Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5teWIUkBnJRKLq-Vf9EBbRaiKpE.roa
File: 5teWIUkBnJRKLq-Vf9EBbRaiKpE.roa (raw, json)
Hash identifier: JqiNu9Prf0KXIi/2A2YhcUE4LM9PbT8nFFPkwvlOsOs=
Subject key identifier: E6:D7:96:21:49:01:9C:94:4A:2E:AF:95:7F:D1:01:6D:16:A2:2A:91
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018CC2DB56221876264174373FDFC2ACB28D
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5teWIUkBnJRKLq-Vf9EBbRaiKpE.roa
Signing time: Mon 01 Jan 2024 02:30:03 +0000
ROA not before: Mon 01 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21342
IP address blocks: 2.22.243.0/24 maxlen: 24
92.122.123.0/24 maxlen: 24
88.221.162.0/24 maxlen: 24
2.16.40.0/24 maxlen: 24
88.221.163.0/24 maxlen: 24
2.22.230.0/24 maxlen: 24
95.100.168.0/24 maxlen: 24
95.100.174.0/24 maxlen: 24
2.16.123.0/24 maxlen: 24
84.53.139.0/24 maxlen: 24
95.100.175.0/24 maxlen: 24
2.16.122.0/24 maxlen: 24
95.100.173.0/24 maxlen: 24
2.16.126.0/23 maxlen: 24
2.16.130.0/24 maxlen: 24
95.101.76.0/24 maxlen: 24
2.17.46.0/24 maxlen: 24
2.21.230.0/24 maxlen: 24
95.101.36.0/24 maxlen: 24
88.221.81.0/24 maxlen: 24
92.123.94.0/24 maxlen: 24
92.123.95.0/24 maxlen: 24
193.108.88.0/24 maxlen: 24
193.108.91.0/24 maxlen: 24
2a02:26f0:117::/48 maxlen: 48
2a02:26f0:68::/48 maxlen: 48
2a02:26f0:67::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:56:22:18:76:26:41:74:37:3f:df:c2:ac:b2:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Jan 1 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6d7962149019c944a2eaf957fd1016d16a22a91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cd:d4:83:6c:4e:0f:45:0f:3f:74:98:1b:7e:
d0:ee:ab:b0:c6:f9:3a:11:9d:db:43:4e:0f:e8:0a:
e3:ac:9b:ec:79:56:1f:73:3d:91:e1:e3:4d:6c:7a:
b8:50:e0:10:30:05:35:84:17:bd:2c:c0:49:d9:15:
0e:e5:45:e2:08:37:2a:23:8d:b5:f0:82:10:72:61:
ff:22:21:60:37:ed:b2:63:86:ac:d3:2e:ce:3a:38:
b1:40:90:1e:28:69:4d:46:5a:61:ca:95:65:69:69:
57:c0:cb:d9:f3:93:41:68:e6:72:c0:c1:eb:bc:65:
53:01:49:bd:93:4b:7f:8e:d7:33:bd:b5:90:b9:5d:
b8:e2:ee:63:ae:42:4e:fb:5e:d4:97:3f:15:57:c2:
41:1c:8f:5e:d4:62:fd:d3:2a:f1:c6:bf:04:b5:b9:
bf:af:93:31:4e:2c:e1:fe:60:8b:b5:5c:81:0e:62:
50:dd:43:49:4a:96:f2:fe:3f:3d:4b:40:b1:f0:b4:
6f:fd:0a:4b:36:b9:44:39:fe:bb:f4:b7:0e:36:53:
4f:c7:7a:9c:52:5f:c4:ce:c7:b0:89:b0:f6:d6:f2:
8e:5b:c8:af:30:84:3c:5d:86:70:8b:cf:fc:7c:e4:
7d:17:71:fd:3a:31:06:47:a6:32:fe:a1:ae:1d:f1:
ea:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D7:96:21:49:01:9C:94:4A:2E:AF:95:7F:D1:01:6D:16:A2:2A:91
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/5teWIUkBnJRKLq-Vf9EBbRaiKpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.40.0/24
2.16.122.0/23
2.16.126.0/23
2.16.130.0/24
2.17.46.0/24
2.21.230.0/24
