Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/bAtdqWOn7XIMZb40RJnvw-dOPu0.roa
File: bAtdqWOn7XIMZb40RJnvw-dOPu0.roa (raw, json)
Hash identifier: ajLP5I+MW9lN2Pm4hOADp3bTpGVbkghpKs5apJzZVDw=
Subject key identifier: 6C:0B:5D:A9:63:A7:ED:72:0C:65:BE:34:44:99:EF:C3:E7:4E:3E:ED
Certificate issuer: /CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Certificate serial: 0194A67D23D3E046959581E7CB3E6CD4D0D8
Authority key identifier: 84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/bAtdqWOn7XIMZb40RJnvw-dOPu0.roa
Signing time: Mon 27 Jan 2025 06:40:06 +0000
ROA not before: Mon 27 Jan 2025 06:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 46.235.88.0/21 maxlen: 24
62.204.48.0/24 maxlen: 24
77.75.224.0/24 maxlen: 24
79.110.229.0/24 maxlen: 24
88.85.224.0/19 maxlen: 24
146.19.71.0/24 maxlen: 24
176.98.32.0/22 maxlen: 24
176.241.184.0/21 maxlen: 24
178.20.144.0/21 maxlen: 24
185.10.112.0/22 maxlen: 24
185.72.102.0/24 maxlen: 24
185.224.252.0/24 maxlen: 24
185.224.253.0/24 maxlen: 24
185.224.254.0/24 maxlen: 24
185.224.255.0/24 maxlen: 24
193.105.25.0/24 maxlen: 24
193.242.127.0/24 maxlen: 24
194.104.226.0/24 maxlen: 24
212.12.160.0/19 maxlen: 24
212.12.160.0/24 maxlen: 24
212.12.182.0/24 maxlen: 24
212.108.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a6:7d:23:d3:e0:46:95:95:81:e7:cb:3e:6c:d4:d0:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Validity
Not Before: Jan 27 06:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c0b5da963a7ed720c65be344499efc3e74e3eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:35:e1:d4:1a:ef:a2:8a:a2:d6:54:4c:39:ff:
22:bd:33:70:28:af:78:5d:58:77:aa:47:78:a3:8f:
4d:f8:7b:2a:20:61:e1:b4:b7:51:7c:a1:9c:70:97:
3f:da:67:d3:94:10:8e:69:a6:26:c7:a1:84:5e:3d:
a7:aa:f8:c5:99:42:05:3a:a0:4d:2d:eb:fd:e1:32:
ee:e7:17:20:12:67:5e:fb:48:97:11:d3:14:0a:0c:
7e:74:3d:e3:af:52:4b:25:81:48:bb:db:63:9b:30:
68:f7:9b:0f:08:9d:93:cc:d0:a2:c1:dc:11:c9:41:
60:75:5d:26:cd:cd:36:bb:98:c1:44:bc:5b:38:b8:
ce:f9:13:e0:19:8e:d4:9a:77:af:6b:8a:a2:c4:4a:
bf:a7:c1:08:ef:be:48:66:41:9a:78:84:e9:7d:d4:
3f:87:e0:68:b5:28:37:84:f3:77:4c:2b:0e:ca:88:
1a:cb:21:00:c6:35:c6:b2:2c:de:fc:24:a7:e4:2a:
40:a0:00:5a:79:61:fa:b6:64:5c:89:8f:62:63:e0:
c6:fc:14:d1:02:1d:60:30:63:87:40:33:dc:e8:ce:
db:15:e7:ef:dd:05:1a:68:da:8b:f5:f0:ec:9a:73:
b5:c8:56:01:fb:60:80:67:c2:35:81:a9:7c:3b:13:
84:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:0B:5D:A9:63:A7:ED:72:0C:65:BE:34:44:99:EF:C3:E7:4E:3E:ED
X509v3 Authority Key Identifier:
keyid:84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/bAtdqWOn7XIMZb40RJnvw-dOPu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.88.0/21
62.204.48.0/24
77.75.224.0/24
79.110.229.0/24
