Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/IPT5oP-LwkqA56JhRDTSLza5khc.roa
File: IPT5oP-LwkqA56JhRDTSLza5khc.roa (raw, json)
Hash identifier: Zfpus25NnqmGiMj23O9fuVVVQaBjbEBRtFATNoUWIxM=
Subject key identifier: 20:F4:F9:A0:FF:8B:C2:4A:80:E7:A2:61:44:34:D2:2F:36:B9:92:17
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 018CC2DB124DB9173E3287171301533E33B8
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/IPT5oP-LwkqA56JhRDTSLza5khc.roa
Signing time: Mon 01 Jan 2024 02:29:46 +0000
ROA not before: Mon 01 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3302
IP address blocks: 185.82.0.0/22 maxlen: 22
81.92.32.0/20 maxlen: 20
213.136.128.0/18 maxlen: 24
217.29.160.0/20 maxlen: 20
193.219.30.0/24 maxlen: 24
194.20.0.0/16 maxlen: 24
217.15.208.0/20 maxlen: 24
213.149.192.0/19 maxlen: 19
212.90.0.0/19 maxlen: 24
213.183.128.0/19 maxlen: 19
194.21.0.0/18 maxlen: 24
194.153.192.0/20 maxlen: 24
83.211.0.0/16 maxlen: 24
212.110.0.0/19 maxlen: 24
62.94.0.0/16 maxlen: 24
195.62.224.0/19 maxlen: 24
194.153.208.0/22 maxlen: 24
213.198.128.0/18 maxlen: 24
2001:750::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:12:4d:b9:17:3e:32:87:17:13:01:53:3e:33:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Jan 1 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20f4f9a0ff8bc24a80e7a2614434d22f36b99217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:16:ce:f3:b8:5a:7f:c6:e0:45:99:f1:81:08:
89:0e:04:70:06:de:1e:af:bd:8f:83:36:a1:51:81:
6e:50:78:af:39:e1:83:49:b4:14:f3:67:aa:1e:7d:
d0:d7:dc:1b:80:b5:89:d1:a6:10:7c:0f:2d:a1:57:
7b:2e:b2:34:83:d8:e8:a7:52:e3:81:56:4f:00:54:
66:62:68:cc:78:0c:c6:42:2e:f0:2b:1a:2f:19:89:
2f:b7:51:4c:61:10:d3:9b:c8:c4:99:56:20:cf:5a:
5a:95:04:a7:87:de:7b:79:36:e4:4d:1b:7c:8e:8f:
eb:27:a9:35:32:bb:ea:b2:7d:4f:81:04:4d:67:a5:
82:a3:70:b9:29:15:0b:60:b4:cd:be:e8:a8:e3:5f:
2a:d6:e8:1b:3e:56:97:66:69:be:24:f5:cd:41:0b:
f1:96:e3:ff:e4:8a:fe:24:ff:81:9e:78:da:0a:b7:
7e:0b:1f:5d:d0:5f:a6:56:e3:65:68:9d:93:35:7f:
5b:66:20:c4:55:23:99:b9:40:67:56:a9:0a:11:48:
9e:14:4a:5b:fa:3a:aa:df:ff:07:68:bc:ec:e8:af:
d7:0d:e0:28:25:0e:3a:e2:fa:c2:4f:2c:56:a7:59:
00:81:c6:72:63:37:fb:cc:47:da:f5:68:ad:92:f6:
4f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F4:F9:A0:FF:8B:C2:4A:80:E7:A2:61:44:34:D2:2F:36:B9:92:17
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/IPT5oP-LwkqA56JhRDTSLza5khc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.94.0.0/16
81.92.32.0/20
83.211.0.0/16
185.82.0.0/22
193.219.30.0/24
194.20.0.0-194.21.63.255
194.153.192.0-194.153.211.255
195.62.224.0/19
212.90.0.0/19
