Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/c6vv9Gf7WrGLyQuEKxR_phDLB5k.roa
File: c6vv9Gf7WrGLyQuEKxR_phDLB5k.roa (raw, json)
Hash identifier: wuwqO/Y7TMp7AenDU2WrhX4oP1hR9IDT2Tg3/x1EU6g=
Subject key identifier: 73:AB:EF:F4:67:FB:5A:B1:8B:C9:0B:84:2B:14:7F:A6:10:CB:07:99
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 018CC5DC17C7BA7AAC1460B2F28B5067C05D
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/c6vv9Gf7WrGLyQuEKxR_phDLB5k.roa
Signing time: Mon 01 Jan 2024 16:29:44 +0000
ROA not before: Mon 01 Jan 2024 16:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8447
IP address blocks: 213.147.160.0/19 maxlen: 19
192.164.128.0/19 maxlen: 19
178.188.0.0/14 maxlen: 14
85.90.128.0/19 maxlen: 19
213.33.63.0/24 maxlen: 24
193.187.212.0/22 maxlen: 22
213.157.128.0/19 maxlen: 19
192.164.64.0/21 maxlen: 21
193.80.0.0/15 maxlen: 15
193.187.216.0/21 maxlen: 21
193.187.224.0/20 maxlen: 20
192.164.80.0/20 maxlen: 20
212.16.32.0/19 maxlen: 19
193.187.240.0/22 maxlen: 22
213.225.0.0/18 maxlen: 18
192.164.96.0/19 maxlen: 19
213.33.0.0/17 maxlen: 17
192.164.224.0/19 maxlen: 19
93.111.0.0/16 maxlen: 23
212.124.128.0/19 maxlen: 19
195.3.64.0/18 maxlen: 18
188.20.0.0/14 maxlen: 24
89.144.192.0/18 maxlen: 18
46.74.0.0/15 maxlen: 23
192.164.208.0/20 maxlen: 20
176.66.0.0/18 maxlen: 18
80.240.224.0/20 maxlen: 24
194.96.0.0/16 maxlen: 16
80.89.96.0/20 maxlen: 20
195.170.64.0/19 maxlen: 19
192.164.0.0/19 maxlen: 19
88.116.217.0/24 maxlen: 24
81.5.192.0/18 maxlen: 18
192.164.32.0/22 maxlen: 22
193.154.0.0/16 maxlen: 16
192.164.40.0/21 maxlen: 21
192.164.39.0/24 maxlen: 24
176.66.128.0/17 maxlen: 17
192.164.48.0/20 maxlen: 20
92.248.0.0/17 maxlen: 17
212.197.128.0/18 maxlen: 18
193.83.0.0/16 maxlen: 16
80.120.0.0/14 maxlen: 24
62.46.0.0/15 maxlen: 15
194.152.160.0/19 maxlen: 19
212.88.160.0/19 maxlen: 24
195.230.32.0/19 maxlen: 19
212.183.0.0/17 maxlen: 24
80.75.56.0/21 maxlen: 21
213.240.64.0/18 maxlen: 18
93.82.0.0/15 maxlen: 15
188.45.0.0/16 maxlen: 16
91.112.0.0/14 maxlen: 14
194.166.0.0/16 maxlen: 16
80.75.34.0/24 maxlen: 24
80.75.32.0/19 maxlen: 22
88.116.0.0/15 maxlen: 15
62.116.32.0/19 maxlen: 19
194.48.124.0/22 maxlen: 22
194.48.128.0/21 maxlen: 21
194.48.136.0/22 maxlen: 22
194.48.136.0/24 maxlen: 24
217.149.160.0/20 maxlen: 20
212.60.160.0/19 maxlen: 19
195.64.0.0/19 maxlen: 19
194.118.0.0/16 maxlen: 16
194.152.96.0/19 maxlen: 19
212.88.0.0/19 maxlen: 19
84.20.160.0/19 maxlen: 19
