Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/lsQvE0pdPWFMXdcHkrKH23OKf1Q.roa
File: lsQvE0pdPWFMXdcHkrKH23OKf1Q.roa (raw, json)
Hash identifier: FrKJo+1HFGcnkznBbt1ATAz0nRFQb2fh5wdHOzxwYHo=
Subject key identifier: 96:C4:2F:13:4A:5D:3D:61:4C:5D:D7:07:92:B2:87:DB:73:8A:7F:54
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 0191DB198728166B48FE23572D76339B9929
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/lsQvE0pdPWFMXdcHkrKH23OKf1Q.roa
Signing time: Tue 10 Sep 2024 08:42:48 +0000
ROA not before: Tue 10 Sep 2024 08:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39251
IP address blocks: 77.76.16.0/20 maxlen: 20
77.76.16.0/24 maxlen: 24
85.217.252.0/22 maxlen: 24
91.92.72.0/21 maxlen: 24
91.92.80.0/20 maxlen: 24
91.92.96.0/21 maxlen: 24
91.207.190.0/23 maxlen: 23
91.207.190.0/24 maxlen: 24
91.207.191.0/24 maxlen: 24
91.223.66.0/24 maxlen: 24
91.245.192.0/24 maxlen: 24
185.163.140.0/22 maxlen: 24
185.225.84.0/22 maxlen: 24
185.229.252.0/22 maxlen: 24
193.37.238.0/24 maxlen: 24
194.169.223.0/24 maxlen: 24
194.169.230.0/24 maxlen: 24
194.169.237.0/24 maxlen: 24
194.169.242.0/24 maxlen: 24
195.238.84.0/23 maxlen: 23
195.238.84.0/24 maxlen: 24
195.238.85.0/24 maxlen: 24
212.70.140.0/24 maxlen: 24
212.70.141.0/24 maxlen: 24
213.232.88.0/22 maxlen: 24
2a0b:f800::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:db:19:87:28:16:6b:48:fe:23:57:2d:76:33:9b:99:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Sep 10 08:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96c42f134a5d3d614c5dd70792b287db738a7f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:72:a2:87:ba:30:01:8e:58:b8:b2:ba:bd:fe:
07:80:b1:d6:42:34:5a:1b:f5:b1:42:d7:30:a3:7d:
c1:fa:41:20:5b:3f:72:c5:1e:35:1e:48:a0:1e:bb:
14:82:46:24:a8:7f:60:3c:96:b8:f4:45:85:ba:2d:
f6:11:03:f7:50:51:73:28:56:12:5d:ee:a2:08:78:
d2:da:69:ec:01:66:03:df:93:e1:27:59:67:d1:ac:
0f:25:d8:d9:05:6a:91:05:50:ce:57:4e:d2:39:d1:
c3:31:a6:88:25:8b:36:7b:a0:25:fa:ef:fd:6f:d6:
4d:4b:32:39:94:50:8b:b9:22:0e:59:50:68:90:a3:
b9:a6:f8:0a:db:4b:dc:1f:77:93:59:32:ef:c8:58:
30:9f:55:57:75:17:82:25:eb:dd:81:b3:a2:17:b5:
0d:53:2d:3d:24:b5:27:77:38:e5:66:a6:5e:18:12:
69:32:17:f1:a5:72:dd:6f:01:5b:ad:10:0e:20:e7:
09:53:7d:e8:31:2c:6b:0e:46:a7:7a:36:39:a6:45:
42:32:6c:01:f3:63:0d:45:1e:4f:35:7d:cb:69:31:
ca:20:c1:1b:c2:03:05:fd:ae:7d:3c:e7:cd:bb:3c:
f4:a2:31:55:46:7d:e0:04:6a:7b:cf:c0:49:2c:5d:
f2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:C4:2F:13:4A:5D:3D:61:4C:5D:D7:07:92:B2:87:DB:73:8A:7F:54
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/lsQvE0pdPWFMXdcHkrKH23OKf1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.16.0/20
