Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/wod9IJxJVpChaZCWnkJo7-bJYzc.roa
File: wod9IJxJVpChaZCWnkJo7-bJYzc.roa (raw, json)
Hash identifier: uqsAMP0Mw8hUJAtQ+oyzS0FYk8UeBZoUZTO6PuCFr1g=
Subject key identifier: C2:87:7D:20:9C:49:56:90:A1:69:90:96:9E:42:68:EF:E6:C9:63:37
Certificate issuer: /CN=2347aaab2206c08128f543730064a145a3effa14
Certificate serial: 018CC26D746CEAB48316919A3FB95D45D4EF
Authority key identifier: 23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/wod9IJxJVpChaZCWnkJo7-bJYzc.roa
Signing time: Mon 01 Jan 2024 00:30:02 +0000
ROA not before: Mon 01 Jan 2024 00:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2119
IP address blocks: 195.58.96.0/19 maxlen: 19
62.119.0.0/16 maxlen: 16
212.75.64.0/19 maxlen: 19
178.28.0.0/14 maxlen: 14
78.82.0.0/16 maxlen: 16
62.13.0.0/17 maxlen: 17
212.73.160.0/19 maxlen: 19
213.214.192.0/18 maxlen: 18
213.112.0.0/14 maxlen: 14
79.102.0.0/16 maxlen: 16
80.68.96.0/20 maxlen: 20
94.234.0.0/16 maxlen: 16
81.26.224.0/19 maxlen: 19
213.242.128.0/18 maxlen: 18
195.43.192.0/18 maxlen: 18
62.65.64.0/18 maxlen: 18
213.238.192.0/18 maxlen: 18
85.224.0.0/13 maxlen: 13
83.226.0.0/15 maxlen: 15
46.194.0.0/15 maxlen: 15
92.32.0.0/14 maxlen: 14
213.163.128.0/19 maxlen: 19
82.182.0.0/15 maxlen: 15
62.127.0.0/16 maxlen: 16
213.204.128.0/18 maxlen: 18
217.174.64.0/19 maxlen: 19
195.66.32.0/19 maxlen: 19
195.54.96.0/19 maxlen: 19
84.216.0.0/14 maxlen: 14
212.73.0.0/19 maxlen: 19
212.105.0.0/17 maxlen: 17
213.150.128.0/19 maxlen: 19
2a02:1400::/26 maxlen: 26
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 17:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:74:6c:ea:b4:83:16:91:9a:3f:b9:5d:45:d4:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2347aaab2206c08128f543730064a145a3effa14
Validity
Not Before: Jan 1 00:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2877d209c495690a16990969e4268efe6c96337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c5:ed:78:76:12:67:56:32:f6:96:09:65:95:
18:3a:a1:4f:0e:78:ea:71:49:36:16:b3:a1:74:c8:
53:d1:c5:a7:25:1b:85:24:f6:cf:61:a8:19:65:7d:
20:64:9d:6b:13:11:7a:d3:ff:39:a6:27:cf:37:61:
b1:2a:24:0a:4d:e5:24:47:d8:fc:75:45:8c:c9:49:
c1:d0:61:c6:c9:55:95:c9:e5:e2:81:94:b8:6f:28:
c4:38:ae:d7:5f:01:40:ef:7b:ad:76:fe:90:97:91:
84:87:f2:4a:e2:dd:4c:57:9c:f8:d3:77:bc:b2:b8:
71:aa:5d:0c:ca:4d:37:76:64:ed:43:2c:ec:84:18:
5a:9f:6d:c1:1b:7b:78:0f:84:b2:35:b5:f8:17:22:
d9:f0:8a:e3:26:7c:af:34:c4:91:4b:47:0d:22:80:
26:ac:23:d1:82:4b:7e:8e:2d:a5:fc:fa:0f:aa:1a:
e0:3e:80:d9:ab:5b:a2:1b:75:bf:20:d2:db:0a:be:
12:b7:1d:c7:96:ad:64:34:69:72:5e:a6:15:e2:44:
69:a4:35:db:ce:3c:95:13:cf:c6:2f:14:13:d7:a5:
a0:a2:00:63:d3:25:4f:3f:66:ef:8a:da:f9:4b:f3:
7d:eb:f3:0c:ae:8d:3c:b5:df:fa:fb:c8:96:9f:cb:
5c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:87:7D:20:9C:49:56:90:A1:69:90:96:9E:42:68:EF:E6:C9:63:37
X509v3 Authority Key Identifier:
keyid:23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/wod9IJxJVpChaZCWnkJo7-bJYzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.194.0.0/15
62.13.0.0/17
62.65.64.0/18
62.119.0.0/16
62.127.0.0/16
