Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/b8a454-a699-4269-b676-63ae2eace298/1/tbET4Q70dHUeLSrHe6Vrzddg8aA.roa
File: tbET4Q70dHUeLSrHe6Vrzddg8aA.roa (raw, json)
Hash identifier: ndH0e+mhwIvR7jocfNmm03ui+O1b2ofWvm28B0FdXrc=
Subject key identifier: B5:B1:13:E1:0E:F4:74:75:1E:2D:2A:C7:7B:A5:6B:CD:D7:60:F1:A0
Certificate issuer: /CN=ee9887ba5f457d797afdac2c5551defb453d88f3
Certificate serial: 018D3069B985BBA96B0FC0624DF949DF86AB
Authority key identifier: EE:98:87:BA:5F:45:7D:79:7A:FD:AC:2C:55:51:DE:FB:45:3D:88:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7piHul9FfXl6_awsVVHe-0U9iPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/b8a454-a699-4269-b676-63ae2eace298/1/tbET4Q70dHUeLSrHe6Vrzddg8aA.roa
Signing time: Mon 22 Jan 2024 09:04:11 +0000
ROA not before: Mon 22 Jan 2024 09:04:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35362
IP address blocks: 5.83.16.0/21 maxlen: 21
37.17.240.0/21 maxlen: 21
62.84.248.0/21 maxlen: 21
95.158.0.0/18 maxlen: 18
146.0.80.0/21 maxlen: 21
176.113.160.0/22 maxlen: 22
176.113.168.0/21 maxlen: 21
185.11.28.0/22 maxlen: 22
2a01:b480::/32 maxlen: 32
2a07:1080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/b8a454-a699-4269-b676-63ae2eace298/1/7piHul9FfXl6_awsVVHe-0U9iPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/b8a454-a699-4269-b676-63ae2eace298/1/7piHul9FfXl6_awsVVHe-0U9iPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/7piHul9FfXl6_awsVVHe-0U9iPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:69:b9:85:bb:a9:6b:0f:c0:62:4d:f9:49:df:86:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee9887ba5f457d797afdac2c5551defb453d88f3
Validity
Not Before: Jan 22 09:04:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5b113e10ef474751e2d2ac77ba56bcdd760f1a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d6:8f:51:ec:c0:c0:ba:22:85:fc:ad:23:f7:
3c:7e:82:03:d4:0f:6d:43:0b:08:af:9c:bd:19:61:
75:3a:72:89:38:87:70:b9:1e:76:d3:9c:2b:8c:d0:
c7:f1:26:bb:05:cd:19:1c:79:0b:bf:40:dc:f4:00:
77:c3:dd:e3:08:3f:99:62:7e:f9:6c:7e:b5:79:27:
a1:c3:d2:19:be:23:ba:4c:9e:18:8b:e0:70:9a:52:
3a:58:82:b1:06:3f:b9:3c:52:f1:3f:62:f3:d8:ce:
ac:89:e5:8d:1d:9f:fc:5b:ce:9b:63:dc:75:d5:15:
4e:02:17:23:fa:34:8b:c9:21:08:d1:12:eb:56:44:
7e:b7:c6:67:a3:f9:e9:62:8f:59:e4:c5:02:9f:94:
5e:a0:d8:02:9b:74:fd:68:b5:c7:d5:4d:20:a4:71:
95:4d:c0:07:0e:fe:e8:60:26:4e:ae:a8:aa:87:8e:
57:85:0b:b9:3b:7a:1c:57:34:5d:69:c1:06:ce:fc:
3c:29:31:c5:56:6f:59:10:3f:b3:1b:88:38:4b:3f:
dd:71:5d:29:e7:90:fe:2e:61:1a:71:14:fa:a7:d9:
8e:c6:72:a5:67:dd:07:01:b8:3a:ec:fe:be:c2:ce:
b7:9f:1e:37:75:1d:1c:e9:3c:a9:f1:2e:8c:1f:53:
d8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B1:13:E1:0E:F4:74:75:1E:2D:2A:C7:7B:A5:6B:CD:D7:60:F1:A0
X509v3 Authority Key Identifier:
keyid:EE:98:87:BA:5F:45:7D:79:7A:FD:AC:2C:55:51:DE:FB:45:3D:88:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7piHul9FfXl6_awsVVHe-0U9iPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b8a454-a699-4269-b676-63ae2eace298/1/tbET4Q70dHUeLSrHe6Vrzddg8aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b8a454-a699-4269-b676-63ae2eace298/1/7piHul9FfXl6_awsVVHe-0U9iPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.16.0/21
