Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/cdF_WhdTt7DY8MREfaeuBXQP4ws.roa
File: cdF_WhdTt7DY8MREfaeuBXQP4ws.roa (raw, json)
Hash identifier: 1jsaHK7n1qjeSKKZFD8Lpome50sg6ZktaDGgBjjipAU=
Subject key identifier: 71:D1:7F:5A:17:53:B7:B0:D8:F0:C4:44:7D:A7:AE:05:74:0F:E3:0B
Certificate issuer: /CN=02930f8c688c04d17433a2b9c7249bc625bce316
Certificate serial: 018CC801700C10494A0AA4595C724308376E
Authority key identifier: 02:93:0F:8C:68:8C:04:D1:74:33:A2:B9:C7:24:9B:C6:25:BC:E3:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApMPjGiMBNF0M6K5xySbxiW84xY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/cdF_WhdTt7DY8MREfaeuBXQP4ws.roa
Signing time: Tue 02 Jan 2024 02:29:46 +0000
ROA not before: Tue 02 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49800
IP address blocks: 46.19.96.0/21 maxlen: 21
195.250.64.0/19 maxlen: 19
37.186.64.0/18 maxlen: 18
130.193.120.0/21 maxlen: 21
93.185.32.0/20 maxlen: 20
185.8.0.0/22 maxlen: 22
185.8.2.0/24 maxlen: 24
5.63.160.0/21 maxlen: 21
5.63.160.0/24 maxlen: 24
62.89.0.0/19 maxlen: 19
31.47.192.0/21 maxlen: 21
78.109.64.0/20 maxlen: 20
2a02:2a50::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/ApMPjGiMBNF0M6K5xySbxiW84xY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/ApMPjGiMBNF0M6K5xySbxiW84xY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ApMPjGiMBNF0M6K5xySbxiW84xY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:70:0c:10:49:4a:0a:a4:59:5c:72:43:08:37:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02930f8c688c04d17433a2b9c7249bc625bce316
Validity
Not Before: Jan 2 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71d17f5a1753b7b0d8f0c4447da7ae05740fe30b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4c:5e:97:65:29:41:6a:24:aa:8e:46:2b:19:
ea:b0:9d:63:44:6f:0f:68:30:5c:87:1f:01:bc:8d:
dd:d5:4e:15:81:a1:59:e1:76:a5:7d:6c:33:b5:d0:
ec:ce:23:c0:f4:06:c3:35:de:3a:2d:71:75:c2:f7:
c8:1e:0d:1e:a7:e4:d0:62:70:31:55:01:78:04:8d:
4d:86:51:0f:a1:50:9b:d6:b8:18:9f:ca:3f:ff:b0:
bd:c7:81:b4:d2:a3:be:7a:33:ac:5a:04:e5:4b:47:
54:25:d4:62:8a:b0:da:57:21:b8:0b:3d:43:19:21:
e6:ed:61:9b:cf:4c:b6:6d:6b:db:06:2f:70:3f:50:
90:8c:77:11:f2:d5:b1:6b:cd:19:63:e8:6c:5c:36:
e3:97:0a:fc:4e:75:8f:f4:aa:9b:0b:30:ad:3b:90:
d3:34:41:5a:bc:08:43:1e:79:93:9c:30:89:04:82:
ef:e1:92:88:0e:52:19:a8:41:3c:94:06:08:ca:24:
27:4c:a7:28:6a:41:43:af:37:0c:d0:f9:71:85:32:
18:46:38:e9:02:4c:36:2e:e2:47:97:62:37:fd:64:
85:ec:9b:0c:00:f8:3d:98:f6:d4:d1:b5:3f:96:49:
09:16:80:6d:71:ca:99:8b:e0:32:dc:cc:95:9a:2d:
8d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D1:7F:5A:17:53:B7:B0:D8:F0:C4:44:7D:A7:AE:05:74:0F:E3:0B
X509v3 Authority Key Identifier:
keyid:02:93:0F:8C:68:8C:04:D1:74:33:A2:B9:C7:24:9B:C6:25:BC:E3:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApMPjGiMBNF0M6K5xySbxiW84xY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/cdF_WhdTt7DY8MREfaeuBXQP4ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/ApMPjGiMBNF0M6K5xySbxiW84xY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.160.0/21
