Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/hYSdVCzwCF10fYtPBkWQIH9tx-A.roa
File: hYSdVCzwCF10fYtPBkWQIH9tx-A.roa (raw, json)
Hash identifier: kA1LXfebszh6Jy37appI6a/SvabVlZHQAKrEL5Rg2TQ=
Subject key identifier: 85:84:9D:54:2C:F0:08:5D:74:7D:8B:4F:06:45:90:20:7F:6D:C7:E0
Certificate issuer: /CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Certificate serial: 018CC4931C6DE0CA7EF6BDC8ECDE6B5F3D37
Authority key identifier: 6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/hYSdVCzwCF10fYtPBkWQIH9tx-A.roa
Signing time: Mon 01 Jan 2024 10:30:24 +0000
ROA not before: Mon 01 Jan 2024 10:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48159
IP address blocks: 93.117.96.0/20 maxlen: 20
188.211.192.0/19 maxlen: 19
93.117.112.0/20 maxlen: 20
5.233.84.0/24 maxlen: 24
5.233.82.0/23 maxlen: 23
195.181.32.0/20 maxlen: 20
5.233.95.0/24 maxlen: 24
5.233.94.0/24 maxlen: 24
185.105.102.0/23 maxlen: 23
185.105.100.0/23 maxlen: 23
188.211.128.0/19 maxlen: 19
85.204.208.0/20 maxlen: 20
5.232.64.0/18 maxlen: 18
5.233.240.0/20 maxlen: 20
89.35.64.0/21 maxlen: 21
5.239.0.0/16 maxlen: 16
5.235.188.0/22 maxlen: 22
5.235.188.0/23 maxlen: 23
5.235.192.0/19 maxlen: 19
46.100.164.0/22 maxlen: 22
5.236.0.0/18 maxlen: 18
5.232.160.0/20 maxlen: 20
91.92.220.0/22 maxlen: 22
5.239.144.0/20 maxlen: 20
5.234.36.0/22 maxlen: 22
5.234.40.0/21 maxlen: 21
5.232.128.0/19 maxlen: 19
5.235.224.0/19 maxlen: 19
188.215.176.0/20 maxlen: 20
89.40.152.0/21 maxlen: 21
5.239.200.0/21 maxlen: 21
93.88.64.0/21 maxlen: 21
46.100.0.0/16 maxlen: 16
93.88.72.0/23 maxlen: 23
5.239.244.0/23 maxlen: 23
5.236.64.0/19 maxlen: 19
5.239.160.0/20 maxlen: 20
89.37.144.0/23 maxlen: 23
5.239.176.0/22 maxlen: 22
85.204.80.0/20 maxlen: 20
86.104.240.0/21 maxlen: 21
89.40.240.0/20 maxlen: 20
5.238.0.0/16 maxlen: 16
5.236.96.0/21 maxlen: 21
5.239.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1c:6d:e0:ca:7e:f6:bd:c8:ec:de:6b:5f:3d:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3030a4b67f95c2fed902d56657faa2494b5129
Validity
Not Before: Jan 1 10:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85849d542cf0085d747d8b4f064590207f6dc7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:56:74:63:88:e6:10:40:78:90:f8:b6:8c:ce:
9d:f7:1f:71:d6:71:e4:86:9d:a6:e7:4b:eb:7e:8b:
b0:de:5d:f6:9f:f3:a5:c7:75:56:45:f6:1f:76:12:
e9:61:f4:0a:dd:95:0a:b9:0b:0b:e4:09:ae:ef:8b:
2e:05:58:a5:06:ae:b3:77:83:d7:0d:90:de:3f:57:
15:03:87:00:77:20:3f:af:00:e0:91:be:11:f2:93:
52:b3:e7:e5:ae:ae:9d:18:0f:36:3d:61:2d:a9:33:
d9:35:ef:d2:a3:73:e3:6d:ab:a7:6b:b2:a2:e8:4f:
7f:0e:fc:be:ec:65:b0:7d:85:d4:bd:cb:9c:b1:5c:
79:b0:cd:d3:30:13:62:94:85:1d:34:ac:dc:84:c6:
4e:69:a0:8a:b8:ad:5d:38:53:79:2a:60:94:0e:3b:
f7:f0:cf:2f:0f:e6:3c:2e:60:bc:a4:9a:22:25:1e:
33:80:23:4a:84:c7:3e:32:0c:db:a2:94:4e:b4:a4:
b5:c0:bd:4a:cf:47:22:5c:5f:ff:6b:78:8f:74:09:
f7:bb:52:f6:9b:ab:ed:ca:34:c9:3b:86:69:f0:99:
1b:c1:a2:2c:54:63:5b:fe:7c:39:12:23:f9:e4:63:
53:4e:22:11:f2:fb:f5:6d:a5:2e:f1:6a:cb:07:cb:
aa:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:84:9D:54:2C:F0:08:5D:74:7D:8B:4F:06:45:90:20:7F:6D:C7:E0
X509v3 Authority Key Identifier:
keyid:6F:30:30:A4:B6:7F:95:C2:FE:D9:02:D5:66:57:FA:A2:49:4B:51:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzAwpLZ_lcL-2QLVZlf6oklLUSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/hYSdVCzwCF10fYtPBkWQIH9tx-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2b99a3-dd5f-4ffe-82ef-bf3b21a270f2/1/bzAwpLZ_lcL-2QLVZlf6oklLUSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.232.64.0-5.232.175.255
5.233.82.0-5.233.84.255
5.233.94.0/23
5.233.240.0/20
5.234.36.0-5.234.47.255
5.235.188.0-5.236.103.255
5.238.0.0/15
46.100.0.0/16
85.204.80.0/20
85.204.208.0/20
86.104.240.0/21
89.35.64.0/21
89.37.144.0/23
89.40.152.0/21
89.40.240.0/20
91.92.220.0/22
93.88.64.0-93.88.73.255
93.117.96.0/19
185.105.100.0/22
188.211.128.0/19
188.211.192.0/19
188.215.176.0/20
195.181.32.0/20
Signature Algorithm: sha256WithRSAEncryption
8b:b0:36:e9:29:bc:9a:82:5d:68:78:a7:6a:35:b2:fe:9b:68:
dd:70:46:1f:3a:92:d4:af:20:74:6e:31:43:b0:37:06:b3:12:
06:1d:94:ee:47:a1:b8:16:61:02:4c:a1:35:02:46:e6:a4:15:
15:4c:56:51:f5:d8:88:35:52:80:ce:59:69:f8:78:8f:5c:54:
41:5d:ba:06:c9:01:1c:0c:60:2c:9b:74:c3:18:f4:63:61:fe:
74:42:a9:5f:2d:8b:78:b8:70:45:a9:c7:76:cf:3a:c4:a9:20:
6b:fe:c7:ef:0f:51:be:d5:b0:72:26:1f:a5:6b:f4:54:70:e6:
ea:7a:8a:c8:9e:b3:3a:6b:cd:5e:b8:e4:cb:24:8f:4e:cc:68:
3a:fb:da:c7:44:73:ec:45:a0:92:1e:07:fe:7c:1c:af:a1:fe:
96:70:25:3f:b2:74:78:7b:17:b7:b4:cc:32:05:75:32:77:a7:
68:c7:c1:f5:68:8d:96:f4:02:17:09:13:7e:86:a8:45:7f:5a:
47:0d:a2:78:c4:eb:51:3e:97:88:85:5a:b7:ef:5a:eb:d5:81:
64:74:6a:06:f8:79:ba:78:68:4d:57:79:b9:d3:89:19:e0:ce:
1b:75:9c:0f:22:66:f8:51:e2:b5:14:80:a3:25:e3:54:50:9d:
ba:2e:1e:8b
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAYzEkxxt4Mp+9r3I7N5rXz03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzAzMGE0YjY3Zjk1YzJmZWQ5MDJkNTY2NTdmYWEyNDk0
YjUxMjkwHhcNMjQwMTAxMTAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTg0OWQ1NDJjZjAwODVkNzQ3ZDhiNGYwNjQ1OTAyMDdmNmRjN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11Z0Y4jmEEB4kPi2jM6d9x9x1nHk
hp2m50vrfouw3l32n/Olx3VWRfYfdhLpYfQK3ZUKuQsL5Amu74suBVilBq6zd4PX
DZDeP1cVA4cAdyA/rwDgkb4R8pNSs+flrq6dGA82PWEtqTPZNe/So3Pjbauna7Ki
6E9/Dvy+7GWwfYXUvcucsVx5sM3TMBNilIUdNKzchMZOaaCKuK1dOFN5KmCUDjv3
8M8vD+Y8LmC8pJoiJR4zgCNKhMc+MgzbopROtKS1wL1Kz0ciXF//a3iPdAn3u1L2
m6vtyjTJO4Zp8JkbwaIsVGNb/nw5EiP55GNTTiIR8vv1baUu8WrLB8uqRwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFIWEnVQs8AhddH2LTwZFkCB/bcfgMB8GA1UdIwQY
MBaAFG8wMKS2f5XC/tkC1WZX+qJJS1EpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYt
YmYzYjIxYTI3MGYyLzEvaFlTZFZDendDRjEwZll0UEJrV1FJSDl0eC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yYjk5YTMtZGQ1Zi00ZmZlLTgyZWYtYmYzYjIxYTI3MGYy
LzEvYnpBd3BMWl9sY0wtMlFMVlpsZjZva2xMVVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbAwDAME
BgXoQAMEBAXooDAMAwQBBelSAwQABelUAwQBBeleAwQEBenwMAwDBAIF6iQDBAQF
6iAwDAMEAgXrvAMEAwXsYAMDAQXuAwMALmQDBARVzFADBARVzNADBANWaPADBANZ
I0ADBAFZJZADBANZKJgDBARZKPADBAJbXNwwDAMEBl1YQAMEAV1YSAMEBV11YAME
ArlpZAMEBbzTgAMEBbzTwAMEBLzXsAMEBMO1IDANBgkqhkiG9w0BAQsFAAOCAQEA
i7A26Sm8moJdaHinajWy/pto3XBGHzqS1K8gdG4xQ7A3BrMSBh2U7kehuBZhAkyh
NQJG5qQVFUxWUfXYiDVSgM5Zafh4j1xUQV26BskBHAxgLJt0wxj0Y2H+dEKpXy2L
eLhwRanHds86xKkga/7H7w9RvtWwciYfpWv0VHDm6nqKyJ6zOmvNXrjkyySPTsxo
Ovvax0Rz7EWgkh4H/nwcr6H+lnAlP7J0eHsXt7TMMgV1MnenaMfB9WiNlvQCFwkT
foaoRX9aRw2ieMTrUT6XiIVat+9a69WBZHRqBvh5unhoTVd5udOJGeDOG3WcDyJm
+FHitRSAoyXjVFCdui4eiw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:18:56 2024 by rpki-client on console-ams.rpki-client.org