Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/vIZn6nt7WBsp7lqqtK1Za-tEq5A.roa
File: vIZn6nt7WBsp7lqqtK1Za-tEq5A.roa (raw, json)
Hash identifier: mndDcwv8TUXjM9G9i0ER3Jb0E5s9IbteCMKLVYVn9eM=
Subject key identifier: BC:86:67:EA:7B:7B:58:1B:29:EE:5A:AA:B4:AD:59:6B:EB:44:AB:90
Certificate issuer: /CN=330fe971b3e36b16a92be85f59985be45968b864
Certificate serial: 018CC9BC10B88C46F78F7BBA05E8879C814F
Authority key identifier: 33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/vIZn6nt7WBsp7lqqtK1Za-tEq5A.roa
Signing time: Tue 02 Jan 2024 10:33:14 +0000
ROA not before: Tue 02 Jan 2024 10:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 185.170.92.0/22 maxlen: 22
159.255.216.0/21 maxlen: 21
94.103.16.0/20 maxlen: 20
185.68.183.0/24 maxlen: 24
185.68.180.0/23 maxlen: 24
5.175.80.0/21 maxlen: 21
2a03:6981::/32 maxlen: 32
2a03:6983::/32 maxlen: 32
2a03:6982::/32 maxlen: 32
2a03:6980::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:10:b8:8c:46:f7:8f:7b:ba:05:e8:87:9c:81:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=330fe971b3e36b16a92be85f59985be45968b864
Validity
Not Before: Jan 2 10:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc8667ea7b7b581b29ee5aaab4ad596beb44ab90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c6:5f:cf:d9:57:cb:46:6e:a0:c1:45:ab:2c:
0f:eb:a7:d4:15:70:26:f8:81:c2:e0:6e:a2:de:11:
fa:d6:b3:ab:25:87:9c:32:aa:d1:dd:2f:41:d2:98:
e5:b0:0e:94:a9:8f:ef:51:9c:14:65:16:e5:16:da:
6c:e0:d2:d2:b3:d5:55:af:3b:9e:f4:9d:6d:1d:f2:
41:71:db:79:31:ea:d1:9b:3e:5e:96:f0:11:49:f5:
f4:18:f3:bd:39:e8:16:d4:4f:b2:fc:d9:8e:14:2a:
9e:5a:97:cc:1b:2a:9d:61:c1:8d:dc:96:4d:7f:42:
4e:6c:6b:ed:66:ee:e0:4a:ac:fe:02:59:c0:b0:da:
81:24:5e:10:d8:df:f8:27:e5:3c:bc:df:83:42:1c:
39:15:94:2d:ed:2b:41:fe:6b:f7:16:7f:c5:24:60:
c8:67:c9:35:a6:87:22:34:e9:e1:dc:c3:53:7a:21:
87:a2:14:f4:66:05:f4:cc:2e:3e:d3:8f:20:04:6f:
d6:8b:62:90:aa:77:8f:0c:90:2d:a0:db:33:05:bf:
3b:cd:9d:12:44:a2:8c:8c:f9:28:1b:e5:8f:05:f4:
c5:10:3c:16:3d:fb:cb:d6:db:7f:5c:09:13:c3:cc:
41:f7:a7:13:57:8f:4c:9c:d5:3b:e6:1d:22:a4:92:
a3:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:86:67:EA:7B:7B:58:1B:29:EE:5A:AA:B4:AD:59:6B:EB:44:AB:90
X509v3 Authority Key Identifier:
keyid:33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/vIZn6nt7WBsp7lqqtK1Za-tEq5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.80.0/21
94.103.16.0/20
159.255.216.0/21
185.68.180.0/23
185.68.183.0/24
185.170.92.0/22
IPv6:
2a03:6980::/30
