Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/6hHT6xA63sYoiSJoEkctm0RU4Rk.roa
File: 6hHT6xA63sYoiSJoEkctm0RU4Rk.roa (raw, json)
Hash identifier: vPhR2au3XkuFO4Ewk65Av3iQ/bDI67WueO4XPALuyGw=
Subject key identifier: EA:11:D3:EB:10:3A:DE:C6:28:89:22:68:12:47:2D:9B:44:54:E1:19
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018CC9BB29B3ED8C3BC8D88544E3E67E3DE5
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/6hHT6xA63sYoiSJoEkctm0RU4Rk.roa
Signing time: Tue 02 Jan 2024 10:32:15 +0000
ROA not before: Tue 02 Jan 2024 10:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28878
IP address blocks: 80.246.192.0/20 maxlen: 20
80.246.194.0/24 maxlen: 24
217.21.240.0/20 maxlen: 20
37.17.208.0/20 maxlen: 20
171.33.128.0/21 maxlen: 21
81.30.32.0/20 maxlen: 20
78.108.128.0/20 maxlen: 20
176.74.224.0/19 maxlen: 19
80.255.240.0/20 maxlen: 20
185.15.248.0/22 maxlen: 22
217.149.128.0/20 maxlen: 20
81.21.136.0/21 maxlen: 21
31.223.160.0/20 maxlen: 20
85.10.160.0/19 maxlen: 24
141.255.176.0/22 maxlen: 24
2001:4cb8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:29:b3:ed:8c:3b:c8:d8:85:44:e3:e6:7e:3d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 2 10:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea11d3eb103adec62889226812472d9b4454e119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a2:ed:39:e2:d0:39:9b:c4:6f:70:2b:26:5f:
f4:ca:e0:cf:85:d3:11:df:70:ad:6b:39:81:15:56:
58:00:08:84:23:1a:69:ce:d0:ef:11:c2:3f:1e:f1:
05:09:c0:e1:ed:2f:d3:ce:9c:ba:6b:67:0d:98:05:
97:d3:be:a7:cf:bf:d1:0d:2c:5b:26:6a:ce:9b:ae:
c4:bf:d1:75:5d:b6:c8:17:0e:75:ed:ef:06:91:f7:
c1:b6:55:33:3c:fd:87:12:37:ef:eb:62:0b:4e:c2:
19:37:69:5c:ec:2a:cc:cc:06:db:c8:2c:84:c9:f7:
f6:1f:75:4f:9c:f6:0a:b8:4a:7e:49:64:1b:aa:c6:
a6:e7:5d:64:1c:ba:85:a5:b7:67:f8:de:1c:4a:8b:
c5:d1:3b:30:54:4e:23:3d:70:6b:b7:e4:05:6f:17:
ea:6c:7f:6b:3e:90:99:f1:bb:d9:0c:fc:69:2f:40:
14:c4:6e:14:ff:95:fa:6f:f6:8a:8e:d4:39:ec:7a:
be:f2:14:7d:de:66:56:67:cb:40:c5:56:f5:d4:ee:
8d:a9:41:a6:d8:18:16:50:80:48:78:3b:49:93:33:
27:1e:64:83:e6:d8:40:c8:f4:77:15:44:42:d4:99:
98:b4:38:48:91:ff:02:d5:e7:79:42:0c:01:45:76:
3c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:11:D3:EB:10:3A:DE:C6:28:89:22:68:12:47:2D:9B:44:54:E1:19
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/6hHT6xA63sYoiSJoEkctm0RU4Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.160.0/20
37.17.208.0/20
78.108.128.0/20
80.246.192.0/20
80.255.240.0/20
81.21.136.0/21
81.30.32.0/20
