Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/RpG_7r9oPuqL48wSc3nv8UkiXcQ.roa
File: RpG_7r9oPuqL48wSc3nv8UkiXcQ.roa (raw, json)
Hash identifier: vm9zGi/ABZTP2vyYZttvU2NbLZrg3jY9vYdow36zO4U=
Subject key identifier: 46:91:BF:EE:BF:68:3E:EA:8B:E3:CC:12:73:79:EF:F1:49:22:5D:C4
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 018CC4931BE52FEB55D13411A2986CC11716
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/RpG_7r9oPuqL48wSc3nv8UkiXcQ.roa
Signing time: Mon 01 Jan 2024 10:30:24 +0000
ROA not before: Mon 01 Jan 2024 10:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12880
IP address blocks: 185.105.102.0/23 maxlen: 23
185.105.100.0/23 maxlen: 23
5.232.0.0/13 maxlen: 13
5.239.0.0/16 maxlen: 16
185.72.82.0/24 maxlen: 24
185.72.81.0/24 maxlen: 24
185.72.80.0/24 maxlen: 24
185.72.83.0/24 maxlen: 24
80.210.48.0/20 maxlen: 20
80.210.48.0/22 maxlen: 22
151.235.128.0/18 maxlen: 18
5.232.160.0/20 maxlen: 20
188.209.16.0/21 maxlen: 21
188.209.24.0/22 maxlen: 22
188.209.28.0/23 maxlen: 23
188.209.30.0/23 maxlen: 23
5.74.128.0/17 maxlen: 17
188.215.160.0/20 maxlen: 20
185.18.159.0/24 maxlen: 24
185.18.156.0/24 maxlen: 24
185.18.157.0/24 maxlen: 24
185.18.158.0/24 maxlen: 24
212.33.208.0/23 maxlen: 23
212.33.212.0/23 maxlen: 23
185.111.80.0/24 maxlen: 24
212.33.214.0/23 maxlen: 23
185.111.83.0/24 maxlen: 24
185.111.82.0/24 maxlen: 24
185.111.81.0/24 maxlen: 24
178.236.110.0/24 maxlen: 24
46.100.0.0/16 maxlen: 16
46.100.6.0/23 maxlen: 23
77.81.144.0/21 maxlen: 21
77.81.152.0/21 maxlen: 21
93.118.168.0/21 maxlen: 21
5.239.244.0/23 maxlen: 23
46.100.43.0/24 maxlen: 24
46.100.44.0/24 maxlen: 24
188.212.160.0/19 maxlen: 19
93.118.96.0/19 maxlen: 19
5.238.0.0/16 maxlen: 16
178.236.97.0/24 maxlen: 24
178.236.96.0/24 maxlen: 24
185.88.48.0/22 maxlen: 22
178.236.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1b:e5:2f:eb:55:d1:34:11:a2:98:6c:c1:17:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 1 10:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4691bfeebf683eea8be3cc127379eff149225dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9e:70:0c:a1:27:07:1f:8f:84:a7:20:56:68:
77:57:f2:89:90:21:e5:98:9d:c0:1e:61:f9:d3:1d:
2a:f7:d1:71:59:c4:ab:68:7b:18:12:09:a6:96:03:
4a:95:39:d4:29:3c:a8:8d:4d:05:0b:6d:b5:87:01:
20:97:bb:27:96:e4:15:f5:91:a7:3c:57:a0:39:0e:
40:72:f9:cd:6e:1c:10:69:e6:2c:dd:68:f5:1b:8c:
a9:2f:42:94:06:a5:7f:20:6e:d4:87:1f:46:70:07:
89:43:45:f0:ff:75:16:58:2d:cc:3a:90:3e:5b:0c:
1d:4f:09:00:e4:dc:8a:a2:a8:8f:89:8a:b2:65:a8:
d5:38:a2:b9:14:7b:e4:af:c1:aa:66:a0:2e:78:bb:
8a:d8:18:44:02:c1:e9:4b:33:42:de:e0:38:e8:d7:
be:8b:08:c3:db:41:c0:98:08:94:68:0a:83:5a:4c:
12:17:67:d1:ce:11:ff:66:75:9d:43:0f:fc:ce:cb:
8d:f8:1a:f2:fd:ae:1d:a7:5a:ed:61:b2:8d:8f:e9:
21:16:8d:55:26:53:4a:6f:57:a7:33:f9:cc:ad:12:
49:15:2f:e2:88:d3:8a:40:2e:b8:24:34:12:23:42:
e1:f3:59:f7:60:51:fe:8c:17:e9:08:ab:2f:b6:4a:
62:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:91:BF:EE:BF:68:3E:EA:8B:E3:CC:12:73:79:EF:F1:49:22:5D:C4
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/RpG_7r9oPuqL48wSc3nv8UkiXcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.74.128.0/17
5.232.0.0/13
46.100.0.0/16
77.81.144.0/20
80.210.48.0/20
93.118.96.0/19
93.118.168.0/21
151.235.128.0/18
178.236.96.0/23
178.236.104.0/24
178.236.110.0/24
185.18.156.0/22
185.72.80.0/22
185.88.48.0/22
185.105.100.0/22
185.111.80.0/22
188.209.16.0/20
188.212.160.0/19
188.215.160.0/20
212.33.208.0/23
212.33.212.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:75:1f:31:6e:e9:73:59:f3:4b:59:ec:1a:dc:22:6b:45:2e:
bc:72:8b:c0:2e:f0:2c:36:a7:0f:16:08:29:20:9a:7c:3a:45:
c3:35:2d:2f:0b:02:df:a7:16:d4:24:c3:ef:73:7f:6f:ad:c4:
3b:53:d6:62:c0:51:24:08:a9:2f:34:20:f0:6b:38:fb:be:4f:
e7:71:48:4f:ea:f9:cc:96:98:d7:25:01:89:5d:aa:14:7d:63:
7a:69:55:77:9b:5d:98:06:49:71:65:aa:39:50:88:37:57:88:
1e:ee:1e:7e:51:8c:61:15:5e:14:49:d1:46:76:f9:af:ca:73:
d6:4a:78:79:6a:3f:87:91:27:16:f8:3d:a9:ee:d1:57:e7:70:
ea:7f:74:4d:3b:e2:77:ab:cc:a0:5b:ef:f5:29:88:62:4c:15:
4c:6f:8f:36:b9:de:25:b6:b1:11:c5:87:26:0a:01:b2:68:3a:
ff:0f:ce:17:0f:0a:1e:2b:68:c3:1c:ad:1c:90:66:49:cf:ca:
ef:97:54:e5:68:d2:30:39:c0:75:37:58:8e:cf:0a:1d:2f:d4:
ad:b4:25:eb:2d:8a:4d:ba:ea:27:02:5f:cf:da:2e:e1:61:10:
cb:66:12:09:09:62:8b:0c:df:aa:6f:28:eb:6d:0e:2e:f5:76:
c1:27:32:ea
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYzEkxvlL+tV0TQRophswRcWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjQwMTAxMTAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjkxYmZlZWJmNjgzZWVhOGJlM2NjMTI3Mzc5ZWZmMTQ5MjI1ZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2p5wDKEnBx+PhKcgVmh3V/KJkCHl
mJ3AHmH50x0q99FxWcSraHsYEgmmlgNKlTnUKTyojU0FC221hwEgl7snluQV9ZGn
PFegOQ5AcvnNbhwQaeYs3Wj1G4ypL0KUBqV/IG7Uhx9GcAeJQ0Xw/3UWWC3MOpA+
WwwdTwkA5NyKoqiPiYqyZajVOKK5FHvkr8GqZqAueLuK2BhEAsHpSzNC3uA46Ne+
iwjD20HAmAiUaAqDWkwSF2fRzhH/ZnWdQw/8zsuN+Bry/a4dp1rtYbKNj+khFo1V
JlNKb1enM/nMrRJJFS/iiNOKQC64JDQSI0Lh81n3YFH+jBfpCKsvtkpifwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFEaRv+6/aD7qi+PMEnN57/FJIl3EMB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvUnBHXzdyOW9QdXFMNDh3U2MzbnY4VWtpWGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEBwVK
gAMDAwXoAwMALmQDBARNUZADBARQ0jADBAVddmADBANddqgDBAaX64ADBAGy7GAD
BACy7GgDBACy7G4DBAK5EpwDBAK5SFADBAK5WDADBAK5aWQDBAK5b1ADBAS80RAD
BAW81KADBAS816ADBAHUIdADBALUIdQwDQYJKoZIhvcNAQELBQADggEBAG91HzFu
6XNZ80tZ7BrcImtFLrxyi8Au8Cw2pw8WCCkgmnw6RcM1LS8LAt+nFtQkw+9zf2+t
xDtT1mLAUSQIqS80IPBrOPu+T+dxSE/q+cyWmNclAYldqhR9Y3ppVXebXZgGSXFl
qjlQiDdXiB7uHn5RjGEVXhRJ0UZ2+a/Kc9ZKeHlqP4eRJxb4Panu0VfncOp/dE07
4nerzKBb7/UpiGJMFUxvjza53iW2sRHFhyYKAbJoOv8PzhcPCh4raMMcrRyQZknP
yu+XVOVo0jA5wHU3WI7PCh0v1K20Jestik266icCX8/aLuFhEMtmEgkJYosM36pv
KOttDi71dsEnMuo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:18:56 2024 by rpki-client on console-ams.rpki-client.org