Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/1-i5xVGP0RKqLqQdjm7Eb3In4O7o.roa
File: 1-i5xVGP0RKqLqQdjm7Eb3In4O7o.roa (raw, json)
Hash identifier: o+EetBGd+Re7kaAQATInD9YkhNpxjjKboA66fAT/iXk=
Subject key identifier: FA:2E:71:54:63:F4:44:AA:8B:A9:07:63:9B:B1:1B:DC:89:F8:3B:BA
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 018E31F7C56633F05679859DFC31E22099A7
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/1-i5xVGP0RKqLqQdjm7Eb3In4O7o.roa
Signing time: Tue 12 Mar 2024 09:21:45 +0000
ROA not before: Tue 12 Mar 2024 09:21:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 46.102.177.0/24 maxlen: 24
46.102.178.0/24 maxlen: 24
46.102.179.0/24 maxlen: 24
77.81.90.0/24 maxlen: 24
77.81.91.0/24 maxlen: 24
86.104.2.0/24 maxlen: 24
86.104.212.0/24 maxlen: 24
86.104.213.0/24 maxlen: 24
86.106.116.0/24 maxlen: 24
89.37.93.0/24 maxlen: 24
89.37.94.0/24 maxlen: 24
89.41.27.0/24 maxlen: 24
89.42.154.0/24 maxlen: 24
93.119.125.0/24 maxlen: 24
176.223.160.0/24 maxlen: 24
188.208.220.0/24 maxlen: 24
188.208.221.0/24 maxlen: 24
188.208.223.0/24 maxlen: 24
188.209.124.0/24 maxlen: 24
188.209.125.0/24 maxlen: 24
193.30.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:f7:c5:66:33:f0:56:79:85:9d:fc:31:e2:20:99:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Mar 12 09:21:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa2e715463f444aa8ba907639bb11bdc89f83bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2b:df:41:23:c6:76:21:80:c2:7c:00:82:28:
b5:75:e8:1f:a9:38:98:11:00:fb:ba:ea:20:c2:3e:
28:8f:38:38:8e:64:8d:0e:ce:05:85:d3:81:0e:43:
85:f0:47:71:0b:31:1d:85:a4:16:6c:5a:a3:8d:0c:
6e:90:f7:f5:fe:e6:a4:1d:52:24:66:4c:6b:de:1b:
6a:bc:7f:95:46:92:71:d5:63:db:01:ab:ec:84:a9:
cb:d2:bf:b3:2c:9f:96:95:a6:1b:6b:54:b1:66:b4:
3f:8d:41:44:10:3c:5c:26:af:0a:ad:47:00:b7:19:
09:a6:a4:4c:62:64:30:08:d6:c9:58:a6:bb:f0:77:
a0:7d:a5:ba:f6:4b:85:5c:63:af:b7:d7:c2:0a:b5:
b7:71:49:fa:96:bc:88:0e:93:3a:ba:16:40:96:94:
75:47:4f:f7:9d:71:b5:64:9e:cb:05:c7:82:74:82:
39:d3:5f:76:cc:f3:ae:46:1b:9a:81:93:82:c6:fe:
7a:6f:1a:2e:28:4f:cf:c9:8e:5e:c5:45:62:ee:d0:
a5:1d:b3:d6:4b:6e:42:37:f8:c7:60:e4:5e:45:40:
4b:0b:bd:f4:c8:7e:f3:0d:57:24:77:6c:d4:66:c0:
e0:fc:b2:75:d0:ef:c9:95:cb:41:9b:e1:fd:44:42:
43:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2E:71:54:63:F4:44:AA:8B:A9:07:63:9B:B1:1B:DC:89:F8:3B:BA
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/1-i5xVGP0RKqLqQdjm7Eb3In4O7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.177.0-46.102.179.255
77.81.90.0/23
86.104.2.0/24
86.104.212.0/23
86.106.116.0/24
89.37.93.0-89.37.94.255
89.41.27.0/24
89.42.154.0/24
