:90:70:be:ca:69:2f:
08:62:6e:c6:1c:50:ba:23:67:f1:6e:53:e4:65:bc:cd:39:d3:
fa:c8:8a:f9:bc:2f:27:d5:63:e5:82:4b:bc:f7:99:83:9d:60:
75:68:fd:eb:1d:49:3c:15:32:f6:32:3e:90:66:05:dd:dd:56:
1f:f1:2b:12:22:22:95:fd:2f:ec:f1:8b:cd:69:19:7b:cf:f4:
de:23:4f:c1:66:1b:9d:2e:d8:bb:44:67:3e:c9:4f:5b:9b:a7:
1f:d8:e4:b0:06:e6:c9:ff:ee:ef:36:8a:e4:05:29:43:53:1e:
20:e3:2b:df
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAYzFAB40NxCLu8KtZ87KwSuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjJjZTcxYzZmZmNlODc1NjBkNTY1ZWU1Y2NkYTMxZTAx
YjljMTUwHhcNMjQwMTAxMTIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDVmNjNmNTdjYzA5ZTExOTUzZTYwZTBhNmJkYjllZGI1MmNiYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofMAlvnOA7F2PZAVlBN4CQWK6BKU
IdG0gANWzLINohZMuktPwTLdnMF1Zq/BTywjw3rsAj+MR9N2dGWDegbizK6iXEDD
uO2Xt8sopYQ6UmUbIADohnWEeh9cDaBNiqhufQe8aGni8I+DxrmzeRK9d4yiEmGa
wbg+bz/pJqmT5SKc0FNO8LhN2H16iwQB1Qeag//0iI8Eo0UXpIE7dA8zIjgv8TlW
My4xz9HpKG6s51cwcPKAxy2O0F1GclUUCanOBLrCyJCHYLEqkPVO9f59Q+fcnrxs
zR+nJXttsN890pxtlBbwF/fD1C3aiOTWMsxk2aWAdgkQWuU+3H8waSxTPQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFFBfY/V8wJ4RlT5g4Ka9ue21LLt0MB8GA1UdIwQY
MBaAFITyznHG/86HVg1WXuXM2jHgG5wVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBMT2NjYl96b2RXRFZaZTVjemFNZUFibkJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8yYWM5ODAtMjI1OS00NmZkLWE0Mjgt
N2I5OGM3NDYyYTdlLzEvVUY5ajlYekFuaEdWUG1EZ3ByMjU3YlVzdTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8yYWM5ODAtMjI1OS00NmZkLWE0MjgtN2I5OGM3NDYyYTdl
LzEvaFBMT2NjYl96b2RXRFZaZTVjemFNZUFibkJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBogQCAAEwgZsDBAYl
MAADAwAuDQMEBj5NQAMEBT5UgAMEBT6NAAMEBj6oAAMEBj7RwAMDAE5QAwMAWRgD
BAdbiwAwCgMDAMFVAwMAwVYDAwDBswMDAMJsAwQFwpVgAwMAwtQDBAXC1SADBAXC
1cADBAXDFiADBAfDJwADBAfDLwADBAXDRoADBAXDkGADBAXULwADBAbUQcADAwDV
HQMEBtXSgDAUBAIAAjAOAwUAIAEK8AMFAyABGugwDQYJKoZIhvcNAQELBQADggEB
AIr7oz5MtbDuVUjFDNMyB4yrPfL/gdQVyFPyL3pVXg8DxoboJGHS53UL4piRN2Ev
Svcjga0PJxIEcDWF0hwDJwq5t8F8C25sepFQXlok66XWVXr9xM6S5IQ46w7cBR+m
aHF6DFA7g0HFgA+hwpuWtIwdRndydU06sjaIJwcOvl02lrhHVdqcqOn2uJBwvspp
LwhibsYcULojZ/FuU+RlvM050/rIivm8LyfVY+WCS7z3mYOdYHVo/esdSTwVMvYy
PpBmBd3dVh/xKxIiIpX9L+zxi81pGXvP9N4jT8FmG50u2LtEZz7JT1ubpx/Y5LAG
5sn/7u82iuQFKUNTHiDjK98=
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:55:08 2024 by rpki-client on console-fra.rpki-client.org