85.217.252.0/22
91.92.72.0-91.92.103.255
91.207.190.0/23
91.223.66.0/24
91.245.192.0/24
185.163.140.0/22
185.225.84.0/22
185.229.252.0/22
193.37.238.0/24
194.169.223.0/24
194.169.230.0/24
194.169.237.0/24
194.169.242.0/24
195.238.84.0/23
212.70.140.0/23
213.232.88.0/22
IPv6:
2a0b:f800::/32
Signature Algorithm: sha256WithRSAEncryption
08:15:81:3b:17:47:36:04:d9:ce:dd:40:34:c2:e8:70:5a:b9:
c8:af:e1:23:55:22:c4:3b:e4:09:3f:2f:0b:b5:ba:f9:43:44:
87:90:dd:b2:21:93:98:7d:be:9f:25:f8:ac:d0:74:9a:5c:06:
f4:0e:33:ff:27:68:a9:9c:da:b8:a0:9c:36:b5:cc:04:31:4d:
86:7e:88:24:00:59:ba:74:d3:fa:f2:e1:fb:3a:1b:20:2f:29:
2d:6b:2c:de:74:9a:2f:31:31:ff:b5:bc:5f:8d:46:51:11:7d:
43:dd:19:75:49:8c:a3:bc:1f:91:36:8c:ce:1b:73:ab:9b:9b:
ba:e7:5a:b7:4e:39:c2:ff:c9:92:d9:e0:31:39:92:34:02:a6:
a2:f9:96:69:f3:78:17:ec:ad:a7:f7:02:91:1e:44:6b:a3:31:
b2:3d:ad:49:4d:72:1b:72:32:05:9f:77:80:96:11:bd:0b:59:
61:1c:39:84:cb:42:41:b0:4a:ad:b1:44:d5:7e:06:b1:ee:58:
b5:c4:1c:59:d4:24:4d:08:2f:89:a9:70:06:d3:e8:79:ed:b1:
28:1b:a4:3b:49:3b:89:b3:69:e5:c0:b8:7a:a6:b5:64:c0:a7:
07:dd:56:8e:c6:71:f0:09:ca:a4:09:a3:69:cd:59:8e:50:35:
5b:d6:fc:74
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZHbGYcoFmtI/iNXLXYzm5kpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjQwOTEwMDg0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmM0MmYxMzRhNWQzZDYxNGM1ZGQ3MDc5MmIyODdkYjczOGE3ZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnKih7owAY5YuLK6vf4HgLHWQjRa
G/WxQtcwo33B+kEgWz9yxR41HkigHrsUgkYkqH9gPJa49EWFui32EQP3UFFzKFYS
Xe6iCHjS2mnsAWYD35PhJ1ln0awPJdjZBWqRBVDOV07SOdHDMaaIJYs2e6Al+u/9
b9ZNSzI5lFCLuSIOWVBokKO5pvgK20vcH3eTWTLvyFgwn1VXdReCJevdgbOiF7UN
Uy09JLUndzjlZqZeGBJpMhfxpXLdbwFbrRAOIOcJU33oMSxrDkanejY5pkVCMmwB
82MNRR5PNX3LaTHKIMEbwgMF/a59POfNuzz0ojFVRn3gBGp7z8BJLF3yUQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFJbELxNKXT1hTF3XB5Kyh9tzin9UMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvbHNRdkUwcGRQV0ZNWGRjSGtyS0gyM09LZjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQETUwQ
AwQCVdn8MAwDBANbXEgDBANbXGADBAFbz74DBABb30IDBABb9cADBAK5o4wDBAK5
4VQDBAK55fwDBADBJe4DBADCqd8DBADCqeYDBADCqe0DBADCqfIDBAHD7lQDBAHU
RowDBALV6FgwDQQCAAIwBwMFACoL+AAwDQYJKoZIhvcNAQELBQADggEBAAgVgTsX
RzYE2c7dQDTC6HBauciv4SNVIsQ75Ak/Lwu1uvlDRIeQ3bIhk5h9vp8l+KzQdJpc
BvQOM/8naKmc2rignDa1zAQxTYZ+iCQAWbp00/ry4fs6GyAvKS1rLN50mi8xMf+1
vF+NRlERfUPdGXVJjKO8H5E2jM4bc6ubm7rnWrdOOcL/yZLZ4DE5kjQCpqL5lmnz
eBfsraf3ApEeRGujMbI9rUlNchtyMgWfd4CWEb0LWWEcOYTLQkGwSq2xRNV+BrHu
WLXEHFnUJE0IL4mpcAbT6HntsSgbpDtJO4mzaeXAuHqmtWTApwfdVo7GcfAJyqQJ
o2nNWY5QNVvW/HQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:22:39 2024 by rpki-client on console-fra.rpki-client.org