Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/cpbE6dE6dAcc1MZWa_ta6MTMonc.roa
File: cpbE6dE6dAcc1MZWa_ta6MTMonc.roa (raw, json)
Hash identifier: h6WikgwYXrsIJkoPQQan0GXdn1DaU9+lfq5vEDTGiAE=
Subject key identifier: 72:96:C4:E9:D1:3A:74:07:1C:D4:C6:56:6B:FB:5A:E8:C4:CC:A2:77
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018CCA993E9A41FE8ACE3B7D711FB9CFAF90
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/cpbE6dE6dAcc1MZWa_ta6MTMonc.roa
Signing time: Tue 02 Jan 2024 14:34:49 +0000
ROA not before: Tue 02 Jan 2024 14:34:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 185.224.56.0/22 maxlen: 24
185.57.168.0/22 maxlen: 24
185.56.212.0/22 maxlen: 24
84.19.128.0/20 maxlen: 24
91.192.252.0/22 maxlen: 24
91.224.36.0/23 maxlen: 24
193.41.118.0/23 maxlen: 24
84.19.144.0/21 maxlen: 24
185.114.104.0/22 maxlen: 24
188.65.152.0/21 maxlen: 24
193.254.192.0/23 maxlen: 24
45.137.208.0/22 maxlen: 24
81.201.208.0/20 maxlen: 24
2a0b:fd80::/32 maxlen: 48
2a02:5120::/32 maxlen: 48
2a00:e900::/29 maxlen: 48
2a01:4400::/32 maxlen: 48
2a0b:fd82::/32 maxlen: 48
2a0b:fd81::/32 maxlen: 48
2a0b:fd87::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:3e:9a:41:fe:8a:ce:3b:7d:71:1f:b9:cf:af:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Jan 2 14:34:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7296c4e9d13a74071cd4c6566bfb5ae8c4cca277
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:f7:86:6a:08:18:49:ba:9b:93:b2:8f:50:21:
8b:94:41:d7:0e:9d:d9:1c:c5:4f:af:97:0d:85:db:
d9:eb:b3:c1:d5:51:4c:a2:c3:96:59:33:1a:79:3d:
6d:09:53:6c:ed:49:7b:2f:b3:86:0d:38:3c:fc:0c:
2c:2a:5b:87:7e:2a:4d:50:47:2b:8a:62:b8:c9:34:
e4:c0:51:5e:27:db:ab:ef:f9:57:2d:3f:b7:92:2c:
32:2b:54:b2:a9:c1:fd:ac:ee:ba:a3:19:31:fd:1a:
68:d3:d4:37:ad:68:82:ed:b6:31:36:51:2b:23:9e:
7b:5e:0f:e0:9f:97:d5:01:f1:9e:32:04:01:f7:94:
29:08:34:63:f2:95:33:07:e6:26:9e:ae:0b:67:13:
f3:9e:65:f4:28:c6:85:df:87:4c:f2:82:5d:64:58:
7e:38:86:d4:c0:09:2d:e2:04:80:94:df:49:da:0d:
fd:de:b5:29:6c:e8:a3:1d:13:98:18:f6:aa:f5:2d:
a7:b9:3d:59:4d:f8:4c:5d:4c:82:37:a7:8d:df:d7:
cc:d0:da:da:0b:74:6c:04:f8:eb:46:a9:2b:09:4a:
69:71:d7:f7:76:21:13:1b:3d:80:07:b4:5b:a7:61:
63:2c:68:f9:08:cc:dd:0e:8b:62:66:af:8c:f9:4f:
93:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:96:C4:E9:D1:3A:74:07:1C:D4:C6:56:6B:FB:5A:E8:C4:CC:A2:77
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/cpbE6dE6dAcc1MZWa_ta6MTMonc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.208.0/22
81.201.208.0/20
84.19.128.0-84.19.151.255
91.192.252.0/22
91.224.36.0/23
185.56.212.0/22
185.57.168.0/22