88.85.224.0/19
146.19.71.0/24
176.98.32.0/22
176.241.184.0/21
178.20.144.0/21
185.10.112.0/22
185.72.102.0/24
185.224.252.0/22
193.105.25.0/24
193.242.127.0/24
194.104.226.0/24
212.12.160.0/19
212.108.85.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:9d:fb:c9:7e:42:f4:0c:c1:e0:24:e2:a1:ed:66:61:1d:72:
42:0c:09:53:6f:47:e0:a6:0b:ef:70:80:95:bf:a0:3f:e3:16:
41:61:44:2c:a9:bc:cf:0a:f3:16:69:60:93:5f:97:40:23:fa:
b1:da:fa:d2:d3:3d:5c:a2:86:be:0f:a2:5f:30:3e:e2:c1:c2:
c7:ed:72:e2:e8:c3:aa:7c:8e:ca:c3:8c:6a:b6:06:81:01:70:
42:f4:76:80:37:76:e4:46:17:a9:ea:99:61:14:be:54:b5:c1:
cf:86:71:c0:c5:26:23:04:7a:8b:3f:17:45:12:0f:52:ec:51:
56:fb:64:f3:5d:3f:cf:96:4a:90:d0:a3:c1:80:b6:f3:8c:49:
e4:dc:ac:56:b9:68:89:6a:a0:08:8b:52:e3:88:d4:b8:17:de:
b3:23:4a:e6:4d:6c:cb:fb:3a:a0:ed:62:b0:aa:30:1d:c8:ab:
aa:15:ef:2a:ba:43:c6:37:67:08:e5:05:7d:ef:37:13:cd:df:
74:be:e7:00:4f:39:ae:59:ce:be:2f:32:28:82:bf:d8:14:42:
6f:10:d2:f2:27:36:fc:94:da:47:85:4e:6c:c8:dc:fa:7e:28:
61:4d:70:5c:a3:b9:e4:de:2d:70:a1:84:9a:71:46:24:6b:c1:
35:b8:14:f1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZSmfSPT4EaVlYHnyz5s1NDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDQ5MmRiOWNiYjBhMGViNmJmNjljMjVjODY5NjFmNDkx
ODNjOWIwHhcNMjUwMTI3MDY0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzBiNWRhOTYzYTdlZDcyMGM2NWJlMzQ0NDk5ZWZjM2U3NGUzZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTXh1Brvooqi1lRMOf8ivTNwKK94
XVh3qkd4o49N+HsqIGHhtLdRfKGccJc/2mfTlBCOaaYmx6GEXj2nqvjFmUIFOqBN
Lev94TLu5xcgEmde+0iXEdMUCgx+dD3jr1JLJYFIu9tjmzBo95sPCJ2TzNCiwdwR
yUFgdV0mzc02u5jBRLxbOLjO+RPgGY7Umneva4qixEq/p8EI775IZkGaeITpfdQ/
h+BotSg3hPN3TCsOyogayyEAxjXGsize/CSn5CpAoABaeWH6tmRciY9iY+DG/BTR
Ah1gMGOHQDPc6M7bFefv3QUaaNqL9fDsmnO1yFYB+2CAZ8I1gal8OxOEVQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFGwLXaljp+1yDGW+NESZ78PnTj7tMB8GA1UdIwQY
MBaAFIREktucuwoOtr9pwlyGlh9JGDybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTct
YTFlMGRiMWExN2RmLzEvYkF0ZHFXT243WElNWmI0MFJKbnZ3LWRPUHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTctYTFlMGRiMWExN2Rm
LzEvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQDLutYAwQA
PswwAwQATUvgAwQAT27lAwQFWFXgAwQAkhNHAwQCsGIgAwQDsPG4AwQDshSQAwQC
uQpwAwQAuUhmAwQCueD8AwQAwWkZAwQAwfJ/AwQAwmjiAwQF1AygAwQA1GxVMA0G
CSqGSIb3DQEBCwUAA4IBAQC2nfvJfkL0DMHgJOKh7WZhHXJCDAlTb0fgpgvvcICV
v6A/4xZBYUQsqbzPCvMWaWCTX5dAI/qx2vrS0z1cooa+D6JfMD7iwcLH7XLi6MOq
fI7Kw4xqtgaBAXBC9HaAN3bkRhep6plhFL5UtcHPhnHAxSYjBHqLPxdFEg9S7FFW
+2TzXT/PlkqQ0KPBgLbzjEnk3KxWuWiJaqAIi1LjiNS4F96zI0rmTWzL+zqg7WKw
qjAdyKuqFe8qukPGN2cI5QV97zcTzd90vucATzmuWc6+LzIogr/YFEJvENLyJzb8
lNpHhU5syNz6fihhTXBco7nk3i1woYSacUYka8E1uBTx
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:24 2025 by rpki-client