Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/Sn76i_t_uapXFS0492igZuET2-M.roa
File: Sn76i_t_uapXFS0492igZuET2-M.roa (raw, json)
Hash identifier: TUVtXlTB/lPdMiSwRK37Lfw5maXeYPZrzHpb/YR1yDA=
Subject key identifier: 4A:7E:FA:8B:FB:7F:B9:AA:57:15:2D:38:F7:68:A0:66:E1:13:DB:E3
Certificate issuer: /CN=4e15df688c3aeae3f685ed44b396c2198395861d
Certificate serial: 018CC6B827BD10BE1D7DE2B4906BAF5A2744
Authority key identifier: 4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/Sn76i_t_uapXFS0492igZuET2-M.roa
Signing time: Mon 01 Jan 2024 20:30:06 +0000
ROA not before: Mon 01 Jan 2024 20:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29314
IP address blocks: 217.172.224.0/19 maxlen: 19
217.75.48.0/20 maxlen: 20
217.70.48.0/20 maxlen: 20
195.93.222.0/23 maxlen: 23
83.68.64.0/19 maxlen: 19
195.93.134.0/23 maxlen: 23
89.230.0.0/16 maxlen: 16
89.17.224.0/19 maxlen: 19
94.78.128.0/18 maxlen: 18
80.245.176.0/20 maxlen: 20
217.144.192.0/19 maxlen: 19
31.42.16.0/20 maxlen: 20
89.229.0.0/16 maxlen: 16
84.38.80.0/20 maxlen: 20
176.107.112.0/21 maxlen: 21
185.31.184.0/22 maxlen: 22
81.190.0.0/16 maxlen: 16
31.6.128.0/18 maxlen: 18
62.141.192.0/18 maxlen: 18
89.231.0.0/16 maxlen: 16
80.244.128.0/19 maxlen: 19
194.116.132.0/23 maxlen: 23
92.42.112.0/21 maxlen: 21
93.94.184.0/21 maxlen: 21
31.6.192.0/19 maxlen: 19
193.200.118.0/23 maxlen: 23
194.149.240.0/24 maxlen: 24
31.6.218.0/24 maxlen: 24
37.131.128.0/19 maxlen: 19
193.43.240.0/22 maxlen: 22
193.106.76.0/22 maxlen: 22
95.129.224.0/21 maxlen: 21
37.190.128.0/17 maxlen: 17
89.228.0.0/16 maxlen: 16
95.174.32.0/19 maxlen: 19
82.115.64.0/19 maxlen: 19
94.251.168.0/24 maxlen: 24
176.221.96.0/19 maxlen: 19
85.117.0.0/19 maxlen: 19
213.136.224.0/19 maxlen: 19
62.61.32.0/19 maxlen: 19
94.251.128.0/17 maxlen: 17
87.116.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:27:bd:10:be:1d:7d:e2:b4:90:6b:af:5a:27:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e15df688c3aeae3f685ed44b396c2198395861d
Validity
Not Before: Jan 1 20:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a7efa8bfb7fb9aa57152d38f768a066e113dbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7d:5c:47:b9:0b:a7:df:57:2a:e4:30:c9:4f:
de:e4:81:a9:c7:38:c8:90:f7:6a:2b:0b:e2:60:47:
38:d8:b5:69:a7:d5:3c:ee:2a:58:b7:a6:52:4c:51:
54:09:fd:41:51:58:ad:4c:18:eb:29:18:f8:44:4e:
75:c4:07:90:26:4b:e3:d6:b6:bf:c0:a4:5b:f1:51:
9d:4a:cc:14:2d:57:a8:3f:09:bc:e9:1a:56:66:7b:
93:86:82:90:21:b0:da:c3:1e:ad:66:f8:d5:19:62:
28:b2:79:58:47:60:cf:14:24:2b:91:53:22:b7:68:
9e:e4:96:7f:d5:98:6e:de:47:ed:b4:bc:f5:30:ee:
6b:91:de:2f:f6:6d:08:b5:9f:fb:7c:9d:f4:8b:5f:
57:96:c2:94:90:cd:63:54:77:82:1c:2d:ae:9a:2d:
6a:f6:74:1c:f0:60:a6:b7:96:97:69:35:07:02:60:
aa:bf:57:60:9a:98:c0:05:e4:30:dc:7f:09:57:41:
bf:1f:5c:80:d4:36:79:62:66:22:87:17:24:66:14:
08:36:c5:2b:d3:5a:82:13:32:86:63:3d:d1:c2:68:
b2:5d:bd:7a:ef:4c:92:ef:fe:c5:5e:72:00:69:b2:
30:e4:a7:28:67:09:36:01:9c:0c:b8:79:c1:75:53:
28:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7E:FA:8B:FB:7F:B9:AA:57:15:2D:38:F7:68:A0:66:E1:13:DB:E3
X509v3 Authority Key Identifier:
keyid:4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/Sn76i_t_uapXFS0492igZuET2-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.128.0-31.6.223.255
31.42.16.0/20
