Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/1no7mIlPgrjGGPboAQeF_6v17z8.roa
File: 1no7mIlPgrjGGPboAQeF_6v17z8.roa (raw, json)
Hash identifier: WBzZEDjHYRrYFwUvhyGA0hE80adZnx6zkMTmEWqKkVM=
Subject key identifier: D6:7A:3B:98:89:4F:82:B8:C6:18:F6:E8:01:07:85:FF:AB:F5:EF:3F
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 018CC3B7431775B5353A0428D383B9E0DBFB
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/1no7mIlPgrjGGPboAQeF_6v17z8.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20485
IP address blocks: 80.76.240.0/20 maxlen: 24
145.255.136.0/21 maxlen: 21
80.237.0.0/17 maxlen: 17
188.43.0.0/16 maxlen: 16
62.33.0.0/16 maxlen: 16
213.137.230.0/23 maxlen: 23
213.137.232.0/23 maxlen: 24
213.137.236.0/22 maxlen: 24
213.137.240.0/21 maxlen: 24
213.137.248.0/21 maxlen: 24
83.234.0.0/16 maxlen: 16
89.237.37.0/24 maxlen: 24
89.237.32.0/22 maxlen: 24
89.237.44.0/24 maxlen: 24
89.237.41.0/24 maxlen: 24
89.237.43.0/24 maxlen: 24
89.237.46.0/24 maxlen: 24
89.237.45.0/24 maxlen: 24
89.237.55.0/24 maxlen: 24
62.33.111.0/24 maxlen: 24
217.150.32.0/19 maxlen: 19
185.50.216.0/22 maxlen: 24
80.82.160.0/19 maxlen: 19
185.13.160.0/22 maxlen: 22
213.141.240.0/22 maxlen: 22
151.237.240.0/21 maxlen: 24
213.141.247.0/24 maxlen: 24
195.246.122.0/23 maxlen: 24
217.148.208.0/20 maxlen: 24
2a00:1e48::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:43:17:75:b5:35:3a:04:28:d3:83:b9:e0:db:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d67a3b98894f82b8c618f6e8010785ffabf5ef3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3f:26:6b:67:25:e0:f3:60:a2:d0:ca:7b:56:
c6:7f:08:b9:39:70:9c:87:2f:7e:15:23:6c:fb:9f:
1b:7e:e8:3a:9e:78:2d:33:c4:38:f7:95:e5:cb:5f:
62:22:0a:94:48:f8:12:20:e6:31:bc:00:55:b7:cd:
ab:97:3e:7a:f3:75:d6:26:a9:3e:72:52:d1:d8:89:
88:23:06:67:1b:fc:58:ee:77:aa:7b:64:5a:d8:12:
0d:c8:f4:95:3e:e7:68:26:c5:10:31:c0:21:78:cf:
fb:89:c5:1c:0b:eb:c0:ae:b5:7d:65:b6:1d:df:7b:
0e:d4:4e:d8:1e:a5:55:95:78:30:90:66:8e:ca:7d:
9f:c6:34:8c:e0:4f:fc:f8:b2:d0:5d:2f:6f:51:e1:
f8:53:c2:50:20:22:ef:6b:4e:c6:e7:b9:42:dc:be:
b1:88:22:14:57:40:f7:29:f4:69:b5:d3:20:12:31:
5d:cd:80:a0:7d:d1:df:85:49:e4:7a:8d:e0:62:d2:
f2:50:05:af:f2:01:f8:e2:2f:64:26:3c:08:18:7c:
79:ab:22:9c:55:04:24:2a:46:b7:87:1e:e8:d0:63:
08:c4:cf:d1:e4:5b:3d:08:cc:79:4c:b0:b8:87:5a:
90:97:d5:6a:bb:b8:77:6b:e9:37:83:a4:62:82:1e:
54:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:7A:3B:98:89:4F:82:B8:C6:18:F6:E8:01:07:85:FF:AB:F5:EF:3F
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/1no7mIlPgrjGGPboAQeF_6v17z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.33.0.0/16
80.76.240.0/20
80.82.160.0/19
80.237.0.0/17
83.234.0.0/16
89.237.32.0/22