2.22.230.0/24
2.22.243.0/24
84.53.139.0/24
88.221.81.0/24
88.221.162.0/23
92.122.123.0/24
92.123.94.0/23
95.100.168.0/24
95.100.173.0-95.100.175.255
95.101.36.0/24
95.101.76.0/24
193.108.88.0/24
193.108.91.0/24
IPv6:
2a02:26f0:67::-2a02:26f0:68:ffff:ffff:ffff:ffff:ffff
2a02:26f0:117::/48
Signature Algorithm: sha256WithRSAEncryption
72:60:09:76:0a:7b:09:aa:73:ac:7e:7a:d9:55:d8:67:e7:8d:
53:f1:fa:c2:c8:13:8c:78:0c:a0:f6:d6:6b:f6:fd:8b:77:6a:
fb:22:4f:2d:a3:c3:95:aa:b8:fe:b5:38:da:f9:18:c5:3e:59:
7c:d1:8f:38:8c:3e:af:fd:87:76:f7:f9:d3:7a:6d:c3:69:e4:
05:d8:b2:67:0b:ab:35:fc:5e:e7:0b:1e:7c:67:18:ad:d2:f9:
20:13:4b:32:cd:f9:47:36:5d:2a:02:e3:b3:c8:03:99:02:fb:
13:12:b3:db:ca:e8:b7:ea:20:32:fc:91:a7:20:f5:99:a0:61:
80:95:74:bb:1f:49:f1:66:43:1b:e2:fb:70:10:78:b1:d4:61:
6c:13:da:5e:57:46:2c:f4:b8:9d:07:e5:81:c6:5a:0e:bc:40:
43:ce:ab:f5:e9:c1:66:c0:6e:e6:5e:3c:48:72:bf:f9:2f:65:
f5:ea:b9:32:41:b1:17:c2:25:82:2a:80:e4:73:72:04:7b:85:
8b:c7:8c:54:e0:b5:86:cc:2b:9c:b7:60:d3:6f:09:f6:ca:5f:
b5:58:02:2a:65:af:3d:23:34:7a:08:29:0a:1d:49:fc:9a:0d:
40:f9:69:42:e3:08:46:8d:ae:2a:2d:91:65:0d:a4:33:d1:af:
ee:0f:00:ef
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzC21YiGHYmQXQ3P9/CrLKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMTAxMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ3OTYyMTQ5MDE5Yzk0NGEyZWFmOTU3ZmQxMDE2ZDE2YTIyYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc3Ug2xOD0UPP3SYG37Q7quwxvk6
EZ3bQ04P6ArjrJvseVYfcz2R4eNNbHq4UOAQMAU1hBe9LMBJ2RUO5UXiCDcqI421
8IIQcmH/IiFgN+2yY4as0y7OOjixQJAeKGlNRlphypVlaWlXwMvZ85NBaOZywMHr
vGVTAUm9k0t/jtczvbWQuV244u5jrkJO+17Ulz8VV8JBHI9e1GL90yrxxr8Etbm/
r5MxTizh/mCLtVyBDmJQ3UNJSpby/j89S0Cx8LRv/QpLNrlEOf679LcONlNPx3qc
Ul/EzsewibD21vKOW8ivMIQ8XYZwi8/8fOR9F3H9OjEGR6Yy/qGuHfHqEwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFObXliFJAZyUSi6vlX/RAW0WoiqRMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvNXRlV0lVa0JuSlJLTHEtVmY5RUJiUmFpS3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBgAQCAAEwegMEAAIQ
KAMEAQIQegMEAQIQfgMEAAIQggMEAAIRLgMEAAIV5gMEAAIW5gMEAAIW8wMEAFQ1
iwMEAFjdUQMEAVjdogMEAFx6ewMEAVx7XgMEAF9kqDAMAwQAX2StAwQEX2SgAwQA
X2UkAwQAX2VMAwQAwWxYAwQAwWxbMCMEAgACMB0wEgMHACoCJvAAZwMHACoCJvAA
aAMHACoCJvABFzANBgkqhkiG9w0BAQsFAAOCAQEAcmAJdgp7CapzrH562VXYZ+eN
U/H6wsgTjHgMoPbWa/b9i3dq+yJPLaPDlaq4/rU42vkYxT5ZfNGPOIw+r/2Hdvf5
03ptw2nkBdiyZwurNfxe5wsefGcYrdL5IBNLMs35RzZdKgLjs8gDmQL7ExKz28ro
t+ogMvyRpyD1maBhgJV0ux9J8WZDG+L7cBB4sdRhbBPaXldGLPS4nQflgcZaDrxA
Q86r9enBZsBu5l48SHK/+S9l9eq5MkGxF8IlgiqA5HNyBHuFi8eMVOC1hswrnLdg
028J9spftVgCKmWvPSM0eggpCh1J/JoNQPlpQuMIRo2uKi2RZQ2kM9Gv7g8A7w==
-----END CERTIFICATE-----
Generated at Sun May 19 15:06:14 2024 by rpki-client on console-ams.rpki-client.org