Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/k15IL8uRZbM55NexX0qnSusMkJI.roa
File: k15IL8uRZbM55NexX0qnSusMkJI.roa (raw, json)
Hash identifier: jk6VjMcfF//kdiSOBLVnhJLuYrxwV3S+IkWiouq9LVs=
Subject key identifier: 93:5E:48:2F:CB:91:65:B3:39:E4:D7:B1:5F:4A:A7:4A:EB:0C:90:92
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 018CC9BC3F9885D6AC923FBD4C2D9581F490
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/k15IL8uRZbM55NexX0qnSusMkJI.roa
Signing time: Tue 02 Jan 2024 10:33:26 +0000
ROA not before: Tue 02 Jan 2024 10:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207990
IP address blocks: 43.252.28.0/22 maxlen: 32
94.176.80.0/20 maxlen: 32
103.211.184.0/23 maxlen: 32
203.78.168.0/21 maxlen: 32
37.61.226.0/24 maxlen: 32
94.176.48.0/20 maxlen: 32
92.255.86.0/23 maxlen: 32
103.225.128.0/22 maxlen: 32
213.188.64.0/22 maxlen: 32
193.151.52.0/22 maxlen: 32
213.188.80.0/20 maxlen: 32
85.208.148.0/22 maxlen: 32
103.30.12.0/22 maxlen: 32
206.204.0.0/20 maxlen: 32
206.204.16.0/20 maxlen: 32
206.204.32.0/20 maxlen: 32
139.5.104.0/22 maxlen: 32
206.204.48.0/20 maxlen: 32
45.114.240.0/22 maxlen: 32
216.194.80.0/20 maxlen: 32
89.223.14.0/23 maxlen: 32
89.223.18.0/23 maxlen: 32
45.130.120.0/22 maxlen: 32
92.255.32.0/21 maxlen: 32
103.207.152.0/23 maxlen: 32
116.212.188.0/22 maxlen: 32
180.94.216.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:3f:98:85:d6:ac:92:3f:bd:4c:2d:95:81:f4:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Jan 2 10:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=935e482fcb9165b339e4d7b15f4aa74aeb0c9092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d3:d1:76:80:98:73:db:68:c9:35:19:54:84:
fb:79:6d:33:49:01:b9:4d:83:0f:7e:70:50:fc:ac:
46:23:d6:87:c6:c6:9b:6d:1a:d6:49:aa:73:af:00:
4d:92:c3:07:f9:01:c2:bf:b2:b5:6f:1d:d1:92:ad:
91:30:89:12:59:5d:42:55:33:e1:81:d4:52:6e:a3:
47:66:5f:1d:9b:9b:e0:e1:47:e7:da:00:74:b4:b2:
8a:85:fb:e0:b8:57:1d:3c:33:e3:e7:ff:77:75:b6:
4f:ce:9d:f4:dd:8f:01:d3:2f:5f:2d:a5:9d:40:8f:
33:7e:0b:29:93:b7:6b:64:f0:e6:fa:3d:de:80:11:
7c:02:b0:04:db:0d:da:59:09:50:8b:37:cd:4f:90:
db:23:35:a0:f4:c4:ce:a9:49:87:f6:57:ad:b7:d6:
72:15:4c:a1:64:9d:7d:fe:5d:a7:d2:3c:57:a8:96:
ed:28:bc:b5:9a:74:1f:b6:45:59:d3:91:a7:c2:3c:
58:14:cd:c3:a1:a7:d4:ed:93:11:c2:7e:6f:31:29:
3a:77:ca:6b:58:3c:a7:03:ad:75:d6:bf:1a:54:22:
9a:ba:d2:7c:92:28:75:5f:8b:67:aa:56:f9:16:e3:
93:09:41:0b:c9:8f:6c:ff:21:81:06:96:7e:51:aa:
8c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:5E:48:2F:CB:91:65:B3:39:E4:D7:B1:5F:4A:A7:4A:EB:0C:90:92
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/k15IL8uRZbM55NexX0qnSusMkJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.226.0/24
43.252.28.0/22
45.114.240.0/22