46.206.0.0/15 maxlen: 15
2001:4bb8::/29 maxlen: 29
2001:890::/29 maxlen: 29
2001:870::/29 maxlen: 29
2001:850::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:17:c7:ba:7a:ac:14:60:b2:f2:8b:50:67:c0:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73abeff467fb5ab18bc90b842b147fa610cb0799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d0:0e:fb:04:d5:83:43:82:ab:08:39:a8:88:
eb:6e:cb:77:07:0a:b8:0a:33:0e:b2:2b:02:82:09:
49:c2:65:c0:52:1b:1c:5c:3d:3e:ff:e9:aa:84:86:
a9:f2:81:c6:93:4c:e3:72:22:01:41:14:aa:c3:8c:
85:e5:e9:71:71:59:e2:fb:f3:1b:c4:b7:3d:0a:f4:
53:df:b4:a9:96:5c:52:8a:29:30:a0:35:a6:f1:f3:
35:b9:0a:7c:85:1c:5f:5c:27:72:65:dd:ca:71:39:
fa:7f:54:7a:f5:5d:74:3d:10:a1:c9:38:3a:c8:86:
ff:d9:1a:6d:bd:73:ec:f1:b3:d9:0a:bd:2f:74:93:
5c:ca:72:69:56:69:20:f0:ec:ac:dd:0e:e7:34:da:
39:88:29:0c:45:67:76:d5:de:38:a1:27:2d:e3:21:
26:8f:a1:93:10:7a:0f:43:08:cd:0d:c6:ec:74:97:
16:5a:ad:cf:ef:eb:1d:19:37:ae:3a:13:39:fa:f4:
e0:47:00:28:0c:0d:23:ba:a3:c3:34:d5:7c:87:46:
7a:7d:95:52:00:32:97:f8:b5:68:7b:d2:f9:23:e6:
73:0e:37:f2:50:fb:fc:ca:da:fd:b4:7b:fa:e8:42:
8c:ca:3f:db:a9:bc:2e:67:6b:b1:6c:b9:ce:3b:c5:
c9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:AB:EF:F4:67:FB:5A:B1:8B:C9:0B:84:2B:14:7F:A6:10:CB:07:99
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/c6vv9Gf7WrGLyQuEKxR_phDLB5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
62.116.32.0/19
80.75.32.0/19
80.89.96.0/20
80.120.0.0/14
80.240.224.0/20
81.5.192.0/18
84.20.160.0/19
85.90.128.0/19
88.116.0.0/15
89.144.192.0/18
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/18
176.66.128.0/17
178.188.0.0/14
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.35.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.80.0.0/15
193.83.0.0/16
193.154.0.0/16
193.187.212.0-193.187.243.255
194.48.124.0-194.48.139.255
194.96.0.0/16
194.118.0.0/16
194.152.96.0/19
194.152.160.0/19
194.166.0.0/16
195.3.64.0/18
195.64.0.0/19
195.170.64.0/19
195.230.32.0/19
212.16.32.0/19
212.60.160.0/19
212.88.0.0/19
212.88.160.0/19
212.124.128.0/19
212.183.0.0/17
212.197.128.0/18
213.33.0.0/17
213.147.160.0/19
213.157.128.0/19
213.225.0.0/18
213.240.64.0/18
217.149.160.0/20
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
Signature Algorithm: sha256WithRSAEncryption
15:77:8c:19:3c:94:ed:5e:fa:94:b8:91:25:c4:93:ac:40:af:
e7:6e:10:d0:54:95:4c:6b:3e:66:63:48:60:6a:53:39:bf:e5:
1d:f5:66:ae:20:c0:c1:01:d6:19:a7:a4:c2:f1:36:55:49:6f:
