Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/y8Q7ynJJnkCyRM38ljAGDQ-zYtw.roa
File: y8Q7ynJJnkCyRM38ljAGDQ-zYtw.roa (raw, json)
Hash identifier: hkBn4sxesSrU2cHpldeIckTKtiT9ZkaUlGSLvoaNKzM=
Subject key identifier: CB:C4:3B:CA:72:49:9E:40:B2:44:CD:FC:96:30:06:0D:0F:B3:62:DC
Certificate issuer: /CN=c43c222fad2c27ca612c98c273d4f16506e1b2e5
Certificate serial: 018CC26D1E9E5DB69A048C4E09682511C1FD
Authority key identifier: C4:3C:22:2F:AD:2C:27:CA:61:2C:98:C2:73:D4:F1:65:06:E1:B2:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDwiL60sJ8phLJjCc9TxZQbhsuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/y8Q7ynJJnkCyRM38ljAGDQ-zYtw.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49718
IP address blocks: 176.100.112.0/22 maxlen: 22
176.100.108.0/22 maxlen: 22
176.100.116.0/22 maxlen: 22
176.100.124.0/22 maxlen: 22
176.100.120.0/22 maxlen: 22
213.108.168.0/21 maxlen: 21
213.108.169.0/24 maxlen: 24
213.108.168.0/24 maxlen: 24
213.108.171.0/24 maxlen: 24
213.108.170.0/24 maxlen: 24
176.100.64.0/22 maxlen: 22
213.108.172.0/24 maxlen: 24
213.108.175.0/24 maxlen: 24
176.100.64.0/18 maxlen: 18
176.100.68.0/22 maxlen: 22
213.108.174.0/24 maxlen: 24
213.108.173.0/24 maxlen: 24
176.100.72.0/22 maxlen: 22
176.100.76.0/22 maxlen: 22
176.100.84.0/22 maxlen: 22
176.100.80.0/22 maxlen: 22
176.100.88.0/22 maxlen: 22
176.100.96.0/22 maxlen: 22
176.100.92.0/22 maxlen: 22
176.100.100.0/22 maxlen: 22
176.100.104.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/xDwiL60sJ8phLJjCc9TxZQbhsuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/xDwiL60sJ8phLJjCc9TxZQbhsuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xDwiL60sJ8phLJjCc9TxZQbhsuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1e:9e:5d:b6:9a:04:8c:4e:09:68:25:11:c1:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c43c222fad2c27ca612c98c273d4f16506e1b2e5
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbc43bca72499e40b244cdfc9630060d0fb362dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:94:10:53:9b:2d:04:40:49:bb:2c:29:44:ff:
38:99:15:3f:c7:4f:80:32:81:fb:4a:eb:44:1f:27:
dc:95:d3:e4:2f:13:84:f9:e0:55:0e:12:c3:7d:bf:
74:fe:5d:c4:f4:ef:9e:c3:3a:d4:6b:43:95:15:34:
a4:9c:18:c1:90:d2:75:bf:74:df:d0:4f:3a:f7:7d:
b1:f0:d8:40:a7:25:dd:31:de:a2:71:6d:e9:bf:bd:
c5:79:44:57:3f:45:6c:f3:ea:31:e9:f7:7f:fc:e7:
c7:90:ad:2b:9a:aa:49:7a:4e:be:72:af:ed:53:d9:
58:14:06:3e:e6:25:c7:32:35:84:52:15:bf:35:48:
b7:ba:2b:2d:88:5e:6d:d2:8f:54:e3:e6:fd:57:70:
f4:7d:73:0b:ce:c3:be:93:c0:c6:45:3b:6d:1a:32:
16:c9:cc:7c:bb:d2:53:44:f2:85:41:8e:06:ae:b5:
ff:2e:c6:ad:f2:9c:cd:73:ac:08:70:be:d9:96:36:
0b:1f:78:a1:6d:66:dc:7a:95:da:b7:40:31:90:21:
25:55:94:82:f3:46:8a:4f:90:d5:d6:65:fe:87:b1:
0d:0b:84:b1:cf:22:d9:28:2d:53:3d:38:d5:e1:46:
bf:37:ec:27:63:7e:f8:a8:d4:15:8f:ce:68:ef:ba:
cf:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C4:3B:CA:72:49:9E:40:B2:44:CD:FC:96:30:06:0D:0F:B3:62:DC
X509v3 Authority Key Identifier:
