Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/1G-n2HriGdK8DVRt5tto0QlD1WE.roa
File: 1G-n2HriGdK8DVRt5tto0QlD1WE.roa (raw, json)
Hash identifier: AhgqwBGfEntxffnAqfhjJZ8RuM43VAbjnNCbM3v8xek=
Subject key identifier: D4:6F:A7:D8:7A:E2:19:D2:BC:0D:54:6D:E6:DB:68:D1:09:43:D5:61
Certificate issuer: /CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Certificate serial: 018CC348AAA08E6F246530173F9E12602816
Authority key identifier: F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/1G-n2HriGdK8DVRt5tto0QlD1WE.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12874
IP address blocks: 81.208.64.0/18 maxlen: 18
93.60.0.0/15 maxlen: 15
81.208.0.0/18 maxlen: 18
93.43.0.0/16 maxlen: 16
93.33.0.0/16 maxlen: 16
89.97.0.0/16 maxlen: 16
93.40.0.0/13 maxlen: 13
2.232.0.0/13 maxlen: 13
93.37.0.0/17 maxlen: 17
93.40.0.0/15 maxlen: 15
93.40.0.0/14 maxlen: 14
93.32.0.0/13 maxlen: 13
2.224.0.0/13 maxlen: 13
213.140.0.0/20 maxlen: 20
83.103.0.0/18 maxlen: 18
213.140.16.0/20 maxlen: 20
83.103.0.0/17 maxlen: 17
93.39.0.0/16 maxlen: 16
89.96.0.0/16 maxlen: 16
89.96.0.0/15 maxlen: 15
93.32.0.0/15 maxlen: 15
93.32.0.0/14 maxlen: 14
93.36.0.0/15 maxlen: 15
93.36.0.0/14 maxlen: 14
93.32.0.0/12 maxlen: 12
93.56.0.0/14 maxlen: 14
83.103.64.0/18 maxlen: 18
93.46.0.0/15 maxlen: 15
93.48.0.0/13 maxlen: 13
85.18.0.0/17 maxlen: 17
92.223.128.0/17 maxlen: 17
213.156.32.0/20 maxlen: 20
85.18.0.0/16 maxlen: 16
213.156.48.0/20 maxlen: 20
93.38.0.0/15 maxlen: 15
37.186.192.0/18 maxlen: 18
93.42.0.0/16 maxlen: 16
93.42.0.0/15 maxlen: 15
85.18.128.0/17 maxlen: 17
93.62.0.0/15 maxlen: 15
93.44.0.0/15 maxlen: 15
62.101.96.0/19 maxlen: 19
93.44.0.0/14 maxlen: 14
93.40.192.0/18 maxlen: 18
93.34.0.0/15 maxlen: 15
93.40.128.0/18 maxlen: 18
62.101.64.0/19 maxlen: 19
185.7.112.0/22 maxlen: 22
62.101.124.0/22 maxlen: 22
93.37.128.0/17 maxlen: 17
151.0.128.0/17 maxlen: 17
93.41.0.0/16 maxlen: 16
2001:b00::/29 maxlen: 29
2001:b00:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.mft
rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:aa:a0:8e:6f:24:65:30:17:3f:9e:12:60:28:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f071f4d119d0b74fb66e37a7ef878d449d54ddc8
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d46fa7d87ae219d2bc0d546de6db68d10943d561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e5:c6:e6:4d:15:39:6c:b1:db:23:8c:0b:af:
81:ef:5c:7d:b1:f6:f7:0b:6d:82:73:b6:f6:0a:8d:
79:f4:7e:83:83:08:a8:aa:8e:11:85:5c:7b:2a:18:
48:c7:1d:86:76:45:f9:f0:21:5b:ae:a0:4a:82:37:
2b:36:b0:da:7a:1f:86:b4:22:26:e9:9a:95:61:6d:
1c:dc:d3:63:86:a9:ad:62:d0:28:19:cf:ed:c9:48:
ef:0d:01:35:2a:5e:5e:42:2c:c7:2f:ae:de:ca:9a:
aa:2b:5f:3c:e6:2c:0e:aa:ef:c4:86:84:9b:d6:b5:
59:ae:fb:15:df:56:32:38:cf:f5:b6:a2:b4:4d:e4:
57:2e:eb:19:94:55:06:8e:b4:98:58:1a:e7:6a:06:
f5:d6:30:0d:73:3f:a7:3a:8e:48:50:ff:6d:2c:a8:
eb:30:71:69:62:cc:83:28:c9:d2:2c:0c:33:76:35:
26:62:03:c7:e3:f9:93:fa:78:fd:8e:dd:d3:94:7e:
4b:cf:89:98:e1:e7:35:5e:42:63:99:c4:de:a7:c6:
c2:52:67:9b:2f:3a:b3:33:91:9a:17:65:bb:5e:93:
eb:02:15:9c:b9:5f:a0:7a:cd:58:88:88:c2:ab:23:
23:66:94:4e:e3:9d:31:ed:d9:7c:1b:87:3a:ee:6e:
21:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6F:A7:D8:7A:E2:19:D2:BC:0D:54:6D:E6:DB:68:D1:09:43:D5:61
