Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/bPM96phsGHiGUglJMca6ly4IoQ4.roa
File: bPM96phsGHiGUglJMca6ly4IoQ4.roa (raw, json)
Hash identifier: CHKD/Ng1IauVc2cOLJvjEvg4WSi1+jS56Fniud1GN5Y=
Subject key identifier: 6C:F3:3D:EA:98:6C:18:78:86:52:09:49:31:C6:BA:97:2E:08:A1:0E
Certificate issuer: /CN=cbd745ebfcec382df252c2f750db648f4f034abf
Certificate serial: 018CC94E23D3DCAE1013F78049256ECC348C
Authority key identifier: CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/bPM96phsGHiGUglJMca6ly4IoQ4.roa
Signing time: Tue 02 Jan 2024 08:33:10 +0000
ROA not before: Tue 02 Jan 2024 08:33:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3209
IP address blocks: 146.60.0.0/16 maxlen: 24
213.23.0.0/16 maxlen: 24
82.82.0.0/20 maxlen: 20
82.82.0.0/15 maxlen: 24
212.144.0.0/16 maxlen: 24
92.208.0.0/14 maxlen: 24
92.72.0.0/13 maxlen: 24
92.212.0.0/15 maxlen: 24
195.50.128.0/18 maxlen: 18
176.94.0.0/17 maxlen: 24
85.238.224.0/19 maxlen: 19
145.254.0.0/16 maxlen: 24
213.128.96.0/19 maxlen: 19
145.253.0.0/20 maxlen: 20
145.253.0.0/16 maxlen: 16
92.214.0.0/15 maxlen: 24
195.158.128.0/19 maxlen: 19
176.94.128.0/17 maxlen: 24
84.56.0.0/13 maxlen: 24
94.216.0.0/13 maxlen: 24
193.25.240.0/22 maxlen: 22
193.25.244.0/23 maxlen: 23
176.95.0.0/16 maxlen: 24
193.25.247.0/24 maxlen: 24
185.2.132.0/22 maxlen: 24
188.96.0.0/12 maxlen: 24
88.64.0.0/12 maxlen: 24
178.0.0.0/12 maxlen: 24
92.216.0.0/14 maxlen: 24
2a00:20::/32 maxlen: 48
2a00::/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 08:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:23:d3:dc:ae:10:13:f7:80:49:25:6e:cc:34:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd745ebfcec382df252c2f750db648f4f034abf
Validity
Not Before: Jan 2 08:33:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cf33dea986c18788652094931c6ba972e08a10e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:4c:6a:87:75:2d:24:2d:99:74:9f:22:3e:1d:
39:d6:82:f4:6d:3f:cc:16:47:b4:c7:aa:33:3d:5c:
06:29:98:73:b6:d6:3e:de:e0:c6:82:bb:b4:f4:a5:
8f:21:dd:76:31:b5:e2:2e:a8:24:cc:6f:a0:be:f1:
8b:67:b6:cd:b6:c2:f5:5b:99:8d:2d:e1:16:52:4a:
f9:f8:44:8b:92:81:78:93:69:36:47:17:a2:4f:42:
08:4a:18:71:ca:8c:46:4f:08:af:62:6c:07:9d:90:
96:3c:44:f0:5f:81:f6:de:bb:a0:c7:a6:1d:12:ce:
39:52:0f:a6:e8:94:56:b4:15:cb:85:90:d8:4c:ef:
5c:11:8d:59:eb:25:3c:5f:8c:18:49:bb:1e:00:16:
41:98:98:bb:52:2f:37:27:72:1e:4a:d6:c4:f9:12:
87:11:b0:e5:e1:d8:27:6c:53:59:6a:65:f8:a2:6e:
61:60:62:35:45:e3:30:2e:9f:1e:3a:63:bc:f5:a9:
89:d0:61:34:50:7a:e6:7e:12:7e:84:26:28:b6:94:
bb:b9:b0:57:f9:fe:00:01:0c:5c:a4:76:17:32:5e:
2f:32:05:17:05:76:00:90:af:7b:84:77:95:f6:70:
2f:f4:00:23:a1:9c:d0:1e:c9:32:a8:f0:e8:ef:ca:
60:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F3:3D:EA:98:6C:18:78:86:52:09:49:31:C6:BA:97:2E:08:A1:0E
X509v3 Authority Key Identifier:
keyid:CB:D7:45:EB:FC:EC:38:2D:F2:52:C2:F7:50:DB:64:8F:4F:03:4A:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9dF6_zsOC3yUsL3UNtkj08DSr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/bPM96phsGHiGUglJMca6ly4IoQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6b329f-f4f5-4af0-a81e-92b6796c77cc/1/y9dF6_zsOC3yUsL3UNtkj08DSr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.82.0.0/15
