Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/lDWDctMf-HX8_EU1K8tdtq-RJAQ.roa
File: lDWDctMf-HX8_EU1K8tdtq-RJAQ.roa (raw, json)
Hash identifier: L1dKZomNL5I4OtIoSgBYZe9DAVPVnLZYQ6GxyUsl2dA=
Subject key identifier: 94:35:83:72:D3:1F:F8:75:FC:FC:45:35:2B:CB:5D:B6:AF:91:24:04
Certificate issuer: /CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Certificate serial: 018F8FC2E13FB9517CDDF8B2F4BD43F38E92
Authority key identifier: 84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/lDWDctMf-HX8_EU1K8tdtq-RJAQ.roa
Signing time: Sun 19 May 2024 07:31:04 +0000
ROA not before: Sun 19 May 2024 07:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29684
IP address blocks: 46.235.88.0/21 maxlen: 24
62.204.48.0/24 maxlen: 24
77.75.224.0/24 maxlen: 24
79.110.229.0/24 maxlen: 24
88.85.224.0/19 maxlen: 24
146.19.71.0/24 maxlen: 24
176.97.216.0/24 maxlen: 24
176.98.32.0/22 maxlen: 22
176.98.32.0/24 maxlen: 24
176.98.33.0/24 maxlen: 24
176.98.34.0/23 maxlen: 23
176.98.34.0/24 maxlen: 24
176.98.35.0/24 maxlen: 24
176.241.184.0/21 maxlen: 24
178.20.144.0/21 maxlen: 24
185.10.112.0/22 maxlen: 24
193.105.25.0/24 maxlen: 24
193.242.127.0/24 maxlen: 24
194.104.226.0/24 maxlen: 24
212.12.160.0/19 maxlen: 24
212.12.160.0/20 maxlen: 20
212.12.160.0/23 maxlen: 23
212.12.160.0/24 maxlen: 24
212.12.162.0/23 maxlen: 23
212.12.163.0/24 maxlen: 24
212.12.164.0/23 maxlen: 23
212.12.164.0/24 maxlen: 24
212.12.166.0/23 maxlen: 23
212.12.166.0/24 maxlen: 24
212.12.167.0/24 maxlen: 24
212.12.168.0/23 maxlen: 23
212.12.168.0/24 maxlen: 24
212.12.169.0/24 maxlen: 24
212.12.170.0/23 maxlen: 23
212.12.170.0/24 maxlen: 24
212.12.171.0/24 maxlen: 24
212.12.172.0/23 maxlen: 23
212.12.183.0/24 maxlen: 24
2a00:1560::/32 maxlen: 32
2a00:1560:4::/47 maxlen: 47
2a00:1560:5::/48 maxlen: 48
2a00:1560:c::/48 maxlen: 48
2a00:1560:10::/48 maxlen: 48
2a00:1560:16::/48 maxlen: 48
2a00:1560:17::/48 maxlen: 48
2a00:1560:18::/48 maxlen: 48
2a00:1560:60::/48 maxlen: 48
2a00:1560:1111::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8f:c2:e1:3f:b9:51:7c:dd:f8:b2:f4:bd:43:f3:8e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844492db9cbb0a0eb6bf69c25c86961f49183c9b
Validity
Not Before: May 19 07:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94358372d31ff875fcfc45352bcb5db6af912404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ec:aa:9a:21:6c:ce:f9:72:11:8b:49:fb:67:
4c:4e:e0:50:db:4c:04:b6:c4:cb:3a:6a:55:3d:4c:
c3:2f:0b:78:62:26:3e:18:e1:0f:3c:b9:3a:2b:2f:
05:c3:be:b6:3b:3b:c8:0e:d0:9d:84:69:6e:ea:8e:
a1:ec:e3:c6:95:ba:09:f8:76:1a:13:a2:07:29:d4:
22:f3:0c:98:71:ac:32:71:32:43:15:50:a9:2b:7e:
4d:d2:93:8f:d0:c5:97:7a:a4:cf:7a:e4:15:4e:e2:
ad:14:1f:81:af:82:a9:61:35:20:59:7f:ba:86:19:
68:d1:49:c0:a6:a4:f1:34:c0:bd:76:2c:38:6a:79:
48:87:48:8f:18:c7:7a:55:6a:23:bc:1f:44:16:f5:
a9:a3:d5:9a:eb:76:d0:2f:a6:e8:0f:bb:f9:77:35:
47:f6:05:d8:e8:50:c3:a3:ae:b0:85:02:73:0e:fc:
09:2a:56:68:e4:c7:61:c8:eb:08:e0:c0:f8:c1:57:
b0:06:d5:ee:58:be:45:c9:19:df:02:69:81:c8:87:
45:34:e6:5c:69:8a:cb:41:95:01:f9:04:26:7f:6e:
95:2d:78:9e:d2:b4:a1:fd:71:42:05:84:ac:92:d4:
2e:e9:a9:b4:54:f0:12:3a:5c:32:a3:1a:ff:88:b5:
63:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:35:83:72:D3:1F:F8:75:FC:FC:45:35:2B:CB:5D:B6:AF:91:24:04