37.17.240.0/21
62.84.248.0/21
95.158.0.0/18
146.0.80.0/21
176.113.160.0/22
176.113.168.0/21
185.11.28.0/22
IPv6:
2a01:b480::/32
2a07:1080::/29
Signature Algorithm: sha256WithRSAEncryption
3b:05:fc:7f:e1:1d:fd:c5:63:18:55:25:6b:39:75:50:ad:d8:
2a:5e:e8:65:28:eb:52:23:80:bc:b8:da:c6:4f:4b:2a:b6:57:
eb:4c:90:92:bf:e8:99:ef:04:83:78:13:8c:00:c8:5d:b6:af:
07:e4:ab:44:dd:76:01:a1:18:be:91:18:60:fa:1f:c5:0b:b7:
c4:40:a7:63:39:f0:02:19:f5:dd:8c:7e:2e:4d:dc:c6:13:55:
bd:1d:c6:34:65:76:26:a8:3a:bc:9e:22:36:a5:08:76:b7:6c:
1c:19:62:ac:48:34:25:bf:86:db:4b:a3:71:31:88:fd:c6:cb:
bd:52:0e:0e:31:d6:a3:fd:a8:47:d4:e2:9f:fc:9d:c0:91:e8:
47:46:bc:ff:45:5c:8f:97:97:81:39:8d:f8:eb:54:58:77:e0:
ce:9d:9e:8e:f1:c2:38:3e:9d:a0:67:76:3e:96:86:3d:e1:70:
4b:25:c6:ea:d0:73:05:c5:7e:a1:a9:6c:85:51:66:82:ee:e0:
4e:3a:b5:5b:d6:88:05:b5:22:69:b3:75:7f:20:f5:ae:c5:0a:
fc:91:fc:1f:4d:85:60:51:9d:bc:9a:f3:82:39:5e:62:c0:10:
04:43:9f:26:ab:8e:6e:2b:05:b7:3f:43:7e:41:8f:98:f8:a8:
e8:16:d0:85
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY0wabmFu6lrD8BiTflJ34arMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlOTg4N2JhNWY0NTdkNzk3YWZkYWMyYzU1NTFkZWZiNDUz
ZDg4ZjMwHhcNMjQwMTIyMDkwNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWIxMTNlMTBlZjQ3NDc1MWUyZDJhYzc3YmE1NmJjZGQ3NjBmMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9aPUezAwLoihfytI/c8foID1A9t
QwsIr5y9GWF1OnKJOIdwuR5205wrjNDH8Sa7Bc0ZHHkLv0Dc9AB3w93jCD+ZYn75
bH61eSehw9IZviO6TJ4Yi+BwmlI6WIKxBj+5PFLxP2Lz2M6sieWNHZ/8W86bY9x1
1RVOAhcj+jSLySEI0RLrVkR+t8Zno/npYo9Z5MUCn5ReoNgCm3T9aLXH1U0gpHGV
TcAHDv7oYCZOrqiqh45XhQu5O3ocVzRdacEGzvw8KTHFVm9ZED+zG4g4Sz/dcV0p
55D+LmEacRT6p9mOxnKlZ90HAbg67P6+ws63nx43dR0c6Typ8S6MH1PY6QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFLWxE+EO9HR1Hi0qx3ula83XYPGgMB8GA1UdIwQY
MBaAFO6Yh7pfRX15ev2sLFVR3vtFPYjzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3BpSHVsOUZmWGw2X2F3c1ZWSGUtMFU5aVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iOGE0NTQtYTY5OS00MjY5LWI2NzYt
NjNhZTJlYWNlMjk4LzEvdGJFVDRRNzBkSFVlTFNySGU2VnJ6ZGRnOGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iOGE0NTQtYTY5OS00MjY5LWI2NzYtNjNhZTJlYWNlMjk4
LzEvN3BpSHVsOUZmWGw2X2F3c1ZWSGUtMFU5aVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQDBVMQAwQD
JRHwAwQDPlT4AwQGX54AAwQDkgBQAwQCsHGgAwQDsHGoAwQCuQscMBQEAgACMA4D
BQAqAbSAAwUDKgcQgDANBgkqhkiG9w0BAQsFAAOCAQEAOwX8f+Ed/cVjGFUlazl1
UK3YKl7oZSjrUiOAvLjaxk9LKrZX60yQkr/ome8Eg3gTjADIXbavB+SrRN12AaEY
vpEYYPofxQu3xECnYznwAhn13Yx+Lk3cxhNVvR3GNGV2Jqg6vJ4iNqUIdrdsHBli
rEg0Jb+G20ujcTGI/cbLvVIODjHWo/2oR9Tin/ydwJHoR0a8/0Vcj5eXgTmN+OtU
WHfgzp2ejvHCOD6doGd2PpaGPeFwSyXG6tBzBcV+oalshVFmgu7gTjq1W9aIBbUi
abN1fyD1rsUK/JH8H02FYFGdvJrzgjleYsAQBEOfJquObisFtz9DfkGPmPio6BbQ
hQ==
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:39:11 2024 by rpki-client on console-ams.rpki-client.org