Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/lIgwX-I2ik6N3udZ1F74YnwPr7A.roa
File: lIgwX-I2ik6N3udZ1F74YnwPr7A.roa (raw, json)
Hash identifier: K4/1hb/wiyRnjV5+aDvkAB8h3ctF+CVuT79LAd2R7JE=
Subject key identifier: 94:88:30:5F:E2:36:8A:4E:8D:DE:E7:59:D4:5E:F8:62:7C:0F:AF:B0
Certificate issuer: /CN=bd063d944bb81fc31cba11499dd006eb4ece9624
Certificate serial: 01902A8149C9BFFB25E951512F66DB4990BD
Authority key identifier: BD:06:3D:94:4B:B8:1F:C3:1C:BA:11:49:9D:D0:06:EB:4E:CE:96:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vQY9lEu4H8McuhFJndAG607OliQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/lIgwX-I2ik6N3udZ1F74YnwPr7A.roa
Signing time: Tue 18 Jun 2024 08:40:34 +0000
ROA not before: Tue 18 Jun 2024 08:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48971
IP address blocks: 94.231.80.0/20 maxlen: 20
94.231.80.0/21 maxlen: 21
94.231.80.0/24 maxlen: 24
94.231.88.0/21 maxlen: 21
94.231.93.0/24 maxlen: 24
94.231.94.0/24 maxlen: 24
185.19.84.0/22 maxlen: 22
195.2.228.0/23 maxlen: 23
2a00:41c0::/29 maxlen: 29
2a00:41c0::/32 maxlen: 32
2a00:41c0:7::/48 maxlen: 48
2a00:41c0:8::/48 maxlen: 48
2a00:41c0:9::/48 maxlen: 48
2a00:41c0:10::/48 maxlen: 48
2a00:41c0:11::/48 maxlen: 48
2a00:41c0:14::/48 maxlen: 48
2a00:41c0:16::/48 maxlen: 48
2a00:41c0:19::/48 maxlen: 48
2a00:41c0:20::/48 maxlen: 48
2a00:41c0:21::/48 maxlen: 48
2a00:41c0:81::/48 maxlen: 48
2a00:41c0:a8::/47 maxlen: 47
2a00:41c0:185::/48 maxlen: 48
2a00:41c0:194::/48 maxlen: 48
2a00:41c0:a11::/48 maxlen: 48
2a00:41c0:a21::/48 maxlen: 48
2a00:41c0:a94::/48 maxlen: 48
2a00:41c0:b94::/48 maxlen: 48
2a00:41c0:e94::/48 maxlen: 48
2a00:41c0:1185::/48 maxlen: 48
2a00:41c0:a121::/48 maxlen: 48
2a00:41c0:a123::/48 maxlen: 48
2a00:41c0:a185::/48 maxlen: 48
2a00:41c0:a186::/48 maxlen: 48
2a00:41c0:d185::/48 maxlen: 48
2a00:41c0:f185::/48 maxlen: 48
2a00:41c0:f231::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/vQY9lEu4H8McuhFJndAG607OliQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/vQY9lEu4H8McuhFJndAG607OliQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/vQY9lEu4H8McuhFJndAG607OliQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:81:49:c9:bf:fb:25:e9:51:51:2f:66:db:49:90:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd063d944bb81fc31cba11499dd006eb4ece9624
Validity
Not Before: Jun 18 08:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9488305fe2368a4e8ddee759d45ef8627c0fafb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f4:ad:53:e2:29:d6:d3:b9:da:6c:3e:6e:0b:
3d:8a:0e:a8:82:1d:b1:33:4e:63:0b:56:d3:00:75:
4d:03:14:bb:54:91:51:43:f2:f0:69:0c:c1:c2:6f:
32:5e:a7:4a:37:e3:af:6e:b5:25:26:8f:2b:b1:42:
5c:45:0a:27:a2:f1:b5:54:f2:b3:5e:24:da:81:af:
17:06:26:8b:2b:90:15:d6:2d:3e:50:4b:b4:c5:b8:
54:35:80:16:86:45:89:a6:3e:4f:bd:6b:84:b8:e8:
20:16:8d:56:1c:ad:60:7f:1a:bb:d4:8e:c7:38:1f:
af:98:0e:fb:5b:48:38:09:50:59:ba:37:06:c3:e4:
e0:bc:a9:ff:7c:ae:6e:86:99:26:2f:61:6c:54:55:
37:db:f1:54:a8:82:a4:88:9f:c7:2f:31:24:83:cf:
65:1e:29:51:24:3f:3a:6a:55:a9:e8:1a:bc:9b:63:
fe:81:bd:84:e0:4c:07:a0:2a:8c:c0:fb:66:7f:1e:
a9:0f:82:a3:3d:37:19:e6:86:8e:ee:dd:3b:78:8e:
d4:60:04:00:6e:6d:33:5f:42:99:83:c2:5a:da:ae:
e8:3c:72:ed:b2:29:fa:a8:aa:94:58:b2:b9:f1:2f:
