Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/8FRqHOV5ow7uDve5zmTwhILq5e0.roa
File: 8FRqHOV5ow7uDve5zmTwhILq5e0.roa (raw, json)
Hash identifier: IRryKNsX+V7s3qCxExpoWMnUj3ncEiaWxlLABF4p5HM=
Subject key identifier: F0:54:6A:1C:E5:79:A3:0E:EE:0E:F7:B9:CE:64:F0:84:82:EA:E5:ED
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018EC343A1F804E12B9C9F72509BF4D81FB3
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/8FRqHOV5ow7uDve5zmTwhILq5e0.roa
Signing time: Tue 09 Apr 2024 14:29:33 +0000
ROA not before: Tue 09 Apr 2024 14:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 2.16.19.0/24 maxlen: 24
2.16.70.0/23 maxlen: 23
2.16.220.0/22 maxlen: 22
2.18.0.0/22 maxlen: 22
2.18.31.0/24 maxlen: 24
2.20.47.0/24 maxlen: 24
2.20.224.0/20 maxlen: 20
2.20.252.0/24 maxlen: 24
2.21.14.0/24 maxlen: 24
2.22.20.0/23 maxlen: 23
2.22.216.0/22 maxlen: 22
2.22.234.0/24 maxlen: 24
2.23.16.0/20 maxlen: 20
88.221.28.0/22 maxlen: 22
88.221.100.0/22 maxlen: 22
92.122.68.0/22 maxlen: 22
92.122.225.0/24 maxlen: 24
92.122.248.0/22 maxlen: 22
92.123.48.0/24 maxlen: 24
92.123.106.0/24 maxlen: 24
92.123.208.0/22 maxlen: 22
95.100.128.0/22 maxlen: 22
95.101.68.0/22 maxlen: 22
95.101.114.0/24 maxlen: 24
95.101.156.0/22 maxlen: 22
2a02:26f0:9700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 09:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c3:43:a1:f8:04:e1:2b:9c:9f:72:50:9b:f4:d8:1f:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Apr 9 14:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0546a1ce579a30eee0ef7b9ce64f08482eae5ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:12:71:11:e1:fd:7c:58:cc:4f:db:7f:30:99:
5c:35:b3:e4:30:9e:e7:77:cd:5e:db:1d:39:b3:45:
99:12:4b:d3:d0:6f:8f:a2:1b:5b:01:e0:78:d8:51:
31:14:3f:b6:cb:72:07:59:b4:a3:73:2f:de:8b:e8:
ca:d9:5f:5f:5e:f8:58:46:2d:93:33:d0:c9:8d:60:
05:eb:66:a6:74:ba:f0:22:a0:bb:6f:a3:1e:c8:e3:
43:74:37:ad:ed:d3:d0:15:fe:f7:0a:34:09:10:19:
42:39:e8:ad:c5:f2:dd:69:24:20:3f:9b:e0:cf:8b:
82:f8:02:7e:6e:d3:8b:cc:e5:30:3c:98:1d:3e:14:
39:cf:9d:d2:17:e3:75:29:6d:88:47:ad:45:9d:62:
c0:0c:1b:8c:ca:ce:79:6d:2d:46:a8:2a:f5:b7:90:
f3:8f:72:8a:b1:d3:e5:38:01:9b:e0:42:a5:88:a4:
f7:10:67:4b:fe:ca:7d:5e:7f:1e:de:36:66:5e:ef:
92:d2:86:94:a5:7a:60:65:68:5b:a3:e9:8b:50:a9:
9a:ac:4b:bd:6d:71:74:fb:3e:57:6e:9f:fa:ac:76:
65:e2:6b:ed:ba:e5:27:1e:66:ff:97:f5:08:aa:c9:
fc:34:bf:5b:aa:32:92:b0:4e:8f:39:c8:63:da:bc:
38:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:54:6A:1C:E5:79:A3:0E:EE:0E:F7:B9:CE:64:F0:84:82:EA:E5:ED
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/8FRqHOV5ow7uDve5zmTwhILq5e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.19.0/24
2.16.70.0/23
2.16.220.0/22
2.18.0.0/22
2.18.31.0/24
2.20.47.0/24
2.20.224.0/20
