Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/NsvCb4C7xp7mRRy6LZB970m3_6o.roa
File: NsvCb4C7xp7mRRy6LZB970m3_6o.roa (raw, json)
Hash identifier: fET2lKLTAWudUiG72cYlVTUOSfeJLrEqJ5SsKChd2AA=
Subject key identifier: 36:CB:C2:6F:80:BB:C6:9E:E6:45:1C:BA:2D:90:7D:EF:49:B7:FF:AA
Certificate issuer: /CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Certificate serial: 018CC5DC1A6C20559D5741AC711B85F98EAC
Authority key identifier: 05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/NsvCb4C7xp7mRRy6LZB970m3_6o.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29422
IP address blocks: 194.29.192.0/21 maxlen: 21
77.91.210.0/23 maxlen: 23
77.91.209.0/24 maxlen: 24
77.91.212.0/22 maxlen: 22
81.17.192.0/21 maxlen: 21
83.145.192.0/18 maxlen: 18
217.149.48.0/20 maxlen: 20
194.79.16.0/22 maxlen: 22
94.101.0.0/20 maxlen: 20
193.104.38.0/24 maxlen: 24
84.20.128.0/19 maxlen: 19
84.239.128.0/17 maxlen: 17
217.30.176.0/20 maxlen: 20
83.150.64.0/18 maxlen: 18
109.75.224.0/21 maxlen: 21
84.239.208.0/20 maxlen: 20
188.117.0.0/18 maxlen: 18
185.123.116.0/22 maxlen: 22
80.69.160.0/21 maxlen: 21
77.86.128.0/17 maxlen: 17
213.157.64.0/19 maxlen: 19
80.69.168.0/22 maxlen: 22
2001:67c:70::/48 maxlen: 48
2a01:51c0::/29 maxlen: 29
2001:1bc8::/32 maxlen: 32
2a01:51c1::/32 maxlen: 32
2001:1bc8::/29 maxlen: 29
2a01:51c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 04:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1a:6c:20:55:9d:57:41:ac:71:1b:85:f9:8e:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36cbc26f80bbc69ee6451cba2d907def49b7ffaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:06:0b:6b:fb:c5:79:5e:6d:26:5d:22:60:86:
41:0d:b9:5e:6b:a8:47:bc:48:a1:c2:53:3d:b1:5d:
54:c3:d6:2f:0b:be:a6:6f:2a:e9:1a:a3:81:52:0a:
4b:bb:e5:e2:65:ab:1b:f2:8e:89:42:e0:b7:01:1f:
12:6d:47:02:0a:fd:b0:70:50:05:d3:3d:5c:d9:a7:
c1:31:ec:52:a6:43:7d:25:fd:30:3b:13:d5:7f:9f:
e8:96:52:9d:65:42:60:0d:98:70:fa:33:28:15:f3:
fd:a8:64:21:72:3c:8b:cc:61:90:2e:8a:9e:51:f0:
89:41:2b:19:c2:a1:b6:17:06:8b:8b:26:23:0a:e4:
a7:71:1f:73:9e:2f:60:5e:3c:98:d2:a0:08:62:a6:
dc:4a:3f:fe:c1:bb:36:5b:b0:ee:e5:ed:df:04:69:
ff:82:a5:57:d3:d5:fe:4e:42:84:96:2b:b2:f1:2a:
f3:ef:11:48:a6:5d:19:d2:35:54:c2:7b:15:cc:17:
b0:1d:34:af:b3:49:6f:c3:df:1d:d8:14:bd:a2:d4:
83:ba:df:1b:24:d4:4f:82:c3:42:08:8a:63:6d:66:
7c:81:2d:fb:12:c0:f3:a2:47:2c:b7:8d:79:6f:1e:
9e:d6:e2:e9:2b:b6:1f:00:c4:44:10:ff:c4:2d:97:
99:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:CB:C2:6F:80:BB:C6:9E:E6:45:1C:BA:2D:90:7D:EF:49:B7:FF:AA
X509v3 Authority Key Identifier:
keyid:05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/NsvCb4C7xp7mRRy6LZB970m3_6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.86.128.0/17
77.91.209.0-77.91.215.255
80.69.160.0-80.69.171.255
81.17.192.0/21
83.145.192.0/18
83.150.64.0/18
84.20.128.0/19