c1:84:62:3c:2a:f4:c5:f4:f0:c9:ab:31:32:3a:91:
23:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:88:30:5F:E2:36:8A:4E:8D:DE:E7:59:D4:5E:F8:62:7C:0F:AF:B0
X509v3 Authority Key Identifier:
keyid:BD:06:3D:94:4B:B8:1F:C3:1C:BA:11:49:9D:D0:06:EB:4E:CE:96:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vQY9lEu4H8McuhFJndAG607OliQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/lIgwX-I2ik6N3udZ1F74YnwPr7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/ebfc3d-54fc-4643-be56-ea70a29c76f0/1/vQY9lEu4H8McuhFJndAG607OliQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.80.0/20
185.19.84.0/22
195.2.228.0/23
IPv6:
2a00:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
69:7d:37:38:c7:3a:a1:20:09:d9:44:7f:74:3e:41:51:33:98:
3e:89:3c:95:54:86:70:07:0e:91:e2:dd:84:92:48:7d:93:b3:
70:0d:5f:e2:c6:ca:d9:16:67:9a:20:ad:eb:b2:43:a7:5e:20:
f9:78:56:c8:89:40:bd:89:ec:d8:5f:a6:5e:1c:bc:c0:41:78:
3b:d3:30:68:e8:04:80:3d:43:0c:8e:00:88:d6:59:60:ab:d9:
a6:e7:8d:b2:4d:79:31:3e:d8:81:da:ae:0c:f9:30:5f:4d:ea:
5e:25:8f:2e:51:73:90:65:6e:07:c8:e8:db:24:26:b6:69:0f:
26:0f:c4:ee:ec:2d:ab:75:f2:1f:51:ea:b3:14:7f:92:c4:2c:
cd:8d:ee:4e:4c:27:5e:7d:74:b7:1a:22:c1:d6:61:37:8f:33:
aa:62:9c:65:3c:02:1e:5e:10:5e:f2:cd:6e:a0:b2:14:21:cf:
11:f2:40:c0:99:2f:ba:78:08:ae:9a:d9:7c:28:f0:44:51:d4:
d8:61:0d:5e:6d:8f:f3:12:5f:e2:2a:6a:1a:a7:1e:41:a4:ad:
b6:83:43:72:38:85:b9:e2:75:ec:26:a3:25:58:c5:ff:6c:37:
0a:2c:0c:6a:8d:10:2a:42:2d:d6:60:d6:c5:a1:92:6d:4f:84:
1d:63:d9:e4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZAqgUnJv/sl6VFRL2bbSZC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMDYzZDk0NGJiODFmYzMxY2JhMTE0OTlkZDAwNmViNGVj
ZTk2MjQwHhcNMjQwNjE4MDg0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDg4MzA1ZmUyMzY4YTRlOGRkZWU3NTlkNDVlZjg2MjdjMGZhZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPStU+Ip1tO52mw+bgs9ig6ogh2x
M05jC1bTAHVNAxS7VJFRQ/LwaQzBwm8yXqdKN+OvbrUlJo8rsUJcRQonovG1VPKz
XiTaga8XBiaLK5AV1i0+UEu0xbhUNYAWhkWJpj5PvWuEuOggFo1WHK1gfxq71I7H
OB+vmA77W0g4CVBZujcGw+TgvKn/fK5uhpkmL2FsVFU32/FUqIKkiJ/HLzEkg89l
HilRJD86alWp6Bq8m2P+gb2E4EwHoCqMwPtmfx6pD4KjPTcZ5oaO7t07eI7UYAQA
bm0zX0KZg8Ja2q7oPHLtsin6qKqUWLK58S/BhGI8KvTF9PDJqzEyOpEjuQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJSIMF/iNopOjd7nWdRe+GJ8D6+wMB8GA1UdIwQY
MBaAFL0GPZRLuB/DHLoRSZ3QButOzpYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlFZOWxFdTRIOE1jdWhGSm5kQUc2MDdPbGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9lYmZjM2QtNTRmYy00NjQzLWJlNTYt
ZWE3MGEyOWM3NmYwLzEvbElnd1gtSTJpazZOM3VkWjFGNzRZbndQcjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9lYmZjM2QtNTRmYy00NjQzLWJlNTYtZWE3MGEyOWM3NmYw
LzEvdlFZOWxFdTRIOE1jdWhGSm5kQUc2MDdPbGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEXudQAwQC
uRNUAwQBwwLkMA0EAgACMAcDBQMqAEHAMA0GCSqGSIb3DQEBCwUAA4IBAQBpfTc4
xzqhIAnZRH90PkFRM5g+iTyVVIZwBw6R4t2Ekkh9k7NwDV/ixsrZFmeaIK3rskOn
XiD5eFbIiUC9iezYX6ZeHLzAQXg70zBo6ASAPUMMjgCI1llgq9mm542yTXkxPtiB
2q4M+TBfTepeJY8uUXOQZW4HyOjbJCa2aQ8mD8Tu7C2rdfIfUeqzFH+SxCzNje5O
TCdefXS3GiLB1mE3jzOqYpxlPAIeXhBe8s1uoLIUIc8R8kDAmS+6eAiumtl8KPBE
UdTYYQ1ebY/zEl/iKmoapx5BpK22g0NyOIW54nXsJqMlWMX/bDcKLAxqjRAqQi3W
YNbFoZJtT4QdY9nk
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:24 2024 by rpki-client on console-fra.rpki-client.org