Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/_sr3LI3APtU9a2gZ3QDPiIVCwvY.roa
File: _sr3LI3APtU9a2gZ3QDPiIVCwvY.roa (raw, json)
Hash identifier: aDgkPJTS6VDLhRX9X8ZMgvpe0KTZfgjixB2RctRKk54=
Subject key identifier: FE:CA:F7:2C:8D:C0:3E:D5:3D:6B:68:19:DD:00:CF:88:85:42:C2:F6
Certificate issuer: /CN=4e15df688c3aeae3f685ed44b396c2198395861d
Certificate serial: 018D8CEE7BA19CA41A6043F33539084FCC22
Authority key identifier: 4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/_sr3LI3APtU9a2gZ3QDPiIVCwvY.roa
Signing time: Fri 09 Feb 2024 08:14:15 +0000
ROA not before: Fri 09 Feb 2024 08:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21021
IP address blocks: 31.6.128.0/18 maxlen: 18
31.6.192.0/19 maxlen: 19
31.42.16.0/20 maxlen: 20
37.131.128.0/19 maxlen: 19
37.190.128.0/17 maxlen: 17
46.186.0.0/17 maxlen: 17
46.231.56.0/21 maxlen: 21
62.61.32.0/19 maxlen: 19
62.141.192.0/18 maxlen: 18
80.244.128.0/19 maxlen: 19
80.245.176.0/20 maxlen: 20
81.190.0.0/16 maxlen: 16
82.115.64.0/19 maxlen: 19
83.68.64.0/19 maxlen: 19
84.38.80.0/20 maxlen: 20
85.117.0.0/19 maxlen: 19
87.116.192.0/18 maxlen: 18
89.17.224.0/19 maxlen: 19
89.228.0.0/16 maxlen: 16
89.229.0.0/16 maxlen: 16
89.230.0.0/16 maxlen: 16
89.231.0.0/16 maxlen: 16
92.42.112.0/21 maxlen: 21
93.94.184.0/21 maxlen: 21
94.78.128.0/18 maxlen: 18
94.251.128.0/17 maxlen: 17
95.129.224.0/21 maxlen: 21
95.174.32.0/19 maxlen: 19
176.107.112.0/21 maxlen: 21
176.221.96.0/19 maxlen: 19
185.31.184.0/22 maxlen: 22
193.43.240.0/22 maxlen: 22
193.43.242.0/24 maxlen: 24
193.43.243.0/24 maxlen: 24
193.106.76.0/22 maxlen: 22
193.200.118.0/23 maxlen: 23
194.116.132.0/23 maxlen: 23
194.149.240.0/24 maxlen: 24
195.93.134.0/23 maxlen: 23
195.93.222.0/23 maxlen: 23
213.136.224.0/19 maxlen: 19
217.70.48.0/20 maxlen: 20
217.75.48.0/20 maxlen: 20
217.144.192.0/19 maxlen: 19
217.172.224.0/19 maxlen: 19
2a00:1c00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:ee:7b:a1:9c:a4:1a:60:43:f3:35:39:08:4f:cc:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e15df688c3aeae3f685ed44b396c2198395861d
Validity
Not Before: Feb 9 08:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fecaf72c8dc03ed53d6b6819dd00cf888542c2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3d:4a:78:f8:ed:83:39:48:d4:5d:a7:d9:bf:
ae:bd:a0:a8:6d:d2:1c:34:ec:34:61:0f:8d:e9:d9:
9c:f5:90:5f:ac:97:13:00:a0:87:c0:d7:c0:d0:a5:
37:73:1f:36:de:bc:1c:fa:6f:17:a9:b2:ae:14:f0:
83:b7:44:0e:3f:f7:bd:79:7a:8c:a9:03:8a:29:6e:
bd:93:a3:7d:3e:83:bd:f3:e5:9c:1f:b3:c9:db:29:
fe:8b:97:59:90:1d:f6:6b:4e:06:fb:30:6b:2d:26:
c2:a1:f5:89:1c:e2:39:7e:fb:97:dd:33:a9:94:aa:
ad:b9:39:ac:4d:5d:60:a1:ee:1b:4c:65:a4:8d:38:
63:ba:ee:2e:9a:8e:4b:7a:d8:82:01:a8:81:91:43:
f8:d6:80:19:87:ce:10:09:24:14:35:32:5b:79:18:
67:59:a9:ec:a8:21:dc:3c:37:57:74:30:08:f5:47:
8a:de:6b:f6:aa:bb:d2:c9:9b:e2:d2:cd:32:26:e6:
4a:18:82:9f:c9:b9:d9:a5:0e:c6:8d:82:e2:d7:22:
47:b3:3e:58:af:2a:36:fd:f0:d4:3d:7d:23:02:c5:
47:8e:a0:18:bd:79:fe:57:6a:0c:12:81:3d:e4:ef:
05:f8:cf:61:3d:54:21:4d:e8:9c:3c:55:89:ad:35:
3d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:CA:F7:2C:8D:C0:3E:D5:3D:6B:68:19:DD:00:CF:88:85:42:C2:F6
X509v3 Authority Key Identifier:
keyid:4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/_sr3LI3APtU9a2gZ3QDPiIVCwvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.128.0-31.6.223.255
31.42.16.0/20