31.47.192.0/21
37.186.64.0/18
46.19.96.0/21
62.89.0.0/19
78.109.64.0/20
93.185.32.0/20
130.193.120.0/21
185.8.0.0/22
195.250.64.0/19
IPv6:
2a02:2a50::/29
Signature Algorithm: sha256WithRSAEncryption
a4:73:16:38:23:71:3b:ea:2f:08:98:67:14:2e:ce:72:aa:bf:
4c:ac:af:a5:07:04:3d:2e:64:07:53:a3:2d:81:c4:a6:da:a0:
bd:0d:2f:f7:af:83:f9:00:4b:77:ba:41:85:fd:98:e6:3c:13:
79:c0:98:a0:f5:33:ea:27:95:5b:65:8d:ba:c4:e5:0e:b4:b1:
72:36:e5:ab:f7:3b:f7:94:a4:15:1c:5c:23:91:50:c4:46:e9:
00:32:00:7d:44:51:c6:b8:a1:c7:4a:b1:cd:f8:1a:5c:b5:78:
e1:a1:83:39:41:d7:88:18:1d:43:91:ca:51:b7:32:1d:11:c0:
4c:ed:64:74:98:93:89:39:76:b2:8b:de:ad:41:c3:4b:b5:93:
20:ad:30:d5:ed:d5:4f:dc:40:9b:6c:db:c0:10:98:e4:5a:02:
da:db:37:d2:47:ae:16:12:57:f2:2a:3b:bd:c9:19:eb:5c:32:
17:cb:4b:c9:d1:c4:57:a3:db:2b:bd:2e:aa:f9:4e:65:66:e8:
82:fe:f5:e7:70:4d:b5:6b:ca:19:95:49:56:e7:35:4d:82:14:
cd:c4:ff:d0:f3:09:05:fe:1a:b5:b8:45:1c:33:f8:59:73:6a:
d9:2e:2c:4f:2d:92:db:24:6b:03:17:3a:64:a7:1f:94:b3:5c:
65:48:1d:c2
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzIAXAMEElKCqRZXHJDCDduMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTMwZjhjNjg4YzA0ZDE3NDMzYTJiOWM3MjQ5YmM2MjVi
Y2UzMTYwHhcNMjQwMTAyMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQxN2Y1YTE3NTNiN2IwZDhmMGM0NDQ3ZGE3YWUwNTc0MGZlMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhExel2UpQWokqo5GKxnqsJ1jRG8P
aDBchx8BvI3d1U4VgaFZ4XalfWwztdDsziPA9AbDNd46LXF1wvfIHg0ep+TQYnAx
VQF4BI1NhlEPoVCb1rgYn8o//7C9x4G00qO+ejOsWgTlS0dUJdRiirDaVyG4Cz1D
GSHm7WGbz0y2bWvbBi9wP1CQjHcR8tWxa80ZY+hsXDbjlwr8TnWP9KqbCzCtO5DT
NEFavAhDHnmTnDCJBILv4ZKIDlIZqEE8lAYIyiQnTKcoakFDrzcM0PlxhTIYRjjp
Akw2LuJHl2I3/WSF7JsMAPg9mPbU0bU/lkkJFoBtccqZi+Ay3MyVmi2NEQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFHHRf1oXU7ew2PDERH2nrgV0D+MLMB8GA1UdIwQY
MBaAFAKTD4xojATRdDOiucckm8YlvOMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBNUGpHaU1CTkYwTTZLNXh5U2J4aVc4NHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iMjA2NGItYmUwOS00M2Q5LWIwODct
YTRlOTkxYjBmMTQ0LzEvY2RGX1doZFR0N0RZOE1SRWZhZXVCWFFQNHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iMjA2NGItYmUwOS00M2Q5LWIwODctYTRlOTkxYjBmMTQ0
LzEvQXBNUGpHaU1CTkYwTTZLNXh5U2J4aVc4NHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBT+gAwQD
Hy/AAwQGJbpAAwQDLhNgAwQFPlkAAwQETm1AAwQEXbkgAwQDgsF4AwQCuQgAAwQF
w/pAMA0EAgACMAcDBQMqAipQMA0GCSqGSIb3DQEBCwUAA4IBAQCkcxY4I3E76i8I
mGcULs5yqr9MrK+lBwQ9LmQHU6MtgcSm2qC9DS/3r4P5AEt3ukGF/ZjmPBN5wJig
9TPqJ5VbZY26xOUOtLFyNuWr9zv3lKQVHFwjkVDERukAMgB9RFHGuKHHSrHN+Bpc
tXjhoYM5QdeIGB1DkcpRtzIdEcBM7WR0mJOJOXayi96tQcNLtZMgrTDV7dVP3ECb
bNvAEJjkWgLa2zfSR64WElfyKju9yRnrXDIXy0vJ0cRXo9srvS6q+U5lZuiC/vXn
cE21a8oZlUlW5zVNghTNxP/Q8wkF/hq1uEUcM/hZc2rZLixPLZLbJGsDFzpkpx+U
s1xlSB3C
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:03:00 2024 by rpki-client on console-fra.rpki-client.org