Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/T0Bv2pW93Mp_YLMNRvJf2DGA2_g.roa
File: T0Bv2pW93Mp_YLMNRvJf2DGA2_g.roa (raw, json)
Hash identifier: 1x3QRoS/B2y3v2T/IK813WigskHWOsnWtPLgEq1DsAQ=
Subject key identifier: 4F:40:6F:DA:95:BD:DC:CA:7F:60:B3:0D:46:F2:5F:D8:31:80:DB:F8
Certificate issuer: /CN=969d46361b6af720fb9836acec965b0f52f4b09c
Certificate serial: 01911BF6801554D69C79D242C71E95E570C3
Authority key identifier: 96:9D:46:36:1B:6A:F7:20:FB:98:36:AC:EC:96:5B:0F:52:F4:B0:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/T0Bv2pW93Mp_YLMNRvJf2DGA2_g.roa
Signing time: Sun 04 Aug 2024 05:57:04 +0000
ROA not before: Sun 04 Aug 2024 05:57:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29690
IP address blocks: 83.101.128.0/19 maxlen: 19
83.101.128.0/24 maxlen: 24
83.101.129.0/24 maxlen: 24
83.101.137.0/24 maxlen: 24
83.101.138.0/24 maxlen: 24
83.101.139.0/24 maxlen: 24
83.101.140.0/24 maxlen: 24
83.101.141.0/24 maxlen: 24
83.101.143.0/24 maxlen: 24
83.101.149.0/24 maxlen: 24
83.101.150.0/24 maxlen: 24
83.101.151.0/24 maxlen: 24
83.101.154.0/24 maxlen: 24
83.101.155.0/24 maxlen: 24
83.101.156.0/24 maxlen: 24
212.70.32.0/19 maxlen: 19
212.70.32.0/24 maxlen: 24
212.70.34.0/24 maxlen: 24
212.70.36.0/24 maxlen: 24
212.70.40.0/24 maxlen: 24
212.70.45.0/24 maxlen: 24
212.70.47.0/24 maxlen: 24
212.70.48.0/24 maxlen: 24
212.70.49.0/24 maxlen: 24
212.70.50.0/24 maxlen: 24
212.70.51.0/24 maxlen: 24
212.70.52.0/24 maxlen: 24
212.70.53.0/24 maxlen: 24
212.70.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/lp1GNhtq9yD7mDas7JZbD1L0sJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/lp1GNhtq9yD7mDas7JZbD1L0sJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:1b:f6:80:15:54:d6:9c:79:d2:42:c7:1e:95:e5:70:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969d46361b6af720fb9836acec965b0f52f4b09c
Validity
Not Before: Aug 4 05:57:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f406fda95bddcca7f60b30d46f25fd83180dbf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7e:e9:20:8a:b0:ba:07:3b:91:c1:0b:73:cf:
d2:a5:24:04:65:7a:4d:a9:02:69:a8:43:2a:d2:2c:
c5:d5:ec:81:9e:bf:71:fa:5c:32:e2:49:7f:a6:f9:
c0:87:d4:55:82:c9:63:36:2a:8e:c6:7d:8e:cd:8f:
d3:f9:71:f5:f8:90:3e:dc:00:0d:1c:5e:6d:92:a4:
cb:0f:55:2d:7f:52:1b:83:09:e5:de:d4:c3:4b:cf:
a6:df:44:0f:c0:47:c4:ae:22:29:d9:6e:c2:b4:f7:
de:14:39:c0:c2:4e:45:6b:8a:2a:ac:60:d2:02:ae:
c6:84:f9:4a:34:35:c4:c6:c5:e3:b4:f9:45:7b:a0:
29:0c:9d:f9:9f:e3:81:d0:a8:10:af:32:96:59:3c:
31:bd:d4:fe:fe:d8:f1:45:59:03:c7:13:e9:ef:57:
1f:92:19:77:3c:85:18:34:51:a1:9a:8d:a1:c3:ad:
89:9c:55:57:40:37:e9:34:15:b2:97:2f:0b:d7:de:
ff:8c:2d:60:8b:f0:6d:58:0a:85:9a:e2:42:0b:67:
62:58:2b:45:47:8a:e9:c1:ac:12:df:85:91:73:03:
d6:6c:25:5a:01:df:fe:b1:df:1e:57:bc:02:36:d4:
94:35:15:c5:9b:6b:03:b0:95:35:b2:0d:a4:59:c6:
d1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:40:6F:DA:95:BD:DC:CA:7F:60:B3:0D:46:F2:5F:D8:31:80:DB:F8
X509v3 Authority Key Identifier:
keyid:96:9D:46:36:1B:6A:F7:20:FB:98:36:AC:EC:96:5B:0F:52:F4:B0:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lp1GNhtq9yD7mDas7JZbD1L0sJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/T0Bv2pW93Mp_YLMNRvJf2DGA2_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/5fbcbb-00fa-4ad7-a801-43600171b8bd/1/lp1GNhtq9yD7mDas7JZbD1L0sJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.101.128.0/19
212.70.32.0/19
Signature Algorithm: sha256WithRSAEncryption
58:da:e2:a6:7e:c3:4b:97:db:ae:d3:3d:8e:ef:99:f9:7a:76:
4b:10:b4:96:79:2e:0c:2b:7d:33:ba:f9:24:7a:ca:c3:14:22:
e1:27:4d:a8:fc:b3:56:ba:c3:49:d6:e5:18:24:e3:a0:56:22:
01:d1:bd:02:07:5c:ff:6b:ff:c6:e9:04:6e:f3:8c:b6:d9:cc:
ee:a7:4b:a2:be:b2:d8:7f:c5:a3:f1:9d:6a:97:67:9b:dc:72:
83:4f:b6:2e:61:b7:de:41:ca:42:c6:7d:30:2a:67:47:9b:05:
45:6f:c7:82:da:c1:cd:e6:9c:ba:0f:1b:60:67:2b:18:7a:e4:
db:c0:dd:af:0e:32:6f:dc:bc:71:88:07:f0:dd:d0:97:a7:96:
dc:d3:7f:04:bb:86:34:d0:08:72:65:b4:0c:c7:d1:61:11:78:
af:e9:ac:9d:bd:c4:12:9d:df:b4:52:c2:df:f3:29:ce:53:fd:
90:26:36:3c:d2:d9:45:a4:38:b5:18:c2:8f:f4:89:95:c3:d7:
56:ab:c5:02:38:2d:f8:4d:b5:5b:68:92:26:38:99:3d:8d:6e:
67:d5:df:04:32:bd:ff:bb:7a:32:ee:c6:d6:fa:93:1f:dd:1b:
02:4f:7e:eb:b0:19:64:2a:38:dc:f7:5e:b9:68:05:69:52:ca:
28:7f:25:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZEb9oAVVNacedJCxx6V5XDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OWQ0NjM2MWI2YWY3MjBmYjk4MzZhY2VjOTY1YjBmNTJm
NGIwOWMwHhcNMjQwODA0MDU1NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQwNmZkYTk1YmRkY2NhN2Y2MGIzMGQ0NmYyNWZkODMxODBkYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun7pIIqwugc7kcELc8/SpSQEZXpN
qQJpqEMq0izF1eyBnr9x+lwy4kl/pvnAh9RVgsljNiqOxn2OzY/T+XH1+JA+3AAN
HF5tkqTLD1Utf1Ibgwnl3tTDS8+m30QPwEfEriIp2W7CtPfeFDnAwk5Fa4oqrGDS
Aq7GhPlKNDXExsXjtPlFe6ApDJ35n+OB0KgQrzKWWTwxvdT+/tjxRVkDxxPp71cf
khl3PIUYNFGhmo2hw62JnFVXQDfpNBWyly8L197/jC1gi/BtWAqFmuJCC2diWCtF
R4rpwawS34WRcwPWbCVaAd/+sd8eV7wCNtSUNRXFm2sDsJU1sg2kWcbRyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE9Ab9qVvdzKf2CzDUbyX9gxgNv4MB8GA1UdIwQY
MBaAFJadRjYbavcg+5g2rOyWWw9S9LCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHAxR05odHE5eUQ3bURhczdKWmJEMUwwc0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi81ZmJjYmItMDBmYS00YWQ3LWE4MDEt
NDM2MDAxNzFiOGJkLzEvVDBCdjJwVzkzTXBfWUxNTlJ2SmYyREdBMl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi81ZmJjYmItMDBmYS00YWQ3LWE4MDEtNDM2MDAxNzFiOGJk
LzEvbHAxR05odHE5eUQ3bURhczdKWmJEMUwwc0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFU2WAAwQF
1EYgMA0GCSqGSIb3DQEBCwUAA4IBAQBY2uKmfsNLl9uu0z2O75n5enZLELSWeS4M
K30zuvkkesrDFCLhJ02o/LNWusNJ1uUYJOOgViIB0b0CB1z/a//G6QRu84y22czu
p0uivrLYf8Wj8Z1ql2eb3HKDT7YuYbfeQcpCxn0wKmdHmwVFb8eC2sHN5py6Dxtg
ZysYeuTbwN2vDjJv3LxxiAfw3dCXp5bc038Eu4Y00AhyZbQMx9FhEXiv6aydvcQS
nd+0UsLf8ynOU/2QJjY80tlFpDi1GMKP9ImVw9dWq8UCOC34TbVbaJImOJk9jW5n
1d8EMr3/u3oy7sbW+pMf3RsCT37rsBlkKjjc9165aAVpUsoofyVJ
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:39:29 2024 by rpki-client on console-ams.rpki-client.org