85.10.160.0/19
141.255.176.0/22
171.33.128.0/21
176.74.224.0/19
185.15.248.0/22
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:4cb8::/29
Signature Algorithm: sha256WithRSAEncryption
0c:3e:20:c5:2c:43:03:6a:e1:9b:73:24:4e:96:eb:b9:5d:e3:
bb:3c:57:5e:44:17:f6:a3:ef:84:ed:ce:cb:35:99:bc:b8:e1:
f9:b6:0a:9b:55:e0:8c:a5:b5:6f:75:13:33:6e:a2:f7:90:e5:
07:a1:34:5b:c9:43:58:99:6d:c7:9b:68:66:f1:8d:13:6f:48:
d8:d2:2f:92:2b:31:0e:56:90:91:37:c7:27:57:cb:3d:69:d4:
a4:ca:4b:9d:c1:8c:06:54:46:1b:e5:a9:68:ab:94:8c:e3:09:
84:0b:0c:6d:f1:5e:9e:c4:c9:a7:6b:51:39:c6:1f:7f:7e:be:
8e:32:ad:e1:46:35:2e:10:8e:97:eb:41:9a:2a:57:a9:a4:71:
5c:80:d6:cc:f3:5d:30:f4:1b:35:48:d3:07:18:62:c1:e1:0c:
f5:b6:0f:02:80:88:68:97:31:33:09:bc:4a:76:7b:90:43:cb:
d7:d4:7c:f4:46:e1:d2:07:e7:12:a7:89:2d:3c:8f:91:8b:a2:
a6:ce:92:fa:59:4b:23:37:65:7b:eb:6b:59:c9:74:32:6a:af:
d3:4f:3b:c9:54:e5:11:4d:3f:d2:c0:00:27:b9:ce:e2:34:41:
0d:3e:3f:e2:e7:2f:4e:de:21:1f:6b:e2:d0:f5:dd:16:9c:3b:
27:52:c2:9f
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYzJuymz7Yw7yNiFROPmfj3lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwMTAyMTAzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTExZDNlYjEwM2FkZWM2Mjg4OTIyNjgxMjQ3MmQ5YjQ0NTRlMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaLtOeLQOZvEb3ArJl/0yuDPhdMR
33CtazmBFVZYAAiEIxppztDvEcI/HvEFCcDh7S/Tzpy6a2cNmAWX076nz7/RDSxb
JmrOm67Ev9F1XbbIFw517e8GkffBtlUzPP2HEjfv62ILTsIZN2lc7CrMzAbbyCyE
yff2H3VPnPYKuEp+SWQbqsam511kHLqFpbdn+N4cSovF0TswVE4jPXBrt+QFbxfq
bH9rPpCZ8bvZDPxpL0AUxG4U/5X6b/aKjtQ57Hq+8hR93mZWZ8tAxVb11O6NqUGm
2BgWUIBIeDtJkzMnHmSD5thAyPR3FURC1JmYtDhIkf8C1ed5QgwBRXY8DQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFOoR0+sQOt7GKIkiaBJHLZtEVOEZMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvNmhIVDZ4QTYzc1lvaVNKb0VrY3RtMFJVNFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQEH9+gAwQE
JRHQAwQETmyAAwQEUPbAAwQEUP/wAwQDURWIAwQEUR4gAwQFVQqgAwQCjf+wAwQD
qyGAAwQFsErgAwQCuQ/4AwQE2RXwAwQE2ZWAMA0EAgACMAcDBQMgAUy4MA0GCSqG
SIb3DQEBCwUAA4IBAQAMPiDFLEMDauGbcyROluu5XeO7PFdeRBf2o++E7c7LNZm8
uOH5tgqbVeCMpbVvdRMzbqL3kOUHoTRbyUNYmW3Hm2hm8Y0Tb0jY0i+SKzEOVpCR
N8cnV8s9adSkykudwYwGVEYb5aloq5SM4wmECwxt8V6exMmna1E5xh9/fr6OMq3h
RjUuEI6X60GaKleppHFcgNbM810w9Bs1SNMHGGLB4Qz1tg8CgIholzEzCbxKdnuQ
Q8vX1Hz0RuHSB+cSp4ktPI+Ri6KmzpL6WUsjN2V762tZyXQyaq/TTzvJVOURTT/S
wAAnuc7iNEENPj/i5y9O3iEfa+LQ9d0WnDsnUsKf
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:18:02 2024 by rpki-client on console-fra.rpki-client.org