Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/lnCtGDYfEJqnybFxas5kUGF-zZ4.roa
File: lnCtGDYfEJqnybFxas5kUGF-zZ4.roa (raw, json)
Hash identifier: 6QOu+5OuHMaVJSMqb4DFXmGaBNyHib5iZVDKawpjwg4=
Subject key identifier: 96:70:AD:18:36:1F:10:9A:A7:C9:B1:71:6A:CE:64:50:61:7E:CD:9E
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 018CC801F011E56A43AC50AE4DEAE09DC12D
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/lnCtGDYfEJqnybFxas5kUGF-zZ4.roa
Signing time: Tue 02 Jan 2024 02:30:19 +0000
ROA not before: Tue 02 Jan 2024 02:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6696
IP address blocks: 94.139.39.0/24 maxlen: 24
109.69.217.16/28 maxlen: 28
62.112.29.0/24 maxlen: 24
62.112.31.0/24 maxlen: 24
46.18.36.0/22 maxlen: 24
46.18.34.0/23 maxlen: 24
46.18.33.0/24 maxlen: 24
5.149.136.0/23 maxlen: 23
5.149.138.0/24 maxlen: 24
5.149.140.0/23 maxlen: 23
5.149.142.0/24 maxlen: 24
86.107.124.0/23 maxlen: 23
86.107.120.0/22 maxlen: 22
87.238.225.0/24 maxlen: 24
86.107.126.0/24 maxlen: 24
87.238.228.0/22 maxlen: 24
185.64.64.0/22 maxlen: 24
85.119.216.0/21 maxlen: 24
109.69.221.192/28 maxlen: 28
185.185.229.0/24 maxlen: 24
185.185.228.0/24 maxlen: 24
109.69.216.0/23 maxlen: 24
109.69.219.0/24 maxlen: 24
109.69.220.0/23 maxlen: 23
109.69.220.0/24 maxlen: 24
109.69.222.0/24 maxlen: 24
109.69.221.0/24 maxlen: 24
37.19.8.0/21 maxlen: 24
85.88.34.0/24 maxlen: 24
2a00:1528::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:f0:11:e5:6a:43:ac:50:ae:4d:ea:e0:9d:c1:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 2 02:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9670ad18361f109aa7c9b1716ace6450617ecd9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:40:cc:52:28:a3:82:3c:95:f5:e6:c7:30:49:
81:e7:60:2d:ff:d5:25:c0:8c:3a:b3:2d:10:91:75:
e2:4b:ed:85:1e:ce:4f:4f:af:11:38:65:13:1e:13:
26:b8:12:01:a1:7e:b7:45:42:ae:70:80:70:0b:82:
67:7a:7b:86:1b:0e:6f:b9:9e:7b:1f:af:53:bb:29:
84:02:ab:93:29:32:e1:57:e0:66:5e:9d:78:0f:5d:
30:00:fa:af:bd:46:03:d2:eb:53:34:d4:30:9e:4b:
c4:63:66:f5:db:ad:6f:2c:df:98:74:b1:ba:01:ad:
3a:d7:10:84:1b:ff:49:a6:a2:95:64:6d:56:c8:3e:
b7:03:5a:7a:3c:5a:06:48:b5:de:b5:a0:81:17:2a:
a1:20:4f:c1:5c:db:d8:71:41:3b:65:91:fb:14:3f:
fa:2c:80:a5:31:0e:f5:ef:b2:00:5b:4f:2a:cb:0a:
25:fb:6b:87:53:23:09:ef:69:14:81:b7:7c:c7:c5:
7a:3f:b9:69:08:8f:da:63:c3:f0:50:97:84:d5:22:
d1:64:7d:45:a2:d1:09:ec:a8:4a:53:ad:b5:34:85:
c4:54:07:9f:e5:a1:eb:e1:35:5a:e4:b9:24:fb:9f:
e9:09:47:45:3d:2c:96:7b:1a:c5:b1:97:ff:1b:3b:
c5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:70:AD:18:36:1F:10:9A:A7:C9:B1:71:6A:CE:64:50:61:7E:CD:9E
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/lnCtGDYfEJqnybFxas5kUGF-zZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.136.0-5.149.138.255
