Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/3v9J4vNv-7iiTXeav5Q8DbDTSIg.roa
File: 3v9J4vNv-7iiTXeav5Q8DbDTSIg.roa (raw, json)
Hash identifier: qtcattQJfesVSQRY0z4xm7Gm0X2Xf1P1AAcjb3Z+U6I=
Subject key identifier: DE:FF:49:E2:F3:6F:FB:B8:A2:4D:77:9A:BF:94:3C:0D:B0:D3:48:88
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 018CC94D86E234E62C871154FD4162717139
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/3v9J4vNv-7iiTXeav5Q8DbDTSIg.roa
Signing time: Tue 02 Jan 2024 08:32:30 +0000
ROA not before: Tue 02 Jan 2024 08:32:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15440
IP address blocks: 195.14.160.0/19 maxlen: 19
185.65.48.0/24 maxlen: 24
185.216.209.0/24 maxlen: 24
217.117.16.0/20 maxlen: 20
77.241.192.0/20 maxlen: 20
79.142.112.0/20 maxlen: 20
185.11.26.0/24 maxlen: 24
45.82.32.0/22 maxlen: 24
5.133.66.0/24 maxlen: 24
5.133.65.0/24 maxlen: 24
92.62.139.0/24 maxlen: 24
92.62.138.0/24 maxlen: 24
92.62.137.0/24 maxlen: 24
92.62.136.0/24 maxlen: 24
92.62.135.0/24 maxlen: 24
92.62.143.0/24 maxlen: 24
92.62.142.0/24 maxlen: 24
92.62.141.0/24 maxlen: 24
92.62.140.0/24 maxlen: 24
89.249.80.0/20 maxlen: 20
92.62.132.0/23 maxlen: 23
92.62.131.0/24 maxlen: 24
92.62.130.0/24 maxlen: 24
92.62.128.0/20 maxlen: 20
92.62.129.0/24 maxlen: 24
92.62.128.0/24 maxlen: 24
213.197.128.0/18 maxlen: 18
2a0d:5000:2::/48 maxlen: 48
2001:1ab8::/32 maxlen: 32
2001:1ab9::/32 maxlen: 32
2001:1ab8::/31 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:86:e2:34:e6:2c:87:11:54:fd:41:62:71:71:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Jan 2 08:32:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=deff49e2f36ffbb8a24d779abf943c0db0d34888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:93:33:89:0e:a2:2b:39:b5:bb:6b:0e:bf:d5:
2a:98:6f:72:9f:11:21:99:b6:2e:13:bf:fa:47:5f:
59:fe:f3:34:86:db:03:ca:ef:64:07:f7:8d:c1:3a:
f6:18:10:f5:f5:94:83:f4:c5:75:67:48:8c:a1:4c:
cd:f4:ce:fb:d0:6e:aa:8c:a8:77:89:77:9b:91:3f:
60:70:2b:62:59:1f:a0:0e:91:77:07:87:ba:af:18:
be:59:62:61:a2:24:d3:95:d0:2e:63:59:b8:fc:f6:
fa:84:7f:3e:d7:ca:ec:bf:ac:63:de:54:ba:f7:89:
f5:df:c2:54:48:46:a3:16:ab:12:76:0f:c3:c0:d9:
75:29:49:12:08:3c:df:df:ee:97:ba:a3:cf:07:8a:
75:4e:22:d9:61:a5:22:9c:3f:9a:51:70:46:d5:90:
e4:fd:fc:a2:7e:1e:4d:48:50:58:cf:df:6a:94:9b:
aa:75:60:cd:ad:73:db:8b:f1:69:15:d5:b5:2a:a8:
9b:af:9b:38:fd:55:fd:55:7c:98:bf:32:bf:51:6c:
9d:d3:8b:94:c2:a8:b9:a7:dc:4a:6b:6b:52:dd:68:
77:59:d8:e6:84:38:2d:be:33:9a:ef:69:ca:23:f8:
40:0b:6f:29:84:fe:d6:7a:6f:0f:34:47:44:07:aa:
08:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FF:49:E2:F3:6F:FB:B8:A2:4D:77:9A:BF:94:3C:0D:B0:D3:48:88