78.82.0.0/16
79.102.0.0/16
80.68.96.0/20
81.26.224.0/19
82.182.0.0/15
83.226.0.0/15
84.216.0.0/14
85.224.0.0/13
92.32.0.0/14
94.234.0.0/16
178.28.0.0/14
195.43.192.0/18
195.54.96.0/19
195.58.96.0/19
195.66.32.0/19
212.73.0.0/19
212.73.160.0/19
212.75.64.0/19
212.105.0.0/17
213.112.0.0/14
213.150.128.0/19
213.163.128.0/19
213.204.128.0/18
213.214.192.0/18
213.238.192.0/18
213.242.128.0/18
217.174.64.0/19
IPv6:
2a02:1400::/26
Signature Algorithm: sha256WithRSAEncryption
95:b9:e3:ce:dd:ec:e4:bb:5f:c9:fe:2e:f4:3c:5b:1c:6f:4f:
09:07:ce:a9:ce:df:81:1e:3f:6a:d1:fe:23:d4:4e:19:39:16:
35:d3:6a:08:a4:43:0e:8e:8f:e9:06:07:cb:1d:8a:5c:7a:65:
d8:89:16:55:81:a8:34:58:65:34:59:5a:e8:a3:e7:67:a0:51:
90:d2:b8:6e:46:c6:70:4d:00:05:45:9f:03:ca:8d:82:de:ff:
11:53:b4:cc:4b:9e:f4:5b:71:1e:a8:47:04:df:cc:09:83:8d:
b5:d2:9f:ba:58:2d:2a:92:dd:a8:6a:62:22:f0:ac:c0:90:a6:
70:c4:e0:51:76:e8:7f:42:0f:79:5f:24:88:98:07:5e:52:fd:
b6:25:3c:cf:a1:70:6b:d1:82:99:de:82:29:b4:32:83:e5:9b:
83:36:cc:ea:e3:09:f5:d1:22:f9:5d:c3:aa:6f:b5:c6:6d:68:
78:c1:d5:2f:ae:07:5f:ed:0b:58:e1:5e:6d:0e:9c:33:a7:e2:
ea:13:0e:cc:62:26:d1:3a:33:fb:f4:02:8b:6d:33:b1:b8:2b:
ac:bf:b8:6d:ca:88:0f:d3:ef:e5:ad:5e:51:9b:3a:26:5b:cc:
8f:2e:94:a4:dd:f6:63:3f:28:83:ac:d5:e3:9f:c8:ba:ed:77:
9f:7b:30:c0
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAYzCbXRs6rSDFpGaP7ldRdTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDdhYWFiMjIwNmMwODEyOGY1NDM3MzAwNjRhMTQ1YTNl
ZmZhMTQwHhcNMjQwMTAxMDAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjg3N2QyMDljNDk1NjkwYTE2OTkwOTY5ZTQyNjhlZmU2Yzk2MzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8XteHYSZ1Yy9pYJZZUYOqFPDnjq
cUk2FrOhdMhT0cWnJRuFJPbPYagZZX0gZJ1rExF60/85pifPN2GxKiQKTeUkR9j8
dUWMyUnB0GHGyVWVyeXigZS4byjEOK7XXwFA73utdv6Ql5GEh/JK4t1MV5z403e8
srhxql0Myk03dmTtQyzshBhan23BG3t4D4SyNbX4FyLZ8IrjJnyvNMSRS0cNIoAm
rCPRgkt+ji2l/PoPqhrgPoDZq1uiG3W/INLbCr4Stx3Hlq1kNGlyXqYV4kRppDXb
zjyVE8/GLxQT16WgogBj0yVPP2bvitr5S/N96/MMro08td/6+8iWn8tcfwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFMKHfSCcSVaQoWmQlp5CaO/myWM3MB8GA1UdIwQY
MBaAFCNHqqsiBsCBKPVDcwBkoUWj7/oUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQt
NzU4NDA2NjFlYWY1LzEvd29kOUlKeEpWcENoYVpDV25rSm83LWJKWXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQtNzU4NDA2NjFlYWY1
LzEvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBugQCAAEwgbMDAwEu
wgMEBz4NAAMEBj5BQAMDAD53AwMAPn8DAwBOUgMDAE9mAwQEUERgAwQFURrgAwMB
UrYDAwFT4gMDAlTYAwMDVeADAwJcIAMDAF7qAwMCshwDBAbDK8ADBAXDNmADBAXD
OmADBAXDQiADBAXUSQADBAXUSaADBAXUS0ADBAfUaQADAwLVcAMEBdWWgAMEBdWj
gAMEBtXMgAMEBtXWwAMEBtXuwAMEBtXygAMEBdmuQDANBAIAAjAHAwUGKgIUADAN
BgkqhkiG9w0BAQsFAAOCAQEAlbnjzt3s5Ltfyf4u9DxbHG9PCQfOqc7fgR4/atH+
I9ROGTkWNdNqCKRDDo6P6QYHyx2KXHpl2IkWVYGoNFhlNFla6KPnZ6BRkNK4bkbG
cE0ABUWfA8qNgt7/EVO0zEue9FtxHqhHBN/MCYONtdKfulgtKpLdqGpiIvCswJCm
cMTgUXbof0IPeV8kiJgHXlL9tiU8z6Fwa9GCmd6CKbQyg+WbgzbM6uMJ9dEi+V3D
qm+1xm1oeMHVL64HX+0LWOFebQ6cM6fi6hMOzGIm0Toz+/QCi20zsbgrrL+4bcqI
D9Pv5a1eUZs6JlvMjy6UpN32Yz8og6zV45/Iuu13n3swwA==
-----END CERTIFICATE-----
Generated at Mon Jul 1 01:11:53 2024 by rpki-client on console-ams.rpki-client.org