Signature Algorithm: sha256WithRSAEncryption
87:fc:4b:d0:e5:54:24:8b:0a:e9:69:81:e6:3a:23:94:ff:01:
78:20:7f:05:a9:98:45:4d:b3:cf:fe:2f:a1:a4:31:8e:72:50:
fa:b2:80:20:62:6b:7d:ea:34:c2:c7:78:ac:ec:2e:48:25:7b:
df:a0:ed:91:b2:63:ca:e3:e0:87:ee:18:b0:47:1e:7d:d7:69:
8b:f0:b9:2e:ae:dd:c6:ef:78:28:7f:33:51:55:90:c5:3e:7f:
8f:fd:82:44:d2:94:79:f0:5c:ee:46:ee:69:ac:22:08:c6:53:
41:f8:31:f7:9f:69:33:0d:b6:d0:ed:13:1e:ff:81:3d:f9:e0:
17:c1:fa:ce:af:86:72:7d:96:a4:61:40:56:e1:c5:ca:cf:ad:
0b:38:ea:3c:dd:85:37:4d:41:1c:7f:b4:65:73:76:08:46:74:
b1:b5:b2:b1:41:ad:a7:b8:6b:31:2e:e0:82:2b:a3:f9:a4:d0:
75:04:43:f2:d2:86:75:10:a5:e2:db:0c:94:36:bb:6e:b7:8a:
2e:4c:a3:4b:7f:d3:82:67:10:2a:d7:7d:15:f3:56:eb:58:3e:
31:60:fe:cb:b5:31:cf:24:98:4f:54:78:50:a1:45:4d:b8:a5:
74:80:ed:68:07:80:94:2b:8c:06:3a:ff:43:6a:6f:2a:b1:30:
f7:63:03:87
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzJvBC4jEb3j3u6BeiHnIFPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMGZlOTcxYjNlMzZiMTZhOTJiZTg1ZjU5OTg1YmU0NTk2
OGI4NjQwHhcNMjQwMTAyMTAzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzg2NjdlYTdiN2I1ODFiMjllZTVhYWFiNGFkNTk2YmViNDRhYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsZfz9lXy0ZuoMFFqywP66fUFXAm
+IHC4G6i3hH61rOrJYecMqrR3S9B0pjlsA6UqY/vUZwUZRblFtps4NLSs9VVrzue
9J1tHfJBcdt5MerRmz5elvARSfX0GPO9OegW1E+y/NmOFCqeWpfMGyqdYcGN3JZN
f0JObGvtZu7gSqz+AlnAsNqBJF4Q2N/4J+U8vN+DQhw5FZQt7StB/mv3Fn/FJGDI
Z8k1pociNOnh3MNTeiGHohT0ZgX0zC4+048gBG/Wi2KQqnePDJAtoNszBb87zZ0S
RKKMjPkoG+WPBfTFEDwWPfvL1tt/XAkTw8xB96cTV49MnNU75h0ipJKjUwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLyGZ+p7e1gbKe5aqrStWWvrRKuQMB8GA1UdIwQY
MBaAFDMP6XGz42sWqSvoX1mYW+RZaLhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWIt
MTFlOWU5ZjAxMzQzLzEvdklabjZudDdXQnNwN2xxcXRLMVphLXRFcTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWItMTFlOWU5ZjAxMzQz
LzEvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBa9QAwQE
XmcQAwQDn//YAwQBuUS0AwQAuUS3AwQCuapcMA0EAgACMAcDBQIqA2mAMA0GCSqG
SIb3DQEBCwUAA4IBAQCH/EvQ5VQkiwrpaYHmOiOU/wF4IH8FqZhFTbPP/i+hpDGO
clD6soAgYmt96jTCx3is7C5IJXvfoO2RsmPK4+CH7hiwRx5912mL8Lkurt3G73go
fzNRVZDFPn+P/YJE0pR58FzuRu5prCIIxlNB+DH3n2kzDbbQ7RMe/4E9+eAXwfrO
r4ZyfZakYUBW4cXKz60LOOo83YU3TUEcf7Rlc3YIRnSxtbKxQa2nuGsxLuCCK6P5
pNB1BEPy0oZ1EKXi2wyUNrtut4ouTKNLf9OCZxAq130V81brWD4xYP7LtTHPJJhP
VHhQoUVNuKV0gO1oB4CUK4wGOv9Dam8qsTD3YwOH
-----END CERTIFICATE-----
Generated at Sun May 5 04:38:42 2024 by rpki-client on console-fra.rpki-client.org