89.237.37.0/24
89.237.41.0/24
89.237.43.0-89.237.46.255
89.237.55.0/24
145.255.136.0/21
151.237.240.0/21
185.13.160.0/22
185.50.216.0/22
188.43.0.0/16
195.246.122.0/23
213.137.230.0-213.137.233.255
213.137.236.0-213.137.255.255
213.141.240.0/22
213.141.247.0/24
217.148.208.0/20
217.150.32.0/19
IPv6:
2a00:1e48::/32
Signature Algorithm: sha256WithRSAEncryption
17:00:2b:67:9b:fa:9e:85:5a:36:bc:22:23:df:1a:a4:bf:3c:
2f:00:26:ed:40:b4:46:d9:79:1c:db:5f:21:e8:ea:b1:94:64:
2e:a5:7c:d0:fb:8d:e7:b3:b9:85:60:d8:45:2b:5f:18:43:44:
1f:82:8f:c8:a4:b7:c6:33:de:e7:43:7f:6e:37:90:dc:19:ad:
76:cb:3c:78:6e:47:59:4f:c6:a3:29:60:64:df:90:28:71:34:
1f:94:d6:74:7c:9c:96:01:88:c0:d3:b4:d9:9a:9f:d4:de:5f:
df:64:09:a1:e9:6e:97:19:0e:3f:d6:05:c5:4b:9c:b5:1a:3b:
29:ca:a7:d5:1b:af:e9:9a:ca:3b:2d:99:70:a0:bf:23:7e:40:
3e:b6:45:ea:57:27:8d:43:dd:4f:09:16:89:ea:1c:88:b6:2f:
02:ec:a9:6d:eb:09:af:ba:0c:d3:24:94:d9:61:14:33:7a:2b:
dc:0f:86:e8:87:a4:81:3d:68:17:ec:65:2c:e1:ad:c8:60:de:
25:60:f8:e5:49:9c:f9:4a:4f:af:22:8e:6a:c8:4d:13:69:90:
fb:f7:51:42:10:be:fb:9c:63:6a:a7:f5:f7:31:fd:9a:7f:97:
53:a2:5e:1c:26:8a:41:60:01:bc:c1:ca:32:bc:a4:73:25:6b:
91:c7:47:72
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYzDt0MXdbU1OgQo04O54Nv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjdhM2I5ODg5NGY4MmI4YzYxOGY2ZTgwMTA3ODVmZmFiZjVlZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD8ma2cl4PNgotDKe1bGfwi5OXCc
hy9+FSNs+58bfug6nngtM8Q495Xly19iIgqUSPgSIOYxvABVt82rlz5683XWJqk+
clLR2ImIIwZnG/xY7neqe2Ra2BINyPSVPudoJsUQMcAheM/7icUcC+vArrV9ZbYd
33sO1E7YHqVVlXgwkGaOyn2fxjSM4E/8+LLQXS9vUeH4U8JQICLva07G57lC3L6x
iCIUV0D3KfRptdMgEjFdzYCgfdHfhUnkeo3gYtLyUAWv8gH44i9kJjwIGHx5qyKc
VQQkKka3hx7o0GMIxM/R5Fs9CMx5TLC4h1qQl9Vqu7h3a+k3g6Righ5URQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFNZ6O5iJT4K4xhj26AEHhf+r9e8/MB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvMW5vN21JbFBncmpHR1Bib0FRZUZfNnYxN3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDAwA+
IQMEBFBM8AMEBVBSoAMEB1DtAAMDAFPqAwQCWe0gAwQAWe0lAwQAWe0pMAwDBABZ
7SsDBABZ7S4DBABZ7TcDBAOR/4gDBAOX7fADBAK5DaADBAK5MtgDAwC8KwMEAcP2
ejAMAwQB1YnmAwQB1YnoMAsDBALViewDAwHViAMEAtWN8AMEANWN9wMEBNmU0AME
BdmWIDANBAIAAjAHAwUAKgAeSDANBgkqhkiG9w0BAQsFAAOCAQEAFwArZ5v6noVa
NrwiI98apL88LwAm7UC0Rtl5HNtfIejqsZRkLqV80PuN57O5hWDYRStfGENEH4KP
yKS3xjPe50N/bjeQ3Bmtdss8eG5HWU/GoylgZN+QKHE0H5TWdHyclgGIwNO02Zqf
1N5f32QJoelulxkOP9YFxUuctRo7Kcqn1Ruv6ZrKOy2ZcKC/I35APrZF6lcnjUPd
TwkWieociLYvAuypbesJr7oM0ySU2WEUM3or3A+G6IekgT1oF+xlLOGtyGDeJWD4
5Umc+UpPryKOashNE2mQ+/dRQhC++5xjaqf19zH9mn+XU6JeHCaKQWABvMHKMryk
cyVrkcdHcg==
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:30:57 2024 by rpki-client on console-ams.rpki-client.org