Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/0TtBUb8fAjpTR00xfwE2DLSL7eM.roa
File: 0TtBUb8fAjpTR00xfwE2DLSL7eM.roa (raw, json)
Hash identifier: oTEx/1SMgd8cV5v+L+E3c5aNKeW4iJwi4bwmw4n2DCs=
Subject key identifier: D1:3B:41:51:BF:1F:02:3A:53:47:4D:31:7F:01:36:0C:B4:8B:ED:E3
Certificate issuer: /CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Certificate serial: 018E0D9DAEB86A109960E6450FABE3CEA509
Authority key identifier: 53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/0TtBUb8fAjpTR00xfwE2DLSL7eM.roa
Signing time: Tue 05 Mar 2024 07:57:01 +0000
ROA not before: Tue 05 Mar 2024 07:57:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 46.16.192.0/21 maxlen: 24
85.118.192.0/21 maxlen: 24
87.120.72.0/24 maxlen: 24
87.120.73.0/24 maxlen: 24
87.120.74.0/24 maxlen: 24
87.120.75.0/24 maxlen: 24
87.120.76.0/24 maxlen: 24
87.120.77.0/24 maxlen: 24
87.120.78.0/24 maxlen: 24
87.120.79.0/24 maxlen: 24
91.92.8.0/24 maxlen: 24
91.92.9.0/24 maxlen: 24
91.92.10.0/24 maxlen: 24
91.92.11.0/24 maxlen: 24
91.92.12.0/24 maxlen: 24
91.92.13.0/24 maxlen: 24
91.92.14.0/24 maxlen: 24
91.92.15.0/24 maxlen: 24
93.123.88.0/24 maxlen: 24
93.123.89.0/24 maxlen: 24
93.123.90.0/24 maxlen: 24
93.123.91.0/24 maxlen: 24
93.123.92.0/24 maxlen: 24
93.123.93.0/24 maxlen: 24
93.123.94.0/24 maxlen: 24
93.123.95.0/24 maxlen: 24
94.156.136.0/24 maxlen: 24
94.156.137.0/24 maxlen: 24
94.156.138.0/24 maxlen: 24
94.156.139.0/24 maxlen: 24
94.156.140.0/24 maxlen: 24
94.156.141.0/24 maxlen: 24
94.156.142.0/24 maxlen: 24
94.156.143.0/24 maxlen: 24
149.62.192.0/18 maxlen: 24
185.201.36.0/22 maxlen: 24
193.104.79.0/24 maxlen: 24
193.193.171.0/24 maxlen: 24
193.193.182.0/24 maxlen: 24
193.194.147.0/24 maxlen: 24
193.194.155.0/24 maxlen: 24
194.147.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.mft
rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 12:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:9d:ae:b8:6a:10:99:60:e6:45:0f:ab:e3:ce:a5:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Validity
Not Before: Mar 5 07:57:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d13b4151bf1f023a53474d317f01360cb48bede3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bc:56:f6:b8:9f:23:41:f7:94:6c:b0:6a:26:
34:c9:15:0d:8d:93:ce:9b:84:7a:ef:c1:97:ed:98:
eb:c7:e3:d2:5a:99:8d:a4:75:4a:51:7c:10:0b:25:
cb:14:4d:5d:87:c1:2d:fa:09:44:b5:a4:d2:cd:b9:
f2:fa:35:88:5e:34:c1:36:fc:94:78:f9:0f:99:9c:
8a:d0:65:18:ec:60:65:a3:5b:eb:0a:4f:28:f6:4b:
2e:c7:8b:98:78:9c:42:34:d4:35:3b:28:79:3c:90:
00:1c:c1:8e:c2:90:0d:e1:dc:ae:6c:7f:4c:3d:a1:
7b:f8:c3:f5:43:4a:38:db:52:d5:45:93:54:3d:ff:
bc:12:33:32:7e:1a:79:d2:40:69:89:cc:fb:25:1b:
2f:d9:bb:4f:34:07:37:0f:b8:3a:29:0f:59:47:36:
32:3a:1a:57:6e:4b:18:61:ca:f5:b5:d5:4d:ce:d5:
04:d4:47:ce:cb:61:23:a9:a2:59:7b:1c:02:e7:16:
cc:95:71:5b:8c:59:09:07:49:9f:86:22:22:11:77:
40:61:db:ba:16:b8:fa:db:6e:af:e3:c5:aa:a1:a6:
59:6f:43:43:29:9b:f1:05:12:6e:e0:87:10:7f:d1:
69:ae:1f:0e:77:a8:55:98:f6:1d:a3:0e:82:61:7a:
f3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3B:41:51:BF:1F:02:3A:53:47:4D:31:7F:01:36:0C:B4:8B:ED:E3
X509v3 Authority Key Identifier:
keyid:53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/0TtBUb8fAjpTR00xfwE2DLSL7eM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.192.0/21
85.118.192.0/21
87.120.72.0/21
91.92.8.0/21
93.123.88.0/21
94.156.136.0/21
149.62.192.0/18
185.201.36.0/22
193.104.79.0/24
193.193.171.0/24
193.193.182.0/24
193.194.147.0/24
193.194.155.0/24
194.147.223.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:15:df:2f:7b:59:12:8f:2a:6d:99:b2:e0:d3:26:bc:f7:a4:
0c:a9:9f:06:fb:64:c2:74:14:8d:69:76:2f:67:ee:7e:12:69:
c2:93:b9:3b:9a:bd:7c:2e:65:c7:1c:d7:ac:7a:bb:fd:fa:2b:
40:b9:a4:c7:44:64:f0:49:77:4e:13:5c:62:0d:56:c8:cc:d9:
2e:32:3c:38:82:39:79:b3:36:e1:76:8a:56:5f:dd:bd:1d:f2:
a3:ea:1b:d5:78:7d:fb:f5:35:be:71:23:b1:a4:65:0f:2d:e3:
b1:38:e3:03:91:4a:c1:b5:c1:e0:33:06:61:a1:49:5e:52:a7:
19:73:e7:9e:de:41:56:69:6f:1e:1c:84:d2:11:59:46:ed:41:
d1:f7:b7:a1:77:87:23:eb:8e:64:35:d2:da:52:39:47:ea:ea:
21:4b:d5:f7:8c:9b:2a:0e:47:c3:92:5e:61:14:34:7a:bf:14:
89:70:9a:01:ce:e0:ea:be:ca:f2:8b:f0:d4:47:4f:89:3e:80:
90:53:a0:0f:f3:66:d5:f9:15:b3:b1:be:0d:9f:5b:61:eb:ce:
84:38:c4:25:5e:98:db:a5:9b:e2:6e:c3:af:b9:35:e1:f8:69:
b9:af:bc:57:6c:88:9c:76:36:14:59:96:58:b8:d8:33:1d:e2:
04:56:5c:4e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY4Nna64ahCZYOZFD6vjzqUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzZhMTA2Y2VjZGViYTkyZTBiODBlNWU5YTVjNzg5YmE3
NGM2MmIwHhcNMjQwMzA1MDc1NzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTNiNDE1MWJmMWYwMjNhNTM0NzRkMzE3ZjAxMzYwY2I0OGJlZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrxW9rifI0H3lGywaiY0yRUNjZPO
m4R678GX7Zjrx+PSWpmNpHVKUXwQCyXLFE1dh8Et+glEtaTSzbny+jWIXjTBNvyU
ePkPmZyK0GUY7GBlo1vrCk8o9ksux4uYeJxCNNQ1Oyh5PJAAHMGOwpAN4dyubH9M
PaF7+MP1Q0o421LVRZNUPf+8EjMyfhp50kBpicz7JRsv2btPNAc3D7g6KQ9ZRzYy
OhpXbksYYcr1tdVNztUE1EfOy2EjqaJZexwC5xbMlXFbjFkJB0mfhiIiEXdAYdu6
Frj6226v48WqoaZZb0NDKZvxBRJu4IcQf9Fprh8Od6hVmPYdow6CYXrzQQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNE7QVG/HwI6U0dNMX8BNgy0i+3jMB8GA1UdIwQY
MBaAFFM2oQbOzeupLguA5emlx4m6dMYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAt
ZGQ4MDNjNWI4NWRiLzEvMFR0QlViOGZBanBUUjAweGZ3RTJETFNMN2VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAtZGQ4MDNjNWI4NWRi
LzEvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQDLhDAAwQD
VXbAAwQDV3hIAwQDW1wIAwQDXXtYAwQDXpyIAwQGlT7AAwQCuckkAwQAwWhPAwQA
wcGrAwQAwcG2AwQAwcKTAwQAwcKbAwQAwpPfMA0GCSqGSIb3DQEBCwUAA4IBAQDK
Fd8ve1kSjyptmbLg0ya896QMqZ8G+2TCdBSNaXYvZ+5+EmnCk7k7mr18LmXHHNes
erv9+itAuaTHRGTwSXdOE1xiDVbIzNkuMjw4gjl5szbhdopWX929HfKj6hvVeH37
9TW+cSOxpGUPLeOxOOMDkUrBtcHgMwZhoUleUqcZc+ee3kFWaW8eHITSEVlG7UHR
97ehd4cj645kNdLaUjlH6uohS9X3jJsqDkfDkl5hFDR6vxSJcJoBzuDqvsryi/DU
R0+JPoCQU6AP82bV+RWzsb4Nn1th686EOMQlXpjbpZvibsOvuTXh+Gm5r7xXbIic
djYUWZZYuNgzHeIEVlxO
-----END CERTIFICATE-----
Generated at Wed May 15 18:15:31 2024 by rpki-client on console-fra.rpki-client.org