Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a59390-8048-43b9-82b5-761dab389b5b/1/EcbORekMpmXDvf9gey6vKYyOLpg.roa
File: EcbORekMpmXDvf9gey6vKYyOLpg.roa (raw, json)
Hash identifier: 3azkn8umqkGedM9r/zoIDibZaDI8oWDV3Gr7yMpq/8Q=
Subject key identifier: 11:C6:CE:45:E9:0C:A6:65:C3:BD:FF:60:7B:2E:AF:29:8C:8E:2E:98
Certificate issuer: /CN=87107e3fd9b94b4b36e6a8f370e8650a7f57e6c3
Certificate serial: 018CC9BCEB34811CBA3CD86906B8F8D77235
Authority key identifier: 87:10:7E:3F:D9:B9:4B:4B:36:E6:A8:F3:70:E8:65:0A:7F:57:E6:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hxB-P9m5S0s25qjzcOhlCn9X5sM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a59390-8048-43b9-82b5-761dab389b5b/1/EcbORekMpmXDvf9gey6vKYyOLpg.roa
Signing time: Tue 02 Jan 2024 10:34:10 +0000
ROA not before: Tue 02 Jan 2024 10:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29124
IP address blocks: 185.55.0.0/22 maxlen: 24
46.39.224.0/19 maxlen: 24
185.60.44.0/22 maxlen: 24
134.0.96.0/20 maxlen: 24
62.182.72.0/21 maxlen: 24
84.51.96.0/19 maxlen: 24
109.225.192.0/18 maxlen: 24
91.123.16.0/20 maxlen: 24
195.234.56.0/24 maxlen: 24
213.193.0.0/19 maxlen: 24
188.68.96.0/19 maxlen: 24
82.199.96.0/19 maxlen: 24
176.97.128.0/21 maxlen: 24
95.143.208.0/20 maxlen: 24
84.51.64.0/19 maxlen: 24
46.31.24.0/21 maxlen: 24
81.200.0.0/19 maxlen: 24
109.229.128.0/19 maxlen: 24
79.172.64.0/18 maxlen: 24
91.189.240.0/21 maxlen: 24
91.207.170.0/23 maxlen: 24
90.155.128.0/17 maxlen: 24
94.102.112.0/20 maxlen: 24
2a02:2620::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/a59390-8048-43b9-82b5-761dab389b5b/1/hxB-P9m5S0s25qjzcOhlCn9X5sM.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/a59390-8048-43b9-82b5-761dab389b5b/1/hxB-P9m5S0s25qjzcOhlCn9X5sM.mft
rsync://rpki.ripe.net/repository/DEFAULT/hxB-P9m5S0s25qjzcOhlCn9X5sM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:eb:34:81:1c:ba:3c:d8:69:06:b8:f8:d7:72:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87107e3fd9b94b4b36e6a8f370e8650a7f57e6c3
Validity
Not Before: Jan 2 10:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11c6ce45e90ca665c3bdff607b2eaf298c8e2e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a4:7e:89:d7:c2:de:61:2c:2a:00:95:5d:6b:
61:1f:94:f6:48:7d:61:2b:7a:e6:0f:a9:e8:b1:c8:
bd:20:76:47:e6:d9:55:2b:d2:04:f4:c7:82:f2:f1:
26:e1:21:a2:11:57:8a:0c:7c:90:4b:fc:d7:bf:d1:
37:58:cd:98:fa:73:6a:2c:d0:f9:34:5f:23:d7:23:
15:46:ea:f1:d0:e9:54:6c:59:29:df:48:55:b3:1d:
1f:c5:b8:7c:74:ab:e5:60:16:12:bf:88:03:b6:4b:
16:b7:bb:a2:53:64:57:76:2f:ec:59:fd:16:51:ee:
a4:c1:fd:54:92:ae:a5:6c:aa:55:66:1a:c1:d6:f9:
0c:29:04:e5:e9:e8:07:a9:75:ad:f6:88:b9:7f:03:
85:7b:b7:a8:6a:0d:3e:c7:74:61:a0:4b:59:43:f9:
9a:9d:7e:6b:99:a1:42:e6:63:7b:83:49:9b:8e:ab:
e3:ef:c1:1c:4b:ef:d3:40:61:b9:cb:8d:8a:e5:2a:
1b:54:0d:e1:d4:f3:bf:d8:09:41:24:dc:69:d4:13:
01:da:03:e7:21:16:23:53:6a:c4:70:c0:2c:fe:4b:
b5:20:97:e5:63:23:15:f6:4c:d2:fe:8e:f7:64:2c:
95:17:3a:b0:37:b0:11:f1:59:6e:07:a7:6a:b3:c7:
35:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C6:CE:45:E9:0C:A6:65:C3:BD:FF:60:7B:2E:AF:29:8C:8E:2E:98
X509v3 Authority Key Identifier:
keyid:87:10:7E:3F:D9:B9:4B:4B:36:E6:A8:F3:70:E8:65:0A:7F:57:E6:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hxB-P9m5S0s25qjzcOhlCn9X5sM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a59390-8048-43b9-82b5-761dab389b5b/1/EcbORekMpmXDvf9gey6vKYyOLpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a59390-8048-43b9-82b5-761dab389b5b/1/hxB-P9m5S0s25qjzcOhlCn9X5sM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.24.0/21
46.39.224.0/19
62.182.72.0/21
79.172.64.0/18
81.200.0.0/19
82.199.96.0/19
84.51.64.0/18
90.155.128.0/17
91.123.16.0/20
91.189.240.0/21
91.207.170.0/23
94.102.112.0/20
95.143.208.0/20
109.225.192.0/18
109.229.128.0/19
134.0.96.0/20
176.97.128.0/21
185.55.0.0/22
185.60.44.0/22
188.68.96.0/19
195.234.56.0/24
213.193.0.0/19
IPv6:
2a02:2620::/32
Signature Algorithm: sha256WithRSAEncryption
0f:c6:1d:b2:fc:04:2c:f0:10:c7:21:3f:18:44:8d:9c:82:a5:
bb:66:a2:39:45:ec:84:f1:34:04:17:98:5c:e4:d5:2b:f9:8d:
f5:dc:d7:a4:5f:62:47:c1:c7:ec:58:b3:77:35:30:d7:60:db:
9f:16:3d:2b:96:c9:eb:27:7a:d8:f4:98:ca:11:bc:fd:0c:55:
45:07:99:7c:b1:62:a6:4c:49:ad:08:f9:f1:d3:80:cb:2a:cd:
1f:2c:fa:b8:bc:50:59:32:da:80:c8:ff:a4:31:8d:26:87:2d:
42:2b:69:58:f1:88:7f:78:2a:34:21:e0:f9:ea:c6:d0:cd:99:
74:93:2c:aa:0e:91:e2:1e:22:59:ed:b3:16:af:e4:96:a1:f9:
68:61:5a:28:e5:6c:b4:bb:3f:0d:33:b8:0d:ba:66:24:ee:cd:
79:dc:f1:03:40:12:74:0f:c4:91:39:a6:2f:bc:43:2c:a7:87:
8d:3e:94:f0:59:5b:da:3f:e4:83:b9:4f:46:8c:3f:51:02:43:
cf:fa:c4:db:0e:0d:5d:3d:17:b4:25:d5:71:9b:c8:78:20:da:
20:b2:53:24:83:14:72:15:19:b8:29:fa:64:a2:df:39:ba:6b:
17:35:0b:e8:43:53:50:7e:a1:b2:23:b9:60:74:9e:c1:ba:2d:
26:c4:dd:d4
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYzJvOs0gRy6PNhpBrj413I1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MTA3ZTNmZDliOTRiNGIzNmU2YThmMzcwZTg2NTBhN2Y1
N2U2YzMwHhcNMjQwMTAyMTAzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWM2Y2U0NWU5MGNhNjY1YzNiZGZmNjA3YjJlYWYyOThjOGUyZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqR+idfC3mEsKgCVXWthH5T2SH1h
K3rmD6nosci9IHZH5tlVK9IE9MeC8vEm4SGiEVeKDHyQS/zXv9E3WM2Y+nNqLND5
NF8j1yMVRurx0OlUbFkp30hVsx0fxbh8dKvlYBYSv4gDtksWt7uiU2RXdi/sWf0W
Ue6kwf1Ukq6lbKpVZhrB1vkMKQTl6egHqXWt9oi5fwOFe7eoag0+x3RhoEtZQ/ma
nX5rmaFC5mN7g0mbjqvj78EcS+/TQGG5y42K5SobVA3h1PO/2AlBJNxp1BMB2gPn
IRYjU2rEcMAs/ku1IJflYyMV9kzS/o73ZCyVFzqwN7AR8VluB6dqs8c1fwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFBHGzkXpDKZlw73/YHsurymMji6YMB8GA1UdIwQY
MBaAFIcQfj/ZuUtLNuao83DoZQp/V+bDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHhCLVA5bTVTMHMyNXFqemNPaGxDbjlYNXNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTkzOTAtODA0OC00M2I5LTgyYjUt
NzYxZGFiMzg5YjViLzEvRWNiT1Jla01wbVhEdmY5Z2V5NnZLWXlPTHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTkzOTAtODA0OC00M2I5LTgyYjUtNzYxZGFiMzg5YjVi
LzEvaHhCLVA5bTVTMHMyNXFqemNPaGxDbjlYNXNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBAMu
HxgDBAUuJ+ADBAM+tkgDBAZPrEADBAVRyAADBAVSx2ADBAZUM0ADBAdam4ADBARb
exADBANbvfADBAFbz6oDBAReZnADBARfj9ADBAZt4cADBAVt5YADBASGAGADBAOw
YYADBAK5NwADBAK5PCwDBAW8RGADBADD6jgDBAXVwQAwDQQCAAIwBwMFACoCJiAw
DQYJKoZIhvcNAQELBQADggEBAA/GHbL8BCzwEMchPxhEjZyCpbtmojlF7ITxNAQX
mFzk1Sv5jfXc16RfYkfBx+xYs3c1MNdg258WPSuWyesnetj0mMoRvP0MVUUHmXyx
YqZMSa0I+fHTgMsqzR8s+ri8UFky2oDI/6QxjSaHLUIraVjxiH94KjQh4PnqxtDN
mXSTLKoOkeIeIlntsxav5Jah+WhhWijlbLS7Pw0zuA26ZiTuzXnc8QNAEnQPxJE5
pi+8Qyynh40+lPBZW9o/5IO5T0aMP1ECQ8/6xNsODV09F7Ql1XGbyHgg2iCyUySD
FHIVGbgp+mSi3zm6axc1C+hDU1B+obIjuWB0nsG6LSbE3dQ=
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:03:14 2024 by rpki-client on console-fra.rpki-client.org