2.20.252.0/24
2.21.14.0/24
2.22.20.0/23
2.22.216.0/22
2.22.234.0/24
2.23.16.0/20
88.221.28.0/22
88.221.100.0/22
92.122.68.0/22
92.122.225.0/24
92.122.248.0/22
92.123.48.0/24
92.123.106.0/24
92.123.208.0/22
95.100.128.0/22
95.101.68.0/22
95.101.114.0/24
95.101.156.0/22
IPv6:
2a02:26f0:9700::/48
Signature Algorithm: sha256WithRSAEncryption
42:9c:3e:26:c5:d6:4b:19:d4:ec:3c:cf:0d:66:d9:f6:54:bc:
a6:e7:5f:52:e4:87:85:df:17:99:cf:6b:a6:24:7d:85:a0:1d:
6e:9a:25:9f:61:f2:3e:1f:dc:e8:03:4a:0f:78:2e:04:2d:8e:
b8:0e:7b:8c:1c:67:05:b6:28:25:95:7c:39:a0:c1:6e:6d:97:
72:6a:77:9d:2d:46:e0:32:6b:98:b8:73:11:0f:32:ac:9f:df:
6e:1c:17:20:7a:2f:21:09:bf:27:64:02:5c:e1:56:fe:7c:b4:
44:d6:f1:7b:c7:9a:8c:fe:73:a0:b0:32:f5:5d:55:fe:2a:03:
0a:08:0d:f0:52:4a:7d:13:5b:d3:c8:7f:21:1f:f6:a5:95:af:
76:45:4e:69:ef:71:99:d4:96:35:1a:3e:d4:fd:02:00:11:f8:
11:bc:d7:84:96:f8:98:19:d9:9e:1c:71:19:36:d3:42:cf:1e:
b7:11:6d:90:a4:78:75:5e:a2:e1:9a:50:55:be:dd:7b:f4:12:
ae:a4:1b:fe:25:25:57:b8:75:74:52:6d:22:05:02:44:01:58:
2a:fe:c9:36:66:97:93:19:04:4b:af:ca:e2:00:58:a8:13:7e:
d1:1b:67:ab:a7:ee:2a:b8:ca:cb:9f:5c:c5:ad:f7:52:c1:c5:
f8:0b:c1:b6
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAY7DQ6H4BOErnJ9yUJv02B+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwNDA5MTQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDU0NmExY2U1NzlhMzBlZWUwZWY3YjljZTY0ZjA4NDgyZWFlNWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxJxEeH9fFjMT9t/MJlcNbPkMJ7n
d81e2x05s0WZEkvT0G+PohtbAeB42FExFD+2y3IHWbSjcy/ei+jK2V9fXvhYRi2T
M9DJjWAF62amdLrwIqC7b6MeyONDdDet7dPQFf73CjQJEBlCOeitxfLdaSQgP5vg
z4uC+AJ+btOLzOUwPJgdPhQ5z53SF+N1KW2IR61FnWLADBuMys55bS1GqCr1t5Dz
j3KKsdPlOAGb4EKliKT3EGdL/sp9Xn8e3jZmXu+S0oaUpXpgZWhbo+mLUKmarEu9
bXF0+z5Xbp/6rHZl4mvtuuUnHmb/l/UIqsn8NL9bqjKSsE6POchj2rw4CwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFPBUahzleaMO7g73uc5k8ISC6uXtMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvOEZScUhPVjVvdzd1RHZlNXptVHdoSUxxNWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnQQCAAEwgZYDBAAC
EBMDBAECEEYDBAICENwDBAICEgADBAACEh8DBAACFC8DBAQCFOADBAACFPwDBAAC
FQ4DBAECFhQDBAICFtgDBAACFuoDBAQCFxADBAJY3RwDBAJY3WQDBAJcekQDBABc
euEDBAJcevgDBABcezADBABce2oDBAJce9ADBAJfZIADBAJfZUQDBABfZXIDBAJf
ZZwwDwQCAAIwCQMHACoCJvCXADANBgkqhkiG9w0BAQsFAAOCAQEAQpw+JsXWSxnU
7DzPDWbZ9lS8pudfUuSHhd8Xmc9rpiR9haAdbpoln2HyPh/c6ANKD3guBC2OuA57
jBxnBbYoJZV8OaDBbm2Xcmp3nS1G4DJrmLhzEQ8yrJ/fbhwXIHovIQm/J2QCXOFW
/ny0RNbxe8eajP5zoLAy9V1V/ioDCggN8FJKfRNb08h/IR/2pZWvdkVOae9xmdSW
NRo+1P0CABH4EbzXhJb4mBnZnhxxGTbTQs8etxFtkKR4dV6i4ZpQVb7de/QSrqQb
/iUlV7h1dFJtIgUCRAFYKv7JNmaXkxkES6/K4gBYqBN+0Rtnq6fuKrjKy59cxa33
UsHF+AvBtg==
-----END CERTIFICATE-----
Generated at Fri May 24 14:05:28 2024 by rpki-client on console-fra.rpki-client.org