keyid:C4:3C:22:2F:AD:2C:27:CA:61:2C:98:C2:73:D4:F1:65:06:E1:B2:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDwiL60sJ8phLJjCc9TxZQbhsuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/y8Q7ynJJnkCyRM38ljAGDQ-zYtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/xDwiL60sJ8phLJjCc9TxZQbhsuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.100.64.0/18
213.108.168.0/21
Signature Algorithm: sha256WithRSAEncryption
65:3a:47:e5:d2:4b:e7:42:6c:96:c1:83:86:73:95:9d:6d:1c:
ce:f9:ca:5f:68:23:91:24:29:1e:17:43:e8:14:74:15:37:bb:
08:03:fa:ca:d1:b1:b2:bc:f7:34:53:c7:c3:69:76:bd:6e:8d:
49:7b:a7:d0:2a:07:0d:1c:28:c4:41:ce:3b:ca:34:7c:8c:8b:
3e:58:1c:49:94:2a:7a:6f:39:79:6c:d6:7c:f1:05:c5:1f:55:
0d:0a:e1:f5:dc:78:ab:2d:b6:52:e4:90:69:06:6b:a2:12:44:
b6:09:af:73:54:06:a6:71:4f:ea:ee:fb:4f:fe:73:c0:b0:26:
a7:72:88:3c:d4:0d:1e:ad:dc:54:20:7a:40:81:e8:f8:ec:3c:
69:42:25:28:2a:56:e1:c6:42:4d:17:c8:35:ef:0e:be:44:d9:
da:eb:b2:b0:e3:d0:11:7f:88:8c:59:27:58:91:92:9a:5b:76:
36:c9:88:25:96:4b:91:93:03:7a:aa:ff:88:16:5d:c8:a7:89:
eb:c8:a8:f4:11:ac:e3:25:94:06:a6:43:a2:bb:69:fa:29:ec:
ef:28:f5:c0:cf:49:89:47:3e:88:92:e6:04:7a:40:6d:a4:4c:
e0:89:10:c1:e5:dc:2f:0c:26:ed:d1:54:05:e7:4b:b8:87:0c:
a5:9b:b6:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbR6eXbaaBIxOCWglEcH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2MyMjJmYWQyYzI3Y2E2MTJjOThjMjczZDRmMTY1MDZl
MWIyZTUwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmM0M2JjYTcyNDk5ZTQwYjI0NGNkZmM5NjMwMDYwZDBmYjM2MmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZQQU5stBEBJuywpRP84mRU/x0+A
MoH7SutEHyfcldPkLxOE+eBVDhLDfb90/l3E9O+ewzrUa0OVFTSknBjBkNJ1v3Tf
0E86932x8NhApyXdMd6icW3pv73FeURXP0Vs8+ox6fd//OfHkK0rmqpJek6+cq/t
U9lYFAY+5iXHMjWEUhW/NUi3uistiF5t0o9U4+b9V3D0fXMLzsO+k8DGRTttGjIW
ycx8u9JTRPKFQY4GrrX/Lsat8pzNc6wIcL7ZljYLH3ihbWbcepXat0AxkCElVZSC
80aKT5DV1mX+h7ENC4SxzyLZKC1TPTjV4Ua/N+wnY374qNQVj85o77rPTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMvEO8pySZ5AskTN/JYwBg0Ps2LcMB8GA1UdIwQY
MBaAFMQ8Ii+tLCfKYSyYwnPU8WUG4bLlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER3aUw2MHNKOHBoTEpqQ2M5VHhaUWJoc3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82OGE3ZWEtZDUwYS00YTMwLTk1MTMt
ZTkwOWE3N2NkYTk4LzEveThRN3luSkpua0N5Uk0zOGxqQUdEUS16WXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82OGE3ZWEtZDUwYS00YTMwLTk1MTMtZTkwOWE3N2NkYTk4
LzEveER3aUw2MHNKOHBoTEpqQ2M5VHhaUWJoc3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGsGRAAwQD
1WyoMA0GCSqGSIb3DQEBCwUAA4IBAQBlOkfl0kvnQmyWwYOGc5WdbRzO+cpfaCOR
JCkeF0PoFHQVN7sIA/rK0bGyvPc0U8fDaXa9bo1Je6fQKgcNHCjEQc47yjR8jIs+
WBxJlCp6bzl5bNZ88QXFH1UNCuH13HirLbZS5JBpBmuiEkS2Ca9zVAamcU/q7vtP
/nPAsCancog81A0erdxUIHpAgej47DxpQiUoKlbhxkJNF8g17w6+RNna67Kw49AR
f4iMWSdYkZKaW3Y2yYgllkuRkwN6qv+IFl3Ip4nryKj0EazjJZQGpkOiu2n6Kezv
KPXAz0mJRz6IkuYEekBtpEzgiRDB5dwvDCbt0VQF50u4hwylm7Ys
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:43:54 2024 by rpki-client on console-ams.rpki-client.org