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/3v9J4vNv-7iiTXeav5Q8DbDTSIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.65.0-5.133.66.255
45.82.32.0/22
77.241.192.0/20
79.142.112.0/20
89.249.80.0/20
92.62.128.0/20
185.11.26.0/24
185.65.48.0/24
185.216.209.0/24
195.14.160.0/19
213.197.128.0/18
217.117.16.0/20
IPv6:
2001:1ab8::/31
2a0d:5000:2::/48
Signature Algorithm: sha256WithRSAEncryption
c5:70:e3:48:3a:cf:4e:48:53:4e:9e:8d:fd:6d:ec:41:55:a3:
a4:28:f9:41:c0:9c:fd:3b:5f:3e:59:76:39:5a:93:71:6f:20:
e9:51:ec:67:2f:c0:c3:bb:da:fe:ec:9c:ea:6f:73:f8:3d:85:
d5:08:82:65:2f:8a:0a:c4:39:ec:4b:30:7b:54:dc:89:76:60:
49:b1:f9:f4:58:4c:32:ef:50:2b:48:e5:87:53:11:39:c2:a2:
17:c8:1f:eb:9b:7f:3e:dd:59:c9:0e:15:01:19:00:ae:7f:d5:
4c:52:d1:90:67:e7:36:ce:eb:1d:85:2b:5b:20:5b:f1:bb:0a:
b4:14:16:14:1c:26:1c:3f:c6:e4:97:e3:80:eb:03:f6:be:f2:
ef:d3:39:45:64:33:16:63:cf:b9:e6:3e:1a:52:7f:5b:fc:05:
d0:16:8a:9a:a1:71:ba:c1:3f:df:75:cd:27:16:cc:f8:a0:44:
b0:2c:0d:1a:54:26:7d:7a:01:47:ce:5c:4e:c5:6f:22:0d:28:
8e:25:2e:ed:84:62:d4:1f:9f:82:78:78:77:c8:03:1e:fa:c0:
df:f8:a1:2f:75:01:d9:f7:f5:ad:33:67:bd:e7:33:9f:0c:c6:
c7:d5:69:01:f7:c5:97:73:73:c4:e6:5b:88:fb:0a:1c:66:b7:
cc:f2:82:e6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYzJTYbiNOYshxFU/UFicXE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjQwMTAyMDgzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWZmNDllMmYzNmZmYmI4YTI0ZDc3OWFiZjk0M2MwZGIwZDM0ODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopMziQ6iKzm1u2sOv9UqmG9ynxEh
mbYuE7/6R19Z/vM0htsDyu9kB/eNwTr2GBD19ZSD9MV1Z0iMoUzN9M770G6qjKh3
iXebkT9gcCtiWR+gDpF3B4e6rxi+WWJhoiTTldAuY1m4/Pb6hH8+18rsv6xj3lS6
94n138JUSEajFqsSdg/DwNl1KUkSCDzf3+6XuqPPB4p1TiLZYaUinD+aUXBG1ZDk
/fyifh5NSFBYz99qlJuqdWDNrXPbi/FpFdW1Kqibr5s4/VX9VXyYvzK/UWyd04uU
wqi5p9xKa2tS3Wh3WdjmhDgtvjOa72nKI/hAC28phP7Wem8PNEdEB6oIkQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFN7/SeLzb/u4ok13mr+UPA2w00iIMB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvM3Y5SjR2TnYtN2lpVFhlYXY1UThEYkRUU0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwVgQCAAEwUDAMAwQABYVB
AwQABYVCAwQCLVIgAwQETfHAAwQET45wAwQEWflQAwQEXD6AAwQAuQsaAwQAuUEw
AwQAudjRAwQFww6gAwQG1cWAAwQE2XUQMBYEAgACMBADBQEgARq4AwcAKg1QAAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQDFcONIOs9OSFNOno39bexBVaOkKPlBwJz9O18+
WXY5WpNxbyDpUexnL8DDu9r+7Jzqb3P4PYXVCIJlL4oKxDnsSzB7VNyJdmBJsfn0
WEwy71ArSOWHUxE5wqIXyB/rm38+3VnJDhUBGQCuf9VMUtGQZ+c2zusdhStbIFvx
uwq0FBYUHCYcP8bkl+OA6wP2vvLv0zlFZDMWY8+55j4aUn9b/AXQFoqaoXG6wT/f
dc0nFsz4oESwLA0aVCZ9egFHzlxOxW8iDSiOJS7thGLUH5+CeHh3yAMe+sDf+KEv
dQHZ9/WtM2e95zOfDMbH1WkB98WXc3PE5luI+wocZrfM8oLm
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:46:10 2024 by rpki-client on console-fra.rpki-client.org