84.239.128.0/17
94.101.0.0/20
109.75.224.0/21
185.123.116.0/22
188.117.0.0/18
193.104.38.0/24
194.29.192.0/21
194.79.16.0/22
213.157.64.0/19
217.30.176.0/20
217.149.48.0/20
IPv6:
2001:67c:70::/48
2001:1bc8::/29
2a01:51c0::/29
Signature Algorithm: sha256WithRSAEncryption
30:da:ce:e3:13:b9:af:73:9d:c3:67:1a:b5:47:3b:ea:1a:cb:
be:cc:fe:c7:2f:08:47:62:ae:92:03:75:4f:ff:7d:d3:f0:69:
c3:cc:3e:d0:29:37:33:97:84:e4:a4:4b:1b:fb:43:b4:3d:3d:
2a:15:ae:ca:19:10:29:58:0e:c8:d1:20:00:78:84:b0:82:85:
6f:07:58:bf:46:a7:5e:3d:27:fa:e5:52:38:82:de:0a:a5:57:
69:48:44:41:f7:08:63:96:fb:d5:01:cd:46:14:fb:d7:3a:b5:
81:6b:c9:4c:ca:78:4a:fb:da:f9:7e:20:6f:03:11:2d:a5:ec:
79:d0:d0:ae:dd:b5:7f:ba:f7:54:fb:72:c8:18:e3:87:58:8f:
cf:8f:4e:d8:4e:8d:bc:a1:66:6a:c3:31:21:6c:32:aa:b3:02:
9c:32:dc:58:26:15:61:39:2b:e8:b5:fd:0a:96:2d:a0:ca:d7:
a9:e5:00:44:93:87:50:d3:70:e0:4d:ba:ee:c7:12:18:f5:9f:
8e:7f:16:2c:26:24:57:b6:6d:ef:80:07:15:fe:35:bb:e3:13:
2b:0e:a2:4a:d3:59:85:90:de:b5:74:95:c8:72:b8:9c:d6:af:
f0:ea:c9:7c:da:ba:6c:ad:91:fd:0a:a4:d6:41:bc:0c:84:33:
e2:07:ae:eb
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYzF3BpsIFWdV0GscRuF+Y6sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2QwNGU3MmJiMjQ5Yzc5ZWIxMTY4Y2YxZDQzYTNjYTU0
OGMyMDYwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmNiYzI2ZjgwYmJjNjllZTY0NTFjYmEyZDkwN2RlZjQ5YjdmZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQYLa/vFeV5tJl0iYIZBDblea6hH
vEihwlM9sV1Uw9YvC76mbyrpGqOBUgpLu+XiZasb8o6JQuC3AR8SbUcCCv2wcFAF
0z1c2afBMexSpkN9Jf0wOxPVf5/ollKdZUJgDZhw+jMoFfP9qGQhcjyLzGGQLoqe
UfCJQSsZwqG2FwaLiyYjCuSncR9zni9gXjyY0qAIYqbcSj/+wbs2W7Du5e3fBGn/
gqVX09X+TkKEliuy8Srz7xFIpl0Z0jVUwnsVzBewHTSvs0lvw98d2BS9otSDut8b
JNRPgsNCCIpjbWZ8gS37EsDzokcst415bx6e1uLpK7YfAMREEP/ELZeZTwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFDbLwm+Au8ae5kUcui2Qfe9Jt/+qMB8GA1UdIwQY
MBaAFAU9BOcrsknHnrEWjPHUOjylSMIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjIt
MmE4MTNkYmY0NTgyLzEvTnN2Q2I0Qzd4cDdtUlJ5NkxaQjk3MG0zXzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjItMmE4MTNkYmY0NTgy
LzEvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBggQCAAEwfAMEB01W
gDAMAwQATVvRAwQDTVvQMAwDBAVQRaADBAJQRagDBANREcADBAZTkcADBAZTlkAD
BAVUFIADBAdU74ADBAReZQADBANtS+ADBAK5e3QDBAa8dQADBADBaCYDBAPCHcAD
BALCTxADBAXVnUADBATZHrADBATZlTAwHQQCAAIwFwMHACABBnwAcAMFAyABG8gD
BQMqAVHAMA0GCSqGSIb3DQEBCwUAA4IBAQAw2s7jE7mvc53DZxq1RzvqGsu+zP7H
LwhHYq6SA3VP/33T8GnDzD7QKTczl4TkpEsb+0O0PT0qFa7KGRApWA7I0SAAeISw
goVvB1i/RqdePSf65VI4gt4KpVdpSERB9whjlvvVAc1GFPvXOrWBa8lMynhK+9r5
fiBvAxEtpex50NCu3bV/uvdU+3LIGOOHWI/Pj07YTo28oWZqwzEhbDKqswKcMtxY
JhVhOSvotf0Kli2gytep5QBEk4dQ03DgTbruxxIY9Z+OfxYsJiRXtm3vgAcV/jW7
4xMrDqJK01mFkN61dJXIcric1q/w6sl82rpsrZH9CqTWQbwMhDPiB67r
-----END CERTIFICATE-----
Generated at Fri May 17 11:04:01 2024 by rpki-client on console-fra.rpki-client.org