5.149.140.0-5.149.142.255
37.19.8.0/21
46.18.33.0-46.18.39.255
62.112.29.0/24
62.112.31.0/24
85.88.34.0/24
85.119.216.0/21
86.107.120.0-86.107.126.255
87.238.225.0/24
87.238.228.0/22
94.139.39.0/24
109.69.216.0/23
109.69.219.0-109.69.222.255
185.64.64.0/22
185.185.228.0/23
IPv6:
2a00:1528::/32
Signature Algorithm: sha256WithRSAEncryption
34:61:48:6c:f5:c2:79:e5:e6:10:a3:40:37:0e:2a:b6:66:15:
21:0f:84:25:d3:f0:c7:1b:97:86:f4:db:93:b8:72:c8:20:6b:
40:d8:ea:2b:ba:ee:61:1b:8f:92:dc:2b:83:f1:ac:77:e9:ab:
34:3f:01:18:bb:ed:9b:11:13:7e:62:53:03:91:00:b6:bd:b3:
d9:e7:a0:3d:82:be:ea:de:68:83:24:f9:29:2e:1f:fd:aa:8a:
e0:dc:7d:18:47:ec:8e:09:02:a4:28:eb:d2:db:cb:0b:7e:34:
ae:b4:ac:de:da:fb:26:f4:12:7c:70:11:50:09:de:62:74:d7:
0b:7d:f7:91:07:b3:80:e8:ce:a9:ed:38:e0:07:72:94:f5:58:
47:f6:ce:6b:68:4f:1b:5a:65:de:d7:e7:35:d0:0c:5c:d2:86:
2c:20:11:71:b1:c6:25:24:50:13:b4:63:d6:04:7c:fc:45:b4:
04:85:8c:d2:04:18:db:34:61:ea:16:78:5f:b8:b2:c0:96:6a:
ff:6a:0f:84:7e:08:49:f1:04:85:92:86:09:0f:25:75:57:8b:
7a:28:a2:8c:65:e8:bd:82:38:6a:9e:6f:6b:33:55:dc:c6:10:
40:34:16:63:d7:59:7a:b7:ed:3c:6b:4b:f0:8c:1f:98:5f:d5:
e7:9b:ad:e0
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzIAfAR5WpDrFCuTergncEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjQwMTAyMDIzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjcwYWQxODM2MWYxMDlhYTdjOWIxNzE2YWNlNjQ1MDYxN2VjZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0DMUiijgjyV9ebHMEmB52At/9Ul
wIw6sy0QkXXiS+2FHs5PT68ROGUTHhMmuBIBoX63RUKucIBwC4JnenuGGw5vuZ57
H69TuymEAquTKTLhV+BmXp14D10wAPqvvUYD0utTNNQwnkvEY2b1261vLN+YdLG6
Aa061xCEG/9JpqKVZG1WyD63A1p6PFoGSLXetaCBFyqhIE/BXNvYcUE7ZZH7FD/6
LIClMQ7177IAW08qywol+2uHUyMJ72kUgbd8x8V6P7lpCI/aY8PwUJeE1SLRZH1F
otEJ7KhKU621NIXEVAef5aHr4TVa5Lkk+5/pCUdFPSyWexrFsZf/GzvFkwIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFJZwrRg2HxCap8mxcWrOZFBhfs2eMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvbG5DdEdEWWZFSnFueWJGeGFzNWtVR0Ytelo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBjwQCAAEwgYgwDAME
AwWViAMEAAWVijAMAwQCBZWMAwQABZWOAwQDJRMIMAwDBAAuEiEDBAMuEiADBAA+
cB0DBAA+cB8DBABVWCIDBANVd9gwDAMEA1ZreAMEAFZrfgMEAFfu4QMEAlfu5AME
AF6LJwMEAW1F2DAMAwQAbUXbAwQAbUXeAwQCuUBAAwQBubnkMA0EAgACMAcDBQAq
ABUoMA0GCSqGSIb3DQEBCwUAA4IBAQA0YUhs9cJ55eYQo0A3Diq2ZhUhD4Ql0/DH
G5eG9NuTuHLIIGtA2Ooruu5hG4+S3CuD8ax36as0PwEYu+2bERN+YlMDkQC2vbPZ
56A9gr7q3miDJPkpLh/9qorg3H0YR+yOCQKkKOvS28sLfjSutKze2vsm9BJ8cBFQ
Cd5idNcLffeRB7OA6M6p7TjgB3KU9VhH9s5raE8bWmXe1+c10Axc0oYsIBFxscYl
JFATtGPWBHz8RbQEhYzSBBjbNGHqFnhfuLLAlmr/ag+EfghJ8QSFkoYJDyV1V4t6
KKKMZei9gjhqnm9rM1XcxhBANBZj11l6t+08a0vwjB+YX9Xnm63g
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:05:48 2024 by rpki-client on console-fra.rpki-client.org