Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/188994-2d40-4c48-ba88-f6070a4ad83a/1/aEfLlOU4jA3M1RcpYgLJnEnb3Ko.roa
File: aEfLlOU4jA3M1RcpYgLJnEnb3Ko.roa (raw, json)
Hash identifier: 2kLRqpbIPp7XSccmtC51nzVSU8Rqdrv2ESWJaRtTIi4=
Subject key identifier: 68:47:CB:94:E5:38:8C:0D:CC:D5:17:29:62:02:C9:9C:49:DB:DC:AA
Certificate issuer: /CN=5e7401f32cd281699fbe4dcf3bb502a63a2a60de
Certificate serial: 019252544B659CAA678E420B0E711B5E8311
Authority key identifier: 5E:74:01:F3:2C:D2:81:69:9F:BE:4D:CF:3B:B5:02:A6:3A:2A:60:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XnQB8yzSgWmfvk3PO7UCpjoqYN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/188994-2d40-4c48-ba88-f6070a4ad83a/1/aEfLlOU4jA3M1RcpYgLJnEnb3Ko.roa
Signing time: Thu 03 Oct 2024 12:21:48 +0000
ROA not before: Thu 03 Oct 2024 12:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12552
IP address blocks: 80.65.48.0/20 maxlen: 20
80.65.56.0/24 maxlen: 24
88.87.32.0/19 maxlen: 19
109.239.224.0/20 maxlen: 20
146.247.128.0/17 maxlen: 17
146.247.154.0/24 maxlen: 24
146.247.160.0/19 maxlen: 19
146.247.192.0/19 maxlen: 19
146.247.226.0/24 maxlen: 24
146.247.246.0/24 maxlen: 24
185.166.204.0/22 maxlen: 22
185.166.205.0/24 maxlen: 24
185.168.240.0/22 maxlen: 22
213.166.160.0/19 maxlen: 19
2001:1ad8::/32 maxlen: 32
2a00:1b60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/188994-2d40-4c48-ba88-f6070a4ad83a/1/XnQB8yzSgWmfvk3PO7UCpjoqYN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/188994-2d40-4c48-ba88-f6070a4ad83a/1/XnQB8yzSgWmfvk3PO7UCpjoqYN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/XnQB8yzSgWmfvk3PO7UCpjoqYN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:54:4b:65:9c:aa:67:8e:42:0b:0e:71:1b:5e:83:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e7401f32cd281699fbe4dcf3bb502a63a2a60de
Validity
Not Before: Oct 3 12:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6847cb94e5388c0dccd517296202c99c49dbdcaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:77:61:db:c0:b5:06:37:2f:21:5c:b2:21:94:
3f:f7:a6:fe:48:1e:15:b4:af:d5:f1:fd:5d:e4:c5:
23:87:da:9f:02:79:46:20:b3:69:01:c1:cc:cd:a7:
e4:c4:9c:a1:ff:10:ed:90:c6:aa:d5:8a:97:9d:87:
1b:ba:7f:db:d8:e8:78:73:e3:7f:e3:14:27:0b:a6:
e0:b4:f9:ec:29:35:45:97:6f:df:0e:91:47:c1:93:
39:e1:30:53:57:f1:4e:5e:0d:9b:89:a3:98:42:dc:
46:80:a1:84:17:6c:44:f6:2e:44:da:a8:5a:4d:51:
96:fb:59:d5:7e:ab:0c:16:7c:7d:ac:2a:96:59:f9:
45:78:5b:95:de:c0:a3:b6:d0:d9:00:69:aa:cf:3c:
b8:f1:ad:78:7b:2e:f8:d1:77:e2:6b:5f:f4:f9:dd:
d8:15:f6:d6:84:03:b1:f4:1d:23:39:d1:54:9e:cf:
8f:1e:30:67:80:de:1e:a4:b4:6f:6b:a9:20:0a:9e:
59:6b:a1:20:df:ba:bd:d2:42:0c:c2:b0:b5:f2:3d:
58:36:5c:a3:0c:e5:76:cf:71:f5:42:d3:a5:cb:b3:
ad:b5:dc:c9:00:ea:58:fd:b7:d6:b2:32:ee:fc:45:
9d:1d:fb:6a:e2:24:88:f8:6c:5c:69:0c:c6:d9:8b:
b7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:47:CB:94:E5:38:8C:0D:CC:D5:17:29:62:02:C9:9C:49:DB:DC:AA
X509v3 Authority Key Identifier:
keyid:5E:74:01:F3:2C:D2:81:69:9F:BE:4D:CF:3B:B5:02:A6:3A:2A:60:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XnQB8yzSgWmfvk3PO7UCpjoqYN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/188994-2d40-4c48-ba88-f6070a4ad83a/1/aEfLlOU4jA3M1RcpYgLJnEnb3Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/188994-2d40-4c48-ba88-f6070a4ad83a/1/XnQB8yzSgWmfvk3PO7UCpjoqYN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.48.0/20
88.87.32.0/19
109.239.224.0/20
146.247.128.0/17
185.166.204.0/22
185.168.240.0/22
213.166.160.0/19
IPv6:
2001:1ad8::/32
2a00:1b60::/32
Signature Algorithm: sha256WithRSAEncryption
3f:89:8e:a0:a7:9d:29:38:8d:e8:49:3e:b7:d5:76:fb:3b:54:
20:b6:1c:ab:6e:36:95:a3:53:87:35:7b:62:47:e3:f5:73:2c:
97:53:66:19:bc:79:13:2f:b3:d3:e7:f3:a4:b6:b4:6c:3e:f6:
97:f8:de:37:0b:94:f7:e1:e1:a6:1e:71:39:06:ad:cc:fd:df:
c3:7a:e3:ef:02:02:31:a5:aa:b1:eb:6b:33:13:4f:be:d9:56:
e0:5a:71:1f:c5:5f:24:99:4a:6a:55:9d:d4:8b:f3:28:3f:0c:
70:6d:92:c7:0f:93:46:19:ee:9e:ae:a4:26:c0:7f:9e:37:3c:
62:b1:da:13:5d:03:77:fd:41:03:59:5c:d0:47:ca:8b:15:95:
ee:78:79:52:b7:58:07:d6:56:bd:01:e7:0b:ef:46:c5:2b:81:
9d:a1:a2:27:05:46:14:e7:17:30:ac:31:3e:bb:d0:dd:f4:b2:
00:fe:a3:3e:63:ee:43:15:5d:ca:2e:46:3b:43:ac:51:ad:2a:
78:78:82:a5:55:3a:dd:5c:45:56:a9:60:1a:1c:bb:96:52:8c:
bb:e3:c1:ee:b2:dc:ae:77:96:e0:b3:12:ca:47:6d:51:2f:23:
35:35:13:e0:2a:61:56:dd:fd:18:8f:9f:84:cf:3e:41:51:f3:
d4:f5:77:be
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZJSVEtlnKpnjkILDnEbXoMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlNzQwMWYzMmNkMjgxNjk5ZmJlNGRjZjNiYjUwMmE2M2Ey
YTYwZGUwHhcNMjQxMDAzMTIyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQ3Y2I5NGU1Mzg4YzBkY2NkNTE3Mjk2MjAyYzk5YzQ5ZGJkY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHdh28C1BjcvIVyyIZQ/96b+SB4V
tK/V8f1d5MUjh9qfAnlGILNpAcHMzafkxJyh/xDtkMaq1YqXnYcbun/b2Oh4c+N/
4xQnC6bgtPnsKTVFl2/fDpFHwZM54TBTV/FOXg2biaOYQtxGgKGEF2xE9i5E2qha
TVGW+1nVfqsMFnx9rCqWWflFeFuV3sCjttDZAGmqzzy48a14ey740Xfia1/0+d3Y
FfbWhAOx9B0jOdFUns+PHjBngN4epLRva6kgCp5Za6Eg37q90kIMwrC18j1YNlyj
DOV2z3H1QtOly7OttdzJAOpY/bfWsjLu/EWdHftq4iSI+GxcaQzG2Yu3NQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFGhHy5TlOIwNzNUXKWICyZxJ29yqMB8GA1UdIwQY
MBaAFF50AfMs0oFpn75Nzzu1AqY6KmDeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG5RQjh5elNnV21mdmszUE83VUNwam9xWU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8xODg5OTQtMmQ0MC00YzQ4LWJhODgt
ZjYwNzBhNGFkODNhLzEvYUVmTGxPVTRqQTNNMVJjcFlnTEpuRW5iM0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8xODg5OTQtMmQ0MC00YzQ4LWJhODgtZjYwNzBhNGFkODNh
LzEvWG5RQjh5elNnV21mdmszUE83VUNwam9xWU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQEUEEwAwQF
WFcgAwQEbe/gAwQHkveAAwQCuabMAwQCuajwAwQF1aagMBQEAgACMA4DBQAgARrY
AwUAKgAbYDANBgkqhkiG9w0BAQsFAAOCAQEAP4mOoKedKTiN6Ek+t9V2+ztUILYc
q242laNThzV7Ykfj9XMsl1NmGbx5Ey+z0+fzpLa0bD72l/jeNwuU9+Hhph5xOQat
zP3fw3rj7wICMaWqsetrMxNPvtlW4FpxH8VfJJlKalWd1IvzKD8McG2Sxw+TRhnu
nq6kJsB/njc8YrHaE10Dd/1BA1lc0EfKixWV7nh5UrdYB9ZWvQHnC+9GxSuBnaGi
JwVGFOcXMKwxPrvQ3fSyAP6jPmPuQxVdyi5GO0OsUa0qeHiCpVU63VxFVqlgGhy7
llKMu+PB7rLcrneW4LMSykdtUS8jNTUT4CphVt39GI+fhM8+QVHz1PV3vg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:22:47 2024 by rpki-client on console-ams.rpki-client.org