X509v3 Authority Key Identifier:
keyid:84:44:92:DB:9C:BB:0A:0E:B6:BF:69:C2:5C:86:96:1F:49:18:3C:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hESS25y7Cg62v2nCXIaWH0kYPJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/lDWDctMf-HX8_EU1K8tdtq-RJAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/33a888-4cf3-4a8c-9297-a1e0db1a17df/1/hESS25y7Cg62v2nCXIaWH0kYPJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.88.0/21
62.204.48.0/24
77.75.224.0/24
79.110.229.0/24
88.85.224.0/19
146.19.71.0/24
176.97.216.0/24
176.98.32.0/22
176.241.184.0/21
178.20.144.0/21
185.10.112.0/22
193.105.25.0/24
193.242.127.0/24
194.104.226.0/24
212.12.160.0/19
IPv6:
2a00:1560::/32
Signature Algorithm: sha256WithRSAEncryption
67:87:93:54:86:65:5a:9b:f8:e5:f6:76:9c:e0:fd:5d:b0:ab:
1d:d7:6b:1f:15:8e:74:d8:88:4f:4c:fb:5d:73:66:1a:cc:56:
74:14:99:2f:90:66:fa:f4:8f:e1:06:4f:cb:02:61:21:cf:46:
d8:10:46:41:50:53:73:3b:4d:29:22:09:8b:dd:f6:61:b9:b5:
1a:0d:05:ba:16:42:e8:89:a2:c1:82:44:54:ec:41:90:2a:b5:
7e:9d:68:92:8f:2b:d1:10:11:1a:34:35:45:f0:93:9e:23:82:
9d:f9:0c:31:cd:de:3b:7f:04:19:c0:4a:eb:0d:9f:02:e4:24:
f3:ea:1c:3d:80:47:93:c7:99:3d:ce:07:13:27:a0:a8:29:81:
a6:5a:60:89:2c:e2:9a:79:f0:37:a9:d9:aa:91:72:61:06:e2:
a9:31:08:af:f9:16:16:99:76:93:c2:37:08:ed:32:67:dd:16:
3a:72:ea:aa:91:37:e5:a6:f9:ed:74:03:6d:cc:1e:b6:db:6e:
fc:cd:3c:a4:3b:5f:73:24:0b:70:55:bc:70:3f:95:ca:00:3b:
f8:62:53:0a:5a:6b:e5:61:ef:6b:8e:44:72:5e:63:e7:08:b0:
a5:cb:c7:fb:c9:f6:d3:0c:cc:6e:43:63:2d:48:61:38:46:35:
2b:08:96:fa
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAY+PwuE/uVF83fiy9L1D846SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDQ5MmRiOWNiYjBhMGViNmJmNjljMjVjODY5NjFmNDkx
ODNjOWIwHhcNMjQwNTE5MDczMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDM1ODM3MmQzMWZmODc1ZmNmYzQ1MzUyYmNiNWRiNmFmOTEyNDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+yqmiFszvlyEYtJ+2dMTuBQ20wE
tsTLOmpVPUzDLwt4YiY+GOEPPLk6Ky8Fw762OzvIDtCdhGlu6o6h7OPGlboJ+HYa
E6IHKdQi8wyYcawycTJDFVCpK35N0pOP0MWXeqTPeuQVTuKtFB+Br4KpYTUgWX+6
hhlo0UnApqTxNMC9diw4anlIh0iPGMd6VWojvB9EFvWpo9Wa63bQL6boD7v5dzVH
9gXY6FDDo66whQJzDvwJKlZo5MdhyOsI4MD4wVewBtXuWL5FyRnfAmmByIdFNOZc
aYrLQZUB+QQmf26VLXie0rSh/XFCBYSsktQu6am0VPASOlwyoxr/iLVjawIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFJQ1g3LTH/h1/PxFNSvLXbavkSQEMB8GA1UdIwQY
MBaAFIREktucuwoOtr9pwlyGlh9JGDybMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTct
YTFlMGRiMWExN2RmLzEvbERXRGN0TWYtSFg4X0VVMUs4dGR0cS1SSkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8zM2E4ODgtNGNmMy00YThjLTkyOTctYTFlMGRiMWExN2Rm
LzEvaEVTUzI1eTdDZzYydjJuQ1hJYVdIMGtZUEpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAy7rWAME
AD7MMAMEAE1L4AMEAE9u5QMEBVhV4AMEAJITRwMEALBh2AMEArBiIAMEA7DxuAME
A7IUkAMEArkKcAMEAMFpGQMEAMHyfwMEAMJo4gMEBdQMoDANBAIAAjAHAwUAKgAV
YDANBgkqhkiG9w0BAQsFAAOCAQEAZ4eTVIZlWpv45fZ2nOD9XbCrHddrHxWOdNiI
T0z7XXNmGsxWdBSZL5Bm+vSP4QZPywJhIc9G2BBGQVBTcztNKSIJi932Ybm1Gg0F
uhZC6ImiwYJEVOxBkCq1fp1oko8r0RARGjQ1RfCTniOCnfkMMc3eO38EGcBK6w2f
AuQk8+ocPYBHk8eZPc4HEyegqCmBplpgiSzimnnwN6nZqpFyYQbiqTEIr/kWFpl2
k8I3CO0yZ90WOnLqqpE35ab57XQDbcwetttu/M08pDtfcyQLcFW8cD+VygA7+GJT
Clpr5WHva45Ecl5j5wiwpcvH+8n20wzMbkNjLUhhOEY1KwiW+g==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:09:03 2024 by rpki-client on console-ams.rpki-client.org