Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/IP64BImz8HSna34QSSkftzRRIEU.roa
File: IP64BImz8HSna34QSSkftzRRIEU.roa (raw, json)
Hash identifier: 4MTpzYaaVCzFAliY6JijpwIvhZmFrViz1S3IaU0zhSE=
Subject key identifier: 20:FE:B8:04:89:B3:F0:74:A7:6B:7E:10:49:29:1F:B7:34:51:20:45
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018DD0A93BE554B4071D9892206485B64879
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/IP64BImz8HSna34QSSkftzRRIEU.roa
Signing time: Thu 22 Feb 2024 11:52:48 +0000
ROA not before: Thu 22 Feb 2024 11:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32787
IP address blocks: 2.17.108.0/22 maxlen: 22
2.17.192.0/22 maxlen: 22
2.17.192.0/24 maxlen: 24
2.17.193.0/24 maxlen: 24
2.17.194.0/24 maxlen: 24
2.17.195.0/24 maxlen: 24
2.18.212.0/22 maxlen: 22
2.19.4.0/22 maxlen: 22
2.21.112.0/24 maxlen: 24
2.21.113.0/24 maxlen: 24
2.21.114.0/24 maxlen: 24
2.21.115.0/24 maxlen: 24
2.21.116.0/24 maxlen: 24
2.21.117.0/24 maxlen: 24
2.21.118.0/24 maxlen: 24
2.21.119.0/24 maxlen: 24
2.21.120.0/24 maxlen: 24
2.21.121.0/24 maxlen: 24
2.21.122.0/24 maxlen: 24
2.21.123.0/24 maxlen: 24
2.21.124.0/24 maxlen: 24
2.21.125.0/24 maxlen: 24
2.21.126.0/24 maxlen: 24
2.21.127.0/24 maxlen: 24
2.21.175.0/24 maxlen: 24
2.23.128.0/23 maxlen: 23
2.23.130.0/23 maxlen: 23
2.23.132.0/23 maxlen: 23
92.122.184.0/24 maxlen: 24
92.122.185.0/24 maxlen: 24
92.122.207.0/24 maxlen: 24
93.191.168.0/24 maxlen: 24
93.191.169.0/24 maxlen: 24
93.191.170.0/24 maxlen: 24
93.191.172.0/24 maxlen: 24
95.100.157.0/24 maxlen: 24
95.100.180.0/24 maxlen: 24
95.100.212.0/24 maxlen: 24
95.100.213.0/24 maxlen: 24
95.100.214.0/24 maxlen: 24
95.100.215.0/24 maxlen: 24
95.100.253.0/24 maxlen: 24
95.101.117.0/24 maxlen: 24
95.101.118.0/24 maxlen: 24
95.101.204.0/22 maxlen: 22
2a02:2370:1::/48 maxlen: 48
2a02:2370:2::/48 maxlen: 48
2a02:2370:3::/48 maxlen: 48
2a02:2370:4::/48 maxlen: 48
2a02:2370:5::/48 maxlen: 48
2a02:2370:6::/48 maxlen: 48
2a02:2370:101::/48 maxlen: 48
2a02:2370:102::/48 maxlen: 48
2a02:2370:103::/48 maxlen: 48
2a02:2370:104::/48 maxlen: 48
2a02:2370:105::/48 maxlen: 48
2a02:2370:106::/48 maxlen: 48
2a02:2370:200::/48 maxlen: 48
2a02:2370:201::/48 maxlen: 48
2a02:2370:202::/48 maxlen: 48
2a02:2370:203::/48 maxlen: 48
2a02:2370:204::/48 maxlen: 48
2a02:2370:205::/48 maxlen: 48
2a02:2370:206::/48 maxlen: 48
2a02:2370:207::/48 maxlen: 48
2a02:2370:208::/48 maxlen: 48
2a02:2370:209::/48 maxlen: 48
2a02:2370:20a::/48 maxlen: 48
2a02:2370:20b::/48 maxlen: 48
2a02:2370:20c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d0:a9:3b:e5:54:b4:07:1d:98:92:20:64:85:b6:48:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Feb 22 11:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20feb80489b3f074a76b7e1049291fb734512045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d5:74:48:4a:ef:aa:ed:74:02:69:5c:26:b2:
e3:4f:95:82:f5:6c:b1:07:e2:3b:85:08:ab:14:47:
58:f4:68:f9:46:8a:a3:7e:01:b5:73:09:08:83:9d:
f2:17:d8:bc:9e:ff:d5:65:aa:d4:44:08:07:12:62:
b8:0d:b7:44:b4:8b:d5:b9:a9:f1:6f:49:dd:b9:c3:
e6:3c:be:80:05:2b:59:d1:a0:77:f9:70:50:b0:a8:
b2:fb:09:17:5d:52:fd:0a:3c:06:55:27:a0:86:91:
f3:b5:6a:32:30:b4:fa:57:a2:c1:b8:64:a8:a0:73:
e3:34:39:e5:d9:66:11:2f:c3:e7:71:8f:f8:15:c6:
bf:4c:5f:18:28:8e:fd:a1:63:51:42:8c:ce:92:2d:
63:b5:d2:d8:7f:f2:a5:ed:9c:d3:cf:0a:c4:4e:40:
15:29:f4:96:89:e5:1e:47:e2:63:5c:0c:1f:f9:66:
f2:b6:e2:8c:fd:70:33:f3:27:5c:d1:59:3d:b2:f5:
c4:0c:62:c4:e4:47:ec:a3:1f:83:70:25:0a:78:df:
6c:33:4e:82:e6:3a:83:b4:fd:19:10:ba:6d:a2:9f:
fc:d6:14:25:3b:89:4c:81:92:a7:0c:98:92:cd:d3:
f0:eb:20:4e:22:ea:d8:24:da:6a:51:d5:7c:96:90:
f6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FE:B8:04:89:B3:F0:74:A7:6B:7E:10:49:29:1F:B7:34:51:20:45
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/IP64BImz8HSna34QSSkftzRRIEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.17.108.0/22
2.17.192.0/22
2.18.212.0/22
2.19.4.0/22
2.21.112.0/20
2.21.175.0/24
2.23.128.0-2.23.133.255
92.122.184.0/23
92.122.207.0/24
93.191.168.0-93.191.170.255
93.191.172.0/24
95.100.157.0/24
95.100.180.0/24
95.100.212.0/22
95.100.253.0/24
95.101.117.0-95.101.118.255
95.101.204.0/22
IPv6:
2a02:2370:1::-2a02:2370:6:ffff:ffff:ffff:ffff:ffff
2a02:2370:101::-2a02:2370:106:ffff:ffff:ffff:ffff:ffff
2a02:2370:200::-2a02:2370:20c:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
47:a8:f3:82:3f:75:fc:51:e2:88:5a:7f:00:d5:74:6b:3f:b5:
ca:43:f1:e9:64:20:59:49:bf:d6:6d:27:60:aa:ac:c8:79:9f:
15:86:c4:aa:e3:56:28:2d:7f:25:be:4d:e3:bc:ce:6f:89:6e:
52:40:b3:2e:fa:97:56:40:b8:69:9f:1a:79:be:db:ab:63:70:
c5:31:54:bc:25:11:24:7c:d7:6c:4a:9f:d2:4f:19:c6:8e:6d:
c7:fb:c2:49:5b:b1:4d:92:04:1a:ad:ee:e8:16:8b:eb:cf:f6:
da:9c:87:06:f7:b8:08:b7:72:60:85:0d:6d:b0:cf:aa:6d:b1:
11:cf:05:46:a6:87:8f:fe:32:02:e7:d4:92:96:41:6d:6f:76:
34:e6:43:bf:54:38:ae:60:da:0a:54:02:99:3a:36:19:06:b7:
e9:b0:4d:b1:3a:c0:5c:b2:b2:b7:3f:52:83:f2:ff:09:9d:e9:
e5:b6:ed:e1:44:a8:9f:5b:98:aa:4b:93:17:30:c2:38:92:9a:
ec:db:c2:58:cf:e0:fe:f6:2d:99:3e:e3:28:34:27:41:53:9e:
3e:09:29:62:83:24:28:46:17:21:01:2c:b8:12:cb:60:99:8b:
12:49:7c:7f:1a:f9:28:41:ff:95:5f:a1:5b:c5:1e:f2:7b:88:
34:4b:8b:ce
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAY3QqTvlVLQHHZiSIGSFtkh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMjIyMTE1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGZlYjgwNDg5YjNmMDc0YTc2YjdlMTA0OTI5MWZiNzM0NTEyMDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdV0SErvqu10AmlcJrLjT5WC9Wyx
B+I7hQirFEdY9Gj5RoqjfgG1cwkIg53yF9i8nv/VZarURAgHEmK4DbdEtIvVuanx
b0nducPmPL6ABStZ0aB3+XBQsKiy+wkXXVL9CjwGVSeghpHztWoyMLT6V6LBuGSo
oHPjNDnl2WYRL8PncY/4Fca/TF8YKI79oWNRQozOki1jtdLYf/Kl7ZzTzwrETkAV
KfSWieUeR+JjXAwf+WbytuKM/XAz8ydc0Vk9svXEDGLE5Efsox+DcCUKeN9sM06C
5jqDtP0ZELptop/81hQlO4lMgZKnDJiSzdPw6yBOIurYJNpqUdV8lpD2UwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFCD+uASJs/B0p2t+EEkpH7c0USBFMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvSVA2NEJJbXo4SFNuYTM0UVNTa2Z0elJSSUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBhAQCAAEwfgMEAgIR
bAMEAgIRwAMEAgIS1AMEAgITBAMEBAIVcAMEAAIVrzAMAwQHAheAAwQBAheEAwQB
XHq4AwQAXHrPMAwDBANdv6gDBABdv6oDBABdv6wDBABfZJ0DBABfZLQDBAJfZNQD
BABfZP0wDAMEAF9ldQMEAF9ldgMEAl9lzDBBBAIAAjA7MBIDBwAqAiNwAAEDBwAq
AiNwAAYwEgMHACoCI3ABAQMHACoCI3ABBjARAwYBKgIjcAIDBwAqAiNwAgwwDQYJ
KoZIhvcNAQELBQADggEBAEeo84I/dfxR4ohafwDVdGs/tcpD8elkIFlJv9ZtJ2Cq
rMh5nxWGxKrjVigtfyW+TeO8zm+JblJAsy76l1ZAuGmfGnm+26tjcMUxVLwlESR8
12xKn9JPGcaObcf7wklbsU2SBBqt7ugWi+vP9tqchwb3uAi3cmCFDW2wz6ptsRHP
BUamh4/+MgLn1JKWQW1vdjTmQ79UOK5g2gpUApk6NhkGt+mwTbE6wFyysrc/UoPy
/wmd6eW27eFEqJ9bmKpLkxcwwjiSmuzbwljP4P72LZk+4yg0J0FTnj4JKWKDJChG
FyEBLLgSy2CZixJJfH8a+ShB/5VfoVvFHvJ7iDRLi84=
-----END CERTIFICATE-----
Generated at Sun May 19 03:39:11 2024 by rpki-client on console-ams.rpki-client.org