212.110.0.0/19
213.136.128.0/18
213.149.192.0/19
213.183.128.0/19
213.198.128.0/18
217.15.208.0/20
217.29.160.0/20
IPv6:
2001:750::/29
Signature Algorithm: sha256WithRSAEncryption
94:13:d6:af:0b:7a:38:60:85:37:97:a3:d7:12:f1:8b:36:79:
41:6a:31:a9:15:cf:e8:d6:d1:50:ad:4d:a9:e6:4d:e8:b4:23:
95:74:a2:73:c1:c1:b3:f9:47:f5:18:e7:a4:80:e9:d4:eb:b9:
5b:e3:88:0f:52:81:0f:26:7d:21:e2:8d:28:f5:ec:02:08:55:
51:50:64:57:00:86:c8:0c:6f:28:e5:df:c6:21:c0:13:c6:23:
78:3a:a0:2b:6b:14:03:38:25:22:a0:4c:3c:0e:39:b0:1e:a1:
a2:a4:2b:3f:67:09:ea:44:38:ab:8e:f9:7e:18:70:6e:0f:a0:
e6:73:93:f8:26:60:ac:89:12:c8:b8:38:88:5a:1b:19:2c:e5:
e0:ba:67:29:a7:4c:63:da:2a:22:2b:d6:d7:e6:f3:6c:a6:23:
cf:2b:c6:51:cd:bc:d4:b8:66:23:40:fb:09:99:1f:a2:ed:92:
8a:ef:51:2c:54:6c:7d:f1:85:89:ab:0c:fe:d0:89:1a:0c:02:
87:6a:06:d0:0a:f7:29:a5:3f:43:03:19:3e:5f:1c:64:18:56:
14:47:6d:b6:d4:b1:6c:b4:98:f3:98:07:34:b7:b3:a8:08:f6:
82:55:78:71:52:36:09:9e:79:c6:9f:1d:fa:3a:62:dc:19:81:
c0:89:91:d4
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAYzC2xJNuRc+MocXEwFTPjO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjQwMTAxMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGY0ZjlhMGZmOGJjMjRhODBlN2EyNjE0NDM0ZDIyZjM2Yjk5MjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RbO87haf8bgRZnxgQiJDgRwBt4e
r72PgzahUYFuUHivOeGDSbQU82eqHn3Q19wbgLWJ0aYQfA8toVd7LrI0g9jop1Lj
gVZPAFRmYmjMeAzGQi7wKxovGYkvt1FMYRDTm8jEmVYgz1palQSnh957eTbkTRt8
jo/rJ6k1Mrvqsn1PgQRNZ6WCo3C5KRULYLTNvuio418q1ugbPlaXZmm+JPXNQQvx
luP/5Ir+JP+BnnjaCrd+Cx9d0F+mVuNlaJ2TNX9bZiDEVSOZuUBnVqkKEUieFEpb
+jqq3/8HaLzs6K/XDeAoJQ464vrCTyxWp1kAgcZyYzf7zEfa9WitkvZPRQIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFCD0+aD/i8JKgOeiYUQ00i82uZIXMB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvSVBUNW9QLUx3a3FBNTZKaFJEVFNMemE1a2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjctNWI1ZTMzY2U3MGFk
LzEvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBzBAIAATBtAwMAPl4D
BARRXCADAwBT0wMEArlSAAMEAMHbHjALAwMCwhQDBAbCFQAwDAMEBsKZwAMEAsKZ
0AMEBcM+4AMEBdRaAAMEBdRuAAMEBtWIgAMEBdWVwAMEBdW3gAMEBtXGgAMEBNkP
0AMEBNkdoDANBAIAAjAHAwUDIAEHUDANBgkqhkiG9w0BAQsFAAOCAQEAlBPWrwt6
OGCFN5ej1xLxizZ5QWoxqRXP6NbRUK1NqeZN6LQjlXSic8HBs/lH9RjnpIDp1Ou5
W+OID1KBDyZ9IeKNKPXsAghVUVBkVwCGyAxvKOXfxiHAE8YjeDqgK2sUAzglIqBM
PA45sB6hoqQrP2cJ6kQ4q475fhhwbg+g5nOT+CZgrIkSyLg4iFobGSzl4LpnKadM
Y9oqIivW1+bzbKYjzyvGUc281LhmI0D7CZkfou2Siu9RLFRsffGFiasM/tCJGgwC
h2oG0Ar3KaU/QwMZPl8cZBhWFEdtttSxbLSY85gHNLezqAj2glV4cVI2CZ55xp8d
+jpi3BmBwImR1A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:09:59 2024 by rpki-client on console-ams.rpki-client.org