38:bc:cf:70:6d:1c:b2:ec:fd:30:cb:bc:fd:51:6c:3f:05:b9:
39:03:d8:08:86:bb:84:cd:ae:61:5f:47:a8:1e:5c:92:cf:0f:
38:91:94:ce:2e:7a:fb:52:1d:33:09:a5:19:61:f9:59:9e:ee:
fc:1c:2f:fc:22:4f:7c:a6:ad:6a:c4:7e:59:62:1f:fc:c6:dd:
7c:00:0f:5c:af:86:c5:82:84:14:c2:89:b0:12:94:34:32:d9:
e5:91:79:96:e2:5d:f7:4f:c8:c8:1d:11:9c:58:17:33:cd:fd:
9c:d5:c8:dc:10:4c:5e:fa:d5:6e:5f:b8:17:90:34:d2:c2:13:
42:c3:00:17:fd:d9:7b:7e:c8:73:97:fe:7d:23:dd:f9:0d:cf:
8f:c9:93:7d:c4:d3:5b:80:b8:7e:aa:20:03:dc:30:0c:42:de:
e8:50:ec:5d:0a:41:e5:be:0d:54:e0:44:85:2d:d1:f2:41:47:
73:4a:48:a1:fb:18:86:c8:af:6e:c3:01:1e:ca:c1:87:48:c0:
f7:3d:6b:97
-----BEGIN CERTIFICATE-----
MIIGgDCCBWigAwIBAgISAYzF3BfHunqsFGCy8otQZ8BdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2FiZWZmNDY3ZmI1YWIxOGJjOTBiODQyYjE0N2ZhNjEwY2IwNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltAO+wTVg0OCqwg5qIjrbst3Bwq4
CjMOsisCgglJwmXAUhscXD0+/+mqhIap8oHGk0zjciIBQRSqw4yF5elxcVni+/Mb
xLc9CvRT37SpllxSiikwoDWm8fM1uQp8hRxfXCdyZd3KcTn6f1R69V10PRChyTg6
yIb/2RptvXPs8bPZCr0vdJNcynJpVmkg8Oys3Q7nNNo5iCkMRWd21d44oSct4yEm
j6GTEHoPQwjNDcbsdJcWWq3P7+sdGTeuOhM5+vTgRwAoDA0juqPDNNV8h0Z6fZVS
ADKX+LVoe9L5I+ZzDjfyUPv8ytr9tHv66EKMyj/bqbwuZ2uxbLnOO8XJ6QIDAQAB
o4IDjDCCA4gwHQYDVR0OBBYEFHOr7/Rn+1qxi8kLhCsUf6YQyweZMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvYzZ2djlHZjdXckdMeVF1RUt4Ul9waERMQjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBoAYIKwYBBQUHAQcBAf8EggGPMIIBizCCAWMEAgABMIIB
WwMDAS5KAwMBLs4DAwE+LgMEBT50IAMEBVBLIAMEBFBZYAMDAlB4AwQEUPDgAwQG
UQXAAwQFVBSgAwQFVVqAAwMBWHQDBAZZkMADAwJbcAMEB1z4AAMDAV1SAwMAXW8D
BAawQgADBAewQoADAwKyvAMDArwUAwMAvC0wCwMDAsCkAwQCwKQgMAwDBADApCcD
BAPApEAwDAMEBMCkUAMEBcCkgDALAwQEwKTQAwMAwKQDAwHBUAMDAMFTAwMAwZow
DAMEAsG71AMEAsG78DAMAwQCwjB8AwQCwjCIAwMAwmADAwDCdgMEBcKYYAMEBcKY
oAMDAMKmAwQGwwNAAwQFw0AAAwQFw6pAAwQFw+YgAwQF1BAgAwQF1DygAwQF1FgA
AwQF1FigAwQF1HyAAwQH1LcAAwQG1MWAAwQH1SEAAwQF1ZOgAwQF1Z2AAwQG1eEA
AwQG1fBAAwQE2ZWgMCIEAgACMBwDBQMgAQhQAwUDIAEIcAMFAyABCJADBQMgAUu4
MA0GCSqGSIb3DQEBCwUAA4IBAQAVd4wZPJTtXvqUuJElxJOsQK/nbhDQVJVMaz5m
Y0hgalM5v+Ud9WauIMDBAdYZp6TC8TZVSW84vM9wbRyy7P0wy7z9UWw/Bbk5A9gI
hruEza5hX0eoHlySzw84kZTOLnr7Uh0zCaUZYflZnu78HC/8Ik98pq1qxH5ZYh/8
xt18AA9cr4bFgoQUwomwEpQ0MtnlkXmW4l33T8jIHRGcWBczzf2c1cjcEExe+tVu
X7gXkDTSwhNCwwAX/dl7fshzl/59I935Dc+PyZN9xNNbgLh+qiAD3DAMQt7oUOxd
CkHlvg1U4ESFLdHyQUdzSkih+xiGyK9uwwEeysGHSMD3PWuX
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:32:56 2024 by rpki-client on console-fra.rpki-client.org