185.114.104.0/22
185.224.56.0/22
188.65.152.0/21
193.41.118.0/23
193.254.192.0/23
IPv6:
2a00:e900::/29
2a01:4400::/32
2a02:5120::/32
2a0b:fd80::-2a0b:fd82:ffff:ffff:ffff:ffff:ffff:ffff
2a0b:fd87::/32
Signature Algorithm: sha256WithRSAEncryption
6b:33:ba:1c:fd:de:7d:63:c6:49:4e:7b:c2:64:0f:9a:70:cf:
15:10:5a:9b:92:52:50:ff:a1:5c:ff:3e:f2:1d:76:7d:a8:d7:
4c:98:08:ad:e8:7d:ad:43:5c:03:35:3f:da:89:df:5f:c9:57:
e8:18:a0:77:48:a3:3b:e4:71:d6:d3:7c:00:d1:38:31:27:29:
f7:a8:0b:30:80:22:b2:f1:ac:8c:f4:65:d8:f4:fa:c0:3e:0b:
8d:d3:a0:01:b3:6e:ae:4c:6a:97:37:05:c9:47:d1:16:37:8a:
e9:3a:40:10:6c:a7:4c:ce:a0:26:c7:c0:5b:20:10:b3:e6:e8:
3d:25:6e:99:f5:04:b5:74:3f:a1:98:09:45:61:72:a8:3f:1d:
8a:db:fa:c9:94:db:31:64:3c:b7:c0:1d:59:7a:1f:b4:02:b0:
28:14:e8:81:19:f7:79:fa:fe:c4:f7:fb:7d:55:c3:89:b2:66:
03:43:89:9d:20:a6:48:35:1f:0e:62:9c:41:0e:f2:36:67:f6:
71:5d:b3:ca:4f:0d:c0:4c:47:c5:12:71:8c:de:70:d7:51:ca:
f9:89:59:45:c3:e9:35:e8:84:75:aa:2c:fd:6f:9f:a9:15:82:
19:f6:f0:3f:b7:b5:72:d8:5e:90:45:c8:cf:65:d8:56:de:36:
aa:e1:10:fa
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYzKmT6aQf6Kzjt9cR+5z6+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjQwMTAyMTQzNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk2YzRlOWQxM2E3NDA3MWNkNGM2NTY2YmZiNWFlOGM0Y2NhMjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgPeGaggYSbqbk7KPUCGLlEHXDp3Z
HMVPr5cNhdvZ67PB1VFMosOWWTMaeT1tCVNs7Ul7L7OGDTg8/AwsKluHfipNUEcr
imK4yTTkwFFeJ9ur7/lXLT+3kiwyK1SyqcH9rO66oxkx/Rpo09Q3rWiC7bYxNlEr
I557Xg/gn5fVAfGeMgQB95QpCDRj8pUzB+Ymnq4LZxPznmX0KMaF34dM8oJdZFh+
OIbUwAkt4gSAlN9J2g393rUpbOijHROYGPaq9S2nuT1ZTfhMXUyCN6eN39fM0Nra
C3RsBPjrRqkrCUppcdf3diETGz2AB7Rbp2FjLGj5CMzdDotiZq+M+U+TxQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFHKWxOnROnQHHNTGVmv7WujEzKJ3MB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvY3BiRTZkRTZkQWNjMU1aV2FfdGE2TVRNb25jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBWBAIAATBQAwQCLYnQ
AwQEUcnQMAwDBAdUE4ADBANUE5ADBAJbwPwDBAFb4CQDBAK5ONQDBAK5OagDBAK5
cmgDBAK54DgDBAO8QZgDBAHBKXYDBAHB/sAwMgQCAAIwLAMFAyoA6QADBQAqAUQA
AwUAKgJRIDAOAwUHKgv9gAMFACoL/YIDBQAqC/2HMA0GCSqGSIb3DQEBCwUAA4IB
AQBrM7oc/d59Y8ZJTnvCZA+acM8VEFqbklJQ/6Fc/z7yHXZ9qNdMmAit6H2tQ1wD
NT/aid9fyVfoGKB3SKM75HHW03wA0TgxJyn3qAswgCKy8ayM9GXY9PrAPguN06AB
s26uTGqXNwXJR9EWN4rpOkAQbKdMzqAmx8BbIBCz5ug9JW6Z9QS1dD+hmAlFYXKo
Px2K2/rJlNsxZDy3wB1Zeh+0ArAoFOiBGfd5+v7E9/t9VcOJsmYDQ4mdIKZINR8O
YpxBDvI2Z/ZxXbPKTw3ATEfFEnGM3nDXUcr5iVlFw+k16IR1qiz9b5+pFYIZ9vA/
t7Vy2F6QRcjPZdhW3jaq4RD6
-----END CERTIFICATE-----
Generated at Wed May 15 15:52:13 2024 by rpki-client on console-fra.rpki-client.org