37.131.128.0/19
37.190.128.0/17
62.61.32.0/19
62.141.192.0/18
80.244.128.0/19
80.245.176.0/20
81.190.0.0/16
82.115.64.0/19
83.68.64.0/19
84.38.80.0/20
85.117.0.0/19
87.116.192.0/18
89.17.224.0/19
89.228.0.0/14
92.42.112.0/21
93.94.184.0/21
94.78.128.0/18
94.251.128.0/17
95.129.224.0/21
95.174.32.0/19
176.107.112.0/21
176.221.96.0/19
185.31.184.0/22
193.43.240.0/22
193.106.76.0/22
193.200.118.0/23
194.116.132.0/23
194.149.240.0/24
195.93.134.0/23
195.93.222.0/23
213.136.224.0/19
217.70.48.0/20
217.75.48.0/20
217.144.192.0/19
217.172.224.0/19
Signature Algorithm: sha256WithRSAEncryption
75:0a:8e:e7:62:83:4d:45:86:8b:b9:b2:05:ea:3e:81:35:bc:
d8:9f:f7:10:31:52:be:cb:2a:78:ad:d7:fb:a4:4b:84:4e:59:
1a:bd:88:f1:b4:8f:f9:49:14:59:e7:b9:b7:c4:31:ca:4d:07:
49:c7:82:ff:f4:c9:37:34:b8:66:4c:53:a0:c2:8a:15:d8:c3:
bc:f4:12:40:73:66:54:1c:3a:f5:c9:db:60:c9:4d:ae:25:7f:
9e:66:07:9c:ee:e7:4b:6e:e8:ea:a1:e3:0a:84:52:70:90:75:
1d:b4:a4:12:58:66:3a:bd:0a:80:49:7d:0d:08:de:01:43:15:
36:99:5b:ca:1a:c2:16:7a:a8:fb:6f:b2:a5:11:03:26:40:f0:
36:92:4d:54:e0:c6:20:7b:09:99:52:f8:b5:e0:18:3f:7e:84:
9f:23:1d:7d:03:02:7d:35:91:41:82:01:71:ac:f2:33:11:35:
ed:f4:c3:88:81:eb:9b:d6:93:41:5b:3b:c7:1a:46:4f:0a:6e:
35:c1:4b:f0:dc:4b:81:57:09:8a:3f:2a:ed:4a:57:a6:86:2d:
54:88:1e:17:62:c7:51:05:73:d4:15:e6:70:a7:07:f7:38:b8:
1c:a5:6e:a9:72:1a:25:67:25:7f:93:7c:c1:28:66:dd:7d:b5:
ba:21:22:30
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYzGuCe9EL4dfeK0kGuvWidEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTVkZjY4OGMzYWVhZTNmNjg1ZWQ0NGIzOTZjMjE5ODM5
NTg2MWQwHhcNMjQwMTAxMjAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTdlZmE4YmZiN2ZiOWFhNTcxNTJkMzhmNzY4YTA2NmUxMTNkYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX1cR7kLp99XKuQwyU/e5IGpxzjI
kPdqKwviYEc42LVpp9U87ipYt6ZSTFFUCf1BUVitTBjrKRj4RE51xAeQJkvj1ra/
wKRb8VGdSswULVeoPwm86RpWZnuThoKQIbDawx6tZvjVGWIosnlYR2DPFCQrkVMi
t2ie5JZ/1Zhu3kfttLz1MO5rkd4v9m0ItZ/7fJ30i19XlsKUkM1jVHeCHC2umi1q
9nQc8GCmt5aXaTUHAmCqv1dgmpjABeQw3H8JV0G/H1yA1DZ5YmYihxckZhQINsUr
01qCEzKGYz3RwmiyXb1670yS7/7FXnIAabIw5KcoZwk2AZwMuHnBdVMo9QIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFEp++ov7f7mqVxUtOPdooGbhE9vjMB8GA1UdIwQY
MBaAFE4V32iMOurj9oXtRLOWwhmDlYYdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEt
OGE2ZTU1NDE5NmJiLzEvU243NmlfdF91YXBYRlMwNDkyaWdadUVUMi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEtOGE2ZTU1NDE5NmJi
LzEvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkMAwD
BAcfBoADBAUfBsADBAQfKhADBAUlg4ADBAclvoADBAU+PSADBAY+jcADBAVQ9IAD
BARQ9bADAwBRvgMEBVJzQAMEBVNEQAMEBFQmUAMEBVV1AAMEBld0wAMEBVkR4AMD
AlnkAwQDXCpwAwQDXV64AwQGXk6AAwQHXvuAAwQDX4HgAwQFX64gAwQDsGtwAwQF
sN1gAwQCuR+4AwQCwSvwAwQCwWpMAwQBwch2AwQBwnSEAwQAwpXwAwQBw12GAwQB
w13eAwQF1YjgAwQE2UYwAwQE2UswAwQF2ZDAAwQF2azgMA0GCSqGSIb3DQEBCwUA
A4IBAQB1Co7nYoNNRYaLubIF6j6BNbzYn/cQMVK+yyp4rdf7pEuETlkavYjxtI/5
SRRZ57m3xDHKTQdJx4L/9Mk3NLhmTFOgwooV2MO89BJAc2ZUHDr1ydtgyU2uJX+e
Zgec7udLbujqoeMKhFJwkHUdtKQSWGY6vQqASX0NCN4BQxU2mVvKGsIWeqj7b7Kl
EQMmQPA2kk1U4MYgewmZUvi14Bg/foSfIx19AwJ9NZFBggFxrPIzETXt9MOIgeub
1pNBWzvHGkZPCm41wUvw3EuBVwmKPyrtSlemhi1UiB4XYsdRBXPUFeZwpwf3OLgc
pW6pcholZyV/k3zBKGbdfbW6ISIw
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:45:39 2024 by rpki-client on console-fra.rpki-client.org