93.119.125.0/24
176.223.160.0/24
188.208.220.0/23
188.208.223.0/24
188.209.124.0/23
193.30.255.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:74:09:12:37:11:d5:c8:c1:ca:0f:ef:c3:45:f2:98:0f:9f:
00:c7:3b:d3:2a:6a:2c:ed:cb:13:50:b8:46:86:0d:44:fe:f9:
c0:4f:cb:6b:ba:40:6e:7b:30:94:85:3a:42:7b:5e:28:28:74:
47:60:5e:5b:a3:dc:71:91:13:73:02:4d:f5:2c:83:6c:04:72:
2e:8d:50:cc:6d:35:20:4c:86:2e:fc:b6:6a:76:4e:fc:71:f9:
11:c0:17:85:0e:04:c4:bd:42:c7:fc:7e:51:b4:9f:75:62:2e:
b3:7d:ca:2a:16:23:d5:a5:d1:71:52:2a:02:6a:8f:85:75:e9:
c1:6e:02:11:b3:92:aa:23:65:1a:83:b4:1a:a0:e5:ce:11:4c:
bd:39:9d:bb:dc:f7:41:8c:e2:99:ee:3d:86:ad:28:e1:30:e0:
fd:92:15:ea:cf:46:de:81:a7:7a:83:22:a2:7b:0c:95:a7:7d:
07:21:92:fc:7a:b2:20:bf:6d:7b:7a:10:04:f9:82:a1:ef:eb:
3f:1c:08:0a:31:7e:38:60:bd:7d:1c:67:5a:ca:2d:aa:4a:8f:
5b:4e:31:73:b1:d6:8a:f9:94:ff:e2:bb:2b:aa:4c:ef:c6:05:
c0:70:f0:c4:e6:49:4a:97:e5:27:d4:ec:15:00:d3:7e:b5:0c:
6b:75:17:b3
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAY4x98VmM/BWeYWd/DHiIJmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjQwMzEyMDkyMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJlNzE1NDYzZjQ0NGFhOGJhOTA3NjM5YmIxMWJkYzg5ZjgzYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCvfQSPGdiGAwnwAgii1degfqTiY
EQD7uuogwj4ojzg4jmSNDs4FhdOBDkOF8EdxCzEdhaQWbFqjjQxukPf1/uakHVIk
Zkxr3htqvH+VRpJx1WPbAavshKnL0r+zLJ+WlaYba1SxZrQ/jUFEEDxcJq8KrUcA
txkJpqRMYmQwCNbJWKa78HegfaW69kuFXGOvt9fCCrW3cUn6lryIDpM6uhZAlpR1
R0/3nXG1ZJ7LBceCdII50192zPOuRhuagZOCxv56bxouKE/PyY5exUVi7tClHbPW
S25CN/jHYOReRUBLC730yH7zDVckd2zUZsDg/LJ10O/JlctBm+H9REJDywIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFPoucVRj9ESqi6kHY5uxG9yJ+Du6MB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvMS1pNXhWR1AwUktxTHFRZGptN0ViM0luNE83by5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTEvOWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1
Mi8xL2hQZ2sweTN4cFJFOWdoQVRSZGVGbzRyZHZlVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB9BggrBgEFBQcBBwEB/wRuMGwwagQCAAEwZDAMAwQALmax
AwQCLmawAwQBTVFaAwQAVmgCAwQBVmjUAwQAVmp0MAwDBABZJV0DBABZJV4DBABZ
KRsDBABZKpoDBABdd30DBACw36ADBAG80NwDBAC80N8DBAG80XwDBADBHv8wDQYJ
KoZIhvcNAQELBQADggEBAKd0CRI3EdXIwcoP78NF8pgPnwDHO9MqaiztyxNQuEaG
DUT++cBPy2u6QG57MJSFOkJ7XigodEdgXluj3HGRE3MCTfUsg2wEci6NUMxtNSBM
hi78tmp2Tvxx+RHAF4UOBMS9Qsf8flG0n3ViLrN9yioWI9Wl0XFSKgJqj4V16cFu
AhGzkqojZRqDtBqg5c4RTL05nbvc90GM4pnuPYatKOEw4P2SFerPRt6Bp3qDIqJ7
DJWnfQchkvx6siC/bXt6EAT5gqHv6z8cCAoxfjhgvX0cZ1rKLapKj1tOMXOx1or5
lP/iuyuqTO/GBcBw8MTmSUqX5SfU7BUA0361DGt1F7M=
-----END CERTIFICATE-----
Generated at Wed May 8 21:31:12 2024 by rpki-client on console-ams.rpki-client.org