84.56.0.0/13
85.238.224.0/19
88.64.0.0/12
92.72.0.0/13
92.208.0.0-92.219.255.255
94.216.0.0/13
145.253.0.0-145.254.255.255
146.60.0.0/16
176.94.0.0/15
178.0.0.0/12
185.2.132.0/22
188.96.0.0/12
193.25.240.0-193.25.245.255
193.25.247.0/24
195.50.128.0/18
195.158.128.0/19
212.144.0.0/16
213.23.0.0/16
213.128.96.0/19
IPv6:
2a00::/22
Signature Algorithm: sha256WithRSAEncryption
19:5b:7a:58:17:52:fd:74:d2:ff:4f:42:61:fe:f5:bc:b2:5f:
80:55:f8:7a:e6:5a:b7:9a:d3:8e:04:6d:0e:e8:1e:8f:d1:2e:
b4:10:80:41:c9:4e:f4:8a:b9:5d:4e:22:78:d0:1f:cf:c7:95:
df:09:f8:43:7a:5f:c8:77:fe:45:bb:9f:10:ab:bd:9a:27:4c:
54:58:e9:47:d3:cc:4c:ad:91:79:60:3e:a0:cd:e8:aa:6e:5a:
65:39:05:21:1f:29:08:26:61:20:87:52:79:5a:0c:e4:fe:ed:
8a:ea:21:54:3b:42:c6:ef:f1:d5:45:af:b6:70:24:45:9c:48:
4f:d8:30:af:c8:60:51:ce:53:64:20:89:17:c6:9c:48:87:61:
80:8a:8f:91:a4:c7:2f:c3:b8:42:e0:56:f5:8b:a4:c1:78:3c:
0e:d5:e4:cd:13:4c:4f:5b:72:20:4c:da:dd:d4:dc:50:78:a1:
11:e2:1c:c9:85:e5:35:49:86:9e:f6:d8:aa:9a:84:0f:9d:1c:
85:d9:54:fa:94:c5:c6:14:8b:ae:7d:dc:e0:a3:65:77:6d:4f:
f7:e6:d6:56:13:5a:5e:8a:af:62:83:51:51:e0:c7:06:28:7b:
31:e6:2f:b7:95:da:26:a1:df:eb:64:16:fe:24:19:2a:92:10:
71:40:b7:ed
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYzJTiPT3K4QE/eASSVuzDSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDc0NWViZmNlYzM4MmRmMjUyYzJmNzUwZGI2NDhmNGYw
MzRhYmYwHhcNMjQwMTAyMDgzMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2YzM2RlYTk4NmMxODc4ODY1MjA5NDkzMWM2YmE5NzJlMDhhMTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgExqh3UtJC2ZdJ8iPh051oL0bT/M
Fke0x6ozPVwGKZhzttY+3uDGgru09KWPId12MbXiLqgkzG+gvvGLZ7bNtsL1W5mN
LeEWUkr5+ESLkoF4k2k2RxeiT0IIShhxyoxGTwivYmwHnZCWPETwX4H23rugx6Yd
Es45Ug+m6JRWtBXLhZDYTO9cEY1Z6yU8X4wYSbseABZBmJi7Ui83J3IeStbE+RKH
EbDl4dgnbFNZamX4om5hYGI1ReMwLp8eOmO89amJ0GE0UHrmfhJ+hCYotpS7ubBX
+f4AAQxcpHYXMl4vMgUXBXYAkK97hHeV9nAv9AAjoZzQHskyqPDo78pg6wIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFGzzPeqYbBh4hlIJSTHGupcuCKEOMB8GA1UdIwQY
MBaAFMvXRev87Dgt8lLC91DbZI9PA0q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUt
OTJiNjc5NmM3N2NjLzEvYlBNOTZwaHNHSGlHVWdsSk1jYTZseTRJb1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YjMyOWYtZjRmNS00YWYwLWE4MWUtOTJiNjc5NmM3N2Nj
LzEveTlkRjZfenNPQzN5VXNMM1VOdGtqMDhEU3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBiAQCAAEwgYEDAwFS
UgMDA1Q4AwQFVe7gAwMEWEADAwNcSDAKAwMEXNADAwJc2AMDA17YMAoDAwCR/QMD
AJH+AwMAkjwDAwGwXgMDBLIAAwQCuQKEAwMEvGAwDAMEBMEZ8AMEAcEZ9AMEAMEZ
9wMEBsMygAMEBcOegAMDANSQAwMA1RcDBAXVgGAwDAQCAAIwBgMEAioAADANBgkq
hkiG9w0BAQsFAAOCAQEAGVt6WBdS/XTS/09CYf71vLJfgFX4euZat5rTjgRtDuge
j9EutBCAQclO9Iq5XU4ieNAfz8eV3wn4Q3pfyHf+RbufEKu9midMVFjpR9PMTK2R
eWA+oM3oqm5aZTkFIR8pCCZhIIdSeVoM5P7tiuohVDtCxu/x1UWvtnAkRZxIT9gw
r8hgUc5TZCCJF8acSIdhgIqPkaTHL8O4QuBW9YukwXg8DtXkzRNMT1tyIEza3dTc
UHihEeIcyYXlNUmGnvbYqpqED50chdlU+pTFxhSLrn3c4KNld21P9+bWVhNaXoqv
YoNRUeDHBih7MeYvt5XaJqHf62QW/iQZKpIQcUC37Q==
-----END CERTIFICATE-----
Generated at Mon May 13 16:29:58 2024 by rpki-client on console-fra.rpki-client.org