45.130.120.0/22
85.208.148.0/22
89.223.14.0/23
89.223.18.0/23
92.255.32.0/21
92.255.86.0/23
94.176.48.0/20
94.176.80.0/20
103.30.12.0/22
103.207.152.0/23
103.211.184.0/23
103.225.128.0/22
116.212.188.0/22
139.5.104.0/22
180.94.216.0/22
193.151.52.0/22
203.78.168.0/21
206.204.0.0/18
213.188.64.0/22
213.188.80.0/20
216.194.80.0/20
Signature Algorithm: sha256WithRSAEncryption
21:e0:2b:52:06:3f:16:0e:71:46:21:cb:b0:a8:4f:d6:13:10:
bf:a3:e8:ae:83:78:93:dc:c1:f6:ff:79:c9:84:28:ca:82:c5:
4a:68:89:00:75:1b:2f:d1:1a:79:97:9c:23:5d:a7:7c:e0:bf:
54:08:93:b9:f0:c9:8c:da:66:fc:18:d5:bc:ba:4b:d3:b8:ba:
8f:ad:6d:0c:6c:62:ce:88:4d:32:91:51:ad:0e:f1:fe:8b:4b:
c1:4f:48:3a:8e:5d:ac:8b:d1:4a:12:ea:a4:51:9d:c6:d5:1d:
63:a2:7e:3f:30:48:88:ee:86:ba:54:8e:2d:5f:b1:60:a6:76:
aa:78:51:f7:0c:8e:98:6a:a2:18:75:41:47:8d:26:e3:3b:e8:
6c:30:61:89:1d:1d:b5:a3:c9:c2:26:44:18:d6:6a:b1:f0:f6:
8f:e0:d9:c7:d7:50:08:39:da:9f:bd:de:1f:2f:a9:c3:6a:cb:
b0:a4:03:3b:29:9b:77:88:2a:ba:25:2e:64:91:b8:66:8f:a9:
0b:be:ae:77:89:21:d4:c6:17:d6:82:06:4b:ba:14:66:c1:97:
83:7e:34:62:ec:dd:26:f4:96:6b:28:94:f7:af:43:4a:a6:27:
19:03:48:04:45:6d:02:90:81:09:48:13:ac:20:90:df:d3:8b:
5c:ff:f1:72
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYzJvD+Yhdaskj+9TC2VgfSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjQwMTAyMTAzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzVlNDgyZmNiOTE2NWIzMzllNGQ3YjE1ZjRhYTc0YWViMGM5MDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9PRdoCYc9toyTUZVIT7eW0zSQG5
TYMPfnBQ/KxGI9aHxsabbRrWSapzrwBNksMH+QHCv7K1bx3Rkq2RMIkSWV1CVTPh
gdRSbqNHZl8dm5vg4Ufn2gB0tLKKhfvguFcdPDPj5/93dbZPzp303Y8B0y9fLaWd
QI8zfgspk7drZPDm+j3egBF8ArAE2w3aWQlQizfNT5DbIzWg9MTOqUmH9lett9Zy
FUyhZJ19/l2n0jxXqJbtKLy1mnQftkVZ05GnwjxYFM3DoafU7ZMRwn5vMSk6d8pr
WDynA6111r8aVCKautJ8kih1X4tnqlb5FuOTCUELyY9s/yGBBpZ+UaqMBQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFJNeSC/LkWWzOeTXsV9Kp0rrDJCSMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvazE1SUw4dVJaYk01NU5leFgwcW5TdXNNa0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAAl
PeIDBAIr/BwDBAItcvADBAItgngDBAJV0JQDBAFZ3w4DBAFZ3xIDBANc/yADBAFc
/1YDBAResDADBAResFADBAJnHgwDBAFnz5gDBAFn07gDBAJn4YADBAJ01LwDBAKL
BWgDBAK0XtgDBALBlzQDBAPLTqgDBAbOzAADBALVvEADBATVvFADBATYwlAwDQYJ
KoZIhvcNAQELBQADggEBACHgK1IGPxYOcUYhy7CoT9YTEL+j6K6DeJPcwfb/ecmE
KMqCxUpoiQB1Gy/RGnmXnCNdp3zgv1QIk7nwyYzaZvwY1by6S9O4uo+tbQxsYs6I
TTKRUa0O8f6LS8FPSDqOXayL0UoS6qRRncbVHWOifj8wSIjuhrpUji1fsWCmdqp4
UfcMjphqohh1QUeNJuM76GwwYYkdHbWjycImRBjWarHw9o/g2cfXUAg52p+93h8v
qcNqy7CkAzspm3eIKrolLmSRuGaPqQu+rneJIdTGF9aCBku6FGbBl4N+NGLs3Sb0
lmsolPevQ0qmJxkDSARFbQKQgQlIE6wgkN/Ti1z/8XI=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:06:52 2024 by rpki-client on console-fra.rpki-client.org