X509v3 Authority Key Identifier:
keyid:F0:71:F4:D1:19:D0:B7:4F:B6:6E:37:A7:EF:87:8D:44:9D:54:DD:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8HH00RnQt0-2bjen74eNRJ1U3cg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/1G-n2HriGdK8DVRt5tto0QlD1WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6a9682-201b-4e01-ba09-07474524ef9a/1/8HH00RnQt0-2bjen74eNRJ1U3cg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.224.0.0/12
37.186.192.0/18
62.101.64.0/18
81.208.0.0/17
83.103.0.0/17
85.18.0.0/16
89.96.0.0/15
92.223.128.0/17
93.32.0.0/11
151.0.128.0/17
185.7.112.0/22
213.140.0.0/19
213.156.32.0/19
IPv6:
2001:b00::/29
Signature Algorithm: sha256WithRSAEncryption
32:f8:af:9a:0f:ff:33:0f:83:e0:ce:2a:21:d9:3c:ee:b3:0e:
5f:59:74:38:3a:fb:a3:9b:79:7d:aa:68:36:c2:2f:86:53:51:
8f:ca:62:55:15:42:ef:12:ca:c5:eb:f4:38:23:c6:61:45:b7:
a4:1e:b0:3b:53:a7:46:62:ac:2d:1d:23:39:62:23:e3:31:0e:
ab:1a:33:b1:64:ac:4e:ff:98:5b:1c:15:d2:ad:d1:4a:af:78:
9d:32:55:c6:ff:50:f6:d3:55:60:f4:6e:10:4a:d7:4f:7c:c8:
90:88:6b:3d:b3:22:b3:25:59:09:c5:57:85:36:b7:0b:18:b8:
84:69:cb:46:33:fd:18:c1:50:bd:47:05:6d:33:72:c2:e0:52:
7e:98:05:45:03:13:ce:d5:0a:d9:21:48:13:d9:e6:f7:a3:98:
57:0d:95:ca:38:9d:9e:00:29:5d:47:38:8a:80:e1:c8:38:71:
4e:03:18:bd:22:d2:bb:ce:be:57:e0:0f:3f:2c:4f:13:e5:f4:
96:59:d9:d0:ce:89:60:6a:94:5a:bc:2f:8e:37:e3:8c:ed:d9:
1b:d9:7b:a8:0c:60:bc:d9:fe:3d:90:bb:af:94:89:9e:48:42:
03:0f:1a:c4:d4:4f:61:10:5c:68:5e:a4:7e:6f:ce:b4:7f:ea:
d7:22:05:cb
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYzDSKqgjm8kZTAXP54SYCgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNzFmNGQxMTlkMGI3NGZiNjZlMzdhN2VmODc4ZDQ0OWQ1
NGRkYzgwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDZmYTdkODdhZTIxOWQyYmMwZDU0NmRlNmRiNjhkMTA5NDNkNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+XG5k0VOWyx2yOMC6+B71x9sfb3
C22Cc7b2Co159H6Dgwioqo4RhVx7KhhIxx2GdkX58CFbrqBKgjcrNrDaeh+GtCIm
6ZqVYW0c3NNjhqmtYtAoGc/tyUjvDQE1Kl5eQizHL67eypqqK1885iwOqu/EhoSb
1rVZrvsV31YyOM/1tqK0TeRXLusZlFUGjrSYWBrnagb11jANcz+nOo5IUP9tLKjr
MHFpYsyDKMnSLAwzdjUmYgPH4/mT+nj9jt3TlH5Lz4mY4ec1XkJjmcTep8bCUmeb
LzqzM5GaF2W7XpPrAhWcuV+ges1YiIjCqyMjZpRO450x7dl8G4c67m4hgQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFNRvp9h64hnSvA1UbebbaNEJQ9VhMB8GA1UdIwQY
MBaAFPBx9NEZ0LdPtm43p++HjUSdVN3IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDkt
MDc0NzQ1MjRlZjlhLzEvMUctbjJIcmlHZEs4RFZSdDV0dG8wUWxEMVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82YTk2ODItMjAxYi00ZTAxLWJhMDktMDc0NzQ1MjRlZjlh
LzEvOEhIMDBSblF0MC0yYmplbjc0ZU5SSjFVM2NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwMEAuADBAYl
usADBAY+ZUADBAdR0AADBAdTZwADAwBVEgMDAVlgAwQHXN+AAwMFXSADBAeXAIAD
BAK5B3ADBAXVjAADBAXVnCAwDQQCAAIwBwMFAyABCwAwDQYJKoZIhvcNAQELBQAD
ggEBADL4r5oP/zMPg+DOKiHZPO6zDl9ZdDg6+6ObeX2qaDbCL4ZTUY/KYlUVQu8S
ysXr9DgjxmFFt6QesDtTp0ZirC0dIzliI+MxDqsaM7FkrE7/mFscFdKt0UqveJ0y
Vcb/UPbTVWD0bhBK1098yJCIaz2zIrMlWQnFV4U2twsYuIRpy0Yz/RjBUL1HBW0z
csLgUn6YBUUDE87VCtkhSBPZ5vejmFcNlco4nZ4AKV1HOIqA4cg4cU4DGL0i0rvO
vlfgDz8sTxPl9JZZ2dDOiWBqlFq8L44344zt2RvZe6gMYLzZ/j2Qu6+UiZ5IQgMP
GsTUT2EQXGhepH5vzrR/6tciBcs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:49:53 2024 by rpki-client on console-ams.rpki-client.org