37.131.128.0/19
37.190.128.0/17
46.186.0.0/17
46.231.56.0/21
62.61.32.0/19
62.141.192.0/18
80.244.128.0/19
80.245.176.0/20
81.190.0.0/16
82.115.64.0/19
83.68.64.0/19
84.38.80.0/20
85.117.0.0/19
87.116.192.0/18
89.17.224.0/19
89.228.0.0/14
92.42.112.0/21
93.94.184.0/21
94.78.128.0/18
94.251.128.0/17
95.129.224.0/21
95.174.32.0/19
176.107.112.0/21
176.221.96.0/19
185.31.184.0/22
193.43.240.0/22
193.106.76.0/22
193.200.118.0/23
194.116.132.0/23
194.149.240.0/24
195.93.134.0/23
195.93.222.0/23
213.136.224.0/19
217.70.48.0/20
217.75.48.0/20
217.144.192.0/19
217.172.224.0/19
IPv6:
2a00:1c00::/32
Signature Algorithm: sha256WithRSAEncryption
bd:c9:5f:0a:13:67:94:e4:d3:da:1d:58:85:d8:c8:4f:cf:bd:
b0:1b:1b:c2:ce:cc:d0:69:f9:52:1e:3c:e5:bd:e7:c5:9a:97:
d1:42:09:fe:4d:4b:66:35:da:01:af:ca:88:42:ca:5e:c1:07:
01:b5:9b:2f:03:ab:7b:59:13:41:4e:0e:36:a3:11:d2:36:59:
5f:a1:c8:78:07:64:fc:da:e0:ea:de:9a:3e:88:ec:73:8d:d1:
dc:94:97:13:69:a6:f4:17:78:37:41:1a:62:e9:c0:c9:9e:07:
a2:c9:f7:02:01:4e:84:80:ad:9d:e9:78:30:5f:5c:79:5c:5f:
57:a9:9d:44:b2:26:61:c3:7f:8f:01:bf:d6:77:08:2d:68:91:
6f:61:84:aa:c6:0a:ef:a5:19:69:91:5b:de:58:c4:4f:b9:8a:
93:aa:e5:1b:e4:8f:01:12:27:ec:db:b9:81:5e:77:0b:51:56:
48:40:4f:43:73:35:b2:78:1a:93:bf:64:29:4e:03:df:bf:18:
c6:13:41:b8:8f:61:29:6e:5a:1f:d9:50:3c:11:c8:38:df:84:
4e:41:05:f0:4a:62:3e:11:31:85:fb:7c:44:65:d9:b4:6b:0a:
b8:56:c1:f9:0f:ab:2f:07:f6:8a:a2:30:04:6d:53:34:4a:af:
94:dc:e7:78
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAY2M7nuhnKQaYEPzNTkIT8wiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTVkZjY4OGMzYWVhZTNmNjg1ZWQ0NGIzOTZjMjE5ODM5
NTg2MWQwHhcNMjQwMjA5MDgxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWNhZjcyYzhkYzAzZWQ1M2Q2YjY4MTlkZDAwY2Y4ODg1NDJjMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiD1KePjtgzlI1F2n2b+uvaCobdIc
NOw0YQ+N6dmc9ZBfrJcTAKCHwNfA0KU3cx823rwc+m8XqbKuFPCDt0QOP/e9eXqM
qQOKKW69k6N9PoO98+WcH7PJ2yn+i5dZkB32a04G+zBrLSbCofWJHOI5fvuX3TOp
lKqtuTmsTV1goe4bTGWkjThjuu4umo5LetiCAaiBkUP41oAZh84QCSQUNTJbeRhn
WansqCHcPDdXdDAI9UeK3mv2qrvSyZvi0s0yJuZKGIKfybnZpQ7GjYLi1yJHsz5Y
ryo2/fDUPX0jAsVHjqAYvXn+V2oMEoE95O8F+M9hPVQhTeicPFWJrTU9BQIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFP7K9yyNwD7VPWtoGd0Az4iFQsL2MB8GA1UdIwQY
MBaAFE4V32iMOurj9oXtRLOWwhmDlYYdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEt
OGE2ZTU1NDE5NmJiLzEvX3NyM0xJM0FQdFU5YTJnWjNRRFBpSVZDd3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEtOGE2ZTU1NDE5NmJi
LzEvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCB9wQCAAEwgfAw
DAMEBx8GgAMEBR8GwAMEBB8qEAMEBSWDgAMEByW+gAMEBy66AAMEAy7nOAMEBT49
IAMEBj6NwAMEBVD0gAMEBFD1sAMDAFG+AwQFUnNAAwQFU0RAAwQEVCZQAwQFVXUA
AwQGV3TAAwQFWRHgAwMCWeQDBANcKnADBANdXrgDBAZeToADBAde+4ADBANfgeAD
BAVfriADBAOwa3ADBAWw3WADBAK5H7gDBALBK/ADBALBakwDBAHByHYDBAHCdIQD
BADClfADBAHDXYYDBAHDXd4DBAXViOADBATZRjADBATZSzADBAXZkMADBAXZrOAw
DQQCAAIwBwMFACoAHAAwDQYJKoZIhvcNAQELBQADggEBAL3JXwoTZ5Tk09odWIXY
yE/PvbAbG8LOzNBp+VIePOW958Wal9FCCf5NS2Y12gGvyohCyl7BBwG1my8Dq3tZ
E0FODjajEdI2WV+hyHgHZPza4Oremj6I7HON0dyUlxNppvQXeDdBGmLpwMmeB6LJ
9wIBToSArZ3peDBfXHlcX1epnUSyJmHDf48Bv9Z3CC1okW9hhKrGCu+lGWmRW95Y
xE+5ipOq5RvkjwESJ+zbuYFedwtRVkhAT0NzNbJ4GpO/ZClOA9+/GMYTQbiPYSlu
Wh/ZUDwRyDjfhE5BBfBKYj4RMYX7fERl2bRrCrhWwfkPqy8H9oqiMARtUzRKr5Tc
53g=
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:41:10 2024 